If you can get a network connection between the SN and MN on the same broadcast domain (subnet) you could use dhcprelay on the SN to forward to and from the MN. I think IPMI should work if you set the gateway in IMM.
Norman Patten IBM Lab Services TEL 406-210-4545 From: Christian Caruthers/Richmond/IBM@IBMUS To: [email protected], Date: 07/11/2012 09:07 PM Subject: [xcat-user] Firewall ports for xCAT We have an existing iDataPlex cluster, and we're adding 2 more racks. One of the systems in the new racks will be a service node, but the new hardware, including the new SN, is on a different subnet. The compute nodes in the new racks will be netbooting, and their images will need to be built on the SN since the MN is running an older version of RH than they want on the new hardware. They don't want the SN running a DHCP server if we can avoid it. All we're looking to have the MN do is handle DHCP and ipmi (r-tools, console). That said, is it safe to say a minimal list of ports to open up on the firewall between the two racks would be as follows: xcatd xcati dhcp dhcpc ipmi pxe postgresql (this wasn't listed on the wiki) conserver rpc-mount Have I missed anything? The plan is that the compute nodes will netboot off the SN, but the initial PXE/DHCP communication will be handled by the MN. Admin tools like rpower & rcons will be handled on the MN. We're not doing node discovery (MACs have been manually collected) and DNS is handled by their servers. Regards, Christian D. Caruthers Senior Consultant - System x Linux HPC Mobile: 1-757-289-9872 | Phone: 1-804-327-4559 E-mail: [email protected] Find me on: "A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - Douglas Adams 9201 Arboretum Pkwy Richmond, VA 23236-5402 United States ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
<<image/jpeg>>
<<image/jpeg>>
<<image/gif>>
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
