HP XC System Software Administration Guide Version 3.1
11 Opening an IP Port in the Firewall
This chapter addresses the following topics:
• “Open Ports” (page 143)
• “Opening Ports in the Firewall” (page 144)
11.1 Open Ports
Each node in an HP XC system is set up with an IP firewall, for security purposes, to block communications
on unused network ports. External system access is restricted to a small set of externally exposed ports.
Table 11-1 lists the base ports that are always open by default; these ports are labeled “External”.
A larger set of ports is open between members of the system, but the ports are restricted to the network
interfaces that connect only members of the system and the network ports associated with running services
required by the HP XC system. Network interfaces attached to the external network do not allow
communications over these ports.
Table 11-1 also lists the ports open internally for the HP XC system by default.
Table 11-1 Default Open Internal and External Ports in the Firewall
UseProtocolServicePort NumberInternal or
External
Secure user logins and file transfers
tcpssh
22External
Secure Web access, used to provide system status
tcphttps
443External
Secure user logins and file transfers
tcpssh
22Internal
Mail server
tcpsmtp
25Internal
Trivial transfer protocol
udptftp
69Internal
RPC-based code
tcp/udpsunrpc
111Internal
Network Time Protocol
tcp/udpntp
123Internal
Secure Hypertext Transfer Protocol
tcphttps
443Internal
rsync utilitytcprsync
873Internal
Required for SLURM and LSF-HPC with SLURM
tcp/udp
various1024 to 65535Internal
The default setup restricts all other ports on the external and internal interfaces.
IMPORTANT:
For the security of your system, HP recommends that you leave these default firewall settings. If you need
to add a service that requires you to open any of the restricted ports, see “Opening Ports in the Firewall”
(page 144).
Some services require opening a service port, which requires opening an associated port in the firewall.
Determine whether you need to open a service port when installing software other than HP XC system
software.
The services running on a node can affect which additional ports are open on that node. For example,
some HP XC services like the NAT server, NIS master server, or the NFS server will automatically open
ports in the firewall on those nodes for which they are configured to run. These services open their ports
automatically. The service does not work as expected if you close its port. Table 11-2 provides the port
number or numbers for such services.
11.1 Open Ports 143