Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentCLUSTER SUITE FOR ENTERPRISE LINUX 5.1
21222324252627282930
T ab le 2.2. En ab led IP Po rt o n a Co mpu t er T h at R u n s lu ci
IP Po rt N u mb er Pro t o co l Co mpo n en t
8084 TCP lu ci (Co n g a user interface server)
As of the Red Hat Enterprise Linux 6.1 release, which enabled configuration by means of the
/etc/sysco nfi g /l uci file, you can specifically configure the only IP address lu ci is being
served at. You can use this capability if your server infrastructure incorporates more than one
network and you want to access lu ci from the internal network only. To do this, uncomment and edit
the line in the file that specifies host. For example, to change the ho st setting in the file to
10.10.10.10, edit the ho st line as follows:
host = 10.10.10.10
For more information on the /etc/sysconfi g /l uci file, refer to Section 2.4, “Configuring lu ci
with /etc/sysco nfi g /l uci .
2.3.3. Configuring t he ipt ables Firewall to Allow Clust er Component s
Listed below are example iptable rules for enabling IP ports needed by Red Hat Enterprise Linux 6
(with High Availability Add-on). Please note that these examples use 192.168.1.0/24 as a subnet, but
you will need to replace 192.168.1.0/24 with the appropriate subnet if you use these rules.
For cman (Cluster Manager), use the following filtering.
$ i ptabl es -I INP UT -m state --state NEW -m mul ti po rt -p ud p -s
19 2. 16 8. 1. 0 /24 -d 19 2. 16 8. 1. 0 /24 --dpo rts 54 0 4 ,54 0 5 -j ACC EP T
$ i ptabl es -I INP UT -m ad d rtype --dst-type MULT IC AST -m state --state
NEW -m mul ti po rt -p udp -s 192. 16 8. 1. 0 /24 --d po rts 54 0 4 ,54 0 5 -j ACC EP T
For d l m (Distributed Lock Manager):
$ i ptabl es -I INP UT -m state --state NEW -p tcp -s 19 2. 16 8. 1. 0 /24 -d
19 2. 16 8. 1. 0 /24 --dpo rt 2106 4 -j ACC EP T
For ri cci (part of Conga remote agent):
$ i ptabl es -I INP UT -m state --state NEW -p tcp -s 19 2. 16 8. 1. 0 /24 -d
19 2. 16 8. 1. 0 /24 --dpo rt 11111 -j ACC EP T
For mo d cl usterd (part of Conga remote agent):
$ i ptabl es -I INP UT -m state --state NEW -p tcp -s 19 2. 16 8. 1. 0 /24 -d
19 2. 16 8. 1. 0 /24 --dpo rt 16 851 -j AC C EP T
For l uci (Conga User Interface server):
$ i ptabl es -I INP UT -m state --state NEW -p tcp -s 19 2. 16 8. 1. 0 /24 -d
19 2. 16 8. 1. 0 /24 --dpo rt 80 84 -j AC C EP T
For i g mp (Internet Group Management Protocol):
$ i ptabl es -I INP UT -p ig mp -j AC C EP T
Chapt er 2 . Before Configuring t he Red Hat High Availabilit y Add- O n
21