SUM network ports used

SUM requires that certain network ports are available. If you lock down network ports, make sure that the ports listed in the network port tables are open so that SUM works correctly when connecting to remote node servers and hosts. If you are unable to unlock these network ports, you must run SUM locally and update network-based hosts through their web interfaces (for example, the OA, iLO, and VC modules).
NOTE:

Use the open_firewall parameter for SUM to automatically open the required firewall ports on the local host and any remote servers.

Updates for most node types require network traffic in both directions between the server running SUM and the node. The server running SUM creates a local HTTP server, which is used to serve firmware binaries to the node and to communicate node status. The remote node issues HTTP requests and posts status updates to the server running SUM during the update process. If there is a routing problem or firewall blocking traffic back from the remote node to the system running SUM, firmware updates might be blocked, status updates blocked or delayed, or both.

After creating the initial communication binds to one of the available ports, SUM traffic can move to a dedicated high-number port number (greater than 1024). This frees up the initial port for new requests.

System running SUM

Target node type

Inventory phase

Deployment phase

   

To target

From target (SUM 7.3.0 and later)

To target

From target (SUM 7.3.0 and later)

Windows

Windows

445, 135, 137, 138, 139

None

445, 135, 137, 138, 139

None

Windows or Linux

Linux

22

None

22

None

Windows or Linux

VMware: Only on Gen9 and previous generation servers

443, 5989

63001

443, 5989

63001

Windows or Linux

OA

22, (80), 443

None

22, (80), 443

None

Windows or Linux

Superdome X

22, (80), 443

None

22, (80), 443

63001, 63002

Windows or Linux

iLO, VC, FC switch, SAS switch

22, (80), 443

None

22, (80), 443

63001

Windows or Linux

Superdome Flex

443

None

443

63002

SUM uses port 63002 to communicate between the sum_binary and sum_service applications on both Windows and Linux systems. If ports are listed in both columns, SUM communicates bidirectionally.

NOTE:
  • Windows to Windows traffic uses WMI, a standard DCOM-In port 135 and Async-in and WMI-in.
  • To use the iLO Repository, iLO must be used as the 'target node type.'

Use the parameters /port and /ssl_port to change from ports 63001 and 63002 if there are firewall conflicts. Use /open_firewall to open the HTTP and HTTPS ports used by SUM for external access. Open these ports for remote node functionality and for remote browser access. For example:

smartupdate /port 80 /ssl_port 443

You can use the parameter /ftp_port to assign which port to use for FTP service. By default the FTP port is disabled. Use this option to enable the service.