VMware Cloud Community
jasonboche
Immortal
Immortal
‎04-09-2007 02:02 PM
Jump to solution

Ports 902 and 905

I've been capturing Virtual Infrastructure Client <> VirtualCenter Server <> ESX Server <--> Virtual Infrastructure Client network traffic lately to monitor the use of port 905 and I'm not seeing that port 905 is being used any longer for VirtualCenter or VIC communication of any sort. Port 902 seems to be used throughout, with the general exception of license server and Tomcat traffic.

In the VirtualCenter 1.x days, both ports 902 and 905 were used. One port was used exclusively for VC Client communication to VC Server, and the other port was used for VC Server communication to ESX Server. Port 902 was also used soley for VMware Remote Console connectivity to the ESX server.

The reason why I was checking is because I've read some conflicting VI3 documentation on which ports are used, so I wanted to find out to be sure.

What do you know to be true?

Jas

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Reply
0 Kudos
1 Solution

Accepted Solutions
admin
Immortal
Immortal
‎04-09-2007 05:02 PM
Jump to solution

22. ssh access to service console.

80. HTTP access to web servers.

443. HTTPS SSL access to web servers for VI Web Access.

902. VI Client access to ESX Server or VirtualCenter, and communication between VirtualCenter and ESX Server hosts or between hosts.

903. VM Console access via VI Client or VI Web Access.

2049. Connection to NFS storage devices.

2050-5000, and 8042-8045. Traffic between ESX Server hosts for VMware HA (also utilizes EMC Automated Availability Manager).

3260. Connection to iSCSI storage devices.

8000. Incoming requests from VMotion.

8083. VirtualCenter diagnostics port.

8086. Apache Tomcat web server admin on VirtualCenter Server

27000. License transactions from ESX Server to the License Server.

27010. License transactions from the License Server.

View solution in original post

Reply
0 Kudos
10 Replies
admin
Immortal
Immortal
‎04-09-2007 04:53 PM
Jump to solution

It is all 902 by default now

I appologize port 903 for VM Console Access

Message was edited by:

BrianG

Reply
0 Kudos
Rob_Bohmann1
Expert
Expert
‎04-09-2007 04:56 PM
Jump to solution

So we don't need to open 903 for the remote console?

According to the server config guide (p.188)

903 Remote console traffic generated by user access to virtual

machines on a specific ESX Server host.

Use Port 903 for the following:

! VI Client access to virtual machine consoles.

! VI Web Access Client access to virtual machine consoles.

Incoming TCP

Message was edited by:

Rob.Bohmann

Reply
admin
Immortal
Immortal
‎04-09-2007 05:02 PM
Jump to solution

22. ssh access to service console.

80. HTTP access to web servers.

443. HTTPS SSL access to web servers for VI Web Access.

902. VI Client access to ESX Server or VirtualCenter, and communication between VirtualCenter and ESX Server hosts or between hosts.

903. VM Console access via VI Client or VI Web Access.

2049. Connection to NFS storage devices.

2050-5000, and 8042-8045. Traffic between ESX Server hosts for VMware HA (also utilizes EMC Automated Availability Manager).

3260. Connection to iSCSI storage devices.

8000. Incoming requests from VMotion.

8083. VirtualCenter diagnostics port.

8086. Apache Tomcat web server admin on VirtualCenter Server

27000. License transactions from ESX Server to the License Server.

27010. License transactions from the License Server.

Reply
0 Kudos
jasonboche
Immortal
Immortal
‎04-09-2007 05:37 PM
Jump to solution

Ok, the next step is to hunt down this documentation that is still spouting about port 905 and get it fixed.

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Reply
0 Kudos
jasonboche
Immortal
Immortal
‎04-14-2007 02:14 PM
Jump to solution

I came across this very helpful diagram. See attachment.

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Preview file
31 KB
Reply
0 Kudos
jasonboche
Immortal
Immortal
‎01-07-2008 09:09 PM
Jump to solution

I've updated the diagrams for VI3.5. Hopefully I got all the changes. I'm going to try and post as a document also.

Jason Boche

VMware Communities User Moderator

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Preview file
44 KB
Preview file
38 KB
Reply
0 Kudos
dmanconi
Enthusiast
Enthusiast
‎01-07-2008 11:51 PM
Jump to solution

Hi Jason

The diagrams are excellent, thanks for posting them. They will be useful to give to the network guys when they ask!!!

Cheers

David

Reply
0 Kudos
admin
Immortal
Immortal
‎01-08-2008 11:26 AM
Jump to solution

In VC 2.5, The Virtual Center server communicates with ESX servers over port 443, not 902 anymore. The VC agent still sends back heartbeats to udp port 902, though.

Reply
jasonboche
Immortal
Immortal
‎01-08-2008 12:15 PM
Jump to solution

Port update made to the VI 3.5 ports diagram. Thank you.

Jason Boche

VMware Communities User Moderator

Message was edited by: jasonboche

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Reply
0 Kudos
jasonboche
Immortal
Immortal
‎01-08-2008 06:08 PM
Jump to solution

Document created at:

http://communities.vmware.com/docs/DOC-2500

Let's move future discussion there so there aren't parallel threads.

Jason Boche

VMware Communities User Moderator

VCDX3 #34, VCDX4, VCDX5, VCAP4-DCA #14, VCAP4-DCD #35, VCAP5-DCD, VCPx4, vEXPERTx4, MCSEx3, MCSAx2, MCP, CCAx2, A+
Reply
0 Kudos