[Condor-users] Flocking across a firewall?

[Angel de Vicente <angelv@xxxxxx>]

Hi,

I am trying to flock jobs from one pool to another, but between them there is a
firewall... I've been looking at the Condor list archives, but cannot find an
explanation of exactly what traffic should be open between the two pools, and
between which nodes.

The situations is like this. We have two networks: A and B. All traffic from A
to B is not firewalled, but most of the traffic from B to A is filtered. Our
network administrator, quite reasonbly, doesn't like the idea of opening the
whole thing, so we would like to open the minimum necessary.

Any guidelines on what should be open to make it work? So far we have only
opened one port, and when submitting a job from network A to network B the
communication necessary for negotiating is OK. Jobs are matched to machines in
network B. But now the job complains in the Starter about comunication with the
condor_shadow in the submitting machine. Now, the problem is that the shadows
seem to be listening to different ports. So, is there a range that we should
open? 

Any help appreciated. Thanks a lot,
Angel de Vicente
-- 
----------------------------------
http://www.iac.es/galeria/angelv/

PostDoc Software Support
Instituto de Astrofisica de Canarias