I would like to filter the private interface.

What are the essential ports for replication and server communication.

So far I've enabled the following:

524 NCP
636 LDAP
427 SLP

I'm not so concerned about the management tools such as 443, 2200, 8080,
8008, 8009, etc.. more about replication and communications.

I wasn't sure if replication was dependant on DNS for resolution of
servers. Probably just uses the directory and broadcasts, but if anyone
can help please let me know some other ports.