LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
Reload this Page [SOLVED] what is the keepalived iptables port?
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-07-2015, 01:18 PM   #1
Michael Barto
LQ Newbie
 
Registered: May 2015
Posts: 4

Rep: Reputation: Disabled
what is the keepalived iptables port?

For CentOS6, I have installed keepalived on two machine. When I run "ip addr list eth2" it shows that the virtual is active on both servers. When I turn the firewall off, it works correctly and failover moves the correctly from one machine to another. What port do I need to open?

When I turn the firewall off, I get the correct eded output

[root@usivnprdldbuh003 ~]# ip addr list eth2
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:19:b9:e9:4b:ff brd ff:ff:ff:ff:ff:ff
inet 192.168.201.20/24 brd 192.168.201.255 scope global eth2
inet 192.168.201.10/32 brd 192.168.201.255 scope global eth2
inet6 fe80::219:b9ff:fee9:4bff/64 scope link
valid_lft forever preferred_lft forever
[root@usivnprdldbuh003 ~]#

[root@usivnprdldbuh004 ~]# ip addr list eth2
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:19:b9:e8:f1:c8 brd ff:ff:ff:ff:ff:ff
inet 192.168.201.21/24 brd 192.168.201.255 scope global eth2
inet6 fe80::219:b9ff:fee8:f1c8/64 scope link
valid_lft forever preferred_lft forever
[root@usivnprdldbuh004 ~]#




And everything works. But if I turn on the firewall, I get exactly the same output for both
[root@usivnprdldbuh003 ~]# ip addr list eth2
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:19:b9:e9:4b:ff brd ff:ff:ff:ff:ff:ff
inet 192.168.201.20/24 brd 192.168.201.255 scope global eth2
inet 192.168.201.10/32 brd 192.168.201.255 scope global eth2
inet6 fe80::219:b9ff:fee9:4bff/64 scope link
valid_lft forever preferred_lft forever
[root@usivnprdldbuh003 ~]#

[root@usivnprdldbuh004 ~]# ip addr list eth2
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:19:b9:e8:f1:c8 brd ff:ff:ff:ff:ff:ff
inet 192.168.201.21/24 brd 192.168.201.255 scope global eth2
inet 192.168.201.10/32 brd 192.168.201.255 scope global eth2
inet6 fe80::219:b9ff:fee8:f1c8/64 scope link
valid_lft forever preferred_lft forever
[root@usivnprdldbuh004 ~]#

What port does it use to validate the network device.
 
Old 05-09-2015, 02:32 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by Michael Barto View Post
What port do I need to open?
Code:
 ~]$ getent networks mcast-base
mcast-base            224.0.0.0
# So you need something like:
/sbin/iptables -t filter -I INPUT -d 224.0.0.0/8 -j ACCEPT

 ~]$ getent protocols vrrp
vrrp                  112 VRRP
# So you also need something like:
/sbin/iptables -t filter -I INPUT -p vrrp -j ACCEPT

#*Also please don't post duplicate questions. It's inefficient and against the LQ Rules.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] IPtables : ssh port forwarding one port to another port issue routers Linux - Networking 7 08-07-2018 08:41 AM
[SOLVED] Load Balancing with LVS-NAT, Keepalived, and iptables ccolumbu Linux - Networking 1 05-18-2014 02:58 AM
[SOLVED] iptables: verify traffic on port to check if it is legitimate for that port. lievendp Linux - Security 5 04-18-2011 08:00 AM
CentOS 5: iptables - cannot open port 80 and nat to port 8080 for Tomcat steve willett Linux - Networking 4 09-24-2010 04:03 AM
debian iptables squid - redirect port 80 to port 8080 on another machine nickleus Linux - Networking 1 08-17-2006 12:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:53 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration