Port Usage

Internal Ports

Service Default Ports Accessed By
Engines 5000-5083, 7070 Application Server, other Engines
Search Server 9200, 9300 Application Server, other Search Servers
Data Server 1 5400-5407, 5450-5453 Application Server, other Data Servers
Internal Messaging Service 2181, 2888, 3888, 9092 Engines, Data Server, Application Server 2, and other Internal Messaging Services

Appian allocates the ports used by each engine on startup. This allows you greater flexibility when configuring Appian to handle changing user needs, such as adding a gateway or moving an engine server to a separate server host machine.

Starting from the base port (5000 by default) each engine is assigned two consecutive ports, one for the gateway, the other one for the database. For example, the Forums gateway takes port number 5000 and the Forums engine server takes port number 5001. Then the Notify gateway process takes port number 5002, and the Notify engine server takes port number 5003. Ports are assigned in this manner until all active engines and gateways have port assignments.

The default configuration uses a single gateway for each Appian engine (gw1). If additional gateways are enabled (as is possible with a distributed installation) an additional port is sequentially assigned for each additional gateway.

You can directly configure the ports used by the engines with a custom topology file (appian-topology.xml) stored in /conf/. Use the /conf/appian-topology.xml.example file as a guide when configuring port allocation.

Appian Cloud is fully compatible with IPv6. Customers with self-managed environments can configure Appian in IPv4 or IPv6 configurations. The Appian platform component services communicate via TCP/IP protocols. All component services are natively IPv6 compatible except the Appian Engine servers which achieve IPv6 compatibility via IPv6 bridging. Any IPv6-to-IPv4 bridging techniques (dual-stack or Network Address Translation) can be used to provide IPv6 connectivity to the Appian Engine servers in self-managed installations.

As a security best practice, it is recommended to configure firewall settings so that the port(s) for each Service are only accessible to machines that host a Service listed in the corresponding "Accessed By" column. For example, Search Server uses port 9300 and the other Services that need to communicate with the Search Server are the Application Server and other Search Servers. So port 9300 should only be open to machines that are hosting an instance of Application Server or Search Server. For a non-distributed installation where all Appian services are hosted on one machine, then only the local host should have access to the ports.

Ports for External Traffic

Service Default Ports Accessed By
Application Server 8009 Web Server
Application Server 61616 External JMS Messages
  1. Data Server. These are the ports that should be opened under a default port configuration where the appian-topology.xml file has the attribute port="5400" specified on the data-server-cluster or data-server xml elements. If using a custom port configuration, i.e. port="BASE", the data server will require ports BASE through BASE + 7 to be opened, as well as ports BASE + 50 through BASE + (2 * rts-count) - 1 to be opened. For example, under a custom configuration where port="6000" and rts-count="2" are specified, ports 6000 through 6007 must be opened, as well as ports 6050 through 6053. 

  2. Application Server. Note that the Application Server only requires connections to ports 2181 and 9092 of the Internal Messaging Service. Ports 2888 and 3888 do not need to be opened between the Application Server and the Internal Messaging Service. 

Open in Github Built: Wed, Aug 16, 2023 (04:37:39 PM)

On This Page

FEEDBACK