Heartbeat having problems with ipchains
Alan Robertson
alanr@unix.sh
Fri, 27 Apr 2001 07:04:34 -0600
Jatin Nansi wrote:
>
> Hi
>
> I have installed heartbeat (0.4.8-1) and drbd on two server machines
> which will be used for mail.
> problem i am facing is that no matter how much i try, i am not able to
> get heartbeat packets thru
> ipchains. i usually configure ipchains on all important servers in
> addition to the firewall.
> i have gone thru the list archives, but there are only a few such cases,
> and that too are configuration
> errors. i dont think theres anything wrong here.
> if you can tell me what all ports / protocols are used by heartbeat, i
> still might be able to figure out
> something.
> the default policy is deny for input and forward, accept for output. the
> complete conf file for ipchains is as
> under.
Heartbeat by default uses port 694 and if you are blocking IP addreses, it
typically uses the broadcast address, so you need to let broadcast on port
694. If you are using multicast, then you need to let the multicast
addresses you're using through...
-- Alan Robertson
alanr@unix.sh