Jump to content
Welcome to our new Citrix community!
  • 0

Open ports in XenServer 6.2


Bit-101

Question

12 answers to this question

Recommended Posts

  • 0

Citrix PVS runs on a Windows Server that is likely just a VM on your hypervisor. If you need to open ports 

it will be ports on your Windows Server running PVS, not the hypervisor. Your Hypervisor has a firewall 

to protect itself (DomO in the case of XenServer), but that has nothing to do with your DomU guests.

Network connectivity to the hypervisor and relayed to the VM is not port blocked by default. Firewalling

will be the responsibility of the VM.

 

--Alan--

 

 

  • Like 1
Link to comment
  • 1

Honestly, with all changes and in particular the partitioning scheme, i would 

want to install fresh. If you don't use pools then that would mean exporting,

install fresh, and re-importing. Be sure and have good backups as well. You

never know when exporting on 6.x won't import on 8.x or some other weird

oddity. If you have one server you can use for a test that would be the best

place to start.

 

--Alan--

 

  • Like 1
Link to comment
  • 0

@tobias kreidl
https://docs.citrix.com/en-us/tech-zone/build/tech-papers/citrix-communication-ports.html#PVS

I´ve already read this and my question i s - can this Tech Paper be applied to XenServer 6.2?

 

@alan lantz:
-Could you possible give some more detailed answer, 
then I'll be very thankful.

As an example:

-You dont have to open any ports, because......<your answer>

 

 

Note:

If I understand your answer correctly

"..Any ports associated with PVS would be referring to the OS firewall, not XenServer."

-In other words, no ports has to be opened XenServer, every port is managed by external firewall. 

Please see https://docs.citrix.com/en-us/tech-zone/build/tech-papers/citrix-communication-ports.html#PVS 
-right?

 

:5_smiley:

Link to comment
  • 0

I guess it goes without saying  that XenServer 6.2 is extremely out of date.

But yes, if you notice on that poster the only ports open on XenServer are 22 

for SSH and 443 for pool communications. Nothing extra is opened up on

XenServer for PVS to operate.  Now on the PVS server itself you need to make

sure ports are open or disable the Windows firewall.

 

--Alan--

 

Link to comment
  • 0

Anything still running XenServer 6.2 is at high risk of security compromise. There are many unpatched and publicly known security issues, not least the entire SPECTRE and MELTDOWN CPU speculative execution exploits.

 

You should be making urgent plans to move to something else, whether that be Citrix Hypervisor 8.2 or a different solution entirely.

Link to comment
  • 0

Mybe this is a case in another forum?

We dont use pools:

-Are there any upgrade docs from xenserver 6.2 and up to version x.x? 

-Steps 6.2 > 6.5 > 7.0 > 7.1>7.>8.0?

(What steps are necessary and which verisons can we skip?)

(Harware that´s supported is antother issue)

Link to comment
  • 0

Yeah, good luck finding some of those ancient distributons, not to mention hardware compatibility issues. Before any major upgrade, enure that all your hardware will work with the latest release you plan to install. I was bitten long ago by an upgrade that did not support some of our fiber cards. If you don't have spare hardware, maybe you can eject one of your pool hosts and try a clean install on it to make sure as much of what you can test will still work.

 

-=Tobias

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...