Configuration of the Erasure Network Services.

EENet Server is commonly deployed over a private network where no firewall configuration is necessary. Should you need to configure a firewall you may need to know which services and ports are used by EENet server. Due to the wide variety of possible network devices, configurations, and security policies, this document does not give specific advice on how to configure your network.

The information here is intended as guidance only.

Please contact Tabernus Support if you have a specific inquiry that is not answered in this document.

Basic Configuration

The 'Network Setup Wizard' should be used to configure the basic settings required to get started using EENet Server. This includes selecting the network adapter, and IP address that EENet server will use. The wizard runs the first time you start the server's user interface, and may also be launched using the desktop icon.

Services and Ports

Here is a list of network ports that EENet Server uses for incoming client connections:

^● TCP

^❍ Port 21: FTP (Report files upload)

^❍ Port 5911: EENet Server (client <--> server communication)

^● UDP

^❍ Port 67: DHCP (Post-PXE boot)

^❍ Port 68: BOOTP (PXE boot)

^❍ Port 69: TFTP (PXE boot)

We may open other ports within the server machine for internal use. Also see the section Additional Ports Used by FTP below.

Additional Ports Used by FTP

Note that the FTP ports listed above are only used to initiate the transfer between client and server, with the file data transfer taking place on some other 'data-port' chosen by the server. In the default configuration, the data-port is any available TCP port greater than 1024. This setting allows the server to handle many thousands of FTP transfers simultaneously.

You may wish to restrict the range of ports offered by the FTP server, to assist with firewalling for example. Deciding which and how many ports to open up is a balance between security and smooth operation, and depends upon several factors, including:

          ^● the number of client machines you have connected (and uploading/downloading) at any given moment;

          ^● each client may open several connections at once; 

          ^● ports may not be available for reuse immediately; 

          ^● other services using the same port range.

The example below is based on a liberal estimate of 5 transfers x 50 clients = 250 ports. Using the command netstat -tuna we determined that the 9xxx range was never used on our network. By experimenting you may find that you need far fewer ports than the example here.

Restrict port range for report upload (vsftpd)

Edit /etc/vsftpd.conf Add these options:

    pasv_min_port=port     pasv_max_port=port

Example pasv_min_port=9251 pasv_max_port=9500

Restrict port range for PXE boot (tftpd)