[pve-devel] [PATCH docs] firewall-doc: update list of default ports by range used for migration
Christian Ebner
c.ebner at proxmox.com
Tue Dec 3 11:05:37 CET 2019
Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
---
pve-firewall.adoc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/pve-firewall.adoc b/pve-firewall.adoc
index 2bcdf6e..7c60330 100644
--- a/pve-firewall.adoc
+++ b/pve-firewall.adoc
@@ -426,6 +426,8 @@ following traffic is still allowed for all {pve} hosts in the cluster:
* TCP traffic from management hosts to port 3128 for connections to the SPICE
proxy
* TCP traffic from management hosts to port 22 to allow ssh access
+* TCP traffic from management hosts to port range 60000 to 60050 for migration
+ traffic
* UDP traffic in the cluster network to port 5404 and 5405 for corosync
* UDP multicast traffic in the cluster network
* ICMP traffic type 3 (Destination Unreachable), 4 (congestion control) or 11
@@ -634,6 +636,7 @@ Ports used by {pve}
* sshd (used for cluster actions): 22
* rpcbind: 111
* corosync multicast (if you run a cluster): 5404, 5405 UDP
+* some migration traffic: 60000-60050 TCP
ifdef::manvolnum[]
--
2.20.1
More information about the pve-devel
mailing list