1.2. Configuring the iptables Firewall to Allow Cluster Components

Table 1.1, “Ports to Enable for High Availability Add-On” shows the ports to enable for the Red Hat High Availability Add-On.

Table 1.1. Ports to Enable for High Availability Add-On

PortWhen Required
TCP 2224
Required on all nodes (needed by the pcsd daemon)
TCP 3121
Required on all nodes if the cluster has any Pacemaker Remote nodes
TCP 21064
Required on all nodes if the cluster contains any resources requiring DLM (such as clvm or GFS2)
UDP 5405
Required on all cluster nodes (needed by corosync)
UDP 5404
Required on cluster nodes if corosync is configured for multicast UDP