ROS Resources: Documentation | Support | Discussion Forum | Service Status | Q&A

ROS2 behind a firewall

which ports/services do I have to allow if I want to operate ROS2 on a system with an active firewall?


The canonical explanation is deeply buried in the RTPS spec (aka “DDS
Interoperability Protocol”), section 9.6.1:

Four UDP ports are needed. The port numbers are a function of the DDS/RTPS
domain ID, which in ROS 2 is populated with the ROS_DOMAIN_ID environment
variable and defaults to zero.

The expressions and magic numbers are on pages 190-191 of the PDF (document
page numbers 178-179).

Best regards,


I’ve seen this page by RTI which might be useful:

It has a spreadsheet for calculating the ports used by RTI Connext (one of the supported ROS 2 middleware implementations) which might also apply to other vendors. I haven’t used it myself.

Morgan mentioned the domain ID - note that the participant ID that’s used in these equations isn’t currently exposed/set by ROS 2, but it may be set by vendor-specific config files.