Rabbit Port Explanation
667 views
Skip to first unread message
James
Jul 31, 2019, 3:56:23 PM7/31/19
to rabbitmq-users
In referencing the RabbitMQ Networking documentation, it references that the following ports are used by default:
4369: epmd, a peer discovery service used by RabbitMQ nodes and CLI tools * 5672, 5671: used by AMQP 0-9-1 and 1.0 clients without and with TLS
25672: used for inter-node and CLI tools communication (Erlang distribution server port) and is allocated from a dynamic range (limited to a single port by default, computed as AMQP port + 20000). Unless external connections on these ports are really necessary (e.g. the cluster uses federation or CLI tools are used on machines outside the subnet), these ports should not be publicly exposed. See networking guide for details.
35672-35682: used by CLI tools (Erlang distribution client ports) for communication with nodes and is allocated from a dynamic range (computed as server distribution port + 10000 through server distribution port + 10010). See networking guide for details.
15672: HTTP API clients, management UI and rabbitmqadmin (only if the management plugin is enabled)
However, with the use of Netstat and Wireshark, I am seeing some odd behavior. Netstat shows my RabbitMQ pid 5892 utilizing a few random ports, such as 60369, 65055 and 60358. See below:
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:5672 0.0.0.0:0 LISTENING 5892
TCP 0.0.0.0:15672 0.0.0.0:0 LISTENING 5892
TCP 0.0.0.0:25672 0.0.0.0:0 LISTENING 5892
TCP 10.100.61.60:5672 10.100.61.66:55562 ESTABLISHED 5892
TCP 10.100.61.60:5672 10.100.61.66:55585 ESTABLISHED 5892
TCP 10.100.61.60:5672 10.100.61.66:55587 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60472 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60497 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60498 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60499 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60500 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60525 ESTABLISHED 5892
TCP 127.0.0.1:5672 127.0.0.1:60545 ESTABLISHED 5892
TCP 127.0.0.1:15672 127.0.0.1:60365 ESTABLISHED 5892
TCP 127.0.0.1:15672 127.0.0.1:60366 ESTABLISHED 5892
TCP [::]:5672 [::]:0 LISTENING 5892
TCP [::1]:5672 [::1]:60442 ESTABLISHED 5892
TCP [::1]:5672 [::1]:60446 ESTABLISHED 5892
In addition, Wireshark shows my Basic deliver leaving the source server on port 5672 and reaching my destination server on port 60369. See below:
Source Port Destination Port Protocol Info
10.100.61.66 5672 10.100.61.60 60369 AMQP Basic.Deliver x=license.transaction rk=any.license_server.config Content-Header Content-Body
I am hoping to gain some understanding on what is defining these seemingly random ports.
Thanks.
James
Jul 31, 2019, 4:01:49 PM7/31/19
to rabbitmq-users
RabbitMQ v.3.4.3 Erlang v.15B03-1
Michael Klishin
Jul 31, 2019, 4:38:01 PM7/31/19
to rabbitmq-users
Hi James,
Every TCP connection has two ends, a client and a server. Each end has a port which acts as a program identifier on a host.
Long story short, you are looking at *client* ports and the docs cover server ports.
RabbitMQ nodes will use client sockets to connect to their peers and epmd, and services such as LDAP in case you use the LDAP plugin.
HTH.
Michael Klishin
Jul 31, 2019, 4:40:01 PM7/31/19
to rabbitmq-users
I should have mentioned that client ports are allocated from a kernel-maintained range known as the ephemeral port range [1].
It can be configured but it is fairly rare to see that.
Michael Klishin
Jul 31, 2019, 4:40:47 PM7/31/19
to rabbitmq-users
FYI, RabbitMQ 3.4.x has gone out of support in October 2015 [1].
Consider upgrading [2].
James
Jul 31, 2019, 6:16:59 PM7/31/19
to rabbitmq-users
Hey Michael,
Thanks for the quick reply. I figured that this would more or less be a gap in my networking knowledge.
Is there a way to validate the RabbitMQ server ports that are currently in use? And would it be incorrect to say that these ephemeral ports are typically not maintained by a firewall?
Thanks,
Michael Klishin
Jul 31, 2019, 7:20:53 PM7/31/19
to rabbitmq-users
netstat and lsof can tell you what ports are used by a RabbitMQ node or any other process.
I'm not sure what "maintained by a firewall" means. Ephemeral ports are used by client sockets. Outgoing connections are not restricted
by firewalls in most environments, although they can be.
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/0a60b502-875c-40b3-9538-7105e74a005a%40googlegroups.com.
--
MK
Staff Software Engineer, Pivotal/RabbitMQ
James
Jul 31, 2019, 8:12:16 PM7/31/19
to rabbitmq-users
Thanks for your help.
On Wednesday, July 31, 2019 at 7:20:53 PM UTC-4, Michael Klishin wrote:
netstat and lsof can tell you what ports are used by a RabbitMQ node or any other process.I'm not sure what "maintained by a firewall" means. Ephemeral ports are used by client sockets. Outgoing connections are not restrictedby firewalls in most environments, although they can be.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitm...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/0a60b502-875c-40b3-9538-7105e74a005a%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages