HP XC System Software Administration Guide Version 2.1

ManualsBrandsHP ManualsSoftwareHP XC 1 Processor LTU

OpeninganIPPortintheFirewall

This chapter includes the following topics:

• A discussion on the IP ports that are open

by default (Section 8.1)

• Information on how to open IP ports (Section 8.2)

8.1 Open Ports

Each node in an HP X C system is set up wit

h an IP firewall, for security purposes, to block

communications on unused network po

rts. External system access is restricted to a small set of

externally exposed ports.

A larger set of ports is open between members of the system but the ports are restricted to

the network interfaces that connect only members of the system as well as the network ports

associated with running services required by the H P X C system. Network interfaces that are

attached to the external network do not allow c ommunications over these ports.

Section 8.1.1 lists the base ports that are always open externally by default.

Section 8.1.2 lists the default

base ports that are always open within the internal netw orks of

the HP XC system.

The services running on a node can affect which additional ports are open on that node. For

example, services like NAT Server, NIS Server, or N FS Server may open ports in the firewall

where they are running.

To verify the actual current ports open on any node, use the iptables --list command.

Some services require open

ing a service p ort that r equires opening an associated port in the

firewall. Determine whet

her you need to open a service port when installing software other than

HP XC system software.

8.1.1 Open External Ports

Table 8-1 lists the ports

that are open for access into an HP XC system f rom the external netw ork.

Table 8-1: Open External Ports in the Firewall

Port

Service

Protocol Use

ssh

tcp

Secure user logins and file transfers

443

https

tcp

Secure Web access, used to provide system

status

The default setup has all other ports on the external interface restricted.

For the security of your system, it is recommended that you leave these firewall settings at their

defaults. If you need to add a service that requires you to open any of the restricted ports,

see Section 8.2.

8.1.2 Open Internal Ports

Table 8-2 lists the base set of ports that are open only to other no des of an HP XC system .

OpeninganIPPortintheFirewall 8-1