HP Serviceguard Version A.11.20 Release Notes, February 2014
pass in quick proto tcp from any to any port = 2301
pass in quick proto tcp from any to any port = 2381
pass in quick from <clusternodes> to any
pass out quick from any to <clusternodes>
In the above rules, <clusternodes> are all nodes in the cluster, including the local node.
The ipf.customrules file is located under the Bastille directory itself.
IPFilter-Serviceguard rules are documented in the latest HP-UX IPFilter Administrator’s Guide, which
you can find under http://www.hp.com/go/hpux-security-docs —> HP-UX IPFilter Software
For information on how to configure HP-UX Bastille Sec10Host to allow the identd daemon to
run, see the latest version of the Security Management volume of the HP-UX System Administrator's
Guide under http://www.hp.com/go/hpux-core-docs.
See also the HP-UX Bastille User’s Guide installed on your system: /opt/sec_mgmt/bastille/
docs/user_guide.txt.
Before Installing Serviceguard A.11.20
Before you install Serviceguard A.11.20, you need to make sure that your cluster has the correct
hardware upgrades. If you are upgrading older systems, make sure your HP representative reviews
the firmware levels of SCSI controller cards and installs the latest versions.
Memory Requirements
Serviceguard needs approximately 15.5 MB of lockable memory on each cluster node.
NOTE: Remember to tune the swap space and the HP-UX kernel parameters nfile, maxfiles
and maxfiles_lim to ensure that they are set high enough for the number of packages you are
configuring.
Port Requirements
Serviceguard uses the ports listed below. Before installing, check /etc/services and be sure
no other program has reserved these ports.
• discard 9/udp
• snmp 161/udp
• snmp 162/udp
• clvm-cfg 1476/tcp
• hacl-qs 1238/tcp
• hacl-qs 1238/udp
• hacl-monitor 3542/tcp
• hacl-monitor 3542/udp
• hacl-hb 5300/tcp
• hacl-hb 5300/udp
• hacl-gs 5301/tcp
• hacl-gs 5301/udp
• hacl-cfg 5302/tcp
• hacl-cfg 5302/udp
• hacl-probe 5303/tcp
40 Serviceguard Version A.11.20 Release Notes