Hi Henry,
this is roughly what we are doing at RHUL. It seems to work fine.
I haven't personally tried rfio, but if lhcb or atlas are using it to/from
our SE, then it must be working because their jobs have been running
without complaint.
Cheers,
Simon
On Thu, 23 Jun 2005, Henry Nebrensky wrote:
> On Thu, 23 Jun 2005, Jeff Templon wrote:
>
> > Hi,
> >
> > not really practical. WNs on a private subnet with outbound IP thru
> > NAT. SE, CE need inbound IP so they go on a different subnet. You can
> > probably do it via a single subnet but I would not want to be the person
> > managing the router rules in that case :(
>
> The route (ahem) we were going to take was to multi-home the service
> nodes, "spoofing" their FQDNs to their private addresses in the /etc/hosts
> on all the WNs.
>
> Is there a flaw in that cunning plan we've missed? (Would it work for
> RFIO?)
>
> Thanks
>
> Henry
>
>
> > Dan Schrager wrote:
> > > I would put ALL host in the same private network...
> > >
> > > Massimo Biasotto wrote:
> > >
> > >> In our site we have all WNs on a private subnet and in order to
> > >> allow them to access the SE via rfio we had to create on the
> > >> server the file /etc/shift.localhost.
> > >> Since upgrading to LCG-2.5.0 this is not working anymore: rfio
> > >> connections from WNs are refused with the error
> > >> isremote(): client is in another site
> > >>
> > >> How can it be configured to accept connections from a
> > >> different subnet?
> > >>
> > >> Thanks,
> > >> Massimo Biasotto
>
> --
> Dr. Henry Nebrensky [log in to unmask]
> http://people.brunel.ac.uk/~eesrjjn
> "The opossum is a very sophisticated animal.
> It doesn't even get up until 5 or 6 p.m."
>
|