What ports does `gaiad` use?

By default gaiad uses the following ports:

  • 26656
    • p2p networking port to connect to the tendermint network
    • On a validator this port needs to be exposed to sentry nodes
    • On a sentry node this port needs to be exposed to the open internet
  • 26657
    • Tendermint RPC port
    • This should be shielded from the open internet
  • 26658
    • Out of process ABCI app
    • This should be shielded from the open internet

Some optional ports that might be used by gaiad are as follows:

  • 26660
  • 1317
    • Light Client Daemon
    • For automated management of anything you can do with the CLI
    • This should be shielded from the open internet
2 Likes

Continue with proxy discussion on Riot chat. For those ports you may want to use to as RESTful endpoint, e.g. 26657 and 1317, you may consider proxy them to an external interface via an http proxy like Nginx or Caddy. The idea is to treat them like a web service which the RESTful requests to the RPC ports will be done over https. Then you can have control over the RPC ports of the node. You may configure rate limiting on the http proxy or make requests with user authentication using a web app. In this sense, the ports will not expose to external directly and you node is protecting from receiving too many requests suddenly.

1 Like

@jack Can you confirm all references to port 46656 should be changed to 26656 in the config.toml file?

Could you please point me to a few ref links to research how to do this?

You can see the default port has been changed in the config.toml and you can read the change log.

You may start with the documentation of Nginx and Caddy.