The firewall should let through the UDP multicast traffic on
ports mcastport and mcastport+1.
As I wrote above: all interfaces in SuSEfirewall2 is set to "Internal
zone". So, how can I "open" these ports if it already opened?
Just to double check, I assume "Internal zone" does not have any
firewall rules applied to it? If you go to "Allowed Services" in the
YaST2 firewall config app, it should show everything greyed-out or
allowed for Internal Zone.
Yes, exactly, everything greyed-out and allowed for "Internal Zone".
"Internal zone is unprotected. All ports are open."
You said earlier that openais starts OK if you have the firewall on,
but resources do not run. What does the output of "crm_mon -r1" show
in this case?
sles2:~ # crm_mon -r1
============
Last updated: Thu May 13 12:21:21 2010
Stack: openais
Current DC: NONE
2 Nodes configured, 2 expected votes
10 Resources configured.
============
Node sles2: UNCLEAN (offline)
Node sles1: UNCLEAN (offline)
Full list of resources:
Clone Set: sbd-clone
Stopped: [ sbd_fense:0 sbd_fense:1 ]
Clone Set: dlm-clone
Stopped: [ dlm:0 dlm:1 ]
Clone Set: clvm-clone
Stopped: [ clvm:0 clvm:1 ]
Clone Set: eCluster_vg0-clone
Stopped: [ eCluster_vg0:0 eCluster_vg0:1 ]
Clone Set: o2cb-clone
Stopped: [ o2cb:0 o2cb:1 ]
Clone Set: fs-clone
Stopped: [ fs:0 fs:1 ]
Clone Set: pingd-clone
Stopped: [ pingd:0 pingd:1 ]
Resource Group: ip-group
int_ip (ocf::heartbeat:IPaddr2): Stopped
ext_ip (ocf::heartbeat:IPaddr2): Stopped
Resource Group: engine-group
mysql (ocf::heartbeat:mysql): Stopped
apache (ocf::heartbeat:apache): Stopped
Resource Group: tools-group
ftp (ocf::heartbeat:Pure-FTPd): Stopped
--
Aleksey
_______________________________________________
Pacemaker mailing list: Pacemaker@oss.clusterlabs.org
http://oss.clusterlabs.org/mailman/listinfo/pacemaker
Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
