Zerto Virtual Replication Architecture
The following diagram shows your environment after you have set it up for replication and recovery. The diagram also shows how the main components of Zerto Virtual Replication are deployed across sites to provide disaster recovery across these sites.
Note: For details of the architecture and ports used in a cloud-based architecture environment, see Zerto Cloud Manager Installation Guide.
The following architecture diagram shows the ports that must be opened in the firewalls on all sites.
■ Zerto Virtual Replication can be installed at multiple sites and each of these sites can be paired to another site enabling protection across sites.
■ Zerto Virtual Replication also supports protection and recovery on a site being managed by a single vCenter Server.
■ If a proxy server is used at the site, specify the IP address of the Zerto Virtual Manager in the exception list in the Proxy Server settings.
The following scenarios are examples of protection and recovery with a single vCenter Server.
When a single vCenter Server is used, port 9081 shown in the above diagram is not used.
■ From one datacenter, a branch office, to another datacenter, the main office, both managed by the same vCenter Server.
Zerto recommends installing Zerto Virtual Replication in the main office site where protected machines will be recovered.
■ From one host to a second host, both managed by the same vCenter Server.
■ To the same host but using a different datastore for recovery.
The following table provides basic information, shown in the above diagram, about the ports used by Zerto Virtual Replication.
Consider firewall rules if the services are not installed on the same network.
Port | Purpose |
22 | Required between an ESXi host and the ZVM during installation of a VRA. |
443 | Required between the ZVM and the vCenter Server. |
443 | Required between an ESXi host and the ZVM during installation of a VRA. |
4005 | Log collection between the ZVM and site VRAs. |
4006 | Communication between the ZVM and local site VRAs and the site VBA. |
4007 | Control communication between protecting and peer VRAs. |
4008 | Communication between VRAs to pass data from protected virtual machines to a VRA on a recovery site. |
4009 | Communication between the ZVM and local site VRAs to handle checkpoints. |
5672 | TCP communication between the ZVM and vCloud Director for access to AMQP messaging. |
9779 | Communication between ZVM and ZSSP (Zerto Self Service Portal). |
9989 | Communication between ZCM, and ZCM GUI and ZCM REST APIs. |
9080* | Communication between the ZVM, Zerto Powershell Cmdlets, and Zerto Diagnostic tool. |
9081* | Communication between paired ZVMs** |
9180* | Communication between the ZVM and the VBA. |
9669* | Communication between ZVM and ZVM GUI and ZVM REST APIs, and the ZCM. |
|
