[DRBD-user] the range of random high port

Junko IKEDA tsukishima.ha at gmail.com
Tue Aug 10 11:07:59 CEST 2010


Hi,

sorry, I got it.
Each node has the configured port or the random high port.
so if I set "7790" up as a replication port in drbd.conf,
drop all at first and only accept --dport and --sport 7790.

iptables -A INPUT -i bond1 -p tcp --dport 7790 -j ACCEPT
iptables -A INPUT -i bond1 -p tcp --sport 7790 -j ACCEPT
iptables -A OUTPUT -o bond1 -p tcp --dport 7790 -j ACCEPT
iptables -A OUTPUT -o bond1 -p tcp --sport 7790 -j ACCEPT

Thanks,
Junko

2010/8/6 Junko IKEDA <tsukishima.ha at gmail.com>:
> HI,
>
> DRBD has two tcp sessions per device,
> one end will have a "random high port",
> the end the configured port.
>
> I am setting up the parameters for fire wall,
> so I want to know the detail of this "random port".
> Is there any "range" for this?
> How can I narrow down the port setting of fire wall?
>
> Thanks,
> Junko IKEDA
>
> NTT DATA INTELLILINK CORPORATION
>


More information about the drbd-user mailing list