102CS 1000 on Linux base

Network and firewall

All applications operate behind a network firewall. The firewall starts on system boot, which invokes the Linux iptables facility to load the firewall configuration.

Each Linux server supports at least two Ethernet ports; one for ELAN subnet connectivity and another for TLAN subnet connectivity. By default, the TLAN is open to the network, while the ELAN is reachable only within the subnet. The Linux application selects the Ethernet port to use. The firewall protects both ports. For a listing of Linux base open firewall ports see Table 1 "Linux base open firewall ports" (page 102). For a definition of ELAN and TLAN see “Network configuration” (page 143).

Use the CLI command basefirewallconfig to configure the network firewall. For a list of Nortel Linux base CLI commands see “ Nortel Linux base CLI commands” (page 139).

Table 1

Linux base open firewall ports

Protocol

Port number or range

 

 

TCP

22

 

 

UDP

22

 

 

UDP

53 (to DNS servers only)

 

 

UDP

123

 

 

UDP

500

 

 

UDP

514

 

 

TCP

2100

 

 

UDP

33434-33524

 

 

Note: The port numbers found in Table 1 "Linux base open firewall ports" (page 102) apply only to the Linux base. Linux applications can require different ports. For a list of ports opened for the application see the appropriate application NTP .

Software reliability

Software monitoring

Nortel Communication Server 1000

Linux Platform Base and Applications Installation and Commissioning

NN43001-315 02.09

29 October 2008

Copyright © 2007–2008 Nortel Networks

Page 102
Image 102
Nortel Networks NN43001-315 manual Network and firewall, Software reliability