Oracle RAC cluster network failure after opening PVE firewall

[lingguchong]

Hello everyone, I have a 6-node PVe7 cluster and have deployed 3-node Oracle Rac services on three of them.

When the PVE firewall function is not enabled, the network between nodes in the Oracle Rac cluster operates normally.

After a few minutes of activation, the network of each node in the Oracle Rac cluster began to work abnormally. Finally, all IPs were transferred to one node, and the other nodes could not be used as cluster nodes.

The accept rules for in and out have already been enabled on the PVE cluster firewall and VM firewall, but it still cannot solve this problem. We have a big problem and need help.

 

[lingguchong]

Has anyone encountered a similar problem? It's a headache because rac cannot enable the entire firewall function of PVE.

 

[lingguchong]

After the firewall of the Pve cluster is turned on, some default policies conflict with Oracle Rac communication. Is there any way to adjust some default policies while the firewall is turned on? After the iptables - F operation, the default policy will be regenerated. Do you have any good ideas?

 

[lingguchong]

Okay, after testing, it was discovered which default policies affected the operation of RAC. This issue can be temporarily resolved.

 

[ksun]

Hello,
I am new to proxmox world.
I have done Oracle RAC with two nodes on VMWare. Apparently you are experienced with this kind of configurations, especially with shared disks between two VMs.
Do you know a document, video, or just maybe some buzz words of ProMox terminologies?
Thanks!