On Fri, Apr 27, 2012 at 12:18 AM, Hermann Fuchs
<hermann.fuchs@xxxxxxxxxxxxxxxx> wrote:
Hello
I guess my previous email was a bit confusing, sorry for that, so I try
it again.
We have condor master server using Shared Ports and CCB due to firewall
restrictions.
Up until now we only had one NIC communicating with all nodes.
Now we've added a second NIC (a VPN tun device). We want additional
nodes to connect to the master server only through the second NIC.
Unfortunately there is no way around using the same master server for
both networks.
Example:
condor master server
main ip: 123.123.123.123
tun ip: 10.8.0.1
USE_SHARED_PORT = TRUE
NETWORK_INTERFACE = eth0
PRIVATE_NETWORK_NAME = OpenVPNnetwork
PRIVATE_NETWORK_INTERFACE = 10.8.0.1
SHARED_PORT_ARGS = -p 9618
DAEMON_LIST = $(DAEMON_LIST), SHARED_PORT
COLLECTOR_HOST = $(CONDOR_HOST)?sock=collector
"normal node"
CONDOR_HOST = 123.123.123.123
SHARED_PORT_ARGS = -p 9618
DAEMON_LIST = $(DAEMON_LIST), SHARED_PORT
COLLECTOR_HOST = $(CONDOR_HOST)?sock=collector
USE_SHARED_PORT = TRUE
"vpn node"
CONDOR_HOST = 123.123.123.123
PRIVATE_NETWORK_NAME = OpenVPNnetwork
PRIVATE_NETWORK_INTERFACE = tun0
SHARED_PORT_ARGS = -p 9618
DAEMON_LIST = $(DAEMON_LIST), SHARED_PORT
COLLECTOR_HOST = $(CONDOR_HOST)?sock=collector
USE_SHARED_PORT = TRUE
This configuration kind of works.
Both node types can contact the condor master. The vpn node will contact
the condor master using its public ip (collector) and use the vpn for
all other communications. So the vpn node has to be able to contact the
condor master on BOTH ip addresses.
We would like the vpn nodes to communicate using only the vpn network.
However, setting CONDOR_HOST = 10.8.0.1
creates the following error:
condor_status -debug
04/27/12 09:08:02 attempt to connect to <10.8.0.1:9618> failed:
Connection refused (connect errno = 111).
Error: communication error
CEDAR:6001:Failed to connect to <10.8.0.1:9618?sock=collector>
The vpn clients allow administrative, read and write access for both ip
addresses of the condor master. For testing purposes we allowed everyone
read and write permissions on the master, the problem remained.
Does anybody have an idea how to solve this?
Best regards,
Hermann
--
-------------
DI Hermann Fuchs
Christian Doppler Laboratory for Medical Radiation Research for Radiation Oncology
Department of Radiation Oncology
Medical University Vienna
Währinger Gürtel 18-20
A-1090 Wien
Tel. + 43 / 1 / 40 400 7271
Mail. hermann.fuchs@xxxxxxxxxxxxxxxx
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/condor-users/
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}