Professional Documents
Culture Documents
Scope
This article describes the local and offsite networking requirements and best practices for Datto
appliances. This includes both the networ
networkk speed requirements and requirements for open
ports and DNS resolution.
Speed Requirements
This section explains the speed requirements for the following:
Since a 100 Mbps network cannot efficiently transfer large datasets between the protected
machines and a Datto appliance, we strongly recommend that you have gigabit network
connections between all protected machines and the Datto appliance
appliance over a LAN.
All SIRIS 3 devices must be connected using a gigabit connection. They will not function on a
slower connection.
Connection between protected machines and the Datto appliance over a WAN
To reliably synchronize with the Datto Cloud, ensure that your connection is at least 1 Mbps
(125 KBps) uplink per terabyte
yte of protected data stored locally on the Datto device. To see how
much data your Datto appliance is currently protecting, see the article Remote Web - Device
Overview.
Page | 1
Router MTU Settings
The Datto appliance will most reliably be able to communicate with our monitoring servers
when the router's MTU size is set to 1500 bytes. This will prevent packet fragmentation since
the Datto appliance is also using a 1500 byte MTU size. Packet fragmentation may cause issues
with communication to our monitoring servers.
On protected Linux machines, TCP ports 3260 (iSCSI) and 25567 must be open between the
protected machine and the Datto appliance.
On protected Mac machines, TCP ports 3260 (iSCSI) and 25569 must be open between the
protected machine and the Datto appliance.
Depending on your network infrastructure, you might also have to open UDP port 25566 for
successful ShadowSnap agent communication.
Depending on your network security configuration, you might also have to whitelist
inbound.dattoremote.com for correct Remote
Remot Web functionality.
The Datto appliance must have access to the Datto Cloud for backup replication and remote
device management. In addition, all ICMP packets must be allowed through the firewall. If you
have a configuration
ration in which you need specific ports and IP addresses to allow access to the
Datto appliance, refer to Figure 1 and the sections below.
Ports 2200-2250
2250 must allow outbound communication between the Datto appliance and
dattoremote.com.
To download operating ing system updates, all Datto appliances must be able to resolve the
following sites in the local DNS:
• us.archive.ubuntu.com
• security.ubuntu.com
• ppa.launchpad.net
• dattobackup.com
All Datto appliances must be able to access the following IP ranges for Cloud infrastructure and
device management:
• 47.19.105.0/24
• 8.34.181.199/32
• 198.49.95.0/24
• 8.34.176.0/24
• 162.244.87.60/32 port 5044
Depending on your country, the Datto appliance must have access to the following IP ranges for
the offsite storage nodes:
Page | 3
United States
• 8.34.165.0/24
• 8.34.176.0/23
• 8.34.181.0/24
• 198.49.95.0/24
• 162.244.84.0/23
Canada
• 70.33.207.240/28 (Ontario)
• 70.33.242.128/25 (Ontario)
• 198.137.227.0/24 (Alberta)
EMEA
• 176.74.168.192/26 (UK)
• 192.30.37.0/24 (Iceland)
• 198.137.225.0/24 (Germany)
• 27.111.249.128/25 (255.255.255.128)
Singapore
• 198.137.226.0/24
If you want to find out which Cloud storage node your Datto appliance is connecting to, open
the appliance's web interface. You will see the screen as shown in Figure
igure 2.
Page | 4
Figure 2 - Offsite Server IP address
• Datto-Networking-Requirements
Requirements-lg.png (40 KB)
Page | 5