The missing rule was:
-A RH-Firewall-1-INPUT *-d *239.255.0.2 -j ACCEPT
Thanks anyway,
Francisco
Francisco Estanqueiro wrote:
I've tried allowing all traffic from my other cluster node and the
address from JBossConfig.xml with this rules but no success:
-A RH-Firewall-1-INPUT -s 239.255.0.2 -j ACCEPT
-A RH-Firewall-1-INPUT -s 194.117.42.201 -j ACCEPT
Mihir Patel wrote:
I am not familiar with firewall settings in linux, can you try TCP
instead of UDP?
On Fri, May 21, 2010 at 6:45 AM, Francisco Estanqueiro
<[email protected] <mailto:[email protected]>> wrote:
Anyone?
Francisco Estanqueiro wrote:
Hi everybody,
I'm having a little problem with my iptables letting JBoss
Cache work properly. What protocols/ports Jboss cache needs
open to work properly in iptables?
I have this rule based on my jboss config file:
-A RH-Firewall-1-INPUT -s 239.255.0.2 -m udp -p udp --dport
48866 -j ACCEPT
But it doesnt seem to work. *If I turn off iptables JBoss
Cache Cluster works fine*. I'm also curious if its normal
everytime I restart cas servers the port is different:
-------------------------------------------------------
GMS: address is 194.117.42.201:50094 <http://194.117.42.201:50094>
-------------------------------------------------------
-------------------------------------------------------
GMS: address is 194.117.42.201:52537 <http://194.117.42.201:52537>
-------------------------------------------------------
-------------------------------------------------------
GMS: address is 194.117.42.201:37420 <http://194.117.42.201:37420>
-------------------------------------------------------
etc..
Thanks,
Francisco
jbossTicketCacheReplicationConfig.xml:
<attribute name="ClusterConfig">
<config>
<!-- UDP: if you have a multihomed machine,
set the bind_addr attribute to the appropriate
NIC IP address, e.g bind_addr="192.168.0.2"
-->
<!-- UDP: On Windows machines, because of the
media sense feature
being broken with multicast (even after
disabling media sense)
set the loopback attribute to true -->
<UDP mcast_addr="239.255.0.2" mcast_port="48866"
ip_ttl="64" ip_mcast="true"
bind_addr="194.117.42.201"
mcast_send_buf_size="150000"
mcast_recv_buf_size="80000"
ucast_send_buf_size="150000"
ucast_recv_buf_size="80000"
loopback="false"/>
<PING timeout="2000" num_initial_members="3"
up_thread="false" down_thread="false"/>
<MERGE2 min_interval="10000" max_interval="20000"/>
<!-- <FD shun="true" up_thread="true"
down_thread="true" />-->
<FD_SOCK/>
<VERIFY_SUSPECT timeout="1500"
up_thread="false" down_thread="false"/>
<pbcast.NAKACK gc_lag="50"
retransmit_timeout="600,1200,2400,4800"
max_xmit_size="8192" up_thread="false"
down_thread="false"/>
<UNICAST timeout="600,1200,2400"
window_size="100" min_threshold="10"
down_thread="false"/>
<pbcast.STABLE desired_avg_gossip="20000"
up_thread="false" down_thread="false"/>
<FRAG frag_size="8192"
down_thread="false" up_thread="false"/>
<pbcast.GMS join_timeout="5000"
join_retry_timeout="2000"
shun="true" print_local_addr="true"/>
<pbcast.STATE_TRANSFER up_thread="true"
down_thread="true"/>
</config>
</attribute>
--
You are currently subscribed to [email protected]
<mailto:[email protected]> as: [email protected]
<mailto:[email protected]>
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
