Manualshelf

HP Serviceguard A.11.20.10 for Linux Release Notes, December 2012

ManualsBrandsHP ManualsSoftwareHP Serviceguard for Linux ProLiant Cluster
21222324252627282930
There are additional firewall requirements to enable execution of Serviceguard commands from
nodes outside the cluster, such as those listed in cmclnodelist. To allow execution of Serviceguard
commands, follow these guidelines:
All nodes in the cluster must allow the following communications:
from the remote nodes:
TCP on ports 5302 and allow only packets with the SYN flag
UDP on port 5302
to the remote nodes:
TCP and UDP on dynamic ports
The remote nodes must allow the following communications:
from the cluster nodes
TCP and UDP on dynamic ports
to the cluster nodes
TCP on ports 5302 and allow only packets with the SYN flag
UDP on port 5302
Authentication communication must allow the following ports:
from the cluster nodes:
TCP and UDP on port 113
to the cluster nodes:
TCP and UDP on port 113
NOTE: If you suspect that the firewall is blocking communications, you can add -j LOG before
the last line in your iptables file (for example /etc/sysconfig/iptables) to log any blocked
ports. Consult your Linux distribution’s documentation on firewalls for information on iptables.
Installing the Quorum Server
If you choose to use a Quorum Server rather than a lock LUN for tie-breaking, install the Quorum
Server software on a system outside the cluster. The Quorum Server software is on the Serviceguard
for Linux CD. Updated versions may be available from http://www.hp.com/go/softwaredepot.
CAUTION: If you are upgrading both the Quorum Server and Serviceguard for Linux, upgrade
the Quorum Server before you upgrade Serviceguard. This is especially important if you are using
an alternate quorum server subnet. See “Quorum server upgrade required if you are using an
alternate address (page 33).
For more information about Linux installation and configuration process, see Quorum Server Version
A.04.00 Release Notes at www.hp.com/go/hpux-serviceguard-docs —> HP Serviceguard Quorum
Server Software.
For more information about the Quorum Server, see Managing HP Serviceguard A.11.20.10 for
Linux manual at www.hp.com/go/linux-serviceguard-docs.
Setting permissions on the /root/.rhosts file
The /root/.rhosts file must not allow write access by group or other. If /root/.rhosts
file write permission is enabled for other or group, HP Serviceguard for Linux commands will
Compatibility and installation requirements 21