2.3 Network Communication Prerequisites

Machines that you plan to designate as migration sources or targets, such as production workloads and virtual machine servers, must have certain prerequisite software components installed and specific ports for transport layer protocols open. The following sections summarize these requirements.

2.3.1 Network Communication Prerequisites for Discovery

The following are software, network, and firewall requirements that systems in your environment must meet for the discovery and inventory process. For information about the actual discovery procedures, see Discovering Source Workloads and Migration Targets in your User Guide.

Table 2-2 Network Communication Prerequisites for Discovery Operations

System

Prerequisites

Portability Suite Server

Open port 80 (HTTP). Required to maintain communication among Portability Suite Server, sources, and targets.

Microsoft* Windows* Server 2008 and Windows Vista* sources

  1. Built-in Administrator or domain admin account credentials (mere membership in the local Administrators group is insufficient). On Vista, the account must be enabled (it is disabled by default).

  2. The Remote Registry service enabled (disabled on Vista by default).

  3. Firewall configured with these Inbound Rules enabled and set to Allow:

    • File and Printer Sharing (Echo Request - ICMPv4In)

    • File and Printer Sharing (Echo Request - ICMPv6In)

    • File and Printer Sharing (NB-Datagram-In)

    • File and Printer Sharing (NB-Name-In)

    • File and Printer Sharing (NB-Session-In)

    • File and Printer Sharing (SMB-In)

    • File and Printer Sharing (Spooler Service - RPC)

    • File and Printer Sharing (Spooler Service - RPC-EPMAP)

    NOTE:The firewall settings above are configured using the Windows Firewall with Advanced Security utility (wf.msc). You can achieve the same result by using the basic Windows Firewall utility (firewall.cpl): select the File and Printer Sharing item in the list of exceptions.

All supported Windows sources prior to Windows Server 2008 and Windows Vista

  • Windows Management Instrumentation (WMI) installed

  • Open ports 135/445 (TCP) for DCOM/RPC

Windows NT* Server does not include WMI as part of the default installation. Obtain the WMI Core from the Microsoft Web site. If WMI is not installed, discovery of the workload fails.

WMI (RPC/DCOM) can use TCP ports 135 and 445 as well as random or dynamically assigned ports above 1024. If problems occur during the discovery process, consider temporarily placing the workload in a DMZ or temporarily opening the firewalled ports for the discovery process only.

For additional information, such as guidance in limiting the port range for DCOM and RPC, see the following Microsoft technical articles.

All Linux* sources

VMware* ESX Server 2.5

VMware ESX Server 3.0.x

Citrix* Xen* Server

Secure Shell (SSH) server

Open port 22 (TCP)

For ESX 2.5 and 3.0, use an account other than root unless the SSH server is configured for root access. For information on how to use a non-root account, see Knowledge Base Article Q20711.

Custom SSH ports are supported. Specify the port number during discovery.

VMware Server

VMcom API (optional VMware Server installation component).

Also install on the Portability Suite Server host. See Knowledge Base Article Q20297.

VMware ESX Server 3.5, ESX 4; ESXi; vCenter Server

Open port 443 (HTTPS)

All Solaris source workloads and targets

The user must be assigned a primary administrator profile through Solaris RBAC (role-based access control). See Knowledge Base Article 20711.

2.3.2 Network Communication Prerequisites for Workload Migration and Protection

The following are firewall requirements that systems in your environment must meet for problem-free operation during workload migration and protection jobs.

Table 2-3 Network Communication Prerequisites for Workload Portability and Protection Operations

System

Open Port

Remarks

Portability Suite Server host

80 (TCP)

Required for HTTP communication among the Portability Suite Server, sources, and targets.

Portability Suite Server host

443 (TCP)

Required for HTTPS communication (if SSL is used) between the Portability Suite Server and the source or target machines. This is also the default port for the VMware Infrastructure 3 Web service.

All source workloads

3725 (TCP)

Required for targets to initiate communication during file-level data transfer, except for I2X jobs, during which this port needs to be open on the migration target only. For Server Sync jobs required for both sources and targets.

Windows workloads and targets

137 - 139 (NetBIOS)

Required for NetBIOS communications.

All targets

9999 (TCP)

Required during block-level data transfer for communication between source and target.

All targets

10000-10026 (TCP)

Required for block-level data transfer, with a distinct port for each target volume.

Portability Suite Server host; all sources

SMB

(TCP 139, 445 and UDP 137, 138)

Required for Take Control communication and file-level data transfer.

All Linux sources

VMware ESX Server 2.5

VMware ESX Server 3.0.x

Citrix Xen Server

22 (TCP)

Required for Take Control communication.

Portability Suite Server host;

All Windows sources

135/445 (TCP)

For DCOM/RPC communication between Portability Suite Server and a source for taking control of and rebooting the workload through WMI.

NOTE:WMI (RPC/DCOM) can use TCP ports 135 and 445 as well as random/dynamically assigned ports above 1024.