Nutanix products network port diagrams
I spent some time to produce small Visio with Nutanix ports diagram to visualize the interaction between Nutanix software components (CVM, Prism Central), hardware (SuperMicro IPMI – it is remote management console like HP iLO, Dell DRAC) and hypervisor (in this case VMware ESXi and Nutanix Acropolis hypervisor AHV). Some of you might ask, where is vCenter or SCVMM? Well, Nutanix doesn’t need to “talk” to vCenter or SCVMM in order to run :-), we do not rely on vCenter or SCVMM at all. What we need is, talk to the hypervisor, in this case, ESXi, AHV and Hyper-V – all three supported by Nutanix. Communication between CVM and VMware ESXi, Nutanix AHV flys over SSH that’s why when you run Nutanix you can’t disable SSH on either ESXi or AHV.
Components on the diagrams:
- CVM – controller VM – the distributed brain of Nutanix solution, the core of the web-scale.
- Foundation – Nutanix provisioning tool. It does provision and configures automatically CVM and hypervisor as well as creates a Nutanix cluster, creates a storage pool, container and mount container into ESXi as datastore. check my two-part series about Nutanix Foundation
- Prism Central – customers can manage many Nutanix clusters across many locations from a single pane of glass using the simple and intuitive Nutanix Prism Central interface. Read more about Prism Central.
- IPMI – remote management console like HP iLO, Dell DRAC but for SuperMicro servers. I used to work with iLO and DRAC and must say IPMI is far faster form those two mentioned.
- ESXi – hypervisor
- AHV – Acropolis Hypervisor
- Hyper-v – Microsoft Hyper-V 2012R2
- XenServer – Citrix XenServer 7.X
- Azure and AWS – Nutanix supports public cloud providers as a target for backup and DR
- Administrator – it is Admin workstation
- Nutanix Files – File Server
- Files Analytics – analytics VM for Nutanix Files
- Prism Central – Nutanix Prism Central
- vCenter – VMware vSphere vCenter
- SCVMM – Microsoft Virtual Machine Manager
- Nutanix Move (formerly know as Xtract) – Nutanix migration tool to Nutanix AHV
- KMS – Key Management System
- CALM – Nutanix Cloud Automation Lifecycle Management
- Karbon – Nutanix Kubernetes
- Nutanix ERA – database as a service
- Nutanix Flow – Nutanix native microsegmentation
- Nutnaix Leap – Nutanix DR automation and orchestration
Nutanix port diagram – services
The below diagram applies to the first four diagrams, for AHV, for ESXi, for Hyper-V, for XenServer. All below ports on the diagram are common regardless of hypervisor is been used to run with Nutanix AOS
For the description of the services, refer to Nutanix official documentation.
Port diagrams for hypervisors
Nutanix network port diagram with VMware ESXi – infrastructure services included.
Download Nutanix ESXi network port diagram in PDF
For full list of vCenter and ESXi ports check out VMware documentation and KB articles:
Nutanix network port diagram for Nutanix Acropolis Hypervisor (AHV)
Port Description
- 22 – SSH
- 443 – SSL
- 2074 – NGT (Nutanix Guest Tools) to CVM
- 8000 – Nutanix foundation page
- 9440 – PrismUI (including RestAPI calls, PoSH, remote ncli)
- 9446 – Nutanix Flow (used by Kafka Service)
Download Nutanix Acropolis network port diagram in PDF
Nutanix network port diagram with Microsoft Hyper-V – infrastructure services included.
Download Nutanix and Hyper-V network port diagram in PDF
Nutanix network port diagram with Citrix XenServer – infrastructure services included.
