Hi Jiri,
we checked the ports that you have opened. Comparing them with the list
of needed
service ports it seems to be complete.
Maybe RAL could send their list of ports to you.
As far as we know they run a firewall too and their site works fine.
markus and jose
p.s. did you change the default ports used by the services????
On Wednesday, Nov 12, 2003, at 19:33 Europe/Zurich, Jiri Kosina wrote:
> On Wed, 12 Nov 2003, Jose Gabadinho wrote:
>
>> Now the problem is different. Your SE is giving timeouts. Could
>> you recheck it?
>> GlobusURLCopy: the server sent an error response: 425 425 Can't open
>> data
>> connection. timed out() failed.
>> I can run a simple job with globus-job-run on your CE, though
>> (I am also on the dteam vo).
>
> After turning off our firewall for SE, and things started to work (as
> you
> can check now, the firewall for SE is still down).
>
> The firewall configuration was made according to table-ports.ps
> document,
> posted formerly to this list. Our firewall configuration, which makes
> SE
> to time out, is
>
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp dpt:80
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:2049
> ACCEPT udp -- 0.0.0.0/0 147.231.25.26 udp dpt:123
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp dpt:22
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp dpt:111
> ACCEPT udp -- 0.0.0.0/0 147.231.25.26 udp dpt:111
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:2811
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:2135
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:3147
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:6375
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:8080
> ACCEPT tcp -- 0.0.0.0/0 147.231.25.26 tcp
> dpt:8443
>
> Do you see anything I've forgotten? Thanks.
>
> I'd also like to remind again the question of our WNs not mounting
> /flatfiles/SE00 from our SE. I have no clue what is wrong, I have
> described the problem in some previous mail to this list. Actual
> configuration files are in CVS. Could anyone please have a look?
> Thanks a
> lot in advance.
>
> --
> Jiri Kosina
> Institute of physics, Academy of Sciences of the Czech republic
>
>
************************************************************************
*******
Markus Schulz
CERN IT
|