JiscMail Logo
Email discussion lists for the UK Education and Research communities

Help for DIRAC-USERS Archives

DIRAC-USERS Archives

DIRAC-USERS Archives


DIRAC-USERS@JISCMAIL.AC.UK


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Monospaced Font
LISTSERV Archives

LISTSERV Archives
DIRAC-USERS Home

DIRAC-USERS Home
DIRAC-USERS June 2015

DIRAC-USERS June 2015

Options

Subscribe or Unsubscribe

Subscribe or Unsubscribe

 Log In

Log In

 Get Password

Get Password

Subject:

Re: Transferring a test file...

From:

Lydia Heck <[log in to unmask]>

Reply-To:

Lydia Heck <[log in to unmask]>

Date:

Fri, 19 Jun 2015 17:08:16 +0100

Content-Type:

MULTIPART/MIXED

Parts/Attachments:
Parts/Attachments

TEXT/PLAIN (65 lines)


Hi Sam,

this is not Durham Grid! And the router is not configured (anymore) with complex
ACLs; that did not work and we now have the router open and we both the Durham
Grid and the DiRAC data system are controlling our own respective firewalls.

my firewall rules for RAL are:

# GridPP rules
-A INPUT -i eth2 -s 130.246.176/22 -p tcp -m state --state NEW -m tcp --dport
2811 -j ACCEPT
-A INPUT -i eth2 -s 130.246.221.148/32 -p tcp -m state --state NEW -m tcp
--dport 2811 -j ACCEPT
-A INPUT -i eth2 -s 130.246.180/22 -p tcp -m state --state NEW -m tcp --dport
2811 -j ACCEPT

-A INPUT -i eth2 -p tcp -m state --state NEW -m tcp --dport 50000:51000 -j
ACCEPT

I should also mention that the globus online connectivity works perfectly fine.
But for Globus online I do need to open 7512 for a specific ip address and port
2223 for yet another IP address.

Best wishes,
Lydia






  On Fri, 19 Jun 2015, Samuel Skipsey wrote:

>
> So, I'm not sure about the firewall config at Durham, but I do know that the Durham Grid admins had a very long to-and-fro with Durham Network/IT in order to get
> good transfer performance. The solution, IIRC, was quite a complex ACL list of allowed remote endpoints on the University firewall?
> I know that DiRAC has some similar exemptions to the Grid site at Durham, but it might be worth checking just how comprehensive they are...
>
> Sam
>
> Sent from my Sony Xperia™ smartphone
>
>
>
> ---- Jensen, Jens (STFC,RAL,SC) wrote ----
>
> More stuff. I was baffled that the transfer was not successful (particularly following the promising stuff Lydia and I managed to do in our long call yesterday),
> and I now have got some super-detailed logs from FTS.
>
> But before we go into that, I tried transferring the file from RAL to Glasgow (as dteam) and it worked fine. Glasgow to srm-dirac at RAL worked fine. Glasgow to
> Durham failed.
>
> So it looks like the problem is at the Durham end, or the problem is with FTS transferring to a plain gsiftp endpoint?
>
> Incidentally, I have tried with both new and old flavour proxies.
>
> One obvious step would be to try to transfer a file from Durham but that means finding a way of listing directories...
>
> Cheers
> -j
>
>
>

Top of Message | Previous Page | Permalink

JiscMail Tools


RSS Feeds and Sharing


Advanced Options


Archives

April 2024
October 2023
March 2023
February 2023
June 2022
May 2022
January 2022
September 2018
February 2018
November 2017
September 2017
August 2017
July 2017
June 2017
March 2017
February 2017
January 2017
August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015


JiscMail is a Jisc service.

View our service policies at https://www.jiscmail.ac.uk/policyandsecurity/ and Jisc's privacy policy at https://www.jisc.ac.uk/website/privacy-notice

For help and support help@jisc.ac.uk

Secured by F-Secure Anti-Virus CataList Email List Search Powered by the LISTSERV Email List Manager