IP port usage on a storage system IP port usage on a storage system The Data ONTAP services file is available in the /etc directory. The /etc/services file is in the same format as its corresponding UNIX systems /etc/services file. Host identification Although some port scanners are able to identify storage systems as storage systems, others port scanners report storage systems as unknown types, UNIX systems because of their NFS support, or Windows systems because of their CIFS support. There are several services that are not currently listed in the /etc/services file. etc/services NNTP and TTCP ports The nntp and ttcp ports are unused by your storage system and should never be detected by a port scanner. Ports in a block starting around 600 Some ports on the storage system are NFS-enabled. Ports not listed in /etc/services Some ports appear in a port scan but are not listed in /etc/services file. FTP File transfer protocol (FTP) uses TCP ports 20 and 21. SSH Secure Shell (SSH) protocol is a secure replacement for RSH and runs on TCP port 22. This only appears in a port scan if the SecureAdmin software is installed on your storage system. Telnet Telnet is used for administrative control of your storage system and uses TCP connections on port 23. Telnet is more secure than RSH, as secure as FTP, and less secure than SSH or Secure Socket Layer (SSL). SMTP The Simple Mail Transport Protocol (SMTP) uses TCP port 25. Your storage system does not listen on this port but makes outgoing connections to mail servers using this protocol when sending AutoSupport e-mail. Time service Your storage system supports two different time service protocols, time and ntp. DNS The Domain Name Service (DNS) uses UDP port 53 and TCP port 53. Your storage system does not typically listen on these ports because it does not run a domain name server. However, if DNS is enabled on your storage system, it makes outgoing connections using UDP port 53 for host name and IP address lookups. DHCP Clients broadcast messages to the entire network on UDP port 67 and receive responses from the Dynamic Host Configuration Protocol (DHCP) server on UDP port 68. The same ports are used for the BOOTP protocol. TFTP Trivial File Transfer Protocol (TFTP) uses TCP port 69. It is used mostly for booting UNIX or UNIX-like systems that do not have a local disk (this process is also known as netbooting) and for storing and retrieving configuration files for devices such as Cisco routers and switches. HTTP Hypertext Transport Protocol (HTTP) runs on TCP port 80 and is the protocol used by web browsers to access web pages. Kerberos There are four Kerberos ports in the /etc/services file: TCP port 88, UDP port 88, TCP port 750, and UDP port 750. These ports are used only for outbound connections from your storage system. Your storage system does not run Kerberos servers or services and does not listen on these ports. NFS The Network File System (NFS) is used by UNIX clients for file access. NFS uses port 2049. CIFS The Common Internet File Service (CIFS) is the successor to the server message block (SMB) protocol. CIFS is the primary protocol used by Windows systems for file sharing. SSL The Secure Sockets Layer (SSL) protocol provides encryption and authentication of TCP connections. SNMP Simple Network Management Protocol (SNMP) is an industry-standard protocol used for remote monitoring and management of network devices over UDP port 161. RSH Remote shell protocol (RSH) is used for remote command execution and is the only protocol supported on your storage system. It is even less secure than TFTP and uses TCP port 514. Syslog Your storage system sends messages to hosts specified by the user in the /etc/syslog.conf file using the syslog protocol on UDP port 514. It does not listen on this port, nor does it act as a syslog server. Routed The route daemon, routed, listens on UDP port 520. It receives broadcast messages from routers or other hosts using the Routing Information Protocol (RIP). These messages are used by your storage system to update its internal routing tables to determine which network interfaces are optimal for each destination. NDMP Network Data Management Protocol (NDMP) runs on TCP port 10000 and is used primarily for backup of network-attached storage (NAS) devices, such as your storage systems. SnapMirror and SnapVault SnapMirror and SnapVault use TCP port 10566 for data transfer. Network connections are always initiated by the destination system; that is, SnapMirror and SnapVault pull data rather than push data. Copyright © 1994-2008, NetApp, Inc. All rights reserved. Part No. 210-04300_A0 Updated for Data ONTAP 7.3.1 on 12 December 2008