SQL Server Ports


 Quick cheat sheet for port numbers used by SQL Server services or services that SQL Server may depend on:

21 TCP FTP (replication)
80 TCP HTTP endpoints, Reporting Services, HTTP replication
135 TCP & UDP RPC, WMI, MSDTC, SQL Agent file copy, and TSQL Debugger (RPC used for multiple purposes including SSIS and clustering.)
137 UDP File & Print Sharing (replication) and Cluster Admin
138 UDP File & Print Sharing (replication)
139 TCP FileStream and NetBIOS Session Service (clustering)
443 TCP HTTPS endpoints and Reporting Services
445 TCP & UDP FileStream, SMB (clustering), and File & Print Sharing
500 UDP IPSec
860 TCP iSCSI
1024-5000 TCP Original dynamic ports for named instances. (WinSock standard.)(See ports 49152-65535.) The DoD Database STIG requires static ports.
1433 TCP SQL Server database engine
1434 TCP & UDP SQL Server database engine, DAC, and SQL Server's "Browse" button.
2382 UDP Analysis Serviceswhen using dynamic ports with named instances
2383 TCP Analysis Services
2393-2394 TCP Analysis Services version 7
2725 TCP Analysis Services
3260 TCP iSCSI
3343 UDP Cluster network driver
3389 TCP Remote Desktop Protocol (RDP)
3882 TCP DTS/SSIS
4022 TCP Conventional port for the SQL Broker service
4500 UDP IPSec
5000-5099 UDP Clustering
5022 TCP AlwaysOn's default port for primary and secondary replicas
7022 TCP Conventional port for Database Mirroring
8011-8031 UDP Clustering internode RPC
49152-65535 TCP Latest dynamic ports for named instances. (WinSock standard.)(See ports 1024-5000.) The DoD Database STIG requires static ports.

Microsoft recommends non-default ports for maximum security.

Check ports in use: SELECT ServerProperty("ProcessID")
At a command prompt: "netstat -ano"

AlwaysOn Ports

  • Each instance w an Availability Group (AG) must have a database mirroring endpoint, and they endpoints bust be started (query sys.database_mirroring_endpoints and sys.tcp_endpoints).
  • Logins from a remote server must have CONNECT permission. Each instance must have access to ports on all partners.

Resources: Windows Firewall & SQL Server, Ports that DBAs Need to Know, and KB968872

 

Comments (3)
  1. Quantum John says:

    Hi Freek,

    I wanted to be comprehensive, and if you're using FTP as part of SQL Server replication, you're definitely dependent on port 21. Likewise, I know DBAs who can normally manage an instance of SQL Server by remoting into the server, which means they're dependent on port 3389. They are "SQL Server" ports, but they could be involved in SQL Server issues.

    JD

  2. Freek Berson says:

    Hi!

    Some ports you mention, like e.g. 21 and 3389, I would not categorize as ports that SQL Server would use or be dependent upon.

    Kind regards,

    Freek Berson

    themicrosoftplatform.net

  3. John Edwards says:

    Hi

    Good (old) article but think 2382 UDP (for Analysis Services when using dynamic ports with named instances) should be 2382 TCP not UDP (https://msdn.microsoft.com/en-us/library/ms174937.aspx).

    Kind regards

Comments are closed.

Skip to main content