These tables show port requirements for accessing a Data Domain system through a firewall. For more information see: https://community.emc.com/docs/DOC-33258.
Important: Shaded rows are non-advocated ports. Do not activate those ports. They are shown to provide the defaults.
Ports: Inbound Traffic (Source is Client)
Protocol | Service | Port | Description |
---|---|---|---|
TCP | FTP | 21 | Port is used for control only if FTP is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Disabled |
TCP | SSH/SCP | 22 | Port is used only if SSH is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Enabled |
TCP | Telnet | 23 | Port is used only if Telnet is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Disabled |
TCP | HTTP | 80 | Port is used only if HTTP is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Enabled |
TCP | HTTPS | 8080 | Port is used only if HTTPS is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Enabled |
TCP | DDBOOST/ NFS (portmapper) | 111 | Used to assign a random port for the mountd service used by NFS and DDBOOST.Mountd service port can be statically assigned. |
UDP | DDBOOST/NFS (Portmapper) | 111 | Used to assign a random port for the mountd service used by NFS and DDBOOST.Mountd service port can be statically assigned. |
UDP | NTP | 123 | Port is used only if NTP is enabled on the Data Domain system. Run ‘ntp status’ to determine if this is the case. |
UDP | CIFS (NetBIOS Name Service) | 137 | Port used by CIFS for NetBIOS name resolution. |
UDP | CIFS (NetBIOS Datagram Service) | 138 | Port used by CIFS for NetBIOS Datagram Service. |
TCP | CIFS (NetBIOS Session Service) | 139 | Port used by CIFS for session information. |
UDP | SNMP (Query) | 161 | Port is used only if SNMP is enabled. Run ‘snmp status’ to determine if this is the case. |
TCP | LDAP | 389 | LDAP server listens on this port for any LDAP client request. Default: TCP |
TCP | HTTPS | 443 | Port is used only if HTTPS is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). |
TCP | CIFS (Microsoft-DS) | 445 | Main port used by CIFS for data transfer. |
TCP | OST / NFS | 2049 | Main port used by NFS. Can be modified with the ‘nfs set server-port’ command. Command requires SE mode. |
TCP | Replication / OST / Optimized Duplication | 2051 | Port is used only if replication is configured on the Data Domain system. Run ‘replication show config’ to determine if this is the case. This port can be modified with the ‘replication modify’ command. |
TCP | NFS Mountd / OST / Optimized Duplication | 2052 | Main port used by NFS MOUNTD. Can be modified with the 'nfs set mountd-port' command in SE mode. |
TCP | SMS (System Management) | 3009 | Port used for managing a system remotely using Web Based GUI DDEM (Data Domain Enterprise Manager). Cannot be modified. Only used on Data Domain systems running DDOS 4.7.x or later. Also needs to be opened if you plan to configure replication from within the Data Domain GUI interface, as the replication partner needs to be added to the DD Enterprise Manager. |
TCP | iPerf | 5001 | Default port used by iperf. To change the port, use the -p option from se iperf or port option from the net iperf command. Remote side must listen on the new port. |
TCP | Congestion-checker | 5002 | Default port used by congestion-checker when running iperf. To change the port, specify the new port in the port option of the net congestion-check command. Remote side must also listen on the new port. Available only for DDOS 5.2 and above. |
*NFS (mountd) Can be hardcoded using the command 'nfs set mountd-port'. Command requires SE mode |
Ports: Outbound Traffic (Source is Client)
Protocol | Service | Port | Description |
---|---|---|---|
TCP | FTP | 20 | Used for data only if FTP is enabled (run ‘adminaccess show’ on the Data Domain system to determine if this is the case). Default: Disabled |
TCP | SMTP | 25 | Used by the Data Domain system to send email autosupports and alerts. |
UDP/TCP | DNS | 53 | Used by Data Domain system to perform DNS lookups when DNS is configured. Run ‘net show dns’ to review DNS configuration. |
TCP | HTTP | 80 | Used by Data Domain system for uploading log files to Data Domain Support using the ‘support upload’ command. Default: Enabled |
TCP | HTTPS | 8080 | Used by Data Domain system for uploading log files to Data Domain Support using the ‘support upload’ command. Default: Enabled |
UDP | NTP | 123 | Used by the Data Domain system to synchronize to a time server. |
UDP | SNMP (Trap) | 162 | Used by the Data Domain system to send SNMP traps to SNMP host. Use ‘snmp show trap-hosts’ to see destination hosts and ‘snmp status’ to display service status. |
UDP | Syslog | 514 | Used by the Data Domain system to send syslog messages, if enabled. Use ‘log host show’ to display destination hosts and service status. |
TCP | Replication / OST / Optimized Duplication | 2051 | Used by Data Domain system only if replication is configured. Use ‘replication show config’ to determine if this is the case. |
TCP | SMS (System Management) | 3009 | Used for managing a system remotely using Web Based GUI DDEM (Data Domain Enterprise Manager). Cannot be modified. Only used on Data Domain systems running DDOS 4.7.x or later. Needs to be opened if you plan to configure replication from within the Data Domain GUI interface, as the replication partner needs to be added to the DD Enterprise Manager. |
TCP | iPerf | 5001 | Default port used by iperf. To change the port, use the -p option from se iperf or port option from the net iperf command. Remote side must listen on the new port. |
TCP | Congestion-checker | 5002 | Default port used by congestion-checker when running iperf. To change the port specify the new port in the port option of the net congestion-check command. Remote side must listen on the new port. Available only for DDOS 5.2 and above. |