Problem with Proxmox VE Cluster when using Shorewall firewall

I

ictdude

Active Member
May 18, 2008
88
0
26
Problem with Proxmox VE Cluster when using Shorewall firewall.
What firewall ports need to be open to use Proxmox VE Cluster and
a Shorewall firewall ? I try to secure the Proxmox server bij using this:

http://ovhwiki.com/index.php/Firewall_and_router_with_Proxmox

So i use 2 servers 2 nodes master and slave. With out firewall all ok.

And after completing this firewall setup next problem could not sync. with nodes. logfile say:

proxwww 5071 500 Can't connect to localhost:50000 (connect: Connection refused)

Local host is not used with firewall rules !? :confused:
 
dietmar said:
Is 'pvetunnel' running? If not, try to start/restart

# /etc/init.d/pvetunnel stop
# /etc/init.d/pvetunnel start

Does that help?
Click to expand...

Thanx for the reply. I did see that the ClusterSync and ClusterTunnel service where stoped. i could not start them any more in the webgui of Proxmox.
This problem started after installing the firewall as described in the url.

When i removed the firewall software all went to normal again. :confused: :(
 
dietmar said:
Any hint in syslog when you start pvetunnel?
Click to expand...

This is what its say: proxwww 5071 500 Can't connect to localhost:50000 (connect: Connection refused)

But maybe logfile of the firewall. Its strange that the error talks about the localhost. The local host is not used by the firewall rule. So bypassed the firewall. Need to know what ports are used bij VE cluster. I dont know if the remote node try to connect and give strange errors like this. Firewall out bound rules has no restriction. I will try to trouble shoot more. But i did not find info about what ports need to be open for the VE cluster to let the other node connect to the master node. :rolleyes:
 
ictdude said:
This is what its say: proxwww 5071 500 Can't connect to localhost:50000 (connect: Connection refused)

But maybe logfile of the firewall. Its strange that the error talks about the localhost. The local host is not used by the firewall rule. So bypassed the firewall. Need to know what ports are used bij VE cluster. I dont know if the remote node try to connect and give strange errors like this. Firewall out bound rules has no restriction. I will try to trouble shoot more. But i did not find info about what ports need to be open for the VE cluster to let the other node connect to the master node. :rolleyes:
Click to expand...

The cluster communicates via SSH (default port 22, vmbr0)
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom