Port 2459: XRPL — The XRP Ledger's peer channel

What This Port Does

Port 2459 is the officially assigned port for the XRP Ledger (XRPL) peer protocol — the language that rippled servers speak to each other to maintain consensus on the state of the XRP Ledger blockchain.

When two XRP Ledger nodes connect, one initiates an HTTPS connection and requests an upgrade to the XRPL/2.0 protocol. From that point, they exchange proposed transactions, validated ledgers, and consensus messages. Port 2459 is where that conversation is supposed to happen.

Registered Ports: What This Range Means

Port 2459 sits in the registered ports range (1024–49151). IANA maintains this range as a registry — any organization can apply to formally claim a port number for their protocol. Registration doesn't grant exclusive use or prevent anyone from running other services on the same port, but it establishes a canonical assignment that documentation, firewalls, and tooling can reference.

The History: 51235 to 2459

The XRP Ledger network launched without a formal IANA port assignment, defaulting to port 51235 — a number chosen informally and baked into countless configurations over years of operation.

In 2019, Nik Bougalis and JoelKatz from the XRP Ledger Foundation went through the IANA registration process and secured port 2459 under the service name xrpl.¹ The announcement was matter-of-fact: "we now have port 2459, which shall henceforth be given the official name service name xrpl."

The catch: backward compatibility. Existing nodes were already listening on 51235. So the XRP Ledger documentation now instructs servers to listen on both ports simultaneously during the transition, and the default configuration still uses 51235.² Port 2459 is the official address that most of the network hasn't moved to yet.

Security Considerations

The SANS Internet Storm Center has observed scanning activity on port 2459.³ This is typical for any registered port — scanners probe the full registered range looking for exposed services. If you are running a rippled node, it should only be accepting peer connections from trusted peers or the public as appropriate for your node type. The peer protocol does not carry private keys, but an exposed node with misconfigured settings could be used to probe ledger state or consume bandwidth.

How to Check What's Listening on This Port

# macOS / Linux
sudo lsof -i :2459
sudo ss -tlnp | grep 2459

# Windows
netstat -ano | findstr :2459

If you see rippled or an XRP Ledger-related process, it's the expected use. If you see something unexpected, investigate — there is no other widely-known service that uses this port.