Download Citrix XenServer on Nutanix, network port diagram in PDF
Ports description
- 3389 – RDP
- 5900 – VNC console for Linux VM’s
- 27000 – license manager
- 7279 – Check-in/check-out of Citrix licenses
- Full list of ports used by Citrix XenServer and other Citrix products can be found in CTX101810
Nutanix port diagram for disaster recovery
Nutanix network port diagram for Disaster Recovery between two Nutanix clusters and a backup from Nutanix cluster to Azure and AWS
Download Nutanix DR and backup, network port diagram in PDF
You can find out more about it from official Nutanix documentation Nutanix Data Protection and Nutanix backup to cloud support.
or from vmwaremine blog series:
- Prepare for the worst and oh, no need to hope for the best… (part 1/3) (20.5)
- Prepare for the worst and oh, no need to hope for the best… (part 1/3) (18.9)
- Prepare for the worst and oh, no need to hope for the best… (part 3/3) (27.5)
Nutanix Leap Synchronous replication
Port Description:
- 2009 – To transfer data between clusters
- 2020 – To orchestrate data replication between two clusters
- 2074 – To communicate with other clusters. Used by application-consistent Recovery Points, configuring the static IP address, file-level replication, and self-service restore features
- 2030/2036 – To orchestrate replication of VM configuration
For more info visit the blog post where you can find detailed information
Nutanix Leap Asynchronous replication
Port Description
- 2009 – To transfer data between clusters
- 2074 – Nutanix CVM guest OS traffic
- 3260, 3261,3262 – iSCSI traffic
For a full list of ports visit my blog post
Nutanix port diagram for storage services
Nutanix network port diagram for Nutanix Files
Port Description
- 445 – SMB access
- 2049 – NFS access
- 2100 – genesis operation on AFS
- 3205, 3260 – stargate iSCSI access
- 7501 – access AFS services on CVM
- 7502 – access Minerva service running on AFS
- 9440 – send rest calls to CVM
- See my blog post, Nutanix Files port diagram for more information
- For a complete list of ports with description for Nutanix Files 3.6, visit my.nutanix.com
Nutanix Objects port diagram
Port description
Nutanix Move port diagrams
Nutanix network port diagram for Nutanix Move for VMware ESXi
Port Description
- 22 – SSH
- 443 – SSL
- 902 – Host access to other hosts for migration and provisioning
- 111 – NFS
- 2049 – NFS
- 9440 – Nutanix Prism Access
Nutanix Move for Amazon AWS port diagram
Port description
- 5986 – WinRM-HTTPS
- 5985 – WinRM-HTTP
- 22 – Linux Gues VM only
- 4505, 4506 – SaltStack
- 8080 – ngnix service running CBT provider
- 2049 – NFS
- 8092, 8093, 8094 – disk reader
Nutanix Move for Microsoft Hyper-V port diagram
Port Descriptions:
Nutanix CALM port diagram
NOTE: Nutanix CALM runs as microservice on Prism Central. Essentially, you have to open ports from Prism Central instance
(on diagram called CALM) as source to the target service
Port descriptions:
- 22 – SSH to virtual machine managed by Nutanix CALM
- 443 – SSL (authentication to service providers)
- 3205 – Communication from Prism Central to the data service IP of a cluster on which Prism Central is hosted.
- 3260 – Communication from Prism Central to the data service IP of a cluster on which Prism Central is hosted.
- 5985 – Powershell to VM managed by Nutanix CALM
Nutanix X-Ray port diagram
Port Description:
- 22 – SSH
- 443 – SSL
- 623 – IPMI
- 5000 – connection to workers
- 5985 – PowerShell
Nutanix ERA port diagram
Port description
- 22 – SSH
- 123 – NTP
- 443 -HTTPS
- 3260 – iSCSI
- 5985 – WinRM
For more information see my dedicated post Nutanix Era port diagram
Nutanix Karbon port diagram
Port Description
Below link provides a full list of the ports, source and destination, and description
Nutanix Karbon documentation
Nutanix Clusters port diagrams
Nutanix Clusters on Amazon AWS
To find ports descriptions and more information about diagram, go and check this blog post
Appendix
Change log
- Sep. 19 2014 – initial version
- Jul. 17 2015 – added Nutanix Acropolis Hypervisor – AHV
- Jul. 21 2015 – updated Nutanix and VMware ports diagram v 0.4
- Aug. 04 2015 – removed ports 80 and 443 (communication from Admin WS to CVM) on AHV and ESXi diagrams
- Aug. 04 2015 – added port 2220 on AHV diagram
- Aug.
