VMware Cloud Community
vSohill
Expert
Expert
‎03-23-2017 09:15 AM
Jump to solution

VSAN Stretched Cluster Open ports

Hi,

Is only port  I need to open in the thrid site is  12321 (UDP) ?

From VMware doc

  Port Requirements Virtual SAN requires these ports to be open, both inbound and outbound:

• Virtual SAN Clustering Service – 12345, 23451 (UDP)

• Virtual SAN Transport – 2233 (TCP)

• Virtual SAN VASA Vendor Provider – 8080 (TCP)

• Virtual SAN Unicast Agent (to Witness) – 12321 (UDP)

0 Kudos
1 Solution

Accepted Solutions
TheBobkin
Champion
Champion
‎03-23-2017 11:24 AM
Jump to solution

Hello Sohill,

By 'Third Site' I am going to assume you mean the Witness Host/Appliance.

Short answer: No, you need all of these to be open.

Longer explanation:

The Witness appliance is a cluster member, needs to be managed by CMMDS and also stores data (witness components).

Thus it needs pretty much everything a standard vSAN node does + a few small extra configurations/specifications as Witness.

With regards to ports:

Virtual SAN Clustering Service

12345, 23451 (UDP)

Virtual SAN Cluster Monitoring and Membership Directory Service. Uses UDP-based IP multicast to establish cluster members and distribute Virtual SAN metadata to all cluster members. If disabled, Virtual SAN does not work.

Virtual SAN Transport

2233 (TCP)

Virtual SAN reliable datagram transport. Uses TCP and is used for Virtual SAN storage IO. If disabled, Virtual SAN does not work.

vsanvp

8080 (TCP)

VSAN VASA Vendor Provider. Used by the Storage Management Service (SMS) that is part of vCenter to access information about Virtual SAN storage profiles, capabilities, and compliance. If disabled, Virtual SAN Storage Profile Based Management (SPBM) does not work.

Virtual SAN Unicast Agent (to Witness)

12321 (UDP)

Self-explanatory as needed for Unicast from data node to Witness.

http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-171B99EA-...

Bob

-o- If you found this comment useful or answer please select as 'Answer' and/or click the 'Helpful' button ,please ask follow-up questions if you have any -o-

View solution in original post

0 Kudos
2 Replies
TheBobkin
Champion
Champion
‎03-23-2017 11:24 AM
Jump to solution

Hello Sohill,

By 'Third Site' I am going to assume you mean the Witness Host/Appliance.

Short answer: No, you need all of these to be open.

Longer explanation:

The Witness appliance is a cluster member, needs to be managed by CMMDS and also stores data (witness components).

Thus it needs pretty much everything a standard vSAN node does + a few small extra configurations/specifications as Witness.

With regards to ports:

Virtual SAN Clustering Service

12345, 23451 (UDP)

Virtual SAN Cluster Monitoring and Membership Directory Service. Uses UDP-based IP multicast to establish cluster members and distribute Virtual SAN metadata to all cluster members. If disabled, Virtual SAN does not work.

Virtual SAN Transport

2233 (TCP)

Virtual SAN reliable datagram transport. Uses TCP and is used for Virtual SAN storage IO. If disabled, Virtual SAN does not work.

vsanvp

8080 (TCP)

VSAN VASA Vendor Provider. Used by the Storage Management Service (SMS) that is part of vCenter to access information about Virtual SAN storage profiles, capabilities, and compliance. If disabled, Virtual SAN Storage Profile Based Management (SPBM) does not work.

Virtual SAN Unicast Agent (to Witness)

12321 (UDP)

Self-explanatory as needed for Unicast from data node to Witness.

http://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.install.doc%2FGUID-171B99EA-...

Bob

-o- If you found this comment useful or answer please select as 'Answer' and/or click the 'Helpful' button ,please ask follow-up questions if you have any -o-

0 Kudos
vSohill
Expert
Expert
‎03-24-2017 03:15 AM
Jump to solution

Thank you Bob

0 Kudos