6.0.1
Table Of Contents
- vSphere Storage
- Contents
- About vSphere Storage
- Updated Information
- Introduction to Storage
- Overview of Using ESXi with a SAN
- Using ESXi with Fibre Channel SAN
- Configuring Fibre Channel Storage
- Configuring Fibre Channel over Ethernet
- Booting ESXi from Fibre Channel SAN
- Booting ESXi with Software FCoE
- Best Practices for Fibre Channel Storage
- Using ESXi with iSCSI SAN
- Configuring iSCSI Adapters and Storage
- ESXi iSCSI SAN Requirements
- ESXi iSCSI SAN Restrictions
- Setting LUN Allocations for iSCSI
- Network Configuration and Authentication
- Set Up Independent Hardware iSCSI Adapters
- About Dependent Hardware iSCSI Adapters
- Dependent Hardware iSCSI Considerations
- Configure Dependent Hardware iSCSI Adapters
- About the Software iSCSI Adapter
- Modify General Properties for iSCSI Adapters
- Setting Up iSCSI Network
- Using Jumbo Frames with iSCSI
- Configuring Discovery Addresses for iSCSI Adapters
- Configuring CHAP Parameters for iSCSI Adapters
- Configuring Advanced Parameters for iSCSI
- iSCSI Session Management
- Booting from iSCSI SAN
- Best Practices for iSCSI Storage
- Managing Storage Devices
- Storage Device Characteristics
- Understanding Storage Device Naming
- Storage Refresh and Rescan Operations
- Identifying Device Connectivity Problems
- Edit Configuration File Parameters
- Enable or Disable the Locator LED on Storage Devices
- Working with Flash Devices
- About VMware vSphere Flash Read Cache
- Working with Datastores
- Understanding VMFS Datastores
- Understanding Network File System Datastores
- Creating Datastores
- Managing Duplicate VMFS Datastores
- Upgrading VMFS Datastores
- Increasing VMFS Datastore Capacity
- Administrative Operations for Datastores
- Set Up Dynamic Disk Mirroring
- Collecting Diagnostic Information for ESXi Hosts on a Storage Device
- Checking Metadata Consistency with VOMA
- Configuring VMFS Pointer Block Cache
- Understanding Multipathing and Failover
- Raw Device Mapping
- Working with Virtual Volumes
- Virtual Machine Storage Policies
- Upgrading Legacy Storage Profiles
- Understanding Virtual Machine Storage Policies
- Working with Virtual Machine Storage Policies
- Creating and Managing VM Storage Policies
- Storage Policies and Virtual Machines
- Default Storage Policies
- Assign Storage Policies to Virtual Machines
- Change Storage Policy Assignment for Virtual Machine Files and Disks
- Monitor Storage Compliance for Virtual Machines
- Check Compliance for a VM Storage Policy
- Find Compatible Storage Resource for Noncompliant Virtual Machine
- Reapply Virtual Machine Storage Policy
- Filtering Virtual Machine I/O
- VMkernel and Storage
- Storage Hardware Acceleration
- Hardware Acceleration Benefits
- Hardware Acceleration Requirements
- Hardware Acceleration Support Status
- Hardware Acceleration for Block Storage Devices
- Hardware Acceleration on NAS Devices
- Hardware Acceleration Considerations
- Storage Thick and Thin Provisioning
- Using Storage Providers
- Using vmkfstools
- vmkfstools Command Syntax
- vmkfstools Options
- -v Suboption
- File System Options
- Virtual Disk Options
- Supported Disk Formats
- Creating a Virtual Disk
- Example for Creating a Virtual Disk
- Initializing a Virtual Disk
- Inflating a Thin Virtual Disk
- Removing Zeroed Blocks
- Converting a Zeroedthick Virtual Disk to an Eagerzeroedthick Disk
- Deleting a Virtual Disk
- Renaming a Virtual Disk
- Cloning or Converting a Virtual Disk or RDM
- Example for Cloning or Converting a Virtual Disk
- Migrate Virtual Machines Between DifferentVMware Products
- Extending a Virtual Disk
- Upgrading Virtual Disks
- Creating a Virtual Compatibility Mode Raw Device Mapping
- Example for Creating a Virtual Compatibility Mode RDM
- Creating a Physical Compatibility Mode Raw Device Mapping
- Listing Attributes of an RDM
- Displaying Virtual Disk Geometry
- Checking and Repairing Virtual Disks
- Checking Disk Chain for Consistency
- Storage Device Options
- Index
The behavior of the NFS Client rule set (nfsClient) is dierent from other rule sets. When the NFS Client
rule set is enabled, all outbound TCP ports are open for the destination hosts in the list of allowed IP
addresses.
The NFS 4.1 rule set opens outgoing connections to destination port 2049, which is the port named in the
specication for version 4.1 protocol. The outgoing connections are open for all IP addresses at the time of
the rst mount. This port remains open until the ESXi host is rebooted.
For more information about rewall congurations, see the vSphere Security documentation.
NFS Client Firewall Behavior
The NFS Client rewall rule set behaves dierently than other ESXi rewall rule sets. ESXi congures NFS
Client seings when you mount or unmount an NFS datastore. The behavior diers for dierent versions of
NFS.
When you add, mount, or unmount an NFS datastore, the resulting behavior depends on the version of
NFS.
NFS v3 Firewall Behavior
When you add or mount an NFS v3 datastore, ESXi checks the state of the NFS Client (nfsClient) rewall
rule set.
n
If the nfsClient rule set is disabled, ESXi enables the rule set and disables the Allow All IP Addresses
policy by seing the allowedAll ag to FALSE. The IP address of the NFS server is added to the allowed
list of outgoing IP addresses.
n
If the nfsClient rule set is enabled, the state of the rule set and the allowed IP address policy are not
changed. The IP address of the NFS server is added to the allowed list of outgoing IP addresses.
N If you manually enable the nfsClient rule set or manually set the Allow All IP Addresses policy,
either before or after you add an NFS v3 datastore to the system, your seings are overridden when the last
NFS v3 datastore is unmounted. The nfsClient rule set is disabled when all NFS v3 datastores are
unmounted.
When you remove or unmount an NFS v3 datastore, ESXi performs one of the following actions.
n
If none of the remaining NFS v3 datastores are mounted from the server of the datastore being
unmounted, ESXi removes the server's IP address from the list of outgoing IP addresses.
n
If no mounted NFS v3 datastores remain after the unmount operation, ESXi disables the nfsClient
rewall rule set.
NFS v4.1 Firewall Behavior
When you mount the rst NFS v4.1 datastore, ESXi enables the nfs41client rule set and sets its allowedAll
ag to TRUE. This action opens port 2049 for all IP addresses. Unmounting an NFS v4.1 datastore does not
aect the rewall state. That is, the rst NFS v4.1 mount opens port 2049 and that port remains enabled
unless you close it explicitly.
Verify Firewall Ports for NFS Clients
To enable access to NFS storage, ESXi automatically opens rewall ports for the NFS clients when you
mount an NFS datastore. For troubleshooting reasons, you might need to verify that the ports are open.
Procedure
1 In the vSphere Web Client, select the ESXi host.
2 Click the Manage tab, and click .
3 Select Security in the System area, and click Edit.
vSphere Storage
156 VMware, Inc.