Internal grid node communications

The following ports must be accessible to grid nodes on the Grid Network. Ensure that the required ports for the grid node type are open on the server.

The StorageGRID internal firewall only allows incoming connections to these ports (excluding 22, 80, 123, and 443) on the Grid Network.

If enterprise networking policies restrict the availability of any of these ports, you can remap ports using a configuration file setting.

Note: NetApp recommends that you enable Internet Control Message Protocol (ICMP) traffic between grid nodes. Allowing ICMP traffic can improve failover performance when a grid node cannot be reached.

In addition to ICMP and the ports listed in the table, StorageGRID uses the Virtual Router Redundancy Protocol (VRRP). VRRP is an internet protocol that uses IP number 112. StorageGRID uses VRRP in unicast mode only, as supported by the Keepalived software. VRRP is required only if high-availability (HA) groups are configured. For more information about Keepalived, reference the Keepalived documentation.

Port TCP or UDP From To Details
22 TCP Primary Admin Node All nodes For maintenance procedures, the primary Admin Node must be able to communicate with all other nodes using SSH on port 22. Allowing SSH traffic from other nodes is optional.
80 TCP Appliances Primary Admin Node Used by StorageGRID appliances to communicate with the primary Admin Node to start the installation.
123 UDP All nodes All nodes Network time protocol service. Every node synchronizes the time with every other node using NTP.
443 TCP All nodes Primary Admin Node Used for communicating status to the primary Admin Node during installation and other maintenance procedures.
1139 TCP Storage Nodes Storage Nodes Internal traffic between Storage Nodes.
1501 TCP All nodes Storage Nodes with ADC Reporting, auditing, and configuration internal traffic.
1502 TCP All nodes Storage Nodes S3- and Swift-related internal traffic.
1504 TCP All nodes Admin Nodes NMS service reporting and configuration internal traffic.
1505 TCP All nodes Admin Nodes AMS service internal traffic.
1506 TCP All nodes All nodes Server status internal traffic.
1507 TCP All nodes Gateway Nodes Load balancer internal traffic.
1508 TCP All nodes Primary Admin Node Configuration management internal traffic.
1509 TCP All nodes Archive Nodes Archive Node internal traffic.
1511 TCP All nodes Storage Nodes Metadata internal traffic.
5353 UDP All nodes All nodes Optionally used for full-grid IP changes and for primary Admin Node discovery during installation, expansion, and recovery.
7001 TCP Storage Nodes Storage Nodes Cassandra TLS inter-node cluster communication.
7443 TCP All Nodes Admin Nodes Internal traffic for maintenance procedures and error reporting.
9042 TCP Storage Nodes Storage Nodes Cassandra client port.
9999 TCP All nodes All nodes Internal traffic for multiple services. Includes maintenance procedures, metrics, and networking updates.
11139 TCP Archive/Storage Nodes Archive/Storage Nodes Internal traffic between Storage Nodes and Archive Nodes.
18000 TCP Admin/Storage Nodes Storage Nodes with ADC Account service internal traffic.
18001 TCP Admin/Storage Nodes Storage Nodes with ADC Identity Federation internal traffic.
18002 TCP Admin/Storage Nodes Storage Nodes Internal API traffic related to object protocols.
18003 TCP Admin/Storage Nodes Storage Nodes with ADC Platform services internal traffic.
18017 TCP Admin/Storage Nodes Storage Nodes Data Mover service internal traffic for Cloud Storage Pools.
18019 TCP Storage Nodes Storage Nodes Chunk service internal traffic for erasure coding.
18082 TCP Admin/Storage Nodes Storage Nodes S3-related internal traffic.
18083 TCP All nodes Storage Nodes Swift-related internal traffic.
18200 TCP Admin/Storage Nodes Storage Nodes Additional statistics about client requests.
19000 TCP Admin/Storage Nodes Storage Nodes with ADC Keystone service internal traffic.