Port Requirements for DR for Dell
| Port | Protocol | Source --> Destination | Description |
|---|---|---|---|
| DNS 53 UDP | DNS | Appliance --> DNS server OR Appliance --> GroupNet (DNS configured on all clusters) | Functional DNS is a requirement for multiple validations needed for failover and Failover Readiness |
| TLS 443 | TCP TLS 1.2 | Appliance --> Internet | DR Remote Monitoring or Phone Home remote log upload for support and health checks |
| NTP 123 | UDP | Appliance --> NTP server in your environment | Time sync should use same NTP as the clusters. Always disable VMware host VM time sync option. |
| SMTP 25 | TCP | Appliance --> Mail server in your environment | Email of alarms from Eyeglass to your mail server |
| HTTP 80 | TCP | Appliance --> Open Suse Mirror Repositories | URL to allow security updates: Open Suse Download Security patches come directly from Open Suse and requires the appliance to have access to download the patches and apply on a weekly schedule. |
| HTTPS 8080 | TCP TLS 1.2 | Appliance --> Isilon/Powerscale OneFS cluster | REST API is authenticated using the service account created here. Authentication uses Isilon session authentication method. |
| SSH 22 | AES | Appliance --> Isilon/Powerscale OneFS cluster | SSH access for some CLI commands |
| HTTPS 443 | TCP TLS 1.2 AES - Unsigned certificate | Admin PC browser --> Appliance | Secures client to browser access |
| Target Port 80 --> Destination random TCP source port on the browser | Only used to redirect to 443, can be blocked if needed | Admin PC browser --> Appliance | If connection on IP address port 80 is made, an HTTP 301, 302 redirect is returned on port 80 to switch the browser to https and url https:/x.x.x.x/eyeglass. No services run on port 80 and this is only used to redirect to port 443 HTTPS. |
| HTTPS 2011 Websocket | TCP TLS 1.2 AES | Admin PC browser --> Appliance | Websocket for real-time appliance to browser updates (redirected to 2012) |
| TLS 2012 Websocket | TCP TLS 1.2 AES | Admin PC browser --> Appliance | Websocket for real-time appliance to browser updates (redirected to 2012) |
| SSH 22 | TCP AES | Admin PC browser --> Appliance | Secure shell access |
| Proxy login SMB 2 (only) 445 | TCP | Appliance --> Isilon/Powerscale OneFS | Used to authenticate to AD through Isilon/Powerscale OneFS using standard Microsoft SMB authentication request for Role based login proxy interface |
| Dual DNS Delegation | UDP | Appliance Port 53 UDP DNS --> Groupnet(x) DNS servers | New in 2.5.6 or later, requires Eyeglass to be able to access the Groupnet DNS servers to validate Dual DNS delegation is configured correctly. The OS DNS is not used since the DNS that must be configured correctly is used by Isilon/Powerscale OneFS itself. |
| Internet Control Message Protocol | ICMP | Appliance --> Isilon/Powerscale OneFS | If for any reason ICMP is disabled, or PMTUD is not supported, this causes OneFS to default the MTU to 536 bytes, which typically leads to performance degradation. |