The ports that you need to open in your firewall on ES server node depends upon your cluster topology. If you are creating a cluster, you'll have to open up both the HTTP port and Transport Port in your firewall (by default 9200 for HTTP and 9300 for transport). For single node cluster, you don't need to open up transport port.
my server: can make a connection using any of the source ports to the server listening over port 9200. The inbound port 9200 should be enabled on ElasticSearch server.
Oh, thanks. So base on my server(installed elasticsearch) I can choose outbound ports (example 80).
And inbound ports is 9200 right? so should I configure source ip is any? I really hope your answer. thanks.
You should enable all the outbound ports, because clients can try connecting to ES server from any port. You should fix outbound port only if you are sure that client processes will be initiated from port 80.
Inbound firewall rule for port 9200 can be set on ES server.
For better security, you should restrict the interface to as minimum interfaces as possible. So ideally it should be restricted to the interface from where it will be queried. Along with the default 9200 port, you may need to expose some other ports for SSH access to the server.
There are some best practices listed out for firewall rules here, please refer to it.
If you open a request from machine A to machine B (which runs your elastic node), you should only be interested in the port on machine B, which is 9200 by default. So you can open Port 9200 inbound on machine B. Otherwise machine A won't be able to connect.
The reply from the elastic node will always be sent back to machine A on the source port that machine A used to initiate the connection. Your elastic node will never initiate that connection, but only reply on the connection that machine A opened.
your mean is my server = elastic server and how to connect my server and elasticserver? my server outbound = elasticserver inbound = 9200 port? I am very confuse..Thanks.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.