Sorry... Ok, I'm having a traffic shaping problem. The status.txt.gz is attached.
The tutorial is used was this one <http://www.shorewall.net/two-interface.htm >. I misspoke in my previous email... By 'SSH enabled by default' I meant the SSH/ACCEPT line in the sample 'rules' file was left alone, such that SSH was accepted. 'Shut off shorewall' means 'shorewall stop' and 'shorewall clear'. Even though the tutorial didn't mention clusters, I thought it might be a good starting point b/c the master node is a two-interface system.
Since my setup is basically that of the sample files provided, I'll try to explain what I want to do: -I have a cluster (1 master, 15 slave nodes) which is already behind a university firewall. -The master node is the only node connected to the university/outside network (on eth1) with a static IP. The other nodes are all connected to the master (on eth0) through a switch. The master node is a DHCP server and assigns each node a static internal IP in the range of 10.0.0.1 to 10.0.0.16. Each node is connected to the master on eth0. -I would like Shorewall to make it such that the slave nodes can see the outside internet -- i.e. make them use the master node's IP address and send data to/receive data from sources outside the cluster's internal network (IP masquerading and SNAT, I think). I also need to be able to SSH into the master node from a remote terminal and SSH from the master node to any other node in the cluster. -I do not need it to be a firewall because the whole system is already behind one. I'm hoping this should make the policy and rules setup much easier and the firewall shouldn't prevent anything from happening.
Right now I can SSH into the cluster from a remote computer, but I can't SSH to any of the other nodes. And I have no idea if the other nodes can communicate beyond the local network.
Any more help would be greatly appreciated. I hope this is more clear than my previous email. Thanks.
--------------------------------------------- Christopher Tanner Space Systems Design Laboratory Georgia Institute of Technology [email protected] ----------------------------------------------
status.txt.gz
Description: GNU Zip compressed data
On Dec 22, 2008, at 6:02 PM, Shorewall Geek wrote:
Christopher Tanner wrote:I installed Shorewall on my cluster per the instructions for two- interface setup. However, now I can't ssh from the master node to any other node -- it simply says "ssh: connect to host node2 port 22: No route to host." (same for all other nodes). Additionally, I can't SSH into the cluster anymore from my remote clients. I thought that the tutorial said SSH would be enabled?You keep mentioning 'the tutorial'. What tutorial? There is a two-interface tutorial at shorewall.net (http://www.shorewall.net/two-interfaces.htm) but it definitely *doesn't* say that 'SSH is enabled by default'. And it doesn't mention clusters.When I shut off Shorewall, I still can't ssh between nodes, but I am able to ssh into the cluster from my remote clients.And how exactly do you 'shut off shorewall'?Even when I do a "shorewall clear" I still cannot get to my other nodes. I imagine this is a simple fix,but I don't know how based on the tutorial and my lack of IP vocabulary.A little info on my system:We would much rather have the information we ask for athttp://www.shorewall.net/support.htm#Guidelines; the email you receivedwhen you subscribed to this list urged you to look at that page before posting. ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
