Re: [ceph-users] iptables

[Wido den Hollander]

On 26-09-14 06:55, shiva rkreddy wrote:
> Hello,
> On my ceph cluster osd node . there is a rule to REJECT all.
> As per the documentation, added a rule to allow the trafficon the full
> range of ports,
> But, the cluster will not come into clean state. Can you please share
> your experience with the iptables configuration.
> 
> Following are the INPUT rules:
> 
> 5ACCEPT tcp  --  10.108.240.192/26    
> 0.0.0.0/0    multiport dports 6800:7100
> 6REJECT all  --  0.0.0.0/0    
> 0.0.0.0/0    reject-with icmp-host-prohibited
> 
> Thanks,
> 
> 

Note that the monitors run on port 6789, so you would have to allow
6789:7100 for a Ceph cluster to properly work.

> 
> ___
> ceph-users mailing list
> ceph-users@lists.ceph.com
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
> 


-- 
Wido den Hollander
42on B.V.

Phone: +31 (0)20 700 9902
Skype: contact42on
___
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[ceph-users] iptables

[shiva rkreddy]

Hello,
On my ceph cluster osd node . there is a rule to REJECT all.
As per the documentation, added a rule to allow the trafficon the full
range of ports,
But, the cluster will not come into clean state. Can you please share your
experience with the iptables configuration.

Following are the INPUT rules:

5ACCEPT tcp  --  10.108.240.192/260.0.0.0/0   multiport
dports 6800:7100
6REJECT all  --  0.0.0.0/00.0.0.0/0
reject-with icmp-host-prohibited

Thanks,
___
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com