> Yes, this is possible, but I would say it's discouraged to do so. > With RHEL/CentOS 7 you really should be using firewalld, and forget about the > old iptables. Here's a nice introduction: > https://www.certdepot.net/rhel7-get-started-firewalld/ > > Having worked with firewalld for a while now, I find it more flexible to use. > Admittedly, there is a bit of a learning > curve.
I disagree. Firewalld might be better in dynamic environments where you need to automatically configure your firewall but with static services I find iptables much easier. But this discussion is as mute as the question whether SysVInit or Systemd is the better. Only with iptables vs. firewalld you still have a choice. >> The crucial part is to ensure that either firewalld *or* iptables is running >> but not both. Or you could run without >> firewall at >> all *if* you trust your network… > > Agreed. The compute node network *has to be* trusted in order for Slurm to > work. > > /Ole
