Chapter 3. Considerations for Red Hat Gluster Storage

3.1. Verifying Port Access

This chapter provides information on the ports that must be open for Red Hat Gluster Storage Server and the glusterd service.
The Red Hat Gluster Storage glusterFS daemon glusterd enables dynamic configuration changes to Red Hat Gluster Storage volumes, without needing to restart servers or remount storage volumes on clients.
Red Hat Gluster Storage Server uses the listed ports. You must ensure that the firewall settings do not prevent access to these ports.
Firewall configuration tools differ between Red Hat Entperise Linux 6 and Red Hat Enterprise Linux 7.
For Red Hat Enterprise Linux 6, use the iptables command to open a port:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 5667 -j ACCEPT
# service iptables save
For Red Hat Enterprise Linux 7, if default ports are in use, it is usually simpler to add a service rather than open a port:
# firewall-cmd --zone=zone_name --add-service=glusterfs
# firewall-cmd --zone=zone_name --add-service=glusterfs --permanent
However, if the default ports are already in use, you can open a specific port with the following command:
# firewall-cmd --zone=zone_name --add-port=port/protocol
# firewall-cmd --zone=zone_name --add-port=port/protocol --permanent
For example:
# firewall-cmd --zone=public --add-port=5667/tcp
# firewall-cmd --zone=public --add-port=5667/tcp --permanent

Table 3.1. TCP Port Numbers

Port Number Usage
22 For sshd used by geo-replication.
111 For rpc port mapper.
139 For netbios service.
445 For CIFS protocol.
2049 For glusterFS's exports (nfsd process).
24007 For glusterd (for management).
24008For glusterd RDMA port management.
24009For glustereventsd.
38465 For gluster-NFS mount protocol.
38466 For gluster-NFS mount protocol.
38468 For gluster-NFS Network Lock Manager (NLM).
38469 For gluster-NFS's ACL support.
39543 For oVirt (Red Hat Gluster Storage Console).
49152 - 49664 Each brick on a host requires its own port for communication with GlusterFS clients. One port is used for each brick, in ascending order, beginning with port 49152. By default, up to 512 ports will be used. This maximum can be increased by editing the port range configuration, as described in Port Range Configuration. Consider the maximum number of bricks that you expect to exist simultaneously on your host, and open only the ports that you need for your current configuration to help ensure system security.
54321For VDSM (Red Hat Gluster Storage Console).
55863 For oVirt (Red Hat Gluster Storage Console).

Table 3.2. TCP Port Numbers used for Object Storage (Swift)

Port Number Usage
443 For HTTPS request.
6010 For Object Server.
6011 For Container Server.
6012 For Account Server.
8080 For Proxy Server.

Table 3.3. TCP Port Numbers for Nagios Monitoring

Port Number Usage
80 For HTTP protocol (required only if Nagios server is running on a Red Hat Gluster Storage node).
443 For HTTPS protocol (required only for Nagios server).
5667 For NSCA service (required only if Nagios server is running on a Red Hat Gluster Storage node).
5666 For NRPE service (required in all Red Hat Gluster Storage nodes).

Table 3.4. UDP Port Numbers

Port Number Usage
111 For RPC Bind.
For more information regarding port and firewall details for NFS-Ganesha, refer Section 6.2.3.2.1, “Port and Firewall Information for NFS-Ganesha”
For more information regarding port and firewall details for Red Hat Gluster Storage Web Administration, refer Section 2.4. Firewall Configuration in Quick Start Guide.