Configuring the Firewall

Most of the Storage Nodes, either physical or virtual machines, have built-in firewalls. Additionally, you may have separate firewalls in-between machines. In a NoSQL topology, the Storage Nodes need to communicate with one another, so communication must pass through the firewalls. You need to open the firewall ports used by the communication channels in the data store. To make sure your network firewall works with your topology, you should set the ports specified by the -port , -harange, -servicerange, and -admin-web-port parameters of the makebootconfig command. These four parameters are used to constraint the data store to a limited set of ports. Setting the ports is usually done for security or data center policy reasons. By default the services in your data store use anonymous ports. To specify a range of ports, you use the format of startPort,endPort.