Purpose / Significance of Port Ranges (9300-9400)


(Matt Hughes) #1

I'm running elasticsearch in a somewhat locked down environment and the
less ports I have open, the better.

I guess my questions boil down to:

  1. Why do you need multiple ports open in the 93xx range?
  2. Will anything bad happen if I just have 9300 open? Will performance
    suffer, and if so, in what areas?
    a) if it does relate to performance, how many do I need to have open if I'm
    not going to open the whole range?

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


(Jörg Prante) #2
  1. No, there is one port in use per node (beside HTTP on port 9200). You
    can define the ports in the configuration.

  2. First, do not configure ports for public access. You should set up your
    ES cluster only in a private network. The question if only port 9300 is
    "open" or more ports does not determine the performance.

  3. As said, performance is a different topic. The number of ports open or
    in use does not correlate with performance (speed/throughput).

As a side note, 9300 seems like it was a random choice, there is no
specific reason for this port number, you can choose any other port number
that is available. According to IANA, the default ES ports 9200/9300 are
reserved ports "wap-wsp" and "vrace" so if you want to declare your port
number as "official", you might want to consult

http://www.iana.org/assignments/service-names-port-numbers/

for an unassigned port number to avoid conflicts.

Jörg

On Sat, Aug 2, 2014 at 6:26 PM, Matt Hughes hughes.matt@gmail.com wrote:

I'm running elasticsearch in a somewhat locked down environment and the
less ports I have open, the better.

I guess my questions boil down to:

  1. Why do you need multiple ports open in the 93xx range?
  2. Will anything bad happen if I just have 9300 open? Will performance
    suffer, and if so, in what areas?
    a) if it does relate to performance, how many do I need to have open if
    I'm not going to open the whole range?

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAKdsXoFJF4O1Dp9EMDfZJPo9JFVePhwmpe3e%2B2XdQOBwL_D9_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.


(Matt Hughes) #3

Thanks for the reply.

Ok, I guess this comment in the config still confuses me:

Elasticsearch, by default, binds itself to the 0.0.0.0 address, and

listens

on port [9200-9300] for HTTP traffic and on port [9300-9400] for

node-to-node

communication.

(the range means that if the port is busy, it will automatically# try the
next port)
.

So based on your comments, the "is busy" comment really means "if some
other app is bound to 9300, ES will automatically keep trying ports in this
range until it can bind to one"? Does that jive with your understanding?

On Saturday, August 2, 2014 2:13:36 PM UTC-4, Jörg Prante wrote:

  1. No, there is one port in use per node (beside HTTP on port 9200). You
    can define the ports in the configuration.

  2. First, do not configure ports for public access. You should set up your
    ES cluster only in a private network. The question if only port 9300 is
    "open" or more ports does not determine the performance.

  3. As said, performance is a different topic. The number of ports open or
    in use does not correlate with performance (speed/throughput).

As a side note, 9300 seems like it was a random choice, there is no
specific reason for this port number, you can choose any other port number
that is available. According to IANA, the default ES ports 9200/9300 are
reserved ports "wap-wsp" and "vrace" so if you want to declare your port
number as "official", you might want to consult

http://www.iana.org/assignments/service-names-port-numbers/

for an unassigned port number to avoid conflicts.

Jörg

On Sat, Aug 2, 2014 at 6:26 PM, Matt Hughes <hughe...@gmail.com
<javascript:>> wrote:

I'm running elasticsearch in a somewhat locked down environment and the
less ports I have open, the better.

I guess my questions boil down to:

  1. Why do you need multiple ports open in the 93xx range?
  2. Will anything bad happen if I just have 9300 open? Will performance
    suffer, and if so, in what areas?
    a) if it does relate to performance, how many do I need to have open if
    I'm not going to open the whole range?

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearc...@googlegroups.com <javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/a3314d6e-2d16-4066-a718-a7fae63bcf53%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


(Matt Hughes) #4

Found the relevant code and your description does appear to match up
(NettyTransport):

    PortsRange portsRange = new PortsRange(port);
    final AtomicReference<Exception> lastException = new 

AtomicReference<>();
boolean success = portsRange.iterate(new PortsRange.PortCallback() {
@Override
public boolean onPortNumber(int portNumber) {
try {
serverChannel = serverBootstrap.bind(new
InetSocketAddress(hostAddress, portNumber));
} catch (Exception e) {
lastException.set(e);
return false;
}
return true;
}
});
if (!success) {
throw new BindTransportException("Failed to bind to [" + port +
"]", lastException.get());
}

    logger.debug("Bound to address [{}]", 

serverChannel.getLocalAddress());

First port in the port range that is open gets bound. And this appears to
only happen once. Thanks.

On Saturday, August 2, 2014 2:19:33 PM UTC-4, Matt Hughes wrote:

Thanks for the reply.

Ok, I guess this comment in the config still confuses me:

Elasticsearch, by default, binds itself to the 0.0.0.0 address, and

listens

on port [9200-9300] for HTTP traffic and on port [9300-9400] for

node-to-node

communication.

(the range means that if the port is busy, it will automatically# try the
next port)
.

So based on your comments, the "is busy" comment really means "if some
other app is bound to 9300, ES will automatically keep trying ports in this
range until it can bind to one"? Does that jive with your understanding?

On Saturday, August 2, 2014 2:13:36 PM UTC-4, Jörg Prante wrote:

  1. No, there is one port in use per node (beside HTTP on port 9200). You
    can define the ports in the configuration.

  2. First, do not configure ports for public access. You should set up
    your ES cluster only in a private network. The question if only port 9300
    is "open" or more ports does not determine the performance.

  3. As said, performance is a different topic. The number of ports open or
    in use does not correlate with performance (speed/throughput).

As a side note, 9300 seems like it was a random choice, there is no
specific reason for this port number, you can choose any other port number
that is available. According to IANA, the default ES ports 9200/9300 are
reserved ports "wap-wsp" and "vrace" so if you want to declare your port
number as "official", you might want to consult

http://www.iana.org/assignments/service-names-port-numbers/

for an unassigned port number to avoid conflicts.

Jörg

On Sat, Aug 2, 2014 at 6:26 PM, Matt Hughes hughe...@gmail.com wrote:

I'm running elasticsearch in a somewhat locked down environment and the
less ports I have open, the better.

I guess my questions boil down to:

  1. Why do you need multiple ports open in the 93xx range?
  2. Will anything bad happen if I just have 9300 open? Will performance
    suffer, and if so, in what areas?
    a) if it does relate to performance, how many do I need to have open if
    I'm not going to open the whole range?

--
You received this message because you are subscribed to the Google
Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to elasticsearc...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/39b917bf-fdf3-4c83-8df9-9075493f0f90%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/53a299e9-8bbe-4568-b73d-5189bed2771e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


(system) #5