Skip to main content
A newer release of this product is available.

Networking and ports for platform services and Cloud Storage Pools

Contributors netapp-lhalbert netapp-perveilerk ssantho3 netapp-pcelmer

If you plan to use StorageGRID platform services or Cloud Storage Pools, you must configure grid networking and firewalls to ensure that the destination endpoints can be reached.

Networking for platform services

As described in Manage platform services for tenants and What are platform services?, platform services include external services that provide search integration, event notification, and CloudMirror replication.

Platform services require access from Storage Nodes that host the StorageGRID ADC service to the external service endpoints. Examples for providing access include:

  • On the Storage Nodes with ADC services, configure unique Admin Networks with AESL entries that route to the target endpoints.

  • Rely on the default route provided by a Client Network. If you use the default route, you can use the untrusted Client Network feature to restrict inbound connections.

Networking for Cloud Storage Pools

Cloud Storage Pools also require access from Storage Nodes to the endpoints provided by the external service used, such as Amazon S3 Glacier or Microsoft Azure Blob storage. For information, see What is a Cloud Storage Pool?.

Ports for platform services and Cloud Storage Pools

By default, platform services and Cloud Storage Pool communications use the following ports:

  • 80: For endpoint URIs that begin with http

  • 443: For endpoint URIs that begin with https

A different port can be specified when the endpoint is created or edited. See Network port reference.

If you use a non-transparent proxy server, you must also configure storage proxy settings to allow messages to be sent to external endpoints, such as an endpoint on the internet.

VLANs and platform services and Cloud Storage Pools

You can't use VLAN networks for platform services or Cloud Storage Pools. The destination endpoints must be reachable over the Grid, Admin, or Client Network.