which ports and protocols need to be open when using the Gateway?
All ports and hosts should be accessible from the Gateway.
It’s connecting to storagenodes directly, we do not have a strict ports for storagenodes. Most of storagenodes uses a default port, but it’s not guarantee that the Storage Node Operator will not change it to some other free port like 49532 or any other random port.
Let me rephrase; we have Gateway installed and a firewall policy of default DROP all IN and OUT traffic.
To only open needed ports for the Gateway to operate (7777/tcp, 9000/udp…?) which must be opened?
Or, you’re saying that ALL outgoing traffic should be allowed?
Indeed this is true. There are no fixed IPs nor ports that a gateway connects to. Gateway connects directly to storage nodes which can be configured on any IPs and ports by Storage Node Operators.
Thanks. This is a nightmare to deploy Gateway behind a firewall…bad policy IMO, ports should be fixed
That’s the price you need to pay for extremely distributed systems. We can’t assume SNOs can use this or that port. Note that all systems that have this extreme type of distribution have this property—bittorrents, bitcoins, etc.