elasticsearch/docs/reference/modules/network.asciidoc

[[modules-network]]
=== Network settings

Elasticsearch binds to localhost only by default.  This is sufficient for you
to run a local development server (or even a development cluster, if you start
multiple nodes on the same machine), but you will need to configure some
<<common-network-settings,basic network settings>> in order to run a real
production cluster across multiple servers.

[WARNING]
.Be careful with the network configuration!
=============================
Never expose an unprotected node to the public internet.
=============================

[[common-network-settings]]
==== Commonly used network settings

`network.host`::
(<<static-cluster-setting,Static>>)
The node will bind to this hostname or IP address and _publish_ (advertise)
this host to other nodes in the cluster. Accepts an IP address, hostname, a
<<network-interface-values,special value>>, or an array of any combination of
these. Note that any values containing a `:` (e.g., an IPv6 address or
containing one of the <<network-interface-values,special values>>) must be
quoted because `:` is a special character in YAML. `0.0.0.0` is an acceptable
IP address and will bind to all network interfaces. The value `0` has the
same effect as the value `0.0.0.0`.
+
Defaults to `_local_`.

`discovery.seed_hosts`::
(<<static-cluster-setting,Static>>)
In order to join a cluster, a node needs to know the hostname or IP address of
at least some of the other nodes in the cluster.  This setting provides the
initial list of addresses this node will try to contact. Accepts IP addresses
or hostnames. If a hostname lookup resolves to multiple IP addresses then each
IP address will be used for discovery.
{wikipedia}/Round-robin_DNS[Round robin DNS] -- returning a
different IP from a list on each lookup -- can be used for discovery; non-
existent IP addresses will throw exceptions and cause another DNS lookup on the
next round of pinging (subject to <<networkaddress-cache-ttl,JVM DNS
caching>>).
+
Defaults to `["127.0.0.1", "[::1]"]`.

`http.port`::
(<<static-cluster-setting,Static>>)
Port to bind to for incoming HTTP requests. Accepts a single value or a range.
If a range is specified, the node will bind to the first available port in the
range.
+
Defaults to `9200-9300`.

`transport.port`::
(<<static-cluster-setting,Static>>)
Port to bind for communication between nodes. Accepts a single value or a
range. If a range is specified, the node will bind to the first available port
in the range.
+
Defaults to `9300-9400`.

[[network-interface-values]]
==== Special values for `network.host`

The following special values may be passed to `network.host`:

`_[networkInterface]_`::
  Addresses of a network interface, for example `_en0_`.

`_local_`::
  Any loopback addresses on the system, for example `127.0.0.1`.

`_site_`::
  Any site-local addresses on the system, for example `192.168.0.1`.

`_global_`::
  Any globally-scoped addresses on the system, for example `8.8.8.8`.

[[network-interface-values-ipv4-vs-ipv6]]
===== IPv4 vs IPv6

These special values will work over both IPv4 and IPv6 by default, but you can
also limit this with the use of `:ipv4` of `:ipv6` specifiers. For example,
`_en0:ipv4_` would only bind to the IPv4 addresses of interface `en0`.

[TIP]
.Discovery in the Cloud
================================

More special settings are available when running in the Cloud with either the
{plugins}/discovery-ec2.html[EC2 discovery plugin] or the
{plugins}/discovery-gce-network-host.html#discovery-gce-network-host[Google Compute Engine discovery plugin]
installed.

================================

[[advanced-network-settings]]
==== Advanced network settings

The `network.host` setting explained in <<common-network-settings,Commonly used network settings>>
is a shortcut which sets the _bind host_ and the _publish host_ at the same
time. In advanced used cases, such as when running behind a proxy server, you
may need to set these settings to different values:

`network.bind_host`::
This specifies which network interface(s) a node should bind to in order to
listen for incoming requests.  A node can bind to multiple interfaces, e.g.
two network cards, or a site-local address and a local address. Defaults to
`network.host`.

`network.publish_host`::
The publish host is the single interface that the node advertises to other nodes
in the cluster, so that those nodes can connect to it. Currently an
Elasticsearch node may be bound to multiple addresses, but only publishes one.
If not specified, this defaults to the ``best'' address from `network.host`,
sorted by IPv4/IPv6 stack preference, then by reachability. If you set a
`network.host` that results in multiple bind addresses yet rely on a specific
address for node-to-node communication, you should explicitly set
`network.publish_host`.

Both of the above settings can be configured just like `network.host` -- they
accept IP addresses, host names, and
<<network-interface-values,special values>>.

[[tcp-settings]]
===== Advanced TCP settings

Any component that uses TCP (like the <<modules-http,HTTP>> and
<<modules-transport,transport>> layers) share the following settings:

`network.tcp.no_delay`::
(<<static-cluster-setting,Static>>)
Enable or disable the {wikipedia}/Nagle%27s_algorithm[TCP no delay]
setting. Defaults to `true`.

`network.tcp.keep_alive`::
(<<static-cluster-setting,Static>>)
Configures the `SO_KEEPALIVE` option for this socket, which
determines whether it sends TCP keepalive probes.

`network.tcp.keep_idle`::
(<<static-cluster-setting,Static>>)
Configures the `TCP_KEEPIDLE` option for this socket, which
determines the time in seconds that a connection must be idle before
starting to send TCP keepalive probes. Defaults to `-1`, which uses
the system default. This value cannot exceed `300` seconds. Only applicable on Linux and macOS,
and requires Java 11 or newer.

`network.tcp.keep_interval`::
(<<static-cluster-setting,Static>>)
Configures the `TCP_KEEPINTVL` option for this socket,
which determines the time in seconds between sending TCP keepalive probes.
Defaults to `-1`, which uses the system default. This value cannot exceed `300` seconds.
Only applicable on Linux and macOS, and requires Java 11 or newer.

`network.tcp.keep_count`::
(<<static-cluster-setting,Static>>)
Configures the `TCP_KEEPCNT` option for this socket, which
determines the number of unacknowledged TCP keepalive probes that may be
sent on a connection before it is dropped. Defaults to `-1`,
which uses the system default. Only applicable on Linux and macOS, and requires
Java 11 or newer.

`network.tcp.reuse_address`::
(<<static-cluster-setting,Static>>)
Should an address be reused or not. Defaults to `true` on non-windows
machines.

`network.tcp.send_buffer_size`::
(<<static-cluster-setting,Static>>)
The size of the TCP send buffer (specified with <<size-units,size units>>).
By default not explicitly set.

`network.tcp.receive_buffer_size`::
(<<static-cluster-setting,Static>>)
The size of the TCP receive buffer (specified with <<size-units,size units>>).
By default not explicitly set.

[discrete]
=== HTTP and transport network communication

Each {es} node uses the network for two different methods of communication:

* it exposes an <<modules-http,HTTP interface>> for use by clients.

* it exposes a <<modules-transport,transport interface>> for communication
between nodes within a cluster and for communication with a
<<modules-remote-clusters,remote cluster>>.

The network settings described above apply to both methods of communication,
and you can also configure each interface separately if needed. See the
<<modules-http,HTTP>> and <<modules-transport,transport>> pages for more
details on their respective configurations.