HA NFS Cluster

Internal Outgoing and Incoming Connections

To ensure the NFS cluster internal communications, set up the firewall configuration with the following ports open:

From	To	Protocol	Port
Primary NFS server – storage network NIC	Secondary NFS server – storage network NIC	TCP	7788
Primary NFS server – BackNet NIC	Secondary NFS server – BackNet NIC	UDP	694
Primary NFS server – BackNet NIC	Quorum server – BackNet NIC	UDP	694
Primary NFS server – BackNet NIC	Web cluster node (HEWSL) – BackNet NIC	TCP, UDP	111, 10300:10302

From	To	Protocol	Port
Secondary NFS server – storage network NIC	Primary NFS server – storage network NIC	TCP	7788
Secondary NFS server – BackNet NIC	Primary NFS server – BackNet NIC	UDP	694
Secondary NFS server – BackNet NIC	Quorum server – BackNet NIC	UDP	694
Secondary NFS server – BackNet NIC	Web cluster node (HEWSL) – BackNet NIC	TCP, UDP	111, 10300:10302

From	To	Protocol	Port
Quorum server – BackNet NIC	Primary NFS server – BackNet NIC	UDP	694
Quorum server – BackNet NIC	Secondary NFS server – BackNet NIC	UDP	694

From	To	Protocol	Port
NTP server – BackNet NIC	Primary NFS server – BackNet NIC	UDP	123
NTP server – BackNet NIC	Primary NFS server – BackNet NIC	UDP	123
NTP server – BackNet NIC	Quorum server – BackNet NIC	UDP	123

Note: Each of the NFS servers has its own fencing device. Depending on the device type, you may need to perform additional firewall configuration for NFS servers and the quorum server to establish connection between them and the STONITH devices. Primary NFS server should have access to the STONITH device controlling the Secondary server, and vice versa.

From	To	Protocol	Port
Primary NFS server – BackNet NIC	DNS Resolver Server – BackNet NIC	UDP	53
Secondary NFS server – BackNet NIC
Quorum server – BackNet NIC