6.5
Table Of Contents
- vSphere Replication for Disaster Recovery to Cloud
- Contents
- About Disaster Recovery to Cloud
- Updated Information
- Disaster Recovery to Cloud System Requirements and Compatibility
- Installing and Configuring vSphere Replication to Cloud
- Replicating Virtual Machines to Cloud
- Reconfiguring Replications to the Cloud
- Recovering Virtual Machines to Cloud
- Configuring Replications from Cloud
- Monitoring and Managing Replication Tasks
- Troubleshooting vSphere Replication for Disaster Recovery to Cloud
How vSphere Replication Connects to Cloud
When you create a connection to the cloud, the vCloud Tunneling Agent in the vSphere Replication
appliance creates a tunnel to secure the transfer of replication data to your cloud Organization.
When a tunnel is created, the vCloud Tunneling Agent opens a port on the vSphere Replication
appliance. ESXi hosts connect to that port to send replication data to a cloud organization. The port is
picked randomly from a configurable range. The default port range is 10000-10010 TCP.
By default, ports 10000-10010 are not open on ESXi hosts. When you power on the vSphere Replication
appliance, a vSphere Installation Bundle (VIB) is installed on all supported ESXi hosts in the
vCenter Server inventory where the appliance is deployed. The VIB creates a firewall rule, Replication-to-
Cloud Traffic, that opens TCP ports 10000 to 10010 for outgoing traffic. The rule is enabled automatically
and takes effect immediately when you power on the vSphere Replication appliance, or when a host is
registered or connected in the vCenter Server. If an administrator removes the VIB from a host, for
example by using the esxcli utility, the vSphere Replication appliance reinstalls the VIB the next time
you restart the appliance or when a host is restarted or reconnected to the inventory. If you do not want
ports 10000 to 10010 to be open on an ESXi host, and if you do not plan to use this host as a replication
source, you can disable the Replication-to-Cloud Traffic rule. See Allow or Deny Access to an ESXi
Service or Management Agent with the vSphere Web Client.
To reduce the number of open ports or to change the ports that are used for communication between
ESXi hosts and the vCloud Tunneling Agent, you can create a custom firewall rule and reconfigure the
agent.
Change the Cloud Tunnel Ports on ESXi Hosts
When you power on the vSphere Replication appliance, it automatically configures all ESXi hosts in your
environment to open TCP ports 10000-10010 for outgoing data transfers.
The vCloud Tunneling Agent in the vSphere Replication appliance uses ports 10000-10010 to receive
data from ESXi instances that host replication sources.
If you do not want to have unused open ports on your ESXi hosts, if the number of open ports is
insufficient, or if you want to change which ports are open, you can reconfigure your firewall settings.
To change the default ports that are used to transfer replication data from ESXi hosts to the vCloud
Tunneling Agent, you must configure each ESXi instance that hosts a replication source virtual machine,
and the vCloud Tunneling Agent.
Procedure
1 Disable the default Replication-to-cloud Traffic rule that is created by the vSphere Replication
appliance.
For detailed procedure, see Allow or Deny Access to an ESXi Service or Management Agent with the
vSphere Web Client.
vSphere Replication for Disaster Recovery to Cloud
VMware, Inc. 10