Network ports used by the Backup & Disaster Recovery appliance
Backup & Disaster Recovery (BDR) appliance is designed to function behind a firewall. To ensure its proper operation, you must open the network ports as per sections that follow.
Between the appliance and the internet
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 122 | TCP | Appliance to support-svc.infrascale.comAppliance to support.myinfrascale.netAppliance to support2.myinfrascale.net | Technical support tunnel. Allows the Support team to access the appliance remotely for troubleshooting. |
| 443 | TCP | Appliance to services-svc.infrascale.comAppliance to services.myinfrascale.netAppliance to secure.sosonlinebackup.com | Registration. Required to register appliance in the Dashboard during the initial configuration. |
| Â | Â | Appliance to license-svc.infrascale.comAppliance to billing-svc.infrascale.comAppliance to licapi-svc.infrascale.comAppliance to license.myeversync.comAppliance to billing.myeversync.comAppliance to licapi.evscloud.com | Licensing. Allows for validating the license of the appliance on a daily basis. |
| Â | Â | Appliance to update-svc.infrascale.comAppliance to dl-svc.infrascale.comAppliance to update.evscloud.comAppliance to uip.evscloud.comAppliance to s3.amazonaws.com/infrascale-clients/ | Software updates. Allows the appliance to download firmware updates (never installed automatically). |
| Â | Â | Appliance to sr.inf-us-ut-1.myinfrascale.netAppliance to uip.inf-us-ut-1.myinfrascale.netAppliance to sr.inf-ca-tor-1.myinfrascale.netAppliance to uip.inf-ca-tor-1.myinfrascale.netAppliance to sr.inf-uk-nhm-1.myinfrascale.netAppliance to uip.inf-uk-nhm-1.myinfrascale.net | Remote access from the Dashboard. Allows for accessing the appliance directly from the Dashboard. If needed, you can turn this on or off later in the Management Console of the appliance. |
| Â | Â | Appliance to | Sending monitoring events to the Dashboard. Allows for centralized monitoring of backups and health of the appliance in the Dashboard. |
| Â | Â | Appliance to Appliance to Appliance to Appliance to Appliance to | Replication. Allows for sending the encrypted backup data to Hybrid Cloud (Google). |
443, 2300 | TCP | Appliance to r.inf-us-ut-1.myinfrascale.netAppliance to r.inf-uk-nhm-1.myinfrascale.netAppliance to r.inf-ca-tor-1.myinfrascale.net | Replication. Allows for sending the encrypted backup data to the cloud 1. |
Â
Between the appliance and a protected machine
In Windows, these ports are opened automatically during installation of the DR backup agent.
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 49152–65535 | TCP | Client machine to appliance | DR image backup (NBD transport) |
| 9101, 9102, 9103, 9104, 9105 | TCP | Appliance to client machine | Basic appliance communication |
| 9102 | UDP | Client machine to appliance | Appliance auto-discovery |
| 139, 445 | TCP | Client machine to appliance | DR image backup (Samba ports) |
| 135, 137, 138 | UDP | Client machine to appliance | DR image backup (Samba ports) |
| 80 | TCP | Client machine to appliance | Diagnostic information |
In a Unix-like operating system, you also have to open the following ports:
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 22 | TCP | Appliance to client machine | SSH-based management |
| 873 | TCP | Appliance to client machine | rsync daemon port |
Between the appliance and VMware vCenter Server or an ESXi host
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 443, 902 | TCP | Appliance to VMware vCenter Server or an ESXi host | VMware VM backup |
Between the appliance and an administrative machine
An administrative machine is a machine used to access the appliance via the Management Console or by other means.
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 80, 443 | TCP | Administrative machine to appliance | Access to the Management Console of the appliance |
| 22 | TCP | Administrative machine to appliance | SSH-based management of the appliance (optional) |
This traffic may not be monitored using the network traffic inspection tools due to high volume. You may choose not to open these ports in the standalone setups or in the environments with peer-to-peer replication to another appliance at the same data center. ↩