SharePoint network process communication ports and directions

Introduction

Ran into a strange problem with WSS 3.0 that appeared to involve hung sockets, the sql server dynamically assigned port changing, or some other network related problem.  404 errors with some documents in the document libraries, 500 Internal Server errors, memory errors, and tons of sql server related errors in the event logs.

In this particular situation, a reboot resolved all issues but left me wondering how networking worked within the SharePoint product itself.  The following are notes on SharePoint inter-process communications, network communication protocols, ports that SharePoint Server uses during its operation, etc.

SharePoint Network Communications

Overview

SharePoint uses a wide variety of protocols to communicate all of which are described by Microsoft in great detail.  In a nutshell, SharePoint network traffic occurs over these three transport protocols:

SQL Server Tabular Data Stream (TDS)

TDS is an application layer network protocol first created by Sybase. It is used to encapsulate the SQL queries.  All traffic in and out of SQL Server is handled by TDS (see Yellow paths in diagram below).  By default this takes place on port TCP:1433 but named instances of SQL Server (any other database instances running on the server must be named instances – e.g. “myserver\instancename”) will use a dynamically assigned port instead.  The dynamic assignment occurs in a two stage process.  First, the SQL client will call the SQL Server management service on port UDP:1434.  The SQL Server Management service will respond with a dynamic port assignment that will be used for subsequent communications.  The dynamic port assignment itself is generated when the SQL Server instance is first started.  As Microsoft explains:

Upon startup, SQL Server Browser starts and claims UDP port 1434.  SQL Server Browser reads the registry, identifies all instances of SQL Server on the computer, and notes the ports and named pipes that they use.  When SQL Server clients request SQL Server resources, the client network library sends a UDP message to the server using port 1434.  SQL Server Browser responds with the TCP/IP port or named pipe of the requested instance.  The network library on the client application then completes the connection by sending a request to the server using the port or named pipe of the desired instance.

Server Message Block (SMB)

SMB, or Common Internet File System (CIFS), is an application layer network protocol mainly used to provide access to printers, file systems, and other miscellaneous communications. It also provides an authenticated inter-process communication mechanism.  SMB is used for search and query operations within SharePoint (see the Red paths in the diagram below). This occurs on port TCP:445 or TCP:137,138,139 (over NetBIOS).

 

Hypertext Transfer Protocol (HTTP)

As expected, HTTP handles all incoming traffic and web service calls. This will typically occur over ports TCP:80 or TCP:443 for secured SSL communications.  Shared Service Provider (SSP) web service calls occur on ports 56737 and 56738 (SSL).  Share Service Providers are replaced in SharePoint 2010 with Service Applications which use ports 32843, 32844 (HTTPS), 32845 instead.

 

Other Ports

Other ports that SharePoint could use to communicate to other servers include:

  • AD Authentication: Occurs on TCP:445 or TCP:88 (Kerberos)
  • LDAP: Occurs on LDAP:389 and LDAPS:636
  • DNS: occurs on TCP:53
  • SMTP: Occurs on TCP:25

 

Inter-Server Communications

This is traffic between the servers in the SharePoint farm including the SharePoint boxes and the SQL Server boxes (click drawing for full-size view).

Inter-server communications of SharePoint 2007

 

Communication with other servers

This could be communications between SharePoint and Active Directory, DNS, etc.

Extra -server communications of SharePoint 2007

 

 

SharePoint 2007 ports and directions

Inbound/Outbound From Port Type To
Inbound Client IPs (as applicable) TCP 80 or 443 (SSL) HTTP ISA Web Pub or WFE
Inbound TS Jump point RDP (TCP 3389)

For Remote Admin

 APP (Central Admin /SSP Admin)
Inbound All SharePoint Server (Depends on Central Admin configuration) Office Server Web Services, TCP 56737, SSL 56738 HTTP App – Central Admin /SSP Admin

(Web Service Control)
Inbound Index TCP 80 or 443 WFE
Outbound ALL SharePoint Servers

(Based on Authentication)

 DS (TCP 445)

RPC (TCP 135)

DNS (TCP/UDP 53)

Kerberos (UDP 88)

LDAP/S (UDP 389/636)

 DC (AD) /DNS (LDAP)
Outbound External Content DNS (TCP/UDP 53) DNS
Outbound/(Inbound if applicable) WFE

(alerts or mail enabled list)

 SMTP (TCP 25) SMTP/Exchange
Outbound ALL SharePoint Servers SQL (TCP 1433, UDP 1434) or custom port for Named SQL Instance SQL Server Tabular Data Stream (TDS) SQL Server
Outbound WFE (Search Request) Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Server Message Block (SMB) Query
Outbound Index (Propagation) Search Query, either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Query
Outbound Index (File Shares) Either NBT (TCP/UDP 137, 138,139) or Direct-hosted SMB (TCP/UDP 445) Server Message Block (SMB) External Content
Outbound Index (BDC) SQL (TCP 1433, UDP 1434) or custom port External Content
Outbound WFE (SSO) RPC for SSO – (TCP 135), plus random high ports (Dynamic RPC) or restricted high ports (Static RPC) APP Servers
Outbound WFE TPC 80, TCP 443, TCP (custom) HTTP Index Server (search crawling)
Outbound Index (Search Crawling) TPC 80, TCP 443, TCP (custom) HTTP WDE
Outbound Index (Sites) TPC 80, TCP 443, TCP (custom) External Content

 

SharePoint 2010 Ports

SharePoint 2010 uses the same ports as SharePoint 2007 with these additions:

Inbound/Outbound From Port Type To
Inbound Service Application 32843, 32844 (HTTPS), 32845 (net.tcp binding) HTTP SharePoint Web Service
Inbound All SharePoint Servers, but where Forefront Identity Management agent is installed TCP/5725
TCP/UDP 389 (LDAP service)
TCP/UDP 88 (Kerberos)
TCP/UDP 53 (DNS)
UDP 464 (Kerberos Change Password)		 Active Directory
Outbound Web Front End Server TCP/5725
TCP/UDP 389 (LDAP service)
TCP/UDP 88 (Kerberos)
TCP/UDP 53 (DNS)
UDP 464 (Kerberos Change Password)		 Microsoft SharePoint Foundation User Code Service (for sandbox solutions)

Leave a Reply

Related Post

Aug 20

Detecting and blocking click fraud on asp.net sites

Google policies dictate prevention of click fraud falls on the shoulders of the site owner and bans AdSense accounts for invalid clicks with practically no chance of getting that account back in good standing. Here’s how to detect and prevent invalid clicks on your sites AdSense advertisements.

Sep 16

The jaw-dropping 3D murals by John Pugh

He works on a large scale in public and residential areas and his paintings can be seen all over the world from New Zealand to Hawaii – with many telling a story of the area where they are positioned. Pugh is used to people’s amazed reactions when they pass his murals. He said: ‘They say “wow did you see that. I thought that was real.” ‘Public art can link people together and stimulate a sense of pride within the community. ‘These life-size illusions allow me to communicate with a very large audience.

May 22

Create new directories and subdirectories in Unix using a single terminal command

It’s funny how programmers get in a "rut", using the same old coding habits and command line syntax for years on end.  I just found that you can create new directories and subdirectories with a single Unix mkdir command using the -p parm. mkdir -p top_level_directory/child_directory/another_child_directory And if you’re curious, this won’t work (I tried […]