External communications

Clients need to communicate with grid nodes and, by extension, the servers that host them in order to ingest and retrieve content. The ports used depends on the protocols chosen to ingest and retrieve content.

If enterprise networking policies restrict the availability of any of the ports used for traffic into or out of the nodes, you can remap ports when deploying nodes.

The following table shows the ports used for traffic into the nodes.
Note: This list does not include ports that might be configured as load balancer endpoints. For more information, see the section on configuring load balancer endpoints.
Port TCP or UDP Protocol From To Details
22 TCP SSH Service laptop All nodes SSH or console access is required for procedures with console steps. Optionally, you can use port 2022 instead of 22.
25 TCP SMTP Admin Nodes Email server Used for alerts and email-based AutoSupport. You can override the default port setting of 25 using the Email Servers page.
53 TCP/ UDP DNS All nodes DNS servers Used for domain name system.
67 UDP DHCP All nodes DHCP service Optionally used to support DHCP-based network configuration. The dhclient service does not run for statically-configured grids.
68 UDP DHCP DHCP service All nodes Optionally used to support DHCP-based network configuration. The dhclient service does not run for grids that use static IP addresses.
80 TCP HTTP Browser Admin Nodes Port 80 redirects to port 443 for the Admin Node user interface.
Browser Appliances Port 80 redirects to port 8443 for the StorageGRID appliance's install/maintenance user interface.
Storage Nodes with ADC AWS Used for platform services messages sent to AWS or other external services that use HTTP. Tenants can override the default HTTP port setting of 80 when creating an endpoint.
Storage Nodes AWS Cloud Storage Pools requests sent to AWS targets that use HTTP. Grid administrators can override the default HTTP port setting of 80 when configuring a Cloud Storage Pool.
111 TCP/ UDP RPCBind NFS client Admin Nodes Used by NFS-based audit export (portmap).
Note: This port is required only if NFS-based audit export is enabled.
123 UDP NTP Primary NTP nodes External NTP Network time protocol service. Nodes selected as primary NTP sources also synchronize clock times with the external NTP time sources.
137 UDP NetBIOS SMB client Admin Nodes Used by SMB-based audit export for clients that require NetBIOS support.
Note: This port is required only if SMB-based audit export is enabled.
138 UDP NetBIOS SMB client Admin Nodes Used by SMB-based audit export for clients that require NetBIOS support.
Note: This port is required only if SMB-based audit export is enabled.
139 TCP SMB SMB client Admin Nodes Used by SMB-based audit export for clients that require NetBIOS support.
Note: This port is required only if SMB-based audit export is enabled.
161 TCP/ UDP SNMP SNMP client All nodes Used for SNMP polling. All nodes provide basic information; Admin Nodes additionally provide alert and alarm data.

Defaults to UDP port 161 when configured.

Note: This port is only required, and is only opened on the node firewall, if SNMP is configured. If you plan to use SNMP, you can configure alternate ports.
Note: For information about using SNMP with StorageGRID, contact your NetApp account representative.
162 TCP/ UDP SNMP Notifications All nodes Notification destinations Outbound SNMP notifications/traps default to UDP port 162.
Note: This port is only required if SNMP is enabled and notification destinations are configured. If you plan to use SNMP, you can configure alternate ports.
Note: For information about using SNMP with StorageGRID, contact your NetApp account representative.
389 TCP/ UDP LDAP Storage Nodes with ADC Active Directory/LDAP Used for connecting to an Active Directory or LDAP server for Identity Federation.
443 TCP HTTPS Browser Admin Nodes Used by web browsers and management API clients for accessing the Grid Manager and Tenant Manager.
Admin Nodes Active Directory Used by Admin Nodes connecting to Active Directory if single sign-on (SSO) is enabled.
Archive Nodes Amazon S3 Used for accessing Amazon S3 from Archive Nodes.
Storage Nodes with ADC AWS Used for platform services messages sent to AWS or other external services that use HTTPS. Tenants can override the default HTTP port setting of 443 when creating an endpoint.
Storage Nodes AWS Cloud Storage Pools requests sent to AWS targets that use HTTPS. Grid administrators can override the default HTTPS port setting of 443 when configuring a Cloud Storage Pool.
445 TCP SMB SMB client Admin Nodes Used by SMB-based audit export.
Note: This port is required only if SMB-based audit export is enabled.
903 TCP NFS NFS client Admin Nodes Used by NFS-based audit export (rpc.mountd).
Note: This port is required only if NFS-based audit export is enabled.
2022 TCP SSH Service laptop All nodes SSH or console access is required for procedures with console steps. Optionally, you can use port 22 instead of 2022.
2049 TCP NFS NFS client Admin Nodes Used by NFS-based audit export (nfs).
Note: This port is required only if NFS-based audit export is enabled.
8022 TCP SSH Service laptop All nodes SSH on port 8022 grants access to the base operating system on appliance and virtual node platforms for support and troubleshooting. This port is not required to be accessible between grid nodes or during normal operations.
8082 TCP HTTPS S3 clients Gateway Nodes S3-related external traffic to Gateway Nodes (HTTPS).
8083 TCP HTTPS Swift clients Gateway Nodes Swift-related external traffic to Gateway Nodes (HTTPS).
8084 TCP HTTP S3 clients Gateway Nodes S3-related external traffic to Gateway Nodes (HTTP).
8085 TCP HTTP Swift clients Gateway Nodes Swift-related external traffic to Gateway Nodes (HTTP).
8443 TCP HTTPS Browser Admin Nodes Optional. Used by web browsers and management API clients for accessing the Grid Manager. Can be used to separate Grid Manager and Tenant Manager communications.
9022 TCP SSH Service laptop Appliances Grants access to StorageGRID appliances in pre-configuration mode for support and troubleshooting. This port is not required to be accessible between grid nodes or during normal operations.
9443 TCP HTTPS Browser Admin Nodes Optional. Used by web browsers and management API clients for accessing the Tenant Manager. Can be used to separate Grid Manager and Tenant Manager communications.
18082 TCP HTTPS S3 clients Storage Nodes S3-related external traffic to Storage Nodes (HTTPS).
18083 TCP HTTPS Swift clients Storage Nodes Swift-related external traffic to Storage Nodes (HTTPS).
18084 TCP HTTP S3 clients Storage Nodes S3-related external traffic to Storage Nodes (HTTP).
18085 TCP HTTP Swift clients Storage Nodes Swift-related external traffic to Storage Nodes (HTTP).