Connections & Ports in ESX & ESXi - v6.graffle
1
111/TCP&UDP/NFS Client - RPC Portmapper 2049/TCP&UDP/NFS Server/NFS Client 123/UDP/NTP client 443/TCP/Host Management 902/TCP/Hosted VM connectivity 903/TCP/VM Remote VM Console 53/UDP/DNS 3260/TCP/Software iSCSI Client & Hardware iSCSI HBA ESX only 514/UDP/Remote Syslog logging 21/TCP/FTP 21/TCP/FTP 22/TCP/SSH 22/TCP/SSH 389/TCP/LDAP 445+137-139/TCP/SMB 443/TCP/Host VI Management via browser 427/TCP&UDP/CIM Service Location Protocol (SLP) 443/TCP/Server-to-server migration & provisioning traffic 902/TCP&UDP/Authentication, Provisioning, VM Migration 5988/TCP/CIM Client to CIM Secure Server 5989/TCP/CIM Client to CIM Secure Server 8000/TCP/VCOtion Communication of VMkernel Interface 8100+8200/TCP&UDP/VMware FT. ESX/ESXi 4 Hosts only 2050-2250/UDP/VMware HA 8042-8045/TCP/VMware HA ESXi 4 Only 161/UDP/SNMP Polling VMware vCenter Server 80+443/TCP/Meta data for updates 80+443/TCP/Host to Update Server. forwards to 9084 9084/TCP/ESX&ESXi hosts listen for updates. Configurable at install. 9000-9100/TCP/Use if 80+443 are not available. Automatically opened for host scanning and remediation 80/TCP/VUM-VC communication 443/TCP/The reverse proxy forwards the request to port 8084 8084/TCP/SOAP communication between VUM and vCenter Update Manager plug-in. Configurable at install. 9087/TCP/Port used for upload host update files. Configurable at install. Update Manager Patch DB 1521/TCP/Oracle -OR- 1433/TCP/MS SQL VC DB 1521/TCP/Oracle -OR- 1433/TCP/MS SQL Internal vCenter 4 Only 53/UDP/DNS 88+445/TCP & UDP/AD Authentication 161/UDP/SNMP Polling 162/UDP/SNMP Trap Send 389/TCP/LDAP 443/TCP/vCenter Agent 902/TCP/Heartbeat 903/TCP/VI-vSphere Client to VM Console 5989/TCP/CIM transaction communication Dudley Smith Tue Jun 01 2010 v6.1 Subscribe: http://communities.vmware.com/blogs/dudleysmith 443/TCP/Required for VCB and vcbMounter Communication & Backup 443/TCP/Required for VCB and vcbMounter Communication & Backup Converter 4 Only 137+138(UDP)+139(TCP)/For hot migration. Not required if the source does not use NetBIOS 445/TCP/Required for conversion. Not required if the source uses NetBIOS 22/TCP/Only for Linux-based Source Computer 443/TCP/System Conversion 443/TCP/Required if vCenter Server is the conversion target 443/TCP/Required if vCenter Server is the conversion target 902/TCP/Required for data transport during cloning of system to be converted to target ESX/ESXi Host 443/TCP/Required for destination VM access when target is ESX/ESXi/vCenter 9089/TCP/Required. Remote Agent Deployment 443/TCP/Required if Converter Client & Converter Server were installed on different systems vCenter Converter Client (ionly required if Converter Client and Converter Server were installed on different systems 443/TCP SRM DB 1521/TCP/Oracle -OR- 1433/TCP/MS SQL -OR- 5000/TCP/IBM DB2 REMOTE VMware vCenter Server (SRM) Site Recovery Manager 80/TCP/SRM Communication & Plugin download 80/TCP/SRM communication with remote vCenter Server(Port 80 is used for the initial connection to the remote site. After the initial HTTP connection is made, the two sites establish an SSL connection over port 80 for subsequent connections.) www.vmware.com xml.shavlik.com 88/TCP/PAM AD Authentication - Kerberos 445/TCP&UDP/PM AD Authentication 464/TCP/PAM AD Authentication - Kerberos Password Services Linked vCenter Server Linked vCenter Server Linked vCenter Server 903/TCP/VI-vSphere Client to VM Console 8080/TCP/Manaagement Web Services HTTP 8443/TCP/Management Web Services HTTPS 8005&8006&8086/TCP/ Internal Communications Port 8083 & 8085 & 8087/TCP/ Internal