[Gluster-users] Firewalls and ports and protocols

max.degraaf at kpn.com max.degraaf at kpn.com
Thu Sep 7 10:49:21 UTC 2017


Reading the documentation there is conflicting information:

According to https://wiki.centos.org/HowTos/GlusterFSonCentOS we only need port TCP open between 2 GlusterFS servers:
Ports TCP:24007-24008 are required for communication between GlusterFS nodes and each brick requires another TCP port starting at 24009.

According to https://gluster.readthedocs.io/en/latest/Administrator%20Guide/Setting%20Up%20Clients/ we also need to open UPD:
Ensure that TCP and UDP ports 24007 and 24008 are open on all Gluster servers. Apart from these ports, you need to open one port for each brick starting from port 49152 (instead of 24009 onwards as with previous releases). The brick ports assignment scheme is now compliant with IANA guidelines. For example: if you have five bricks, you need to have ports 49152 to 49156 open.
This part of the page is actually in the "Setting up Clients" section but it clearly mentions server.

To add some more confusion there is an examply when using iptables:
`$ sudo iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 24007:24008 -j ACCEPT `
`$ sudo iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 49152:49156 -j ACCEPT`
This conflicts with the directions using UPD as well as it only opens TCP.


So basically I have 2 questions:
What protocol/ports are needed for 2 glusterfs servers to work together.
What protocol/ports are needed for a glusters client (using only the native client) to work with a glusterfs server.

PS: All our machines are running Centos 7.1.

Thanks,

Max

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20170907/e2fddae5/attachment.html>


More information about the Gluster-users mailing list