Connectivity to Expedient
Outbound connectivity to the Expedient infrastructure is required for the local vGateways to function. If there are firewall systems in place, the below connectivity at a minimum must be allowed.
Source | Destination | Port | Purpose |
|---|---|---|---|
Local vGateway | 209.143.91.48/28 | TCP 443 | vGateway Management |
Local vGateway | 208.40.133.128/25 | TCP 443 | vGateway Data Path |
Bandwidth to Expedient
Certain IO operations will be reliant upon the bandwidth provided by the internet link back to Expedient servers. For data operations that occur on data not in the local cache, or if the local cache has become full, IO will become limited to the bandwidth available by the internet link. Every workload is different meaning there is no hard and fast rule for bandwidth requirements, however care should be taken to ensure that sub par networks are not utilized. It is also recommended to avoid firewalls in the data path, however if that is not possible DPI/IPS/etc should be disabled as they will impact the throughput of the link.
Local Connectivity
Connectivity between the local vGateway and certain endpoints is required for various aspects of functionality. Consult the below table and implement the connectivity which is required for your deployment.
Source | Destination | Port | Purpose |
|---|---|---|---|
Local vGateway | Local SMB Clients | TCP 445 | SMB |
Local SMB Clients | Local vGateway | TCP 445 | SMB |
Local vGateway | Local NFS Clients | TCP/UDP 111 | NFS |
Local NFS Clients | Local vGateway | TCP/UDP 111 | NFS |
Local vGateway | Local AD | TCP 389 | AD Permissions |
Local vGateway | Local DNS | UDP 53 | vGateway DNS |
Local vGateway | Local Syslog | UDP 514 | vGateway Logging to Syslog |
Local vGateway | Local SMTP | TCP 25 | vGateway Emails |
Local vGateway | Local SNMP | UDP 161 | vGateway SNMP Alerts |