Port requirements for allowing access to a Data Domain through a Firewall
요약: Port Requirement: This article lists the TCP and UDP ports used by the Data Domain, for use with configuring a firewall to allow access in and out of the Data Domain.
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
지침
This article lists the TCP and UDP ports used by the Data Domain to use with configuring a firewall to allow access in and out of the Data Domain.
The following tables list the ports used by the Data Domain, and which service uses them. Table 1.1 shows ports used by inbound traffic, and table 1.2 shows ports used by outbound traffic.
Table 1.1 Ports Used by Data Domain for Inbound Traffic
| Port | Service | Note |
|---|---|---|
| TCP 21 | FTP | Port is used for control only if FTP is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 22 | SSH | Port is used only if SSH is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 23 | Telnet | Port is used only if Telnet is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 80 | HTTP | Port is used only if HTTP is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 111 | DDBOOST/ NFS (portmapper) | Used to assign a random port for the mountd service used by NFS and DDBOOST. Mountd service port can be statically assigned. |
| UDP111 | DDBOOST/NFS (Portmapper) | Used to assign a random port for the mountd service used by NFS and DDBOOST. Mountd service port can be statically assigned. |
| UDP 123 | NTP | Port is used only if NTP is enabled on the Data Domain. Run "ntp status" to determine if so. |
| UDP 137 | CIFS (NetBIOS Name Service) | Port used by CIFS for NetBIOS name resolution. |
| UDP 138 | CIFS (NetBIOS Datagram Service) | Port used by CIFS for NetBIOS Datagram Service. |
| TCP 139 | CIFS (NetBIOS Session Service) | Port used by CIFS for session information. |
| UDP 161 | SNMP (Query) | Port is used only if SNMP is enabled. Run "snmp status" to determine if so. |
| TCP 389 | LDAP | LDAP server listens on this port for any LDAP client request. By Default it uses TCP. |
| TCP 443 | HTTPS | Port is used only if HTTPS is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 445 | CIFS (Microsoft-DS) | The main port used by CIFS for data transfer |
| TCP 464 | Active Directory | "Kerberos change/set password". Required to join an Active Directory Domain. |
| UDP 623 | IPMI | Required to be open on a firewall for IPMI connectivity. |
| TCP 2049 | DDBOOST/NFS | The main port used by NFS. It can be modified using the "NFS set server-port" command. Command requires SE mode. |
| TCP 2051 | Replication/DDBOOST/Optimized Duplication | Port is used only if replication is configured on the Data Domain. Run "replication show config" to determine if so. This port can be modified using the "replication modify" command. |
| TCP 2052 | NFS Mountd/DDBOOST/Optimized Duplication | Main port used by NFS MOUNTD |
| TCP 3008 | RSS | Required for Archiver and GDA (single and dual node) or when Data Domain has an Archive Tier. |
| TCP 3009 | Replication/DDMC | This port must be opened if replication is configured, as this is the port used to get the remote peer CA certificate. It is also used by DDMC for monitoring the DD. |
| TCP 5001 | iPerf | Port is default used by iperf. To change the port, it requires the -p option from "se iperf" or the port option from the "net iperf" command. And the remote side must listen on the new port. |
* NFS (mountd) can be hard coded using command "nfs set mountd-port." Command requires SE mode. Contact Support for assistance.
Table 1.2 Ports Used by Data Domain for Outbound Traffic
| Port | Service | Note |
|---|---|---|
| TCP 20 | FTP | Port is used for data only if FTP is enabled (run "adminaccess show" on the Data Domain to determine if so). |
| TCP 25 | SMTP | Used by the Data Domain to send email autosupports and alerts. |
| UDP/TCP 53 | DNS | The port is used by Data Domain to perform DNS lookups when DNS is configured. Run "net show dns" to review the DNS configuration. |
| TCP 80 | HTTP | Used by Data Domain for uploading log files to Data Domain Support using the "support upload" command. |
| TCP 443 | HTTPS | This Port is used by Data Domain to upload the Support Bundle (SUB) |
| UDP 123 | NTP | Used by the Data Domain to synchronize to a time server. |
| UDP 162 | SNMP (Trap) | Used by the Data Domain to send SNMP traps to the SNMP host. Use "snmp show trap-hosts" to see destination hosts and "snmp status" to display service status. |
| UDP 389 | CLDAP | Used by the Data Domain to send connection less LDAP request to the LDAP server. |
| UDP 514 | Syslog | Used by the Data Domain to send syslog messages, if enabled. Use "log host show" to display destination hosts and service status. |
| UDP 623 | IPMI | Required to be open on a firewall for IPMI connectivity. |
| TCP 2051 | Replication/DDBOOST/Optimized Duplication | Used by Data Domain only if replication is configured. Use "replication show config" to determine if so. |
| TCP 3009 | Replication/DDMC | This port must be opened if replication is configured as this is the port used to get the remote peer CA certificate. It is also used by DDMC for monitoring the DD. |
| TCP 3268 | Global catalog | From the Data Domain to the Global Catalog on the Domain Controller for Active Directory authentication (From DDOS 5.7 and 6.x) |
| TCP 5001 | iPerf | Port is default used by iperf. To change the port, it requires the -p option from "se iperf" or the port option from the net iperf command. And the remote side must listen on the new port. |
| TCP 27000 | Avamar client communications with Avamar server | Avamar client network hosts |
| TCP 27000 | Avamar server communications with Replicator target Server (Avamar proprietary communication) | Required if the server is used as Replicator source. |
| TCP 28001 | Avamar client communications with administrator server | Avamar clients required |
| TCP 28002 | Administrator server communications with Avamar client | Optional for browsing clients and canceling backups from the Avamar Administrator management console |
| TCP 29000 | Avamar client Secure Sockets Layer (SSL) communications with Avamar server | Avamar clients required |
| Avamar server SSL communications with Replicator target server | Required if the server is Replicator source. |
추가 정보
Related articles:
(Log in as a registered Dell Support user may be required to view these articles.)
(Log in as a registered Dell Support user may be required to view these articles.)
- Data Domain - Analyzing Slow Replication Issues
- Data Domain - Troubleshooting Client Connectivity to DDR
- Data Domain - Troubleshooting NFS Client Mount Issues
- Troubleshooting NFS Connection Problems
- Data Domain: Active Directory authentication stops working when upgrading to DDOS 5.7 or higher if the Global Catalog is unreachable
해당 제품
Data Domain제품
Data Domain문서 속성
문서 번호: 000004184
문서 유형: How To
마지막 수정 시간: 18 9월 2025
버전: 10
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.