Hi,
Is only port I need to open in the thrid site is 12321 (UDP) ?
From VMware doc
Port Requirements Virtual SAN requires these ports to be open, both inbound and outbound:
• Virtual SAN Clustering Service – 12345, 23451 (UDP)
• Virtual SAN Transport – 2233 (TCP)
• Virtual SAN VASA Vendor Provider – 8080 (TCP)
• Virtual SAN Unicast Agent (to Witness) – 12321 (UDP)
Hello Sohill,
By 'Third Site' I am going to assume you mean the Witness Host/Appliance.
Short answer: No, you need all of these to be open.
Longer explanation:
The Witness appliance is a cluster member, needs to be managed by CMMDS and also stores data (witness components).
Thus it needs pretty much everything a standard vSAN node does + a few small extra configurations/specifications as Witness.
With regards to ports:
Virtual SAN Clustering Service
12345, 23451 (UDP)
Virtual SAN Cluster Monitoring and Membership Directory Service. Uses UDP-based IP multicast to establish cluster members and distribute Virtual SAN metadata to all cluster members. If disabled, Virtual SAN does not work.
Virtual SAN Transport
2233 (TCP)
Virtual SAN reliable datagram transport. Uses TCP and is used for Virtual SAN storage IO. If disabled, Virtual SAN does not work.
vsanvp
8080 (TCP)
VSAN VASA Vendor Provider. Used by the Storage Management Service (SMS) that is part of vCenter to access information about Virtual SAN storage profiles, capabilities, and compliance. If disabled, Virtual SAN Storage Profile Based Management (SPBM) does not work.
Virtual SAN Unicast Agent (to Witness)
12321 (UDP)
Self-explanatory as needed for Unicast from data node to Witness.
Bob
-o- If you found this comment useful or answer please select as 'Answer' and/or click the 'Helpful' button ,please ask follow-up questions if you have any -o-
Hello Sohill,
By 'Third Site' I am going to assume you mean the Witness Host/Appliance.
Short answer: No, you need all of these to be open.
Longer explanation:
The Witness appliance is a cluster member, needs to be managed by CMMDS and also stores data (witness components).
Thus it needs pretty much everything a standard vSAN node does + a few small extra configurations/specifications as Witness.
With regards to ports:
Virtual SAN Clustering Service
12345, 23451 (UDP)
Virtual SAN Cluster Monitoring and Membership Directory Service. Uses UDP-based IP multicast to establish cluster members and distribute Virtual SAN metadata to all cluster members. If disabled, Virtual SAN does not work.
Virtual SAN Transport
2233 (TCP)
Virtual SAN reliable datagram transport. Uses TCP and is used for Virtual SAN storage IO. If disabled, Virtual SAN does not work.
vsanvp
8080 (TCP)
VSAN VASA Vendor Provider. Used by the Storage Management Service (SMS) that is part of vCenter to access information about Virtual SAN storage profiles, capabilities, and compliance. If disabled, Virtual SAN Storage Profile Based Management (SPBM) does not work.
Virtual SAN Unicast Agent (to Witness)
12321 (UDP)
Self-explanatory as needed for Unicast from data node to Witness.
Bob
-o- If you found this comment useful or answer please select as 'Answer' and/or click the 'Helpful' button ,please ask follow-up questions if you have any -o-
Thank you Bob