HP XC System Software Administration Guide Version 3.2

ManualsBrandsHP ManualsSoftwareHP XC System 3.x Software

151

152

153

154

155

156

157

158

159

160

12 Opening an IP Port in the Firewall

This chapter addresses the following topics:

• “Open Ports” (page 153)

• “Opening Ports in the Firewall” (page 154)

12.1 Open Ports

Each node in an HP XC system is set up with an IP firewall, for security purposes, to block

communications on unused network ports. External system access is restricted to a small set of

externally exposed ports. Table 12-1 lists the base ports that are always open by default; these

ports are labeled “External”.

A larger set of ports is open between members of the system, but the ports are restricted to the

network interfaces that connect only members of the system and the network ports associated

with running services required by the HP XC system. Network interfaces attached to the external

network do not allow communications over these ports.

Table 12-1 also lists the ports open internally for the HP XC system by default.

Table 12-1 Default Open Internal and External Ports in the Firewall

UseProtocolServicePort NumberInternal or

External

Secure user logins and file transfers

tcpssh

22External

Secure Web access, used to provide system

status

tcphttps

443External

Secure user logins and file transfers

tcpssh

22Internal

Mail server

tcpsmtp

25Internal

Trivial transfer protocol

udptftp

69Internal

RPC-based code

tcp/udpsunrpc

111Internal

Network Time Protocol

tcp/udpntp

123Internal

Secure Hypertext Transfer Protocol

tcphttps

443Internal

rsync utilitytcprsync

873Internal

Required for SLURM and LSF-HPC with

SLURM

tcp/udp

various1024 to 65535Internal

The default setup restricts all other ports on the external and internal interfaces.

IMPORTANT:

For the security of your system, HP recommends that you leave these default firewall settings.

If you need to add a service that requires you to open any of the restricted ports, see “Opening

Ports in the Firewall” (page 154).

Some services require opening a service port, which requires opening an associated port in the

firewall. Determine whether you need to open a service port when installing software other than

HP XC system software.

The services running on a node can affect which additional ports are open on that node. For

example, some HP XC services like the NAT server, NIS master server, or the NFS server will

automatically open ports in the firewall on those nodes for which they are configured to run.

These services open their ports automatically. The service does not work as expected if you close

its port. Table 12-2 provides the port number or numbers for such services.

12.1 Open Ports 153