On Thursday, June 02, 2011 15:59:41 Digimer wrote: > On 06/02/2011 03:55 PM, imnotpc wrote: > > I'm a new user with a simple question which I could not find an answer to > > in the docs. The Clusters from Scratch document tells you to disable > > iptables and I've inadvertantly found out why when I loaded my standard > > firewall script and broke my cluster. My question is: Is the > > corosync/pacemaker stack inherently incompatible with iptables or are > > there just certain iptables modules or configurations that cause > > problems? > > > > Thanks, Jeff > > You just need to know the ports to open. Here is the list of ones I know > of: > > Port Protocol Component > 5404, 5405 UDP cman > 8084, 5405 TCP luci > 11111 TCP ricci > 14567 TCP gnbd > 16851 TCP modclusterd > 21064 TCP dlm > 50006, 50008, 50009 TCP ccsd > 50007 UDP ccsd > > Note that this is from a RHCS2 (openais) perspective. I may be missing > pacemaker-specific ones.
Appreciate the quick response. It's good to know iptables can work. I can't imagine no firewall even on an internal box. In my configuration everything (nearly) that gets blocked gets logged so now I need to find out why I'm not seeing any of these ports show up in my firewall log. _______________________________________________ Openais mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/openais
