How To
Summary
This document provides a list of ports and protocols to be opened on local fire wall between the HMC and the VIOS LPAR, for the command "installios" "install VIOS on power".
Objective
During the process of installing the VIOS by HMC command (installios), the customer's local firewall must allow the traffic between the HMC and the VIOS LPAR on the following ports.
Environment
Steps
- icmp: 5813
- rsh: 513 - 1023 TCP
- bootp: 67 - 68 UDP
- tftp: 69 and 32,768 - 65,535 UDP
- nfs: 2049 TCP
- mountd: 32,768 - 65,535 TCP, or user's choice
- portmapper: 111 UDP
Directions for communications over ports to be opened for installios use, in case you do not want to open all necessary ports bi-directionally:
Note:
Note:
VIOS (Client) - HMC (Server).
BOOTP:
Client UDP 68 --> Server UDP 67
Server UDP 67 --> Client UDP 68
So the client communicates from UDP port 68 to server's UDP port 67.
Then, the server's UDP port 67 responds to the client's UDP port 68.
TFTP:
Client UDP <--> Server UDP 69
Client UDP <--> Server UDP (random port between 32768 and 65535)
Here the client communicates over UDP to the server's port 69. The port that the client uses cannot be predicted.
Then, the server responds from port 69 back to the same port that made the request.
I used the bidirectional arrow to represent this type of communication.
Then, random UDP ports are chosen on both the server and the client to affect the transfer of data. Again bidirectional.
NFS:
Client UDP <--> Server UDP 111
Client TCP <--> Server TCP (random port between 32768 and 65535, or the port specified in /etc/services for 'mountd' and 'lockd', as 'statd' must use the port range between 32768 and 65535)
Client TCP <--> Server TCP 2049
Similar "statements" for NFS's portmapper, mountd, and nfsd processes.
ICMP:
Client UDP 5813 <--> Server UDP 5813
Client TCP 5813 <--> Server TCP 5813
For rsh operations, which do not occur during installation:
Server TCP <--> Client TCP 513, 514 + 513-1023
BOOTP:
Client UDP 68 --> Server UDP 67
Server UDP 67 --> Client UDP 68
So the client communicates from UDP port 68 to server's UDP port 67.
Then, the server's UDP port 67 responds to the client's UDP port 68.
TFTP:
Client UDP <--> Server UDP 69
Client UDP <--> Server UDP (random port between 32768 and 65535)
Here the client communicates over UDP to the server's port 69. The port that the client uses cannot be predicted.
Then, the server responds from port 69 back to the same port that made the request.
I used the bidirectional arrow to represent this type of communication.
Then, random UDP ports are chosen on both the server and the client to affect the transfer of data. Again bidirectional.
NFS:
Client UDP <--> Server UDP 111
Client TCP <--> Server TCP (random port between 32768 and 65535, or the port specified in /etc/services for 'mountd' and 'lockd', as 'statd' must use the port range between 32768 and 65535)
Client TCP <--> Server TCP 2049
Similar "statements" for NFS's portmapper, mountd, and nfsd processes.
ICMP:
Client UDP 5813 <--> Server UDP 5813
Client TCP 5813 <--> Server TCP 5813
For rsh operations, which do not occur during installation:
Server TCP <--> Client TCP 513, 514 + 513-1023
Related Information
Document Location
Worldwide
[{"Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SGGSNP","label":"Hardware Management Console V9"},"ARM Category":[{"code":"a8m0z0000001jLRAAY","label":"Installios"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Was this topic helpful?
Document Information
Modified date:
29 December 2022
UID
ibm16395500