Red Hat LINUX VIRTUAL SERVER 4.7 - ADMINISTRATION Spécifications télécharger pdf (Page 34)

Schema Calculated

port

Description

3xx01

3xx07

39901

39907

Primary Site for Clustering

4.9.2 Common Networks

When creating the firewall, do not forget to ask the customer which different networks s/he will need the

services in. You can use the list of usual networks from the table below as a basis. These networks are also

used in the sample kickstart script.

Table 10:

Network

Purpose Remark

Administration Administer the SAP HANA setup Only administrators should have access

Client Network Work with the database Normal users have access

Replication Network Replication Services and other instances Network for instances that SAP HANA is auto

matically replicated to

Primary Network Cluster communication between nodes Used for building clusters

Company Network Network to access the SAP HANA database

from inside the company

4.9.3 Write the Firewall

For every network you have to add the rules with the calculated port number.

If you use iptables as in the example below, make sure that you insert the rule after a rule which accepts all

packages for the states RELATED & ESTABLISHED. The SAP HANA instance number used in this example is

99. Make sure that you replace this with your instance number.

1. Start adding the rules for the administration network:

# /sbin/iptables -I INPUT 2 -s <ADMINISTRATION> -p tcp -m state \

--state NEW --dport 39909 -j ACCEPT

2. Now open the network with the SAP HANA studio clients. As you can see, the last two rules are there for

the replication services. SAP HANA Studio also needs access to these ports.