Ports and Protocols
The Ports and Protocols Reference allows you to determine ports requirements for multiple Nutanix products and services in a single pane. This document is divided into several sections based on the required ports for each product or service.
Ports and Protocols Reference covers detailed port information (like protocol, service description, source, destination, and associated service) for the following products and services.
Note: Note: The existing port information in this document is based on the latest product release. Updates to this document is made with major release of products.
1-click Upgrade
| Port Number | Description | Source | Destination | Bi-Directional | Transfer Protocol | Service |
| Default or custom port number | Brief description on the port usage | IP Address or domains of the service from which the connection must be established | IP Address or domain of the service to which the connection must be established | Communication direction is bi-directional | Transport protocol used for communication | Mapping of port to service |
| 80 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | *.compute-*.amazonaws.com | TCP | HTTP | |
| 443 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | *.compute-*.amazonaws.com | TCP | HTTPS | |
| 80 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | release-api.nutanix.com | TCP | HTTP | |
| 80, 443 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | ntnx-portal.s3.amazonaws.com | TCP | HTTP, HTTPS | |
| 80, 443 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | s3*.amazonaws.com | TCP | HTTP, HTTPS | |
| 80, 443 | Allow this port in Firewall for 1-click Upgrade. | Controller VM or Prism Central | download.nutanix.com | TCP | HTTP, HTTPS |
AHV
| Port Number | Description | Source | Destination | Bi-Directional | Transfer Protocol | Service |
| Default or custom port number | Brief description on the port usage | IP Address or domains of the service from which the connection must be established | IP Address or domain of the service to which the connection must be established | Communication direction is bi-directional | Transport protocol used for communication | Mapping of port to service |
| 9440 | Management traffic to and from Prism Web Console and SSH console for nCLI | Controller VM or Prism Central | Controller VM or Prism Central | Yes | TCP | SSH |
| 80 | Remote Support Tunnel | Controller VM or Prism Central | nsc01.nutanix.net, nsc02.nutanix.net | Yes | TCP | HTTP |
| 8443 | Remote Support Tunnel | Controller VM or Prism Central | nsc01.nutanix.net, nsc02.nutanix.net | Yes | TCP | HTTPS |
| 2100 | Cluster and IP address configuration | Clients accessing the cluster where Nutanix Volumes is enabled | Controller VM and Prism Element | Yes | TCP/UDP | SSH |
| Configurable | Used to export IPFIX messages to a remote collector | IPFIX Exporter | Remote Host | TCP/UDP | 0 | |
| 22 | Used by Acropolis to connect to libvirt's listening Unix socket by using SSH | Acropolis | libvirt daemon | TCP | SSH | |
| 3261 | Used for storage traffic | iSCSI Redirector, qemu-kvm, frodo | stargate:iscsi | TCP | iSCSI | |
| 123 | Used to sync host time with the Internet time servers | Network Time Protocol daemon (ntpd) | NTP Server | UDP | DNS, NTP | |
| 53 | Whenever any AHV service makes an outbound connection using a name instead of an IP address, a connection is made to the DNS server to get the IP address | AHV host | DNS Server | UDP | DNS | |
| 49152 to 49215 | Used for TCP migration stream that uses TCP across hosts | qemu-kvm | qemu-kvm | Yes | UDP | 0 |
| 22 | Used for peer-to-peer migration | libvirt daemon | libvirt daemon | Yes | TCP | SSH |
| Configurable | Used to add or update remote system logs | syslog daemon | Remote Host | UDP | 0 | |
| 9446 | Used by conntrack_stats_collector to connect to Prism Central to publish the push model information | conntrack_stats_collector | Prism Central | TCP | Stats collector | |
| Configurable | Used to query or modify the OVS configuration. | ovn-controller | OVS Database Server (ovsdb-server) | TCP/UDP | 0 |
AOS
| Port Number | Description | Source | Destination | Bi-Directional | Transfer Protocol | Service |
| Default or custom port number | Brief description on the port usage | IP Address or domains of the service from which the connection must be established | IP Address or domain of the service to which the connection must be established | Communication direction is bi-directional | Transport protocol used for communication | Mapping of port to service |
| 389 | Default LDAP Port in AOS The URL format for an LDAP entry is: ldap://host:ldap_port_num. The host value is either the IP address or fully qualified domain name. | Clients accessing the cluster where Nutanix Volumes is enabled | Active Directory or Prism Element OpenLDAP Servers | Yes | TCP | LDAP |
| 636 | LDAPS port in AOS: Use this port number when the configuration is single domain, single forest, and not using SSL. The URL format for an LDAP entry is: ldap://ad_server.mycompany.com:389 | Clients accessing the cluster where Nutanix Volumes is enabled | Active Directory or Prism Element OpenLDAP Servers | Yes | TCP | LDAPS |
| 3268 | Use this port number when the configuration is multiple domain, single forest, and not using SSL. | Clients accessing the cluster where Nutanix Volumes is enabled | Active Directory or Prism Element OpenLDAP Servers | Yes | TCP | LDAP |
| 3269 | Use this port number when the configuration is multiple domain, single forest, and using SSL. | Clients accessing the cluster where Nutanix Volumes is enabled | Active Directory or Prism Element OpenLDAP Servers | Yes | TCP | LDAP |
| 5696 | The default port where the key management server is configured to listen for the KMIP protocol | Prism Element data service and Controller VM | Key Management Server | Yes | TCP | KMIP |