7.2.2 Configuring the Firewall

Configure or disable the firewall on each node to allow access on the interface that the cluster will use for private cluster communication. By default, the cluster uses both TCP and UDP over port 7777.

To allow incoming TCP connections and UDP datagrams on port 7777 from the private network, use the following commands:

# iptables -I INPUT -s subnet_addr/prefix_length -p tcp \
  -m state --state NEW -m tcp --dport 7777 -j ACCEPT
# iptables -I INPUT -s subnet_addr/prefix_length -p udp \
  -m udp --dport 7777 -j ACCEPT
# service iptables save

where subnet_addr/prefix_length specifies the network address of the private network, for example 10.0.1.0/24.