Hi,
At this risk of lighting the blue touch paper......
One of the Vidyo Routers is located at the RAL Tier1 (in fact they are
distributed round Tier1 sites). We were recently asked to validate our
firewall settings for that router which we have done and they meet the
settings specified.
However, the firewall settings for Vidyo also put requirements on the Vidyo
clients. The specific item that concerns me is:
"Clients to VidyoRouters:
- TCP Port 17990 (SCIP) and UDP Ports 50,000 - 65,535 (RTP/sRTP/RTCP)
bidirectional to the Vidyo routers"
My understanding is that this means allowing these ports inbound (as well as
outbound) to/from the set of Vidyo Routers for all clients - which is
probably the set of desktops in your department.
My question is: Is this inbound traffic typically allowed at other (e.g. UK
Tier2) sites?
The links below point to some relevant information as I guess someone will
want to look at it.
- The updated list of routers is provided on the following page:
http://information-technology.web.cern.ch/services/fe/info/vidyo-routers-cer
nlhc-vidyo-network
- The Vidyo firewall configuration is explained in this document:
https://twiki.cern.ch/twiki/pub/LCG/WLCGDailyMeetingsWeek140428/VidyoFirewal
lConfiguration.rtf
Thanks
Gareth
|