A.2. Virtualization Host Firewall Requirements
Red Hat Enterprise Linux hosts and Red Hat Enterprise Virtualization Hypervisors require a number of ports to be opened to allow network traffic through the system's firewall. In the case of the Red Hat Enterprise Virtualization Hypervisor these firewall rules are configured automatically. For Red Hat Enterprise Linux hosts however it is necessary to manually configure the firewall.
Table A.2. Virtualization Host Firewall Requirements
| Port(s) | Protocol | Source | Destination | Purpose |
|---|---|---|---|---|
| 22 | TCP |
Red Hat Enterprise Virtualization Manager
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Secure Shell (SSH) access.
Optional.
|
| 161 | UDP |
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Red Hat Enterprise Virtualization Manager
|
Simple network management protocol (SNMP). Only required if you want Simple Network Management Protocol traps sent from the hypervisor to one or more external SNMP managers.
Optional.
|
| 5900 - 6923 | TCP |
Administration Portal clients
User Portal clients
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Remote guest console access via VNC and SPICE. These ports must be open to facilitate client access to virtual machines.
|
| 5989 | TCP, UDP |
Common Information Model Object Manager (CIMOM)
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Used by Common Information Model Object Managers (CIMOM) to monitor virtual machines running on the hypervisor. Only required if you want to use a CIMOM to monitor the virtual machines in your virtualization environment.
Optional.
|
| 16514 | TCP |
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Virtual machine migration using
libvirt.
|
| 49152 - 49216 | TCP |
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Virtual machine migration and fencing using VDSM. These ports must be open facilitate both automated and manually initiated migration of virtual machines.
|
| 54321 | TCP |
Red Hat Enterprise Virtualization Manager
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
Red Hat Enterprise Virtualization Hypervisor(s)
Red Hat Enterprise Linux host(s)
|
VDSM communications with the Manager and other virtualization hosts.
|