In the help (As part of pega 7.1.9 upgrade guide ) we have found out that we need to "open a TCP port in the range 9300-9399 on each node. Should not be externally accessible and it is only for node-to-node communication".
Can someone elaborate what does 'should not be externally accessible' means? Is it a firewall restriction for http?
And also below are few more questions
1. Does the port needs to be open for INCOMING AND OUTGOING as well
2. Do we need to configure the port number to be used for elastic indexing in DSS
3. Do we need to define single or multiple ports for this elastic search purpose
The port range 9300~9399 is used by Elastic Search for inter node communication which include indexing and search requests, node availability and monitoring. "Should not be externally accessible" is only to ensure that the nodes in a single cluster (cluster as defined by Pega is a set of nodes that are connected to the same PegaRULES DB) can talk to each other but other clients outside of your network cannot access them.
Answers to your questions
1) This is for all requests coming to this node
2) Not needed though the option exists. The port number chosen by a given node can be found in the column pyIndexerAddress in the table pr_sys_statusnodes
3) A single port for each node which Elastic Search will automatically choose but can be specified explicitly if needed. Please refer to (2) above.