Service Diagnostics 443/TCP/vCenter API (Orch.) 8281/TCP/vCenter AP (Orch.) Internal 27000/TCP/for VI3.x hosts 27010/TCP/for VI 3.x hosts 27000/TCP/for VI3.x hosts 27010/TCP/for VI 3.x hosts 3.x Only VCO DB 1521/TCP/Oracle 1433/TCP/MS SQL 3306/TCP/MySQL 5432/TCP/PostgresSQL 8230/TCP/Lookup 8240/TCP/Command 8250/TCP/Messaging 8282/TCP/HTTP 8283/TCP/HTTPS Orchestrator VCO Client 161/UDP/SNMP Polling 162/UDP/SNMP Trap Send FTP Client SSH Client FTP Server SSH Server SMB Server iSCSI SAN NFS Server Syslog Server NTP Server SNMP Server Helper 22/TCP 443/TCP/Required for Linux sources Active Directory Server VCB Proxy DNS Server FlexLM License Server SNMP Server SMTP Server 902/TCP/Pushes updates to the host (both ESX & ESXi) 80/TCP/Redirect browser to HTTPS (443) 25/TCP/Email notifications 389/TCP/LDAP (Optional) 636/TCP/LDAPS (Optional) 8280/TCP/HTTP Internal LDAP Server 443/TCP/VI/vSphere client access 80+443/TCP/Redirect browser to HTTPS service (443) Connections & Ports in ESX & ESXi Including vCenter Server, Site Recovery Manager, VMware Consolidated Backup, VMware Data Recovery, VMware Update Manager, VMware Orchestrator and VMware Converter ESX & ESXi ESX & ESXi VM VM Third-party System Images VMware Virtual Machines Physical Machine Third-party Virtual Machines .sv2i Source vCenter Converter 80+443/TCP/Meta data for updates Source: VMware Network Ports Compendium -v6 External API Client 9007/TCP/SOAP Data Recovery Appliance 443/TCP/vDR & vCenter communication 22024/TCP/Data Recovery Management Guided Consolidation Targets 135&137&138&139&445/TCP&UDP/ 25/TCP/Email notifications 389/TCP/Bi-direction LDAP authentication with Kerberos encryption between vCenter Servers Bi-directional RPC communications on dynamic TCP ports required between all vCenters in Linked Mode (via ADAM) RPC RPC 902/UDP/Heartbeat This document was created using the official VMware icon and diagram library. Copyright © 2009 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware does not endorse or make any representations about third party information included in this document, nor does the inclusion of any VMware icon or diagram in this document imply such an endorsement.
Transcript of Connections & Ports in ESX & ESXi - v6.graffle
111/TCP&UDP/NFS Client - RPC Portmapper
2049/TCP&UDP/NFS Server/NFS Client
123/UDP/NTP client
443/T
CP/Host M
anag
emen
t
902/T
CP/Hosted
VM conn
ectivi
ty
903/T
CP/VM Remote
VM Conso
le
53/UDP/DNS
3260/TCP/Software iSCSI Client & Hardware iSCSI HBA
ESX only514/UDP/Remote Syslog logging
21/TCP/FTP
21/TCP/FTP
22/TCP/SSH
22/T
CP/S
SH
389/TCP/LDAP
445+
137-
139/T
CP/S
MB
443/T
CP/Hos
t VI M
anag
emen
t via
browse
r
427/TCP&UDP/CIM Service Location Protocol (SLP)443/TCP/Server-to-server migration & provisioning traffic
902/TCP&UDP/Authentication, Provisioning, VM Migration5988/TCP/CIM Client to CIM Secure Server5989/TCP/CIM Client to CIM Secure Server
8000/TCP/VCOtion Communication of VMkernel Interface8100+8200/TCP&UDP/VMware FT. ESX/ESXi 4 Hosts only
2050-2250/UDP/VMware HA8042-8045/TCP/VMware HA
ESXi 4 Only
161/UDP/SNMP Polling
VMware vCenter Server
80+443/TCP/Meta data for updates
80+443/TCP/Host to Update Server. forwards to 9084
9084/TCP/ESX&ESXi hosts listen for updates. Configurable at install.
9000-9100/TCP/Use if 80+443 are not available. Automatically opened for host
scanning and remediation
80/TCP/VUM-VC communication443/TCP/The reverse proxy forwards the
request to port 80848084/TCP/SOAP communication between
VUM and vCenter Update Manager plug-in. Configurable at install.
9087/TCP/Port used for upload host update files. Configurable at install.
