{
  "id": "centos-rhel-firewall",
  "title": "Configure CentOS/RHEL firewall",
  "url": "https://redis.io/docs/latest/operate/rs/7.8/installing-upgrading/configuring/centos-rhel-firewall/",
  "summary": "Configure firewall rules for Redis Enterprise Software on CentOS or Red Hat Enterprise Linux (RHEL).",
  "content": "CentOS and Red Hat Enterprise Linux (RHEL) distributions use [**firewalld**](https://firewalld.org/) by default to manage the firewall and configure [iptables](https://en.wikipedia.org/wiki/Iptables).\nThe default configuration assigns the network interfaces to the **public** zone and blocks all ports except port 22, which is used for [SSH](https://en.wikipedia.org/wiki/Secure_Shell).\n\nWhen you install Redis Enterprise Software on CentOS or RHEL, it automatically creates two firewalld system services:\n\n- A service named **redislabs**, which includes all ports and protocols needed for communication between cluster nodes.\n- A service named **redislabs-clients**, which includes the ports and protocols needed for external communication (outside of the cluster).\n\nThese services are defined but not allowed through the firewall by default.\nDuring Redis Enterprise Software installation, the [installer prompts]() you to confirm auto-configuration of a default (public) zone\nto allow the **redislabs** service.\n\nAlthough automatic firewall configuration simplifies installation, your deployment might not be secure if you did not use other methods to secure the host machine's network, such as external firewall rules or security groups.\nYou can use firewalld configuration tools such as **firewall-cmd** (command line) or **firewall-config** (UI)\nto create more specific firewall policies that allow these two services through the firewall, as necessary.\n\n\nIf databases are created with non-standard [Redis Enterprise Software ports](),\nyou need to explicitly configure firewalld to make sure those ports are not blocked.\n\n",
  "tags": ["docs","operate","rs"],
  "last_updated": "2026-04-01T08:10:08-05:00"
}