What Ports need to be Open for Nodes?

Drafting up my design for the stakepool and configuring my routes and firewall rules. So it leads me into my question on what ports are used for inbound and outbound traffic? or more specifically, what are some of the firewall rules the stake operators have configured on their nodes?

EDIT: Default CNtools - 6000 default Cardano Shelley - 3001


I have the same question.
It could be good to see added to the official documentation an output of a command such as “ufw status” for both relay and producting nodes for a configuration considered as “correct” and “secured”

The incoming ports that are specified by the relays (plus the one specified by the stake pool if it connects directly to the network rather than indirectly via a relay). The outgoing ports that are specified in the topology files for all the stake pools and relays.

1 Like

@Andy_Hendrikx can you clarify which part of Shelley does not support cnames? I have successfully utilized cnames within my topology.json file of my relays to link back to my node and node to my relays utilizing cnames successfully. So are you saying registration of a stake pool doe not support cnames?

If you follow the IOHK recommendation of a block producing node with a relay node, then only the relay node would accept incoming TCP traffic from the internet on the port that you defined.