Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

Portmap service configuration

Views:
620
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

ONTAP 9.x

Answer

  • The portmap service maps RPC services to the ports on which they listen.
  • The portmap service was always accessible in ONTAP 9.3 and earlier, became configurable in ONTAP 9.4 through ONTAP 9.6, and is managed automatically starting in ONTAP 9.7.
    • In ONTAP 9.3 and earlier, the portmap service (rpcbind) was always accessible on port 111 in network configurations that relied on the built-in ONTAP firewall rather than a third-party firewall.
    • From ONTAP 9.4 through ONTAP 9.6, you can modify firewall policies to control whether the portmap service is accessible on particular LIFs.
    • Starting in ONTAP 9.7, the portmap firewall service is eliminated. Instead, the portmap port is opened automatically for all LIFs that support the NFS service.
  • NOTE:
    • Both data-nfs service and management-portmap service provide the same portmap service  tcp/udp:111.
    • data-nfs service is used for data LIF and  management-portmap service is used for management LIF.
    • NETWORK-SERVICE.XML 

      Service Name

      Vserver Restrictions

      Failover Restrictions

      Protocol: Port Numbers

      data-nfs

      data-only

      unrestricted

      tcp/udp:111

                                     

      management-portmap

      unrestricted

      unrestricted

      tcp/udp:111

 

Scan to view the article on your device

 

  • Was this article helpful?