22 2015 – added IPMI ports to all diagrams and Nutanix and Hyper-V diagram - Dec. 2015 – added DR ports diagram
- May. 2016 – update Nutanix port diagram with Hyper-V, SCVMM communication ports has been added
- May 2016 – Acropolis File Server diagram added
- June 2016 – added port 2074 for NGT (nutanix guests tools) communication to CVM
- Sep 2016:
- removed port 2220 from AHV diagram,
- added port 2222 to AHV, ESXi and Hyper-V,
- updated AD ports (change from 396 to 389) on all diagrams
- updated BC\DR diagram
- March 2017 – added Citrix XenServer port diagram
- May 2017 – added SQL Server Mobility Services
- Feb 3’rd 2018 – added:
- Extract for VM ports and diagram
- updated PULS ports on:
- AHV diagram
- ESXi diagram
- Hyper-V diagram
- XenServer diagram
- Feb 5’th 2018 – added Metro Availability Witness into DR diagram
- March 22’nd 2018 – added below ports into AHV,
ESXi , Hyper-V and XenServer ports diagrams- ICMP – between CVMs and DNS
- 80 – between CVMs and portal.nutanix.com
- May 2018 – port 2049 added to Nutanix AFS diagram
- Sep 2018 – X-Ray port diagram added
- Jan 2019 – Xtract for AWS diagram added
- Jan 2019 – Nutanix Services port diagram
- April 2019 – updated names for following diagrams:
- Nutanix Move
- Nutanix Files
- May 2019 – Nutanix CALM port diagram added
- June 2019 – Nutanix ERA port diagram added
- July 2019 – port 9446 added to AHV diagram
- September 2019:
- Add 443 into PC – PE communication
- Add 7050 for PC – ADMIN – Karbon communication
- Add 443 – Nutanix AHV and RedHat satellite communication
- October 2019 – Nutanix Karbon was added
- February 2020:
- Nutanix Object port diagram was added
- Nutanix Move for Hyper-V port diagram
- March 2020
- Updated Nutanix Move for Hyper-V port diagram
- Update Nutanix Files port Diagram
- Added NFS ports
- Updated FSVM <–> CVM ports
- Updated ports between FSVM and External services
- May 2020
- Updated Nutanix Files – added Nutanix Files Analytics ports
- June 2020
- Added Nutanix Leap Synchronous replication port diagram
- Page updates and reformating
- August 2020 – Nutanix Clusters on AWS port diagram added
- September 2020 – updated Nutanix Move port diagrams (Nutanix Move 3.6)
Artur, since SSH needs to be opened on the ESXi hosts for communication between CVM and ESXi, would it not be a good idea to set the UserVars.SupressShellWarning to 1 on all ESXi hosts?
Otherwise you get a warning in vCenter for something that is required.
Could this be also included in Foundation?
Hey. Tx for the great work. These diagrams are awesome. There a mistake on the link to download the AHV port diagram. It points to the ESXi one.
Also, it seems that port 2074 is missing on the AHV diagram. It allows communication between NGT and the CVM.
Cheers
Akim
Great work Artur! This has to be worth another Renaissance trip :0
Hey, great job done here! Would it be possible to get the Visio-Files somehow?
I have one line of communication for you to add between Prism Central and the CVMs. I identified that the Capacity tab of a cluster would not show any data until my firewall team opened-up SSH communication between the Prism Central system and the CVMs.
A couple notes on the AHV diagram:
– The Global Catalog port is port 3268, not 3286
– May consider adding TCP port 2020 (Cerebro) to the CVM communication to Administrator. This is used for DR
– May consider adding TCP port 2016 for Pithos to the CVM communication to Administrator.
– May consider adding TCP port 2011 for Chronos to the CVM communication to Administrator.
Really great diagrams!
It would be perfect it the Visio Files were downloadable too, so we Consultants could put, e.g. hostnames to the boxes or include just those optional connections which are indeed used at the respective customer’s implementation.
Would it be possible for you to also do diagrams for Metro Availability and its Witness?
I just recently installed AOS 5.5 on ESXi 6.5 hosts and received a warning message regarding 3rd party IO filter storage provider failing. The fix was to open port 9080 between the hosts and the vCenter. So maybe add that port to the ESXi diagram.
Sensational!!! Nutanix every day much better and unreachable!
Really very helpful information. Thank you very much!
Please share the Prism central port requirements
Great Documents. Thanks.
Brilliant just what I was looking for. Many Thanks
Excellent article. Good for any quick design reference