Inter-Server Communications

This paper describes deploying SharePoint Portal Server inside a perimeter network. This requires that a Microsoft Active Directory® directory service domain is deployed inside this same perimeter network.

To do this successfully, you must know:

  • The kinds of communications that take place between computers in an Active Directory domain and computers in a SharePoint Portal Server deployment.
  • The communications that take place between the domain infrastructure computers — domain controllers, DNS computers, Dynamic Host Configuration Protocol (DHCP) computers, etc. — and the other computers that are members of the domain (SharePoint Portal Server computers, SQL Server® computers).

The following table lists the protocols and ports used for the inter-server communications described. These protocols and ports are provided to help ensure that you are able to configure any internetworking devices (routers, switches, etc.) between Active Directory domain computers and SharePoint Portal Server computers to enable them to communicate successfully.

Protocol Ports (TCP and User Datagram Protocol)
Dynamic Host Configuration Protocol (DHCP) Server 67/UDP
DNS 53/TCP, 53/UDP
Dynamic RPC* 1024-65535/TCP
File Replication Service (FRS) RPC Port 49152/TCP
Global Catalog 3268/TCP
Global Catalog over SSL 3269/TCP
Secure HTTP (HTTPS) 443/TCP
Internet Message Access Protocol (IMAP) 143/TCP
Kerberos authentication protocol 88/TCP, 88/UDP
Lightweight Directory Access Protocol (LDAP) 389/UDP
Network Time Protocol (NTP) 123/UDP
Post Office Protocol 3 (POP3) 110/TCP
Remote Procedure Call (RPC) Endpoint Mapper 135/TCP, 135/UDP
Server Message Block (SMB) over NetBIOS over TCP/IP (NBT) 137/TCP, 137/UDP, 138/UDP, 139/TCP
SMB over TCP 445/TCP, 445/UDP
Simple Mail Transfer Protocol (SMTP) 25/TCP, 25/UDP
Simple Network Management Protocol (SNMP) 161/TCP, 161/UDP, 162/TCP, 162/UDP
SQL 1433/TCP
SQL Management 1434/UDP
Static RPC (configured with registry setting) 5000-5040
Terminal Server 3389/TCP
Windows Internet Name Service (WINS) Replication 42/TCP, 42/UDP
WINS Resolution 1512/TCP, 1512/UDP

*Dynamic Remote Procedure Call (RPC)    It is possible to use a Windows registry key to limit the range of the dynamic RPC ports assigned. Rather than using all of the high-numbered ports (1024 – 65535), it is possible to limit the range of dynamic RPC ports to a much smaller number. This is referred to as static RPC. For more information, see:

 Note   As stated in the Introduction section of this paper, prescriptive guidance for installing and configuring firewalls/proxy servers between SharePoint Portal Server computers in a server farm is beyond the scope of this paper.

Named Pipes    Although it is not explicitly depicted in the table above, Named Pipes typically uses ports 137, 138, 139 and 445.

IPsec    As mentioned in a previous section, this paper does not address configuring IPsec between the servers that make up a SharePoint Portal Server farm deployment. By default, all inter-server communications in a SharePoint Portal Server farm are "in the clear" and not encrypted.

Applies to:
Deployment Center 2003, SPS Admin 2003