Configuring Services
Service Description Ports Used
Kerberos V Change & Set
Password (SET_CHANGE)
464
Kerberos V Change & Set
Password (RPCSEC_GSS)
749
Required Service Ports
To provide security on a network, you can deploy firewalls within your network architecture.
Port numbers are used for creating firewall rules and to uniquely identify a transaction over a
network by specifying the host and the service.
The following list shows the minimum ports required for creating firewall rules that allow full
functionality of the appliance:
Inbound Ports
■
icmp/0-65535 (PING)
■
tcp/1920 (EM)
■
tcp/215 (BUI)
■
tcp/22 (SSH)
■
udp/161 (SNMP)
Outbound Ports
■
tcp/80 (WEB)
■
tcp/443 (SSL WEB)
Note - An outbound port of tcp/443 is used for sending Phone Home messages, uploading
support bundles, and update notifications. For replication, use Generic Routing Encapsulation
(GRE) tunnels when possible. This lets traffic run on the back end interfaces and avoid the
firewall where traffic could be slowed. If GRE tunnels are not available on the NFS core, you
must run replication over the front end interface. In this case, port 216 and port 217 must also
be open.
For Kerberos ports, see “Configuring Kerberos Realms for NFS” on page 240.
Configuring Services
For information about configuring a service, select one of the services from the following table:
236 Oracle ZFS Storage Appliance Administration Guide, Release OS8.6.x • September 2016
To Next Page
Loading...
