[CentOS] GFS + Restarting iptables

Peter Kjellstrom cap at nsc.liu.se
Tue Feb 17 12:22:06 UTC 2009


On Tuesday 17 February 2009, Sven Kaptein | MARS websolutions wrote:
> > Undoubtedly someone else with more experience with GFS will give you an
> > answer, but to me this makes me think ip_conntrack stuff gets cleared
> > out and sessions have to reestablish themselves.
> >
> > Ray
>
> Ray,
>
> Thanks for your fast answer and getting me into the right direction. This
> sounds like a possible solution, but I have no clue how to fix it. I
> googled already a lot on ip_conntrack + gfs, but don't see a possible
> solution coming up.
>
> Can someone/you please help me a little bit more with the issue?

You could allow traffic more broadly between your GFS-servers. Pro: packets 
will not depend on conntrack for delivery. Con: large hole in your firewall 
that you may not be able to live with.

/Peter

> Thanks a lot!
> Sven
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20090217/a6096cec/attachment.sig>


More information about the CentOS mailing list