1. Ports
  2. Port 20049

Port 20049: NFS over RDMA — The File Transfer That Forgot About the CPU

Port 20049 carries NFS over RDMA (Remote Direct Memory Access), a high-performance variant of the Network File System protocol that moves data directly between server and client memory without involving the CPU.

What NFS over RDMA Does

Network File System (NFS) has been sharing files across networks since 1984. For 25 years, every byte that moved between server and client passed through the CPU, got copied into buffers, processed by network stacks, and copied again. This worked, but it was expensive - every file transfer consumed CPU cycles that could be doing actual computational work.

RDMA changed the game. When you access a file over NFS on port 20049, the data copies directly from the server's memory into your client's memory. The CPU on both ends barely notices it's happening.

Real-world impact: NFS over RDMA achieves 2-3x higher bandwidth and up to 150% higher IOPS compared to traditional TCP-based NFS1. The CPU load on both client and server drops dramatically because they're not managing the data transfer - the network hardware handles it.

How RDMA Works

Traditional network transfers work like this:

  1. Application asks CPU to send data
  2. CPU copies data into kernel buffers
  3. Network stack processes the data
  4. CPU copies data to network card
  5. Network card sends it
  6. Receiving side does the same in reverse

RDMA works like this:

  1. Application tells network hardware where the data lives in memory
  2. Network hardware reads it directly and sends it
  3. Receiving network hardware writes it directly to the destination memory
  4. Application gets notified it's done

No CPU involvement. No buffer copies. Just memory-to-memory transfer over the wire.

This is called Direct Data Placement - the data goes exactly where it needs to be, once, without intermediate stops.

The History

RDMA was developed in the late 1990s to support high-performance computing workloads over InfiniBand networks - the specialized, ultra-fast networks used in supercomputers and data centers2. InfiniBand was built for this: low latency, high bandwidth, and hardware that could handle data movement without bothering the CPU.

For years, RDMA was an exotic technology for research labs and high-performance computing clusters. But the file sharing problem it solved was universal: how do you move massive amounts of data without drowning your CPUs in network overhead?

In 2008, the IETF formalized NFS over RDMA. RFC 5532 laid out the problem statement3, RFC 5667 defined the protocol bindings4, and IANA officially assigned port 20049 for the service (with service name nfsrdma)5.

The timing mattered. By the mid-2000s, two methods of running RDMA over standard Ethernet networks had emerged: iWARP and RoCE (RDMA over Converged Ethernet). This meant organizations could get RDMA performance benefits without replacing their entire network infrastructure with InfiniBand2.

Oracle, Dell, NetApp, and others began implementing NFS over RDMA in their storage systems. PowerScale clusters added NFSv3 over RDMA support in OneFS 9.22. Red Hat and Oracle contributed Linux kernel support. By the 2010s, NFS over RDMA became a standard option for high-performance storage environments.

RFC 8267, published in 2017, updated the protocol specification and obsoleted RFC 5667, refining the upper-layer bindings of NFS to RPC-over-RDMA6.

Why It Matters

Media production companies rendering 4K video need to move terabytes between storage and workstations. Scientific computing clusters process massive datasets. Financial trading systems need microsecond-level latency for data access. Database servers benefit from reduced CPU overhead during high I/O operations.

These workloads don't just need fast network speeds - they need the CPU free to do computational work rather than managing network transfers. NFS over RDMA solves both problems simultaneously.

The genuine strangeness: NFS has been around since 1984. It took 24 years to realize "wait, what if we just let the network cards talk directly to memory?" Sometimes the biggest performance gains come from asking what work you can stop doing entirely.

Security Considerations

Network isolation is critical. RDMA uses IP addressing to specify peers, but because it's a separate protocol stack below the IP layer, it can bypass IP-based firewall rules and security policies7. This doesn't mean RDMA is insecure - it means traditional IP firewall configurations may not apply the way you expect.

NFS security models still apply. RPC-over-RDMA version 1 supports all RPC security models, including RPCSEC_GSS and transport-level security7. Mount restrictions and secure RPC policies are enforced normally.

Early designs had vulnerabilities. Research identified security and buffer management vulnerabilities in original NFS over RDMA designs that could allow malicious clients to attack servers7. Modern implementations address these issues, but it's important to ensure you're running updated versions.

Firewall recommendations:

  • Use external firewalls with rules that allow only trusted clients and servers
  • Restrict access to port 20049 (and standard NFS ports like 2049) to known systems
  • Deploy NFS over RDMA on isolated networks when possible (InfiniBand networks are inherently more isolated than Ethernet)
  • Block all other ports by default

Physical network security matters more. Since RDMA often runs over InfiniBand or dedicated RDMA-capable Ethernet networks, physical network access becomes a more significant security boundary. An attacker with physical access to the RDMA network can potentially bypass higher-level protections.

Technical Details

  • Port Number: 20049 (TCP/UDP)
  • Service Name: nfsrdma
  • Transport: RPC-over-RDMA
  • Specification: RFC 8267 (current), RFC 5667 (obsoleted), RFC 5532 (problem statement)
  • Assigned: 2008 by IANA5
  • Common Networks: InfiniBand, RoCE (RDMA over Converged Ethernet), iWARP

NFS over RDMA works transparently when InfiniBand or RDMA-capable Ethernet connectivity exists between client and server. On many implementations, if the hardware supports it, RDMA becomes the default transport - no special mount options required.

Related Ports

  • Port 2049 - Standard NFS (NFSv2, NFSv3, NFSv4) over TCP/UDP
  • Port 111 - RPC portmapper/rpcbind, used by NFS for service registration
  • Port 4045 - NFS lock daemon (lockd) on some systems

How to Check What's Using Port 20049

On Linux:

# Check if port 20049 is listening
sudo netstat -tlnp | grep 20049

# Or with ss (modern alternative)
sudo ss -tlnp | grep 20049

# Check if NFS RDMA kernel module is loaded
lsmod | grep xprtrdma

# View RDMA device information
ibstat

On Solaris/Oracle:

# Check NFS RDMA status
svcs network/nfs/rquota

# Show RDMA connections
rpcinfo -p | grep nfs

Frequently Asked Questions

הקודם

Port 20045: Unassigned — The Unclaimed Ports

הבא

Port 9991: Unassigned — The Empty Seats in the Registry

האם דף זה היה מועיל?

😔
🤨
😃