Elasticsearch Transport
What is Port 9300?
Port 9300 is the default port for Elasticsearch's transport protocol, used for node-to-node communication within an Elasticsearch cluster. While port 9200 handles client HTTP requests, port 9300 carries internal cluster traffic — shard allocation, data replication, search coordination, and cluster state management. When an Elasticsearch cluster has multiple nodes, they discover each other and form a cluster through communication on port 9300. The transport protocol is binary and optimized for efficiency. Proper connectivity between nodes on this port is essential for cluster health, data replication, and search distribution.
Common Uses
- Elasticsearch cluster node communication
- Shard replication between nodes
- Search query distribution and coordination
- Cluster state and membership management
Technical Details
Copy-paste commands to check port 9300 (Elasticsearch Transport) from your terminal
Test connectivity
nc -zv example.com 9300
curl -v --max-time 5 http://example.com:9300/
telnet example.com 9300
nmap -p 9300 -sV example.com
(echo > /dev/tcp/example.com/9300) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 9300/tcp
sudo iptables -A INPUT -p tcp --dport 9300 -j ACCEPT
sudo firewall-cmd --permanent --add-port=9300/tcp && sudo firewall-cmd --reload
Security Considerations
Enable TLS for transport communication to prevent unauthorized nodes from joining the cluster and to protect data in transit. Restrict port 9300 to cluster member IPs only. Use Elasticsearch's built-in security features for node authentication. Monitor for unexpected transport connections that could indicate an attack.
Popular Ports Reference
The most commonly used and referenced network ports