Hi Sander, I'll do the changes to the firewall as you mention. I'm running the domain in a host as my engine is in a vm with low disk resources. I don't know if there's a way to set up the domain automatically with ovirt when it's deployed in a host. Regards,
On 13/12/13 06:00, Sander Grendelman wrote: > On Thu, Dec 12, 2013 at 5:01 PM, Juan Pablo Lorier <jplor...@gmail.com> wrote: > ... >> # nfs >> -A INPUT -p tcp -m tcp --dport 111 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 38467 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT >> -A INPUT -p udp -m udp --dport 2049 -j ACCEPT >> -A INPUT -p udp -m udp --dport 41729 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 48491 -j ACCEPT >> -A INPUT -p udp -m udp --dport 43828 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 48491 -j ACCEPT >> -A INPUT -p udp -m udp --dport 47492 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 58837 -j ACCEPT > The above rules might break after a reboot. > > Best practice is to set the normally dynamic nfs ports to fixed > values in /etc/sysconfig/nfs and then open those ports in the firewall. > >> Now I'm changing the settings by overriding the defaults in the domain >> and auto negotiating the protocol. This firewall correction may be a >> good thing to add in the deploy. > Are you doing this on a node or on your engine server? > > The engine-setup configured both /etc/sysconfig/nfs and iptables for me > on my engine server (for the iso domain). _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
