Please take this survey to help us learn more about how you use third party tools. Your input is greatly appreciated!

What is the recommended firewall configuration for Vertica?

What is the recommended firewall configuration for Vertica?


  • Vertica recommends removing firewalls between nodes in the cluster. If you are running your cluster on private interfaces, a firewall is not needed. A firewall on the public side should only need port 5433 open. A database cluster should depend preferably on an external firewall provided by a gateway rather than Linux. Vertica is designed for the server processes in the cluster machines to work together as though they were a single powerful machine. Firewalls can slow network throughput even with the necessary ports open. If you must use firewalls, open the following ports on each host. Vertica 5433 TCP (All client connections) 32768-61000 TCP (server <-> server) Dynamic ports , range depends on OS configuration, check /proc/sys/net/ipv4/ip_local_port_range ) Spread 4803 TCP (Client connections) 4803 UDP (Daemon <-> Daemon) 4804 UDP (Daemon <-> Daemon) 4805 UDP (Monitor to Daemon) (optional and only if "DangerousMonitor = yes" in config file) Administration tools (adminTools, install_vertica) 22 TCP (SSH connections within cluster) Again, Vertica does not recommend having firewall rules for the private network interfaces.

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file

Can't find what you're looking for? Search the Vertica Documentation, Knowledge Base, or Blog for more information.