This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Last revision Both sides next revision | ||
cluster:102 [2011/06/29 11:59] hmeij |
cluster:102 [2020/08/24 07:16] hmeij07 |
||
---|---|---|---|
Line 1: | Line 1: | ||
\\ | \\ | ||
**[[cluster: | **[[cluster: | ||
+ | |||
+ | Note #1 | ||
+ | |||
+ | CentOS 8.1 with the standard firewalld.\\ | ||
+ | If this is of interest to you this was how I managed to get it work: | ||
+ | < | ||
+ | EXTIFACE=MASTER_NODE_EXT_INTERFACE_DEVICE (e.g. eno1) | ||
+ | INTIFACE=MASTER_NODE_INTERNAL_INTERFACE_DEVICE (e.g. eno2) | ||
+ | INTIPADDR=MASTER_IP_OF_INTERNAL_IFAC | ||
+ | PREFIX=PREFIX_OF_INTERNAL_NETWORK | ||
+ | firewall-cmd --change-interface=${EXTIFACE} --zone=public | ||
+ | firewall-cmd --change-interface=${INTIFACE} --zone=trusted --permanent | ||
+ | firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTROUTING -o ${EXTIFACE} -j MASQUERADE -s ${INTIPADDR}/ | ||
+ | firewall-cmd --set-default-zone=trusted | ||
+ | firewall-cmd --reload | ||
+ | </ | ||
+ | |||
+ | And make sure the default route is set on all compute nodes. | ||
This is my second NAT story, for the first one look at [[cluster: | This is my second NAT story, for the first one look at [[cluster: |