This replication server port, typically 8989, must be accessible from all directory servers participating in replication. The server-to-server communication channel is kept alive using a heartbeat, which occurs every 10 seconds. This traffic prevents firewalls from closing connections prematurely.

The replication command-line utility (dsreplication) requires access to all directory servers participating in replication. This includes the LDAP or LDAPS port of the directory servers.

Tip:

When configuring firewalls, keep these communication requirements in mind.