HPE Community
HPE Morpheus VM Essentials
1827439 Members
5344 Online
109965 Solutions
New Discussion

Is it okay to install and configure a firewall on the host Ubuntu?

 
SOLVED
Go to solution
kurotan
Frequent Advisor

yesterday - last edited yesterday by

yesterday - last edited yesterday by

Is it okay to install and configure a firewall on the host Ubuntu?

I understand that the following ports need to be open, but is it okay to configure it with the ufw command to block the rest?

https://hpevm-docs.morpheusdata.com/en/latest/infrastructure/clusters/clusters.html

Reply
2 REPLIES 2
Akumar4
HPE Pro

yesterday

yesterday

Solution

Ports to be enabled in VME Host

Hello Kurotan,

//You can consider following ports to be opened if using firewall.

1. For HPE VME Management Ports

22 (SSH):
443 (HTTPS):
80 (HTTP):

2. For Corosync and Pacemaker Cluster Communication

5404 (UDP): Corosync default port for cluster communication (totem protocol).
5405 (UDP): Corosync default port for cluster messaging.
2224 (TCP/UDP): Pacemaker remote management and communication.

3. For Virtual Machine (VM) and Hypervisor Communication

16514 (TCP): Libvirt default port for managing VMs (e.g., virsh commands).
49152-49251 (TCP/UDP): Range for QEMU guest agent communication (if enabled).

4. NTP (Time Synchronization)

123 (UDP): Network Time Protocol for synchronizing time across hosts.

5. For DNS and DHCP

53 (TCP/UDP):
67 (UDP):

6. For NFS (Network File System)

2049 (TCP/UDP): NFS file sharing (if used for shared storage).
111 (TCP/UDP): RPC port for NFS.
20048 (TCP/UDP): NFS mountd port.

7. For iSCSI (Storage)

3260 (TCP): iSCSI target port (if using iSCSI storage).

8. For HPE OneView Integration

443 (HTTPS): For integration with HPE OneView or other management tools.

9. Additional Ports (Depending on Workload)

Custom Application Ports:

Enable ports specific to applications running on HPE VME (e.g., database ports like 3306 for MySQL or 5432 for PostgreSQL).

You can use any means to open these ports or block ports which are not required in Linux .



I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
kurotan
Frequent Advisor

yesterday

yesterday

Re: Ports to be enabled in VME Host

Thank you.
Thank you for the information about firewall settings.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.