Subscribe
Accepted Solution

cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP

HI All,

 

Going through a security review for Ontap 9.1 P1 and have been asked to explain what these ports are and why they are needed?

 

CIFS witness port 40001/TCP

HTTPS Port - Listening binary protocol 5986/UDP

 

Sec were given the ONTAP port usage on a storage system table from the guide:

 

Ontap 9 Network Management Guide https://library.netapp.com/ecm/ecm_download_file/ECMLP2492610

 

They are listed in the Ontap 9 Network Management Guide with no explination, also blind searches of the Internet and now.netapp.com have provided fruitless.

 

grateful for any help,

 

John

 

Re: cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP

Hi there!

 

Port 40001 is used by the CIFS Witness protocol, which is used to maintain state between multiple nodes when there is a continuously available share configured on an SVM. If there is no CA share, this port will not be active. This is documented in this manual page - http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-hypv-sql%2FGUID-603DF167-08FB-4BA8-8DD8-49A6BB825434.html

 

Port 5986 is used for Remote Management by both ONTAP and Windows, through the OMI CIM. This can be connected to and authenticated against using cluster or SVM scope accounts.

 

Hope this helps!

Re: cifs witness port 40001/TCP & HTTPS Port - Listening binary protocol 5986/UDP

Thanks Alex!