Update Manager
Patch DB
1521/TCP/Oracle-OR-
1433/TCP/MS SQL
VC DB
1521/TCP/Oracle-OR-
1433/TCP/MS SQL
Internal
vCenter 4 Only
53/UDP/DNS
88+445/TCP & UDP/AD Authentication
161/UDP/SNMP Polling162/UDP/SNMP Trap Send
389/TCP/LDAP
443/TCP/vCenter Agent902/TCP/Heartbeat
903/TCP/VI-vSphere Client to VM Console5989/TCP/CIM transaction communication
Dudley SmithTue Jun 01 2010
v6.1Subscribe: http://communities.vmware.com/blogs/dudleysmith
443/TCP/Required for VCB and vcbMounter
Communication & Backup
443/TCP/Required for VCB and vcbMounter
Communication & Backup
Converter 4 Only
137+138(UDP)+139(TCP)/For hot migration.Not required if the source does not use NetBIOS
445/TCP/Required for conversion.Not required if the source uses NetBIOS
22/TCP/Only for Linux-based Source Computer
443/TCP/System Conversion
443/
TCP/
Requ
ired
if vCe
nter
Ser
ver
is th
e co
nver
sion
targ
et
443/TCP/Required if vCenter Server
is the conversion target
902/TCP/Required for data transport during cloning of system to be converted to target ESX/ESXi Host443/TCP/Required for destination VM access when
target is ESX/ESXi/vCenter
9089/TCP/Required.Remote Agent Deployment
443/TCP/Required if Converter Client & Converter Server were installed on different systems
vCenter Converter Client (ionly required if Converter
Client and Converter Server were installed on different
systems
443/TCP
SRM DB
1521/TCP/Oracle-OR-
1433/TCP/MS SQL-OR-
5000/TCP/IBM DB2
REMOTEVMware vCenter
Server(SRM)
Site Recovery Manager
80/TCP/SRM C
ommun
icatio
n & Plug
in do
wnload
80/TCP/SRM communication with remote vCenter Server(Port 80 is used for the initial connection to
the remote site. After the initial HTTP connection is made, the two sites establish an SSL connection
over port 80 for subsequent connections.)
www.vmware.com
xml.shavlik.com
88/TCP/PAM AD Authentication - K
erberos
445/TCP&UDP/PM AD Authentication
464/TCP/PAM AD Authentication - K
erberos Passw
ord Services
LinkedvCenterServer
LinkedvCenterServer
LinkedvCenterServer
903/TCP/VI-vSphere Client to VM Console
8080/TCP/Manaagement Web Services HTTP
8443/TCP/Management Web Services HTTPS
8005&8006&8086/TCP/Internal Communications Port
8083 & 8085 & 8087/TCP/Internal Service Diagnostics443/TCP/vCenter API (Orch.)8281/TCP/vCenter AP (Orch.)
Internal
27000/TCP/for VI3.x hosts
27010/TCP/for VI 3.x hosts27000/TCP/for VI3.x hosts
27010/TCP/for VI 3.x hosts
3.x Only
VCO DB
1521/TCP/Oracle1433/TCP/MS SQL3306/TCP/MySQL
5432/TCP/PostgresSQL
8230/TCP/Lookup8240/TCP/Command8250/TCP/Messaging
8282/TCP/HTTP8283/TCP/HTTPS
Orchestrator
VCOClient
161/UDP/SNMP Polling 162/UDP/SNMP Trap Send
FTPClient
SSHClient
FTPServer
SSHServer
SMBServer
iSCSISAN
NFSServer
SyslogServer
NTP
Server
SNMPServer
Helper
22/TCP443/TCP/Required for Linux sources
Active Directory Server
VCB Proxy
DNS Server
FlexLMLicense Server
SNMP Server
SMTP Server
902/TCP/Pushes updates to the host (both ESX & ESXi)
80/TC
P/Red
irect
browse
r to H
TTPS
(443
)
25/TCP/Email notifications
389/TCP/LDAP (Optional)636/TCP/LDAPS (Optional)
8280/TCP/HTTP
Inter
nal
LDAP Server
443/TCP/VI/vSphere client access
80+443/TCP/Redirect browser to HTTPS service (443)
Connections & Ports in ESX & ESXiIncluding vCenter Server, Site Recovery Manager, VMware Consolidated Backup, VMware Data Recovery, VMware Update Manager, VMware Orchestrator and VMware Converter
ESX & ESXi ESX & ESXi
VM
VM
Third-partySystem Images
VMware VirtualMachines
PhysicalMachine
Third-partyVirtual
Machines
.sv2i
Source
vCenterConverter
80+443/TCP/Meta data for updates
Source: VMware Network Ports Compendium -v6
ExternalAPI Client
9007/TCP/SOAP
Data Recovery Appliance
443/TCP/vDR & vCenter communication
22024/TCP/Data Recovery
Management
GuidedConsolidation
Targets
135&
137&
138&
139&
445/T
CP&UDP/
25/TCP/Email notifications
389/TCP/Bi-direction LDAP authentication with
Kerberos encryption between vCenter Servers
Bi-directional RPC communications on dynamic TCP ports required between
all vCenters in Linked Mode (via ADAM)
RPC RPC
902/UDP/Heartbeat
This document was created using the official VMware icon and diagram library. Copyright © 2009 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware does not endorse or make any representations about third party information included in this document, nor does the inclusion of any VMware icon or diagram in this document imply such an endorsement.
