Skip to main content

Private Networking (AHV)

Customers using Nutanix AHV infrastructure can create a Frame account using Customer-managed networking, Private Networking so users must access the Frame workload VMs using the private IP addresses of the Frame workload VMs. Since the Frame workload VMs have no public IP addresses, the customer must provide a network path between the end user and the private Frame workload VMs. Customers will also need to ensure these workload VMs and Cloud Connector Appliances (CCAs) can communicate to the Frame control plane on the Internet.

note

If a customer requires an outbound proxy server for any communication to the Internet, the outbound proxy server must support both HTTPS and Secure WebSocket (WSS) in order for the Frame Guest Agent (FGA) and CCAs to establish HTTPS and WSS connections to Frame Platform.

FRP8 Networking​

FRP8 is a udp-based protocol for all communication between the end user and the Frame workload VMs.

Nutanix AHV - Private Networking (FRP8)

Nutanix AHV - Private Networking (FRP8)

The following table describes the required protocols and ports for Frame accounts using Private Networking and FRP8.

Nutanix AHV - Private Networking

Source to DestinationSource IP addressDestination FQDN(s)Protocol/port
Cloud Connector Appliance (CCA) to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • use.difr.com
  • api.use.difr.com
  • ----[ EU Backplane ]----
  • deu.difr.com
  • api.deu.difr.com
  • ----[ Legacy Backplane ]----
  • console.nutanix.com
  • cpanel-backend.console.nutanix.com
  • gateway-external-api.console.nutanix.com
tcp/443 (HTTPS)
Cloud Connector Appliance (CCA) to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • hub.use.difr.com
  • ----[ EU Backplane ]----
  • hub.deu.difr.com
  • ----[ Legacy Backplane ]----
  • cch.console.nutanix.com
tcp/443 (HTTPS, WSS)
Prism Central to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • downloads.difr.com
  • ----[ EU Backplane ]----
  • downloads.difr.com
  • ----[ Legacy Backplane ]----
  • downloads.console.nutanix.com
tcp/443 (HTTPS)
CCA to Prism CentralPrivate IP address
  • Prism Central IP address
tcp/443 (HTTPS)
CCA to Prism ElementPrivate IP address
  • Prism Element IP address
tcp/443 (HTTPS)
Workload VMs to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • api.use.difr.com
  • assets.use.difr.com
  • img.use.difr.com
  • logging.use.difr.com
  • downloads.difr.com
  • ----[ EU Backplane ]----
  • api.deu.difr.com
  • hub.deu.difr.com
  • logging.use.difr.com
  • downloads.difr.com
  • ----[ Legacy Backplane ]----
  • gateway-external-api-prod.frame.nutanix.com
  • img.console.nutanix.com
  • img.frame.nutanix.com
  • prod-kds-5683567dcbd60804cb34.s3.us-east-1.amazonaws.com
  • assets.console.nutanix.com
  • downloads.console.nutanix.com
  • logging.console.nutanix.com
  • download.visualstudio.microsoft.com
tcp/443 (HTTPS)
Workload VMs to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • hub.use.difr.com
  • api.use.difr.com
  • ----[ EU Backplane ]----
  • hub.deu.difr.com
  • api.deu.difr.com
  • ----[ Legacy Backplane ]----
  • cch.console.nutanix.com
  • messaging.console.nutanix.com
tcp/443 (HTTPS, WSS)
End user to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • use.difr.com
  • api.use.difr.com
  • img.use.difr.com
  • login.use.difr.com
  • logging.use.difr.com
  • downloads.difr.com
  • ----[ EU Backplane ]----
  • deu.difr.com
  • api.deu.difr.com
  • assets.deu.difr.com
  • login.deu.difr.com
  • downloads.difr.com
  • ----[ Legacy Backplane ]----
  • console.nutanix.com
  • img.frame.nutanix.com
  • img.console.nutanix.com
  • cpanel-backend.console.nutanix.com
  • terminal-prod.frame.nutanix.com
  • logging.console.nutanix.com
  • login.console.nutanix.com (for Frame IdP, if used)
tcp/443 (HTTPS)
End user to Frame PlatformPublic IP address
  • ----[ US Backplane ]----
  • api.use.difr.com
  • ----[ US Backplane ]----
  • api.deu.difr.com
  • ----[ Legacy Backplane ]----
  • messaging.console.nutanix.com
tcp/443 (HTTPS, WSS)
End user to Workload VMPrivate IP address
  • *.nutanixframe.com or *.nutanix-frame.com resolving to a private IP address
udp/4503-4509, tcp/4503-4509 (optional)