Firewall requirements for MetroCluster Tiebreaker

02/03/2022 Contributors

MetroCluster Tiebreaker uses a number of ports to communicate with specific services.

The following table lists the ports that you must allow in your firewall:

Port/services	Source	Destination	Purpose
443 / TCP	Tiebreaker	Internet	Sending AutoSupport messages to NetApp
22 / TCP	Management host	Tiebreaker	Tiebreaker Management
443 / TCP	Tiebreaker	Cluster management LIFs	Secure communications to cluster via HTTP (SSL)
22 / TCP	Tiebreaker	Cluster management LIFs	Secure communications to cluster via SSH
443 / TCP	Tiebreaker	Node management LIFs	Secure communications to node via HTTP (SSL)
22 / TCP	Tiebreaker	Node management LIFs	Secure communications to node via SSH
162 / UDP	Tiebreaker	SNMP trap host	Used to send alert notification SNMP traps
ICMP (ping)	Tiebreaker	Cluster management LIFs	Check if cluster IP is reachable
ICMP (ping)	Tiebreaker	Node management LIFs	Check if node IP is reachable

Port/services

Source

Destination

Purpose

443 / TCP

Tiebreaker

Internet

Sending AutoSupport messages to NetApp

22 / TCP

Management host

Tiebreaker

Tiebreaker Management

443 / TCP

Tiebreaker

Cluster management LIFs

Secure communications to cluster via HTTP (SSL)

22 / TCP

Tiebreaker

Cluster management LIFs

Secure communications to cluster via SSH

443 / TCP

Tiebreaker

Node management LIFs

Secure communications to node via HTTP (SSL)

22 / TCP

Tiebreaker

Node management LIFs

Secure communications to node via SSH

162 / UDP

Tiebreaker

SNMP trap host

Used to send alert notification SNMP traps

ICMP (ping)

Tiebreaker

Cluster management LIFs

Check if cluster IP is reachable

ICMP (ping)

Tiebreaker

Node management LIFs

Check if node IP is reachable

Creating your file...