The following ports must be accessible to grid nodes on the Grid Network. Ensure that the required ports for the grid node type are open on the server.
The StorageGRID internal firewall only allows incoming connections to these ports (excluding 22, 80, 123, and 443) on the Grid Network.
If enterprise networking policies restrict the availability of any of these ports, you can remap ports using a configuration file setting.
In addition to ICMP and the ports listed in the table, StorageGRID uses the Virtual Router Redundancy Protocol (VRRP). VRRP is an internet protocol that uses IP number 112. StorageGRID uses VRRP in unicast mode only, as supported by the Keepalived software. VRRP is required only if high-availability (HA) groups are configured. For more information about Keepalived, reference the Keepalived documentation.
Port | TCP or UDP | From | To | Details |
---|---|---|---|---|
22 | TCP | Primary Admin Node | All nodes | For maintenance procedures, the primary Admin Node must be able to communicate with all other nodes using SSH on port 22. Allowing SSH traffic from other nodes is optional. |
80 | TCP | Appliances | Primary Admin Node | Used by StorageGRID appliances to communicate with the primary Admin Node to start the installation. |
123 | UDP | All nodes | All nodes | Network time protocol service. Every node synchronizes the time with every other node using NTP. |
443 | TCP | All nodes | Primary Admin Node | Used for communicating status to the primary Admin Node during installation and other maintenance procedures. |
1139 | TCP | Storage Nodes | Storage Nodes | Internal traffic between Storage Nodes. |
1501 | TCP | All nodes | Storage Nodes with ADC | Reporting, auditing, and configuration internal traffic. |
1502 | TCP | All nodes | Storage Nodes | S3- and Swift-related internal traffic. |
1504 | TCP | All nodes | Admin Nodes | NMS service reporting and configuration internal traffic. |
1505 | TCP | All nodes | Admin Nodes | AMS service internal traffic. |
1506 | TCP | All nodes | All nodes | Server status internal traffic. |
1507 | TCP | All nodes | Gateway Nodes | Load balancer internal traffic. |
1508 | TCP | All nodes | Primary Admin Node | Configuration management internal traffic. |
1509 | TCP | All nodes | Archive Nodes | Archive Node internal traffic. |
1511 | TCP | All nodes | Storage Nodes | Metadata internal traffic. |
5353 | UDP | All nodes | All nodes | Optionally used for full-grid IP changes and for primary Admin Node discovery during installation, expansion, and recovery. |
7001 | TCP | Storage Nodes | Storage Nodes | Cassandra TLS inter-node cluster communication. |
7443 | TCP | All Nodes | Admin Nodes | Internal traffic for maintenance procedures and error reporting. |
9042 | TCP | Storage Nodes | Storage Nodes | Cassandra client port. |
9999 | TCP | All nodes | All nodes | Internal traffic for multiple services. Includes maintenance procedures, metrics, and networking updates. |
11139 | TCP | Archive/Storage Nodes | Archive/Storage Nodes | Internal traffic between Storage Nodes and Archive Nodes. |
18000 | TCP | Admin/Storage Nodes | Storage Nodes with ADC | Account service internal traffic. |
18001 | TCP | Admin/Storage Nodes | Storage Nodes with ADC | Identity Federation internal traffic. |
18002 | TCP | Admin/Storage Nodes | Storage Nodes | Internal API traffic related to object protocols. |
18003 | TCP | Admin/Storage Nodes | Storage Nodes with ADC | Platform services internal traffic. |
18017 | TCP | Admin/Storage Nodes | Storage Nodes | Data Mover service internal traffic for Cloud Storage Pools. |
18019 | TCP | Storage Nodes | Storage Nodes | Chunk service internal traffic for erasure coding. |
18082 | TCP | Admin/Storage Nodes | Storage Nodes | S3-related internal traffic. |
18083 | TCP | All nodes | Storage Nodes | Swift-related internal traffic. |
18200 | TCP | Admin/Storage Nodes | Storage Nodes | Additional statistics about client requests. |
19000 | TCP | Admin/Storage Nodes | Storage Nodes with ADC | Keystone service internal traffic. |