Skip to main content
HCI
1.10

Network port requirements

Contributors netapp-pcarriga netapp-dbagwell amgrissino

You might need to allow the following ports through your data center's edge firewall so that you can manage the system remotely, allow clients outside of your data center to connect to resources, and ensure that internal services can function properly. Some of these ports, URLs, or IP addresses might not be required, depending on how you use the system.

All ports are TCP unless stated otherwise, and all TCP ports must support three-way handshake communication between the NetApp Support Server, management node, and nodes running Element software. For example, the host on a management node source communicates with the host on a storage cluster MVIP destination through TCP port 443, and the destination host communicates back to the source host through any port.

The following abbreviations are used in the table:

  • MIP: Management IP address, a per-node address

  • SIP: Storage IP address, a per-node address

  • MVIP: Management virtual IP address

  • SVIP: Storage virtual IP address

Source Destination Port Description

Compute node BMC/IPMI

Management node

111 TCP/UDP

NetApp Hybrid Cloud Control API communication

Compute node BMC/IPMI

Management node

137-138 UDP

NetApp Hybrid Cloud Control API communication

Compute node BMC/IPMI

Management node

445

NetApp Hybrid Cloud Control API communication

Compute node BMC/IPMI

Management node

623 UDP

Remote Management Control Protocol (RMCP) port. Required for NetApp Hybrid Cloud Control compute firmware upgrades.

Compute node BMC/IPMI

Management node

2049 TCP/UDP

NetApp Hybrid Cloud Control API communication

iSCSI clients

Storage cluster MVIP

443

(Optional) UI and API access

iSCSI clients

Storage cluster SVIP

3260

Client iSCSI communications

iSCSI clients

Storage node SIP

3260

Client iSCSI communications

Management node

sfsupport.solidfire.com

22

Reverse SSH tunnel for support access

Management node

Storage node MIP

22

SSH access for support

Management node

DNS servers

53 TCP/UDP

DNS lookup

Management node

Compute node BMC/IPMI

139

NetApp Hybrid Cloud Control API communication

Management node

Storage node MIP

442

UI and API access to storage node and Element software upgrades

Management node

Storage node MVIP

442

UI and API access to storage node and Element software upgrades

Management node

23.32.54.122, 216.240.21.15

443

Element software upgrades

Management node

Baseboard management controller (BMC)

443

Hardware monitoring and inventory connection (Redfish and IPMI commands)

Management node

Compute node BMC/IPMI

443

NetApp Hybrid Cloud Control HTTPS communication

Management node

monitoring.solidfire.com

443

Storage cluster reporting to Active IQ

Management node

Storage cluster MVIP

443

UI and API access to storage node and Element software upgrades

Management node

VMware vCenter

443

NetApp Hybrid Cloud Control HTTPS communication

Management node

Compute node BMC/IPMI

623 UDP

RMCP port. Required for NetApp Hybrid Cloud Control compute firmware upgrades.

Management node

Storage node BMC/IPMI

623 UDP

RMCP port. This is required to manage IPMI-enabled systems.

Management node

VMware vCenter

5988-5989

NetApp Hybrid Cloud Control HTTPS communication

Management node

Witness Node

9442

Per-node configuration API service

Management node

vCenter Server

9443

vCenter Plug-in registration. The port can be closed after registration is complete.

SNMP server

Storage cluster MVIP

161 UDP

SNMP polling

SNMP server

Storage node MIP

161 UDP

SNMP polling

Storage node BMC/IPMI

Management node

623 UDP

RMCP port. This is required to manage IPMI-enabled systems.

Storage node MIP

DNS servers

53 TCP/UDP

DNS lookup

Storage node MIP

Management node

80

Element software upgrades

Storage node MIP

S3/Swift endpoint

80

(Optional) HTTP communication to S3/Swift endpoint for backup and recovery

Storage node MIP

NTP server

123 UDP

NTP

Storage node MIP

Management node

162 UDP

(Optional) SNMP traps

Storage node MIP

SNMP server

162 UDP

(Optional) SNMP traps

Storage node MIP

LDAP server

389 TCP/UDP

(Optional) LDAP lookup

Storage node MIP

Management node

443

Element software upgrades

Storage node MIP

Remote storage cluster MVIP

443

Remote replication cluster pairing communication

Storage node MIP

Remote storage node MIP

443

Remote replication cluster pairing communication

Storage node MIP

S3/Swift endpoint

443

(Optional) HTTPS communication to S3/Swift endpoint for backup and recovery

Storage node MIP

LDAPS server

636 TCP/UDP

LDAPS lookup

Storage node MIP

Management node

10514 TCP/UDP, 514 TCP/UDP

Syslog forwarding

Storage node MIP

Syslog server

10514 TCP/UDP, 514 TCP/UDP

Syslog forwarding

Storage node MIP

Remote storage node MIP

2181

Intercluster communication for remote replication

Storage node SIP

S3/Swift endpoint

80

(Optional) HTTP communication to S3/Swift endpoint for backup and recovery

Storage node SIP

Compute node SIP

442

Compute node API, configuration and validation, and access to software inventory

Storage node SIP

S3/Swift endpoint

443

(Optional) HTTPS communication to S3/Swift endpoint for backup and recovery

Storage node SIP

Remote storage node SIP

2181

Intercluster communication for remote replication

Storage node SIP

Storage node SIP

3260

Internode iSCSI

Storage node SIP

Remote storage node SIP

4000 through 4020

Remote replication node-to-node data transfer

System administrator PC

Storage node MIP

80

(NetApp HCI only) Landing page of NetApp Deployment Engine

System administrator PC

Management node

442

HTTPS UI access to management node

System administrator PC

Storage node MIP

442

HTTPS UI and API access to storage node, (NetApp HCI only) Configuration and deployment monitoring in NetApp Deployment Engine

System administrator PC

Compute node BMC/IPMI H410 and H600 series

443

HTTPS UI and API access to node remote control

System administrator PC

Management node

443

HTTPS UI and API access to management node

System administrator PC

Storage cluster MVIP

443

HTTPS UI and API access to storage cluster

System administrator PC

Storage node BMC/IPMI H410 and H600 series

443

HTTPS UI and API access to node remote control

System administrator PC

Storage node MIP

443

HTTPS storage cluster creation, post-deployment UI access to storage cluster

System administrator PC

Compute node BMC/IPMI H410 and H600 series

623 UDP

RMCP port. This is required to manage IPMI-enabled systems.

System administrator PC

Storage node BMC/IPMI H410 and H600 series

623 UDP

RMCP port. This is required to manage IPMI-enabled systems.

System administrator PC

Witness Node

8080

Witness Node per-node web UI

vCenter Server

Storage cluster MVIP

443

vCenter Plug-in API access

vCenter Server

Remote plug-in

8333

Remote vCenter Plug-in service

vCenter Server

Management node

8443

(Optional) vCenter Plug-in QoSSIOC service.

vCenter Server

Storage cluster MVIP

8444

vCenter VASA provider access (VVols only)

vCenter Server

Management node

9443

vCenter Plug-in registration. The port can be closed after registration is complete.