2.6. Configuring Server Ports for OpenVZ

This section lists the ports that need to be opened for your server to operate properly. I in the Description column signals that the port should be opened for incoming traffic and O, for outgoing traffic.



(IO) Used for secure logins via SSH.


(IO) Used for HTTP connections, e.g., to download OpenVZ updates and EZ templates from remote repositories.


(O) Used to connect to the Debian repository to cache Debian EZ templates.


(O) Used to send problem reports to the support team.


(O) Used to connect to the Key Administrator server to update OpenVZ lease licenses.


(IO) Used for remote connections to the dispatcher via Odin Automation for Cloud Infrastructure.

1621, 1622

(O) Used to migrate containers to virtual machines on servers that run OpenVZ hypervisor-based solutions.


Used to support host-only adapters in virtual machines. OpenVZ does not use port 67 for any external connections.

<RPC ports>

Used by various RPC services (e.g., to support NFS shares). Port numbers may differ from system to system. To learn what RPC services are registered on your server and what ports they are using, run this command:

# rpcinfo -p localhost

647, 847

Reserved by the Linux portreserve program for the DHCP server, if you use one.

You may also need to additionally open ports used to connect to remote yum repositories. Though most of the repositories can be accessed via HTTP, some may require access via HTTPS or FTP. To check what repositories are currently configured for your system and what protocols are used to connect to them, run the following commands and examine their output:

# yum repolist -v | egrep -e 'baseurl|mirrors'
# curl http://repo.cloudlinux.com/psbm/mirrorlists/psbm6-os.mirrorlist