See slack thread discussion here – https://couchbase.slack.com/archives/CELDRL336/p1686322838757269
This is a question that has been asked by customers multiple times in the past, as they try to lock down their systems and only open up ports that are necessary for specific operations.
In the https://docs.couchbase.com/server/current/install/install-ports.html page, it lists ports needed for various communication paths. One that is missing that customers have asked about is the ports that the cbbackupmgr CLI uses to connect to the cluster – the encrypted and unencrypted ports.
This is the information that should be documented:
cbbackupmgr (backup/restore client) needs to be able to connect to the cluster services that it is backing up (or restoring). To backup/restore all services, these are the ports used:
Unencrypted: 8091-8096, 9102, 11210
Encrypted: 11207, 18091-18096, 19102
management :: 8091 / 18091
analytics :: 8095 / 18095
data :: 11210 / 11207
eventing :: 8096 / 18096
gsi indexes:: 9102 / 19102
query :: 8093 / 18093
search :: 8094 / 18094
views :: 8092 / 18092