cancel
Showing results for 
Search instead for 
Did you mean: 

Netbackup port range

Brits
Level 6

Hi Team, 

Can you please suggest the below mentioned ports are enough for Netbackup communication and data transfer from client to Netbackup Master /Media server. Client machines are VM ( snapshot backups) , Exchnage , SQL agent base backup 

Please suggest , if more ports are required to open for data transfer --

Source Destination Source Port Destination Ports Bi-Directional
Master Server Media server Any TCP/1556
TCP/2821
TCP/13724
TCP/13782
TCP/13720
TCP/4032
TCP/10102
TCP/10082
TCP/443
TCP/111
TCP/7394
TCP/902
Yes
VM Client machines Media server Any TCP/1556
TCP/13724
TCP/10102
TCP/10082
TCP/443
TCP/2821
Yes
VM Client machines Master Server Any TCP/1556
TCP/13724
TCP/10102
TCP/10082
TCP/443
TCP/2821
Yes
1 ACCEPTED SOLUTION

Accepted Solutions

Nicolai
Moderator
Moderator
Partner    VIP   

This is what I came up with. This will allow both agent and VMware backups.

Master -> Media TCP/1556
Master -> VM client TCP/1556 
Master -> Vcenter TCP/443
Media -> ESX TCP/902
Media -> Clients TCP/1556
ClientS -> Media TCP/10102 & TCP/10082
Clients -> Master TCP/1556

No Netbackup 6.X compatibility. If required 13724 need to be added.

View solution in original post

17 REPLIES 17

Nicolai
Moderator
Moderator
Partner    VIP   

Symantec NetBackup 7.6 Network Ports Reference Guide

http://www.symantec.com/docs/DOC6716

Netbackup uses 1556 for backup only. Some additional ports are also used, but that very much dependent on the configuration. 

Brits
Level 6

Hi Nicolai , after reading this guide , I filtered the port ranges and pasted above.

I am not sure if the above mentioned ports are enough for data transfer from client to master / media server...

need your suggestion.

 

 

Nicolai
Moderator
Moderator
Partner    VIP   

is this a pure VM backup configuration. Will agent based backup be used as well ?. What is the transfer method for VM backups ?

Brits
Level 6

yes , all client servers are VM , Master / media servers are physical

for VM Backup -- Snapshot backup method ( SAN transport mode for SAN datastores and NDB mode for NFS datastores) and exclude DB backups.

For exchange -   exchange running on VM will be agent base backup

For SQL - SQL running on VM will be agent base backup

CIFS will be mapped to master server and get backed up via snapshot backup. 

 

Nicolai
Moderator
Moderator
Partner    VIP   

This is what I came up with. This will allow both agent and VMware backups.

Master -> Media TCP/1556
Master -> VM client TCP/1556 
Master -> Vcenter TCP/443
Media -> ESX TCP/902
Media -> Clients TCP/1556
ClientS -> Media TCP/10102 & TCP/10082
Clients -> Master TCP/1556

No Netbackup 6.X compatibility. If required 13724 need to be added.

Brits
Level 6

HI SDO,  

Protocol name means transport protocol ..is it ? I have mentionedd as TCP....or something else you want to say ?

NBU version - 7.6.0.3

I will use exchange and VM GRT , please suggest the port range

Please suggest the  LU (LiveUpdate) port range  & OpsCenter 

Maybe also UDP/162 and or TCP/162 if you master, master/media, media are appliances and you want them to be able to send SNMP traps.  And again, if you have appliances, maybe also TCP/123 (for NTP time server requests).

Master Media servers are not appliance. i want to send SNMP alerts by using nebackup MIB's and ops center. any ports required for this ?

I will add these ports also as you have suggested -

UDP/53 and TCP/53 for DNS
port TCP/25 outbound from master server
TCP/22 (ssh) 
TCP/3389 (rdp) for Windows

 

Brits
Level 6

thanks Nicolai, 

Media -> ESX TCP/902 is missing in my list ...I will add it.

My doubt is , if  4-5 policies starts running at the same time and it will backup multiple clients ( example 20 clients) , do you think these ports are enough for data transfer ?

 

Nicolai
Moderator
Moderator
Partner    VIP   

From the port guide - page 17

TCP port 111 (portmapper) needs to be open from the client to the media server.

TCP port 7394 (nbfsd) needs to be open from the client to the media server.

Regardig OPScenter - see page 19 in the port guide.

