[Pacemaker] How SuSEfirewall2 affects on openais startup?
Tim Serong
tserong at novell.com
Thu May 13 06:27:09 UTC 2010
Hi,
On 5/13/2010 at 03:56 PM, Aleksey Zholdak <aleksey at zholdak.com> wrote:
> > The firewall should let through the UDP multicast traffic on
> > ports mcastport and mcastport+1.
>
> As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
> zone". So, how can I "open" these ports if it already opened?
>
Just to double check, I assume "Internal zone" does not have any
firewall rules applied to it? If you go to "Allowed Services" in the
YaST2 firewall config app, it should show everything greyed-out or
allowed for Internal Zone.
(Disclaimer: my major experience with SuSEfirewall2 is opening the ssh
port on a system I care about, and turning the firewall off completely
on my test cluster systems, because they're inside networks I trust)
You said earlier that openais starts OK if you have the firewall on,
but resources do not run. What does the output of "crm_mon -r1" show
in this case?
Regards,
Tim
--
Tim Serong <tserong at novell.com>
Senior Clustering Engineer, OPS Engineering, Novell Inc.
More information about the Pacemaker
mailing list