| ... | ... | @@ -97,11 +97,22 @@ which you must be able to send out packets and receive the replies. |
|
|
|
| ---- | ------ | -------- | --------- | ------ |
|
|
|
|
| boss | 22 | TCP | in | ssh in from boss to reboot nodes |
|
|
|
|
| boss | 53 | UDP | both | DNS queries and replies |
|
|
|
|
| ops | 111 | TCP/UDP | both | NFS portmapper (rpcbind) |
|
|
|
|
| boss | 123 | UDP | both | NTP |
|
|
|
|
| boss | 2917 | TCP | out | pubsub event system |
|
|
|
|
| ops | 514 | UDP | out | syslog |
|
|
|
|
| ops | 900 | TCP/UDP | both | NFS mount daemon (mountd) |
|
|
|
|
| boss | 7777 | TCP/UDP | both | Testbed Master Control Daemon |
|
|
|
|
| ops | 1024 | UDP | both | Portmapper for NFS, etc. |
|
|
|
|
| ops | 2049 | UDP | both | NFS |
|
|
|
|
| ops | 4045 | TCP/UDP | both | NFS locking (lockd) |
|
|
|
|
| boss | 8509 | TCP | out | Emulab node monitor (slothd) |
|
|
|
|
| boss | 16505 | TCP | out | pubsub event system |
|
|
|
|
|
|
|
|
For some storage related services (e.g., loading of image-backed datasets or tarballs), you will also need to allow the Emulab imaging services (frisbee):
|
|
|
|
|
|
|
|
| Host | Port | Protocol | Direction | Reason |
|
|
|
|
| ---- | ------ | -------- | --------- | ------ |
|
|
|
|
| boss | 21700-21799 | TCP/UDP multicast | both | frisbee up/download |
|
|
|
|
| boss | 64494 | TCP | out | frisbee master server |
|
|
|
|
|
|
|
|
### Accounts
|
|
|
|
|
| ... | ... | |
