> ## Documentation Index
> Fetch the complete documentation index at: https://docs.siderolabs.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Network Connectivity

> Description of the Networking Connectivity needed by Talos Linux

export const VersionWarningBanner = () => {
  const latestVersion = "v1.13";
  const [latestUrl, setLatestUrl] = useState(null);
  const [currentVersion, setCurrentVersion] = useState(null);
  const [isBeta, setIsBeta] = useState(false);
  const parseVersion = v => v.replace("v", "").split(".").map(Number);
  const isGreaterVersion = (a, b) => {
    const [aMajor, aMinor] = parseVersion(a);
    const [bMajor, bMinor] = parseVersion(b);
    if (aMajor > bMajor) return true;
    if (aMajor === bMajor && aMinor > bMinor) return true;
    return false;
  };
  useEffect(() => {
    if (typeof window === "undefined") return;
    const {pathname, hash, search} = window.location;
    const match = pathname.match(/\/talos\/(v\d+\.\d+)\//);
    if (!match) return;
    const detectedVersion = match[1];
    if (detectedVersion === latestVersion) return;
    setCurrentVersion(detectedVersion);
    if (isGreaterVersion(detectedVersion, latestVersion)) {
      setIsBeta(true);
    }
    const newPath = pathname.replace(`/talos/${detectedVersion}/`, `/talos/${latestVersion}/`);
    setLatestUrl(`${newPath}${search}${hash}`);
  }, []);
  if (!latestUrl || !currentVersion) return null;
  return <div className="not-prose sticky top-6 z-50 my-6">
      <div className="border border-yellow-500/30 bg-yellow-500/10 px-4 py-3 rounded-xl">
        <div className="text-sm">
          {isBeta ? <>
              ⚠️ You are viewing a <strong>beta version</strong> of Talos ({currentVersion}).
              This version may be unstable.
              <a href={latestUrl} className="ml-2 underline text-yellow-400 hover:text-yellow-300 font-medium">
                View latest stable version {latestVersion} →
              </a>
            </> : <>
              ⚠️ You are viewing an older version of Talos ({currentVersion}).
              <a href={latestUrl} className="ml-2 underline text-yellow-400 hover:text-yellow-300 font-medium">
                View the latest version {latestVersion} →
              </a>
            </>}
        </div>
      </div>
    </div>;
};

<VersionWarningBanner />

## Configuring network connectivity

The simplest way to deploy Talos is by ensuring that all the remote components of the system (`talosctl`, the control plane nodes, and worker nodes) all have layer 2 connectivity.
This is not always possible, however, so this page lays out the minimal network access that is required to configure and operate a talos cluster.

> Note: These are the ports required for Talos specifically, and should be configured *in addition* to the ports required by kubernetes.
> See the [kubernetes docs](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#check-required-ports) for information on the ports used by kubernetes itself.

### Control plane node(s)

<table class="table-auto">
  <thead>
    <tr>
      <th class="px-4 py-2">Protocol</th>
      <th class="px-4 py-2">Direction</th>
      <th class="px-4 py-2">Port Range</th>
      <th class="px-4 py-2">Purpose</th>
      <th class="px-4 py-2">Used By</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td class="border px-4 py-2">TCP</td>
      <td class="border px-4 py-2">Inbound</td>
      <td class="border px-4 py-2">50000\*</td>
      <td class="border px-4 py-2"><a href="./components#apid">apid</a></td>
      <td class="border px-4 py-2">talosctl, control plane nodes</td>
    </tr>

    <tr>
      <td class="border px-4 py-2">TCP</td>
      <td class="border px-4 py-2">Inbound</td>
      <td class="border px-4 py-2">50001\*</td>
      <td class="border px-4 py-2"><a href="./components#trustd">trustd</a></td>
      <td class="border px-4 py-2">Worker nodes</td>
    </tr>
  </tbody>
</table>

> Ports marked with a `*` are not currently configurable, but that may change in the future.
> [Follow along here](https://github.com/siderolabs/talos/issues/1836).

### Worker node(s)

<table class="table-auto">
  <thead>
    <tr>
      <th class="px-4 py-2">Protocol</th>
      <th class="px-4 py-2">Direction</th>
      <th class="px-4 py-2">Port Range</th>
      <th class="px-4 py-2">Purpose</th>
      <th class="px-4 py-2">Used By</th>
    </tr>
  </thead>

  <tbody>
    <tr>
      <td class="border px-4 py-2">TCP</td>
      <td class="border px-4 py-2">Inbound</td>
      <td class="border px-4 py-2">50000\*</td>
      <td class="border px-4 py-2"><a href="./components#apid">apid</a></td>
      <td class="border px-4 py-2">Control plane nodes</td>
    </tr>
  </tbody>
</table>

> Ports marked with a `*` are not currently configurable, but that may change in the future.
> [Follow along here](https://github.com/siderolabs/talos/issues/1836).