Manualshelf

HP XC System Software Administration Guide Version 3.0

ManualsBrandsHP ManualsSoftwareHP XC System 3.x Software
919293949596979899100
9. Opening an IP Port in the Firewall
This chapter addresses the following topics:
Open Ports (page 91)
Opening Ports in the Firewall (page 92)
Open Ports
Each node in an HP XC system is set up with an IP firewall, for security purposes, to block communications
on unused network ports. External system access is restricted to a small set of externally exposed ports.
Table 9-1. lists the base ports that are always open by default; these ports are labeled “External”.
A larger set of ports is open between members of the system, but the ports are restricted to the network
interfaces that connect only members of the system and the network ports associated with running services
required by the HP XC system. Network interfaces attached to the external network do not allow
communications over these ports.
Table 9-1. also lists the ports open internally for the HP XC system by default.
Table 9-1. Default Open Internal and External Ports in the Firewall Default Open Internal and External
Ports in the Firewall
UseProtocolServicePort NumberInternal or
External
Secure user logins and file transferstcpssh22External
Secure Web access, used to provide system statustcphttps443External
Secure user logins and file transferstcpssh22Internal
Mail servertcpsmtp25Internal
Trivial transfer protocoludptftp69Internal
RPC-based codetcp/udpsunrpc111Internal
Network Time Protocoltcp/udpntp123Internal
Secure Hypertext Transfer Protocoltcphttps443Internal
rsync utilitytcprsync873Internal
Required for SLURM and LSF-HPCtcp/udpvarious1024 to 65535Internal
The default setup restricts all other ports on the external and internal interfaces.
IMPORTANT
For the security of your system, HP recommends that you leave these default firewall settings. If you need to
add a service that requires you to open any of the restricted ports, see “Opening Ports in the Firewall”
(page 92).
Some services require opening a service port, which requires opening an associated port in the firewall.
Determine whether you need to open a service port when installing software other than HP XC system
software.
The services running on a node can affect which additional ports are open on that node. For example, some
HP XC services like the NAT server, NIS server, or the NFS server will automatically open ports in the firewall
on those nodes for which they are configured to run. These services open their ports automatically. The
service does not work as expected if you close its port. Table 9-2. provides the port number or numbers for
such services.
Open Ports 91