Apache Cassandra™ 2.0

Configuring firewall port access

Which ports to open when nodes are protected by a firewall.

If you have a firewall running on the nodes in your Cassandra cluster, you must open up the following ports to allow communication between the nodes, including certain Cassandra ports. If this isn’t done, when you start Cassandra on a node, the node acts as a standalone database server rather than joining the database cluster.

Public ports
Port number Description
22 SSH port
8888 OpsCenter website. The opscenterd daemon listens on this port for HTTP requests coming directly from the browser.
Cassandra inter-node ports
Port number Description
1024 - 65355 JMX reconnection/loopback ports. For a safer alternative, see description and note for port 7199.
7000 Cassandra inter-node cluster communication.
7001 Cassandra SSL inter-node cluster communication.
7199 Cassandra JMX monitoring port. After the initial handshake, the JMX protocol requires that the client reconnects on a randomly chosen port (1024+).
Note: Starting with Java 7u4, you can specify the port used by JMX rather than a randomly assigned port. The standard RMI (Remote Method Invocation) registry port for JMX is set by the com.sun.management.jmxremote.port property. Use the com.sun.management.jmxremote.rmi.port property to specify the port used by JMX.
Cassandra client ports
Port number Description
9042 Cassandra client port.
9160 Cassandra client port (Thrift).
Cassandra OpsCenter ports
Port number Description
61620 OpsCenter monitoring port. The opscenterd daemon listens on this port for TCP traffic coming from the agent.
61621 OpsCenter agent port. The agents listen on this port for SSL traffic initiated by OpsCenter.