Lars,
> The SUSEfirewall scripts block all external network traffic until the
> system has started, even for internal zones I think. (This also tends to
> affect drbd among others, if set to start via the init scripts ...)
>
> If that is a SLES system, please file a bug through your support
> con
On 2010-05-14T09:40:28, Aleksey Zholdak wrote:
> /var/log/firewall is empty
> dmesg contains nothing about firewall and openais
> In /var/log/messages I see a lot of messages that tells me nothing :(
The SUSEfirewall scripts block all external network traffic until the
system has started, even f
On 2010-05-14T08:40:08, Lars Ellenberg wrote:
> Cloning SBD is harmful. That thing does not like to be cloned. The
> monitoring operation of that thing will likely fail if it is cloned.
> Do not clone SBD.
I much reduced the monitoring operation of sbd, since people just get it
wrong. It also t
On Fri, May 14, 2010 at 09:40:28AM +0300, Aleksey Zholdak wrote:
> >The sbd daemon needs to be running on both nodes (the openais init script
> >should take care of that on SLES), but there only needs to be one sbd
> >primitive, it does not need to be cloned. Pacemaker will make sure it
> >is runn
On Thu, May 13, 2010 at 07:18:06PM -0600, Tim Serong wrote:
> > I must remind you that we are talking about a running one node of the two.
> > The second node is turned off (burned, stolen, etc.)
> >
> > >>Clone Set: sbd-clone
> > >>Stopped: [ sbd_fense:0 sbd_fense:1 ]
> > >
> >
firewall should let through the UDP multicast traffic on
ports mcastport and mcastport+1.
As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
zone". So, how can I "open" these ports if it already opened?
Just to double check, I assume "Internal zone" does not have any
firewa
On 5/13/2010 at 11:48 PM, Aleksey Zholdak wrote:
> firewall should let through the UDP multicast traffic on
>> ports mcastport and mcastport+1.
>
> As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
> zone". So, how can I "open" these ports if it already ope
firewall should let through the UDP multicast traffic on
ports mcastport and mcastport+1.
As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
zone". So, how can I "open" these ports if it already opened?
Just to double check, I assume "Internal zone" does not have any
firewa
On 5/13/2010 at 07:22 PM, Aleksey Zholdak wrote:
> firewall should let through the UDP multicast traffic on
ports mcastport and mcastport+1.
> >>
> >> As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
> >> zone". So, how can I "open" these ports if it already op
Hi
As the SuSEfirewall2 firewall is based on iptables rules, I think you
can run a loop such as this to get the actual configuration in place
for table in filter nat mangle raw ; do echo "--- $table ---"; iptables
-t $table -L -n; done > /tmp/iptables.log
--- filter ---
Chain INPUT (policy D
The firewall should let through the UDP multicast traffic on
ports mcastport and mcastport+1.
As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
zone". So, how can I "open" these ports if it already opened?
Just to double check, I assume "Internal zone" does not have an
On Thu, May 13, 2010 at 8:27 AM, Tim Serong wrote:
> Hi,
>
> On 5/13/2010 at 03:56 PM, Aleksey Zholdak wrote:
> > > The firewall should let through the UDP multicast traffic on
> > > ports mcastport and mcastport+1.
> >
> > As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
>
Hi,
On 5/13/2010 at 03:56 PM, Aleksey Zholdak wrote:
> > The firewall should let through the UDP multicast traffic on
> > ports mcastport and mcastport+1.
>
> As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
> zone". So, how can I "open" these ports if it already opene
Hi.
All interfaces in SuSEfirewall2 is set to "Internal zone".
I start openais on one node of two configured.
Openais starts, but resources do not run.
When the SLES boots, I see, that SuSEfirewall2 phase 1 of 2 runs
_before_ openais and phase 2 of 2 runs _after_ openais.
This is the dependenci
Hi,
On Wed, May 12, 2010 at 02:08:36PM +0300, Aleksey Zholdak wrote:
> Good day!
>
> Dejan Muhamedagic пишет:
> >Hi,
> >
> >On Tue, May 11, 2010 at 05:32:02PM +0300, Aleksey Zholdak wrote:
> >>Hi again!
> >>
> >>All interfaces in SuSEfirewall2 is set to "Internal zone".
> >>I start openais on one
Hi Aleksey,
> > Don't know much about SuSEfirewall2, but can't see how when it
> > starts should influence the cluster, as long as it lets the
> > traffic we need through.
>
> And what to do?
First of all check the logs (/var/log/messages and /var/log/firewall).
When you can't see anything suspic
Good day!
Dejan Muhamedagic пишет:
Hi,
On Tue, May 11, 2010 at 05:32:02PM +0300, Aleksey Zholdak wrote:
Hi again!
All interfaces in SuSEfirewall2 is set to "Internal zone".
I start openais on one node of two configured.
Openais starts, but resources do not run.
When the SLES boots, I see, th
Hi,
On Tue, May 11, 2010 at 05:32:02PM +0300, Aleksey Zholdak wrote:
> Hi again!
>
> All interfaces in SuSEfirewall2 is set to "Internal zone".
> I start openais on one node of two configured.
> Openais starts, but resources do not run.
>
> When the SLES boots, I see, that SuSEfirewall2 phase 1
Hi again!
All interfaces in SuSEfirewall2 is set to "Internal zone".
I start openais on one node of two configured.
Openais starts, but resources do not run.
When the SLES boots, I see, that SuSEfirewall2 phase 1 of 2 runs _before_
openais and phase 2 of 2 runs _after_ openais.
This is the dep
19 matches
Mail list logo