It would be really helpfull if you had a network diagram and location of firewalls. Port opening only matter if firewalls are in place. That the "possible firewall" on the opscenter drawing page 20.

Nicolai
Moderator
Moderator
Partner    VIP   

yes - you do not need to worry. It's a non-issue. 

There is a complicated technical answer behind that is out of scope right now.

 

Brits
Level 6

thanks Nicolai, 

Noted - 

TCP port 111 (portmapper) needs to be open from the client to the media server.

TCP port 7394 (nbfsd) needs to be open from the client to the media server.

Checking page 19 for ops-center.. I will revert back in few mins

VoropaevPavel
Level 4
Partner Accredited

In addtion to all above, if you have DAG ports 1556, 13724, 13782 are required between farm nodes. Same goes for Sharepoint.

sdo
Moderator
Moderator
Partner    VIP    Certified

Nice table Brits.

Would be even nicer with the protocol 'name' next to the port number... :)

What version of NetBackup are you looking to implement?

.

IMO - you don't need master to/from media TCP/13720. 

And, you shouldn't need VM Client to master/media TCP/13724 - BUT - you will need if if any backup clients are pre NetBackup v7.0.1 or are v7.5+ 'resilient' clients - and/or if you are using the native Windows Admin Console, or the Windows Java Admin Console, within any guest VM.

FYI - NDMP requires additional ports.  GRT requires additional ports.  BMR requires additional ports.  Appliance KVM require additional ports.  LU (LiveUpdate) requires additional ports.  OpsCenter requires additional ports.

If your list is purely NetBackup ports - then it looks like you're fairly close to a definitive list for NetBackup.

Some sites prefer to list/capture/document everything required by infrastructure - so that everything required for a 'service' is listed in one place... if so, then your documentation may need to also cover...

Maybe also UDP/53 and TCP/53 for DNS.

Maybe also port TCP/25 (smtp) outbound from master server if you want to be able to email from the master server - e.g. the Catalog Backup DR email file.  (very highly recommended to implement this).

Maybe also UDP/162 (snmp) and or TCP/162 (snmp) if you master, master/media, media are appliances and you want them to be able to send SNMP traps.

Maybe also TCP/123 (ntp) for time server requests - especially if you have appliances, but then shouldn't all nodes require accurate time services - so maybe TCP/123 for everything.

Maybe also TCP/22 (ssh) if you want to be able to logon using PuTTY, or even pscp 'binaries' kits to the servers and/or clients.

Maybe TCP/3389 (rdp) for Windows.

Maybe some ports for SMB/CIFS or NFS - especially if you have appliances and want to be able to upload kits.

sdo
Moderator
Moderator
Partner    VIP    Certified

http://en.wikipedia.org/wiki/OSI_model

The word "protocol" on its own can sometimes be a bit mis-leading in some circumstances/contexts.

So, TCP is a "transport" protocol at OSI layer 4, whereas TCP/1556 is an "application" protocol at OSI "data" layers 5/67, with an application protocol name of "veritas-pbx", which, oddly, is not listed here:

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

...but is listed here:

http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?&page=27

.

I can't remember off the top of my head all the ports for BMR, GRT, and LU (which depends how you implement it).

This doc might show some light on the ports for BMR which vary depending upon OS family of NetBackup Client:

https://www-secure.symantec.com/connect/articles/netbackup-76-blueprints-bmr

...so, maybe several of the Blueprint docs might contain hints and tips re port numbers (apologies but I haven't checked in detail) (I have a job to do too):

https://www-secure.symantec.com/connect/forums/list-netbackup-blueprints

Nicolai
Moderator
Moderator
Partner    VIP   

Are you sure about that ?

13724, 13782 are NBU 6.x legacy ports.

Page 14 in the port manual 

13782: Only needed for pre- 7.0.1 clients.

13724: Only needed for pre- 7.0.1 clients or 7.5+ resilient clients.

VoropaevPavel
Level 4
Partner Accredited

I am sure for SharePoint, had to open a support case to learn it. Exchange not so sure, never tried with 1556 only. Since sharepoint issue, I'm requesting all 3 of these every time.

Brits
Level 6

hi Nicolai, 

I have added 25 , 162 , 1556 port for ops- centera alerts and all other port detail also which you have suggested above.

Many thanks for help.

 

 

Brits
Level 6

thank you very much SDO for these useful links. They will definately help me.

For now,  my requirement was to get the port details for Netbackup and your response is really helpful.