UDP ports

[Todd S]

We are seeing UDP traffic over ports in the 44,400 range between Zerto VRAs.   Is anyone else seeing the same?

I can find no mention of this in the documentation.

Tagged:  vmware vsphere udp firewall

[Shannon S]

I know we covered this in a case, but I wanted to post the port requirements listing.

http://s3.amazonaws.com/zertodownload_docs/Latest/Zerto%20Virtual%20Replication%20Zerto%20Virtual%20Manager%20%28ZVM%29%20-%20vSphere%20Online%20Help/index.html#page/ZertoVirtualManagerInstallationandConfiguration%2FInstall_VC.1.4.html

Senior Technical Architect at Zerto

Tagged:  vmware vsphere udp firewall

[Kenny L]

Anyone else see the UDP packets on ports like 44446, 44447, 44448?

I see them coming from the ZRAs between sites.

Tagged:  vmware vsphere udp firewall

[Shannon S]

The UDP activity is from the dhclient on the VRA. We have a feature request to change the behavior in future versions.  However, as long as you have the required ports open per our documentation, everything will function correctly.

Senior Technical Architect at Zerto

Tagged:  vmware vsphere udp firewall

[Greg B]

Is there a way to turn this off on the VRAs?

Tagged:  vmware vsphere udp firewall

[David V]

Had a case open for this very issue. Zerto’s response:

“Being that VRAs are Linux based virtual machines and require dhclient to be active, UDP ports in the 444xx range will appear when performing a security scan. UDP ports in the 444xx range are not required for the VRA functionality and therefore can be blocked by the customer.

All ports above port 32768 are known as ephemeral ports, which are random ports assigned to the client side of a client-server connection.
These ephemeral ports are used for Linux DHCP communication and are not needed for replication.
———————————————————————
Zerto recommends UDP ports in the 444xx be blocked by the customer.”

Tagged:  DHCP vmware vsphere udp firewall