Here is a compilation of ports that I run across continuously in my studies for CCIE Storage.
If you have any more ports that you think would be applicable in an MDS SAN environment and would likely be good to know please let me know and I will add them to the list!
|Commonly Used Ports|
|Name||Proto||Port||src or dst?||Notes|
|FCIP||TCP||3225||dst||control is dynamic source TCP port
data is dynamic source TCP port+2
|NTP||UDP||123||src and dst|
|CFS discovery||UDP||7546||src and dst||Destination is 22.214.171.124 by default|
|iSCSI||TCP||3260||src and dst|
Important to note is that on Gigabit interfaces ACL’s will only work for TCP and ICMP traffic. Even though you can configure the ACL to permit or deny UDP it will not actually process that part of the ACL.
To capture messages generated from using the log-deny keyword on ACL’s, you must configure severity level 7 for the kernel and ipacl facilities and ensure your logging destination is set to level 7.
The IP-ACL applied to the interface for the ingress traffic affects both local and remote traffic.
The IP-ACL applied to the interface for the egress traffic only affects local traffic.