Dell PowerStore 1000T EMC PowerStore Security Configuration Guide - Page 31

Table 4. Network ports related to PowerStore X model appliances continued

Get Dell PowerStore 1000T PDF manuals and user guides View all Dell PowerStore 1000T manuals
Add to My Manuals
Save this manual to your list of manuals

Page 31 highlights

Table 4. Network ports related to PowerStore X model appliances (continued) Port Service Protocol Access Direction Description 5989 CIM Secure Server TCP Inbound Server for CIM. 6999 NSX Virtual UDP Distributed Logical Router, rabbitmqproxy • Bi-directional for • For NSX Virtual Distributed Router NSX Virtual service, the firewall port associated with Distributed this service is opened when NSX VIBs are Router service installed and the VDR module is created. • Outbound for If no VDR instances are associated with rabbitmqproxy the host, the port does not have to be open. • For rabbitmqproxy, a proxy running on the ESXi host. This proxy allows applications that are running inside virtual machines to communicate with the AMQP brokers that are running in the vCenter network domain. The virtual machine does not have to be on the network, that is, no NIC is required. Ensure that outgoing connection IP addresses include at least the brokers in use or future. You can add brokers later to scale up. 8000 vMotion TCP 8100, 8200, 8300 Fault Tolerance 8301, 8302 DVSSync TCP/UDP UDP 9080 31031 44046 I/O filter TCP vSphere Replication, TCP VMware Site Recovery Manager vSphere Replication, TCP VMware Site Recovery Manager Bi-directional Bi-directional Bi-directional Outbound Outbound Outbound Required for virtual machine migration with vMotion. ESXi hosts listen on port 8000 for TCP connections from remote ESXi hosts for vMotion traffic. Used for traffic between hosts for vSphere Fault Tolerance (FT). DVSSync ports are used for synchronizing states of distributed virtual ports between hosts that have VMware FT record/replay enabled. Only hosts that run primary or backup virtual machines must have these ports open. On hosts that are not using VMware FT, these ports do not have to be open. Used by the I/O Filters storage feature. Used for ongoing replication traffic by vSphere Replication and VMware Site Recovery Manager. Used for ongoing replication traffic by vSphere Replication and VMware Site Recovery Manager. Communication security settings 31

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
Table 4. Network ports related to PowerStore X model appliances (continued)
Port
Service
Protocol
Access Direction
Description
5989
CIM Secure Server
TCP
Inbound
Server for CIM.
6999
NSX Virtual
Distributed Logical
Router,
rabbitmqproxy
UDP
Bi-directional for
NSX Virtual
Distributed
Router service
Outbound for
rabbitmqproxy
For NSX Virtual Distributed Router
service, the firewall port associated with
this service is opened when NSX VIBs are
installed and the VDR module is created.
If no VDR instances are associated with
the host, the port does not have to be
open.
For rabbitmqproxy, a proxy running on
the ESXi host. This proxy allows
applications that are running inside virtual
machines to communicate with the
AMQP brokers that are running in the
vCenter network domain. The virtual
machine does not have to be on the
network, that is, no NIC is required.
Ensure that outgoing connection IP
addresses include at least the brokers in
use or future. You can add brokers later
to scale up.
8000
vMotion
TCP
Bi-directional
Required for virtual machine migration with
vMotion. ESXi hosts listen on port 8000 for
TCP connections from remote ESXi hosts for
vMotion traffic.
8100, 8200, 8300
Fault Tolerance
TCP/UDP
Bi-directional
Used for traffic between hosts for vSphere
Fault Tolerance (FT).
8301, 8302
DVSSync
UDP
Bi-directional
DVSSync ports are used for synchronizing
states of distributed virtual ports between
hosts that have VMware FT record/replay
enabled. Only hosts that run primary or
backup virtual machines must have these
ports open. On hosts that are not using
VMware FT, these ports do not have to be
open.
9080
I/O filter
TCP
Outbound
Used by the I/O Filters storage feature.
31031
vSphere Replication,
VMware Site
Recovery Manager
TCP
Outbound
Used for ongoing replication traffic by
vSphere Replication and VMware Site
Recovery Manager.
44046
vSphere Replication,
VMware Site
Recovery Manager
TCP
Outbound
Used for ongoing replication traffic by
vSphere Replication and VMware Site
Recovery Manager.
Communication security settings
31