[lustre-discuss] need info regarding TCP ports for lustre

Sharma, Amit amit.cr.sharma at accenture.com
Tue Jun 14 04:55:01 PDT 2022


Thanks for the reply, Andreas.

We clear are with Lustre client/server communications. The area where we are not clear is the communication within the Lustre server tier.

Our Lustre server tier will be a within the GCP subnet where we have our MGS, OSS servers etc.., Please can you let us know what are all the ports & protocols that we need to open between/within the Lustre server tier subnet. Is that tcp:0-65535 or can we have only specific range since there is a major concern for opening the whole range.

Thanks
Amit

________________________________
From: Andreas Dilger <adilger at whamcloud.com>
Sent: Tuesday, June 14, 2022 4:21 AM
To: Sharma, Amit <amit.cr.sharma at accenture.com>
Cc: lustre-discuss at lists.lustre.org <lustre-discuss at lists.lustre.org>; Kumar, Animesh <animesh.g.kumar at accenture.com>
Subject: [External] Re: [lustre-discuss] need info regarding TCP ports for lustre

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments.
________________________________

On Jun 13, 2022, at 08:27, Sharma, Amit via lustre-discuss <lustre-discuss at lists.lustre.org<mailto:lustre-discuss at lists.lustre.org>> wrote:

Hi Team,

can you please help me which ephemeral TCP ports need to be opened for luster inter server communication.

Regards,
Amit

There are several answers here:
- the LNet socklnd acceptor listens on port 988 for *new* incoming connections and needs to be open
- socklnd acceptor by default only allows connections *from* ("secure") port 988, unless "accept=all" is used
- after initial TCP connection establishment, *each* new client or server connection will use 3 TCP sockets
  (or more, see LU-12815 for details) on *other* ports, so these cannot be blocked outright, but do not need
  to allow connections

*Most* of the port 988 connections will be client->server, but occasionally if there is a network problem and the client connection is dropped, then server->client connections may be initiated to cancel a lock or similar.  If this server->client connection cannot be established, then the client may be evicted.

Cheers, Andreas
--
Andreas Dilger
Lustre Principal Architect
Whamcloud








________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lustre.org/pipermail/lustre-discuss-lustre.org/attachments/20220614/b99ebd78/attachment.htm>


More information about the lustre-discuss mailing list