[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Condor-users] Usage of udp/tcp ports is a little confusing...
- Date: Wed, 18 Feb 2009 03:50:05 -0800 (PST)
- From: Rob <spamrefuse@xxxxxxxxx>
- Subject: [Condor-users] Usage of udp/tcp ports is a little confusing...
I want to introduce Condor to our university library.
In that system, I will use one Linux central master for all the
administration and job submissions; the pool consists of all
the public Windows PCs.
I myself need to be sure whether I understand the port usage
and tcp/udp policy of Condor.
Given that I use a HIGHPORT/LOWPORT setting of 9600/9700 and the default 9618 port for the collector
daemon, I believe the default policy is then as follows:
1) General availability information from the pool PCs (Ads) to
the central master occurs by UDP from pool PC (from a port
in 9600-9700 range) to central master (to port 9618).
This is just the usual one-way UDP communication.
2) For job submissions, TCP between pool & central master
is used between ports in the 9600-9700 range at both
Hence, I conclude from this:
* On central master I need to open the Linux firewall for
incoming UDP port 9618, if I only want to collect availability
information, without job submissions.
Submitting jobs from the central master, I also have to open
incoming TCP ports in the 9600-9700 range.
(The linux firewall allows all outgoing communication!).
* On the pool PCs, the Windows firewall must allow
condor_startd incoming/outgoing communication with the
central master Linux PC, in order to give Ads info (UDP)
and to communicate job submissions (TCP).
Here are my questions:
1) If I'm right with the central master firewall, then I understand
the Linux firewall requirements.
2) If I'm right with the Windows firewall, then I'm confused
about the firewall exceptions modifications by installing
the Condor msi package:
condor_dagman.exe allowed with any computer
condor_master.exe allowed with any computer
condor_startd.exe allowed with any computer
I'm inclined to completely remove the condor_master.exe
and the condor_dagman.exe firewall exceptions.
But why are they there in the first place???