RabbitMQ使用哪些端口?

original title: "What ports does RabbitMQ use?"


Translate

What ports does RabbitMQ Server use or need to have open on the firewall for a cluster of nodes?

My /usr/lib/rabbitmq/bin/rabbitmq-env is set below which I'm assuming are needed (35197).

SERVER_ERL_ARGS="+K true +A30 +P 1048576 \   
-kernel inet_default_connect_options [{nodelay,true}] \  
-kernel inet_dist_listen_min 35197 \   
-kernel inet_dist_listen_max 35197"

I haven't touched the rabbitmq.config to set a custom tcp_listener so it should be listening on the default 5672.

Here are the relevant netstat lines:

tcp        0      0 0.0.0.0:4369           0.0.0.0:*           LISTEN      728/epmd 
tcp        0      0 0.0.0.0:35197          0.0.0.0:*           LISTEN      5126/beam
tcp6       0      0 :::5672                :::*                LISTEN      5126/beam

My questions are:

  1. for other nodes to be able to connect to the cluster, do all 3 ports 4369, 5672 and 35197 need to be open?

  2. Why isn't 5672 running on tcp and not just tcp6?



RabbitMQ Server使用哪些端口或需要在防火墙上为节点群集打开哪些端口?我的/ usr / lib / rabbitmq / bin / rabbitmq-env设置为低于此值,我认为这是必需的(35197)。服务器_...

这是翻译后的摘要,如果您需要查看完整的翻译,请单击“Translate”图标


所有的回答
  • Translate

    PORT 4369: Erlang makes use of a Port Mapper Daemon (epmd) for resolution of node names in a cluster. Nodes must be able to reach each other and the port mapper daemon for clustering to work.

    PORT 35197 set by inet_dist_listen_min/max Firewalls must permit traffic in this range to pass between clustered nodes

    RabbitMQ Management console:

    • PORT 15672 for RabbitMQ version 3.x
    • PORT 55672 for RabbitMQ pre 3.x

    PORT 5672 RabbitMQ main port.

    For a cluster of nodes, they must be open to each other on 35197, 4369 and 5672.

    For any servers that want to use the message queue, only 5672 is required.


  • Translate

    What ports is RabbitMQ using?

    Default: 5672, the manual has the answer. It's defined in the RABBITMQ_NODE_PORT variable.

    https://www.rabbitmq.com/configure.html#define-environment-variables

    The number might be differently if changed by someone in the rabbitmq configuration file:

    vi /etc/rabbitmq/rabbitmq-env.conf
    

    Ask the computer to tell you:

    sudo nmap -p 1-65535 localhost
    
    Starting Nmap 5.51 ( http://nmap.org ) at 2014-09-19 13:50 EDT
    Nmap scan report for localhost (127.0.0.1)
    Host is up (0.00041s latency).
    PORT      STATE         SERVICE
    443/tcp   open          https
    5672/tcp  open          amqp
    15672/tcp open  unknown
    35102/tcp open  unknown
    59440/tcp open  unknown
    

    Oh look, 5672, and 15672

    Use netstat:

    netstat -lntu
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address               Foreign Address             State
    tcp        0      0 0.0.0.0:15672               0.0.0.0:*                   LISTEN
    tcp        0      0 0.0.0.0:55672               0.0.0.0:*                   LISTEN
    tcp        0      0 :::5672                     :::*                        LISTEN
    

    Oh look 5672.

    use lsof:

    eric@dev ~$ sudo lsof -i | grep beam
    beam.smp  21216    rabbitmq   17u  IPv4 33148214      0t0  TCP *:55672 (LISTEN)
    beam.smp  21216    rabbitmq   18u  IPv4 33148219      0t0  TCP *:15672 (LISTEN)
    

    use nmap from a different machine, find out if 5672 is open:

    sudo nmap -p 5672 10.0.1.71
    Starting Nmap 5.51 ( http://nmap.org ) at 2014-09-19 13:19 EDT
    Nmap scan report for 10.0.1.71
    Host is up (0.00011s latency).
    PORT     STATE SERVICE
    5672/tcp open  amqp
    MAC Address: 0A:40:0E:8C:75:6C (Unknown)    
    Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
    

    Try to connect to a port manually with telnet, 5671 is CLOSED:

    telnet localhost 5671
    Trying 127.0.0.1...
    telnet: connect to address 127.0.0.1: Connection refused
    

    Try to connect to a port manually with telnet, 5672 is OPEN:

    telnet localhost 5672
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    

    Check your firewall:

    sudo cat /etc/sysconfig/iptables  
    

    It should tell you what ports are made open:

    -A INPUT -p tcp -m tcp --dport 5672 -j ACCEPT
    

    Reapply your firewall:

    sudo service iptables restart
    iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
    iptables: Flushing firewall rules:                         [  OK  ]
    iptables: Unloading modules:                               [  OK  ]
    iptables: Applying firewall rules:                         [  OK  ]
    

  • Translate

    To find out what ports rabbitmq uses:

    $ epmd -names
    

    Outputs:

    epmd: up and running on port 4369 with data:
    name rabbit at port 25672
    

    Run these as root:

    lsof -i :4369
    lsof -i :25672
    

    More about epmd options.


  • Translate

    Port Access

    Firewalls and other security tools may prevent RabbitMQ from binding to a port. When that happens, RabbitMQ will fail to start. Make sure the following ports can be opened:

    4369: epmd, a peer discovery service used by RabbitMQ nodes and CLI tools

    5672, 5671: used by AMQP 0-9-1 and 1.0 clients without and with TLS

    25672: used by Erlang distribution for inter-node and CLI tools communication and is allocated from a dynamic range (limited to a single port by default, computed as AMQP port + 20000). See networking guide for details.

    15672: HTTP API clients and rabbitmqadmin (only if the management plugin is enabled)

    61613, 61614: STOMP clients without and with TLS (only if the STOMP plugin is enabled)

    1883, 8883: (MQTT clients without and with TLS, if the MQTT plugin is enabled

    15674: STOMP-over-WebSockets clients (only if the Web STOMP plugin is enabled)

    15675: MQTT-over-WebSockets clients (only if the Web MQTT plugin is enabled)

    Reference doc: https://www.rabbitmq.com/install-windows-manual.html