Network Configuration

Network Configuration

Couchbase Server uses specific network ports for communication between server components and with the clients accessing the data stored in the Couchbase Server cluster.

The ports listed in the following table must be open on the host for Couchbase Server to operate correctly. Couchbase Server configures these ports automatically, but you must verify that any firewall configuration allows communication on the specified ports for each usage type. If this is not done, the node can experience difficulty in joining a cluster, including acting as a cluster of one node rather than joining the intended cluster.

The following table lists the ports used for different types of Couchbase Server network communication:

Node-to-node
Couchbase Server uses these ports for communication between all nodes within the cluster. These ports must be open to enable nodes to communicate with each other.
Node-to-client
These ports should be open between each node within the cluster and any client nodes accessing data within the cluster.
Cluster administration
Couchbase Server uses these ports for administration via the REST API, command-line clients, and web browsers.
XDCR
These ports are used for XDCR (Cross Datacenter Replication) communication between all nodes in both the source and destination clusters.
Port Description Node-to-node Node-to-client* Cluster administration XDCR v1 (CAPI) XDCR v2 (XMEM)
8091 Used by the Couchbase Web Console for REST/HTTP traffic. Yes Yes Yes Yes Yes
8092 Used to access views, run queries, XDCR and update design documents. Yes Yes No Yes Yes
8093 Used by query services for REST/HTTP traffic. Yes Yes No Yes Yes
8094** External HTTP port for the Search service Yes Yes Yes No No
9100 Internal index admin port (-adminPort). Yes No No No No
9101 Internal index scan port (-scanPort). Yes No No No No
9102 Internal index HTTP port (-httpPort). Yes No Yes No No
9103 Internal index build port (-streamInitPort). Yes No No No No
9104 Internal index build port (-streamCatchupPort ). Yes No No No No
9105 Internal index maintenance port (-streamMaintPort). Yes No No No No
9998 Internal REST port. No No Yes Yes Yes
9999 Internal GSI port used by the internal administrators. Yes No No No No
11207*** Used by smart client libraries to access data nodes using SSL. This is a memcached SSL port. No Yes No No Yes when SSL is used
11209 Internal Bucket Port. Yes No No No No
11210*** Used by smart client libraries or Moxi to directly connect to the data nodes. The XDCR client uses this port as well as the SDKs. This is a memcached port. Yes Yes No No Yes
11211 Used by pre-existing Couchbase Server and memcached (non-smart) client libraries (such as Moxi). No Yes No No No
11214 Used for SSL XDCR data encryption. No No No No Yes
11215 Used for SSL XDCR data encryption. No No No No Yes
18091 Used by the Couchbase Web Console for REST/HTTP traffic with SSL. No Yes Yes No Yes
18092 Used to access views, run queries, XDCR and update design documents with SSL. No Yes No No Yes
18093 N1QL SSL port Yes Yes No Yes Yes
4369 Erlang Port Mapper ( epmd ) Yes No No No No
21100 to 21299 (inclusive) Node data exchange. Yes No No No No
  • * bi-directional
  • ** This port was introduced in Couchbase Server 4.5.
  • *** This port has to be open for XDCR to connect to target memcached.
    Note: Ports 6060 and 11213 are used internally on the local host. They are not used for communication between cluster nodes. For firewall purposes, you do not need to take these ports into consideration. However, if another service is listening on either of these ports, the Couchbase Server service will not start.

User-Defined Ports

You can install and run Couchbase Server with user-defined ports rather than with the default ports.

Important: If you want to run Couchbase Server on user-defined ports and with multiple instances running on a single machine, you have to keep in mind that the standard RPM installation for Linux doesn’t allow you to specify separate installation paths needed for separate multiple instances. Therefore, you must perform multiple non-root (sudo or non-sudo) installations instead.

Setting up Couchbase Server with User-Defined Ports

  1. Install Couchbase Server
    • If Couchbase Server is already installed and running, stop it.
  2. Add the new user-defined ports to the /opt/couchbase/etc/couchbase/static_config file.
    • The /opt/couchbase/etc/couchbase/static_config is the location from where the Couchbase Server picks up the configuration parameters.
    • If port numbers are not specified, default ports are used.
    • To override some or all default ports, append the user-defined ports to the file.
  3. (Optional) CAPI port (default 8092) can be edited in the /opt/couchbase/etc/couchdb/default.d/capi.ini file by replacing 8092 with the new port name.
  4. If the Couchbase Server was previously configured, delete the opt/couchbase/var/lib/couchbase/config/config.dat file to remove the old configuration.
  5. Start Couchbase Server.

Ports to Change

The following are the user-defined ports to add, replace, or append to the /opt/couchbase/etc/couchbase/static_config file.

{rest_port, 9000}.                                   
{mccouch_port, 8999}.                         
{memcached_port, 12000}.
{moxi_port, 12001}.
{short_name, "ns_1"}.
{ssl_rest_port,11000}.                       
{ssl_capi_port,11001}.
{ssl_proxy_downstream_port,11002}.
{ssl_proxy_upstream_port,11003}.
Note: If the newly configured ports overlap with ports used by other running applications, Couchbase Server fails to start. If the newly configured ports overlap with ports used by Couchbase buckets, Erlang crash notifications appear in the log file.
Note: In order to set up multiple nodes per machine, you need to assign unique values to these ports.

How to Map User-Defined Ports to the Default Ports

This chart shows how certain user-defined ports are mapped to the default ports:
{rest_port, 9000}                    8091 	 Web administration port                                   
{mccouch_port, 8999}                 11213 	Default value for mccouch                         
{memcached_port, 12000}              11211 	Client interface (proxy)
{moxi_port, 12001}                   11210 	Internal/external bucket port
{ssl_rest_port,11000}                18091 	Internal REST HTTPS for SSL                                      
{ssl_capi_port,11001}                18092 	Internal CAPI HTTPS for SSL
{ssl_proxy_downstream_port,11002}    11214 	Incoming SSL proxy
{ssl_proxy_upstream_port,11003}      11215 	Internal outgoing SSL proxy
Important: All default ports are reserved and cannot be used for other purposes.