cancel
Showing results for 
Search instead for 
Did you mean: 

VVR in a firewall environment

Hi Everyone,

I have a scenario where a customer has multiple clusters configured between two sites. There is a firewall between both sites. My query is regarding ports required for VVR in such a setup. The SF VVR guide for Windows on page 84 states the following default ports to be open for VVR:

■ Port 4145 (TCP/UDP) is the VVR connection server port
■ Port 8199 (TCP) is the configuration server port
■ Port 8989 (TCP) is the default port used by vxrserver
■ Port 2148 (TCP/UDP) is the VEA server port

Where as on page 324 of the same guide, there is a command to specify (vrport data) to specify the raneg of ports used for replicating data. Are the default ports enough for replication to work or this data port range needs to be specified as well?

Additionally, is VVR supported over ISA?

 

WBR,

SW

1 Solution

Accepted Solutions
Accepted Solution!

Yes, this shouldn't be a

Yes, this shouldn't be a problem.  I have specfied the same range of ports for a UNIX cluster that had 3 RVGs.

Mike

View solution in original post

3 Replies

Looking at Windows VVR doc it

Looking at Windows VVR doc it seems very poor - it is better in UNIX - I'll explain futher:

The ports you have listed above are not for replication data, they are for other uses (heartbeat, vradmin communication, vxrsyncd communication and VEA GUI) - these are the exactly the same port numbers as UNIX, but the UNIX guide also tells you the default for VVR data which is UDP/TCP anonymous ports.  I believe UDP/TCP anonymous ports are an O/S construct so VVR uses the "anonymous ports" as defined by the O/S.  I don't know if VVR on Windows also uses "anonymous ports", but runnning "vrport data" might tell you - I say might as I have a feeling on UNIX that output is just blank.  So on UNIX, if you have a firewall, then you have to use specfic ports using "vrport data" to specify the ports, so you will need to do this, unless the default for Windows (if vrdata port shows this) is a small range of ports that you can add to firewall "allowed ports"

If you run vrport by itself it should show you ALL ports - ones listed above and data, all of which you can change using vrport.  VEA port is not a VVR port, it is for VEA GUI, but you can use CLI to control VVR.

Mike

Thank you for the response

Thank you for the response Mike.

vrport data shows '0-0' output. Looks like I will have to specify the ports here (its certainly not clear in the guide).

Additionally, lets say I specify a range of 5 ports. Can I use the same range for all clusters replicating across the same link?

 

WBR,

SW

Accepted Solution!

Yes, this shouldn't be a

Yes, this shouldn't be a problem.  I have specfied the same range of ports for a UNIX cluster that had 3 RVGs.

Mike

View solution in original post