Ports
An overview of the Neo4j-specific ports. Note that these ports are in addition to those necessary for ordinary network operation.
Specific recommendations on port openings cannot be made, as the firewall configuration must be performed according to your particular conditions.
When exposing network services, make sure they are always protected. |
Listen address configuration settings
The listen address configuration settings will set the network interface and port to listen on.
For example, the IP-address 127.0.0.1
and port 7687
can be set with the value 127.0.0.1:7687
.
The table below shows an overview of available Neo4j-specific ports and related configuration settings.
Name | Default port | Related configuration setting |
---|---|---|
Backup |
|
|
HTTP |
|
|
HTTPS |
|
|
Bolt |
|
|
Cluster discovery v1 |
|
|
Cluster internal traffic |
|
|
Cluster RAFT |
|
|
Cluster routing connector |
|
|
Graphite monitoring |
|
|
Prometheus monitoring |
|
|
JMX monitoring |
|
|
Remote debugging |
|
|
The configuration setting server.default_listen_address configures the default network interface to listen for incoming connections.
|
Advertised address configuration settings
The advertised address configuration settings are used for routing purposes.
An advertised address is composed of a hostname/IP-address and port.
For example, the IP-address 127.0.0.1
and port 7687
can be set with the value 127.0.0.1:7687
.
If a host name resolution service has been configured, the advertised address can use a hostname, for example, example.com:7687
.
The table below shows an overview of available Neo4j-specific ports and related configuration settings.
Name | Default port | Related configuration setting |
---|---|---|
HTTP |
|
|
HTTPS |
|
|
Bolt |
|
|
Cluster discovery v1 |
|
|
Cluster internal traffic |
|
|
Cluster RAFT |
|
|
Cluster routing connector |
|
The configuration setting |
Ports used by Neo4j
Backup
Default port: 6362
Related configuration setting | Default value | Description |
---|---|---|
|
Network interface and port for the backup server to listen on. |
|
|
Enable support for running online backups. |
In production environments, external access to the backup port should be blocked by a firewall.
For more information, see Backup and restore → Server configuration.
HTTP
Default port: 7474
Related configuration setting | Default value | Description |
---|---|---|
|
Network interface and port for the HTTP connector to listen on. |
|
|
Advertised hostname/IP-address and port for the HTTP connector. |
|
|
Enable the HTTP connector. |
-
The HTTP connector is enabled by default.
-
The network communication is unencrypted.
-
Used by Neo4j Browser and the HTTP API.
For more information, see Configure network connectors.
HTTPS
Default port: 7473
Related configuration setting | Default value | Description |
---|---|---|
|
Network interface and port for the HTTPS connector to listen on. |
|
|
Advertised hostname/IP-address and port for the HTTPS connector. |
|
|
Enable the HTTPS connector. |
-
The network communication is encrypted.
-
Used by Neo4j Browser and the HTTP API.
For more information, see Configure network connectors.
Bolt
Default port: 7687
Related configuration setting | Default value | Description |
---|---|---|
|
Network interface and port for the Bolt connector to listen on. |
|
|
Advertised hostname/IP-address and port for the Bolt connector. |
|
|
Enable the Bolt connector. |
|
|
Encryption level for the Bolt connector. |
-
By default, the Bolt connector is enabled, but its encryption is turned off.
-
Used by Cypher Shell, Neo4j Browser, and the official Neo4j drivers.
For more information, see Configure network connectors.
Cluster
All instances of Neo4j Enterprise will open these ports, whether or not they are currently in a multi-process configuration.
Name | Default port | Default value | Related configuration setting |
---|---|---|---|
Discovery v1 |
|
|
|
Internal traffic |
|
|
|
RAFT |
|
|
|
Routing connector |
|
|
Name | Default port | Default value | Related configuration setting |
---|---|---|---|
Discovery v1 |
|
|
|
Internal traffic |
|
|
|
RAFT |
|
|
|
Routing connector |
|
|
The ports are likely be different in a production installation; therefore the potential opening of ports must be modified accordingly.
For more information, see:
Graphite monitoring
Default port: 2003
Related configuration setting | Default value | Description |
---|---|---|
|
Hostname/IP-address and port of the Graphite server. |
|
|
Enable exporting metrics to the Graphite server. |
This is an outbound connection that enables a Neo4j instance to communicate with a Graphite server.
For further information, see monitoring/metrics/reference.adoc#metrics-graphite and the Graphite official documentation.
Prometheus monitoring
Default port: 2004
Related configuration setting | Default value | Description |
---|---|---|
|
Network interface and port for the Prometheus endpoint to listen on. |
|
|
Enable exporting metrics with the Prometheus endpoint. |
For more information, see Prometheus.
JMX monitoring
Default port: 3637
Related configuration setting | Default value | Description |
---|---|---|
|
|
Additional setting for exposing the Java Management Extensions (JMX). |
For further information, see Java Reference → JMX metrics and the official documentation on Monitoring and Management Using JMX.
Remote debugging
Default port: 5005
Related configuration setting | Default value | Description |
---|---|---|
|
|
Additional setting for exposing remote debugging. |
For more information, see the Java Reference → Setup for remote debugging.