VTL - What ports are used for firewall support

Asset ID:	1-71-1016670.1
Update Date:	2010-02-17
Keywords:

Solution Type Technical Instruction Sure

Solution 1016670.1 : VTL - What ports are used for firewall support

Related Items


Sun StorageTek VTL Storage Appliance
 Sun StorageTek VTL Value System
 Sun StorageTek VTL Prime System
 Sun StorageTek VTL Plus Storage Appliance

Related Categories


GCS>Sun Microsystems>Storage - Tape>Tape Virtualization

PreviouslyPublishedAs
226722

Description
What ports are used for firewall support?

Steps to Follow
The ports required by VTL environment are:
The following is a list of TCP+UDP ports that are required for normal VTL operation:

VTL: 11576, 11577, 11578, 11579, 11580, 11762
iSCSI: 3205, 3260
SNMP: 161

Below lists all ports and descriptions used for various functions (i.e., VTL, IPStor, TCP, FTP, portmapper, etc.):

- TCP port 11576 - Used for SAN Client and IPStor Console to IPStor Server management communication. This is ipstorcomm SecureRPC channel to Console and Client, to configure and retrieve Server configuration. This is the only port that needs to be open for firewall purposes.
- UDP port 11577 - Used for SAN Client to IPStor Server data access communication. This is the Rudp port used by Replication and SAN/IP client.
- TCP port 11580 - Used for communication between a failover pair. This is ipstorcomm SecureRPC channel to failover module, to configure and retrieve failover information.
- TCP port 11762 - Used for IPStor Console and IPStor Server to SAN Client management communication. This is ipstorclntd SecureRPC channel to client monitor, to configure and retrieve client information.

- TCP/UDP ports 11578 - Used for IPStor internal use (56 bit encryption, SANRPC including replication).
- TCP/UDP ports 11579 - Used for IPStor internal use (128 bit encryption, sanidmgr kernel to user mode upcall channel).

- UDP port 161 - Used for SNMP traps.
- TCP port 161 - Used for SNMP traps.

- UDP port 137 - Used for Samba NetBios Name Service (CIFS ipstornmbd)
- UDP port 138 - Used for Samba NetBios Datagram (CIFS ipstornmbd)
- TCP port 139 - Used for Samba NetBios Session (CIFS ipstorsmbd)

- TCP port 20, 21 - Used for FTP
- TCP port 23 - Used for Telnet

- TCP port 111 - Used for portmap RPC portmapper (NFS)
- UDP port 111 - Used for portmap RPC portmapper (NFS)
NFS port usage is assigned through the SUNRPC protocol. The ports vary, so it is not possible or convenient to keep checking them and reprogramming a firewall. Most firewalls have a setting to "Enable NFS" upon which they will change the settings if the ports themselves change.

- TCP port 3205, 3260 fsiscsid iSCSI port

- UDP port 67 dhcpd DHCP ports (BBMR)
- UDP port 68 dhcpd DHCP ports (BBMR)
- UDP port 69 tftpd TFTP port (BBMR)
- UDP port 4011 pxe PXE port. (BBMR)
- UDP port 6910 xbls Windows boot driver login port (BBMR)
- UDP port 6911 xbios Data channel between I/O Server and Windows boot driver (BBMR)
- UDP port 10703 xbls Heartbeat channel between Login Server and Windows boot driver (BBMR)

For Windows iSCSI Server, make sure the port 135 (MS-RPC) is open and that the firewall/router is not blocking it. iSCSI Server uses MS-RPC for authenticating Windows users (Replication enable, Cluster Enable, and remote CLI).

Product
Sun StorageTek Virtual Tape Library Value System 1.0
Sun StorageTek Virtual Tape Library Storage Appliance
Sun StorageTek Virtual Tape Library Plus Storage Appliance 1.0
Sun StorageTek Virtual Tape Library Plus Storage Appliance 2.0
Sun StorageTek Virtual Tape Library Prime System

VTL Firewall TCP Ports UDP ports IPStor What ports are used for firewall support What TCP ports are used What UDP ports are used
Previously Published As
STKKB70111

Change History
??/??/2009 - Updated for currency (added swoRDFish product names) and cleaned up statements
02/17/2010 - corrected required port (replaced 11581 with 11762)

Attachments

This solution has no attachment