Hi Henry,
as you suspected, we have all the LCG front-end nodes on the public
network, and the worker nodes on the private network connect to them via
the router/NAT.
Cheers,
Simon
On Thu, 17 Mar 2005, Henry Nebrensky wrote:
> Not being the person leading the charge on this at Brunel, I have a
> question Paul and Owen probably already know the answer to:
>
> On Thu, 17 Mar 2005, Simon George wrote:
>
> > I can provide further details on the RHUL setup soon.
> > The basic setup is a master node that acts as a NAT router, connected to
> > both public and private networks. It provides DHCP and a disk image to
> > sync against for the WNs. It also runs pbs and maui. The CE queues are
> > just fronts for the master node. We made our nfs file servers multi-homed
> > too.
>
> How do you do DNS and certificate names on the CE? Don't the the WNs
> (private LAN) need to see the CE with the same name as its certificate
> (as does e.g. the RB on the WAN?) Or does that traffic go through NAT
> and in through the public interface (albeit diddled inside the
> processor rather than physically down a cable, IYSWIM)?
>
> Thanks
>
> Henry
>
> --
> Dr. Henry Nebrensky [log in to unmask]
> http://people.brunel.ac.uk/~eesrjjn
> "The opossum is a very sophisticated animal.
> It doesn't even get up until 5 or 6 p.m."
>
|