Cluster Port

Quick cheat sheet for port numbers used by SQL Server services or services that SQL Server may depend on:
21TCPFTP (replication)
80TCPHTTP endpoints, Reporting Services, HTTP replication
135TCP & UDPRPC, WMI, MSDTC, SQL Agent file copy, and TSQL Debugger (RPC used for multiple purposes including SSIS and clustering.)
137UDPFile & Print Sharing (replication) and Cluster Admin
138UDPFile & Print Sharing (replication)
139TCPFileStream and NetBIOS Session Service (clustering)
443TCPHTTPS endpoints and Reporting Services
445TCP & UDPFileStream, SMB (clustering), and File & Print Sharing
500UDPIPSec
860TCPiSCSI
1024-5000TCPOriginal dynamic ports for named instances. (WinSock standard.)(See ports 49152-65535.) The DoD Database STIG requires static ports.
1433TCPSQL Server database engine
1434TCP & UDPSQL Server database engine, DAC, and SQL Server's "Browse" button.
2382UDPAnalysis Serviceswhen using dynamic ports with named instances
2383TCPAnalysis Services
2393-2394TCPAnalysis Services version 7
2725TCPAnalysis Services
3260TCPiSCSI
3343UDPCluster network driver
3389TCPRemote Desktop Protocol (RDP)
3882TCPDTS/SSIS
4022TCPConventional port for the SQL Broker service
4500UDPIPSec
5000-5099UDPClustering
5022TCPAlwaysOn's default port for primary and secondary replicas
7022TCPConventional port for Database Mirroring
8011-8031UDPClustering internode RPC
49152-65535TCPLatest dynamic ports for named instances. (WinSock standard.)(See ports 1024-5000.) The DoD Database STIG requires static ports.
Microsoft recommends non-default ports for maximum security.
Check ports in use: SELECT ServerProperty("ProcessID")
At a command prompt: "netstat -ano"
AlwaysOn Ports
  • Each instance w an Availability Group (AG) must have a database mirroring endpoint, and they endpoints bust be started (query sys.database_mirroring_endpoints and sys.tcp_endpoints).
  • Logins from a remote server must have CONNECT permission. Each instance must have access to ports on all partners

Windows Server Clustering 
TCP/UDP
Port
Description
TCP/UDP
53
User & Computer Authentication [DNS]
TCP/UDP
88
User & Computer Authentication [Kerberos]
UDP
123
Windows Time [NTP]
TCP
135
Cluster DCOM Traffic [RPC, EPM]
UDP
137
User & Computer Authentication [NetLogon, NetBIOS]
UDP
138
DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
TCP
139
DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
UDP
161
SNMP
TCP/UDP
162
SNMP Traps
TCP/UDP
389
User & Computer Authentication [LDAP]
TCP/UDP
445
User & Computer Authentication [SMB, SMB2, CIFS]
TCP/UDP
464
User & Computer Authentication [Kerberos Change/Set Password]
TCP
636
User & Computer Authentication [LDAP SSL]
TCP
3268
Microsoft Global Catalog
TCP
3269
Microsoft Global Catalog [SSL]
TCP/UDP
3343
Cluster Network Communication
TCP
5985
WinRM 2.0 [Remote PowerShell]
TCP
5986
WinRM 2.0 HTTPS [Remote PowerShell SECURE]
TCP/UDP
49152-65535
Dynamic TCP/UDP [Defined Company/Policy {CAN BE CHANGED}]

SQL Server –
TCP/UDP
Port
Description
TCP
1433-1434
SQL Server/Availability Group Listener [1433 {CAN BE CHANGED}]
SQL Server Dedicated Admin Port [1434]
UDP
1434
SQL Server Browser
TCP
2382
SQL Server Analysis Services Default Instance
TCP
2383
SQL Server Analysis Services Named Instance
TCP
5022
SQL Server DBM/AG Endpoint [Default Port {CAN BE CHANGED}]
UDP
49152-65535
Dynamic TCP/UDP [Defined Company/Policy {CAN BE CHANGED}]


Active Directory Traffic:
Source IP Range
10.10.33.192/26, 10.20.33.192/26
Destination IP Range
[Active Directory Servers]
TCP Ports
53,88,389,464,636,3268,3269
UDP Ports
53,88,389,464

Windows Server Failover Clustering Traffic:


TCP Ports
135,139,445,1433,2383,3343,5022,5985,5986
UDP Ports
137,138,445,1434,2382,3343,49152-65535


Windows Time Traffic
:



[NTP Servers]
TCP Ports
N/A
UDP Ports
123


SQL Server Access Traffic:

TCP Ports
1433,1434,5022,2382,2383
UDP Ports
1434,49152-65535





Refered from:
http://dsfnet.blogspot.com/2013/04/windows-server-clustering-sql-server.html








Comments

Popular posts from this blog

Troubleshooting Netlogon Error Codes

Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe)

Troubleshooting AD Active Directory Replication Error 8456 or 8457: "The source | destination server is currently rejecting replication requests"