This section explains which inbound and outbound networking ports Qumulo Core requires.
Note
- Communication between nodes in a cluster must be possible on any port.
- Active Directory authentication services require their own network port range. For an authoritative list, see Active Directory and Active Directory Domain Service Port Requirements in the Windows Server 2008 R2 and Windows Server 2008 documentation.
Networking Ports for Inbound Connections
| Port | Protocols | Use |
|---|---|---|
| 21 | TCP | FTP |
| 22 | TCP | SSH |
| 80 | TCP | HTTP (Web UI) |
| 111 | TCP UDP |
rpcbind or portmapper for NFSv3
|
| 443 | TCP | HTTPS (Web UI) |
| 445 | TCP | SMB |
| 2049 | TCP UDP |
NFS or MOUNT
Note
Qumulo Core supports UDP for the MOUNT protocol for older clients. However, any NFS clients—that specify the TCP mount option or transfer data over NFS after mounting—don’t use UDP. |
| 3712 | TCP | Replication |
| 8000 | TCP | REST API |
| 9000 | TCP | S3 API, if you enable the S3 API for your Qumulo cluster |
| 32768-60999 | TCP | FTP Passive Mode |
Networking Ports for Outbound Connections
Note
For cluster formation and inter-node communication, Qumulo Core requires unblocked IPv4 traffic in the local subnet.
For cluster formation and inter-node communication, Qumulo Core requires unblocked IPv4 traffic in the local subnet.
| Port | Protocols | Use |
|---|---|---|
| 53 | UDP | DNS |
| 88 | TCP | Kerberos |
| 111 | TCP |
Note
Depending on the client portmapper configuration, Qumulo Core might require additional ports. |
| 123 | UDP | Synchronization of product and network time, for authentication and timestamping of artifacts such as audit logs, by using the Network Time Protocol (NTP). |
| 135 | TCP | DCERPC or Netlogon (Domain Controller Binding) |
| 389, 636 |
TCP | LDAP to Active Directory or to a standalone LDAP server (by default) |
| 443 | TCP | Qumulo Shift for Amazon S3 (by default) |
| 514 | TCP | Audit with Rsyslog (by default) |
| 3712 | TCP | Replication (by default) |