Mailing List Archives

Public Access

 		[Computer Systems Lab]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] NAT inside NAT issue.

Hi Todd,
Âthanks for your quick answer, I'll try to be more clear.
In the attached image you can see a short map of our campus.
In Zone A we have the Central Manager (which at the moment is the submit node too), and the main execute nodes, the CM has the private IP 192.168.31.100 and is mapped to the public IP: 180.101.18.XXX, all the execute nodes in Zone A have IPs in the net 192.168.31, so they can contact the CM directly using the PROVATE_NETWORK_NAME.

The Zone B is another building in the campus, there are some laboratories which we want to add as execute nodes to the CM in Zone A, this nodes are behind a Firewall which have the Department's Campus IP (192.168.91.XXX), and all the PCs have IPs in the nets 172.17.*).

We tryed to use CCB, TCP_FORWADING_HOST but when we did it, the Zone B nodes, tryed to reach the CM using it's public IP (180.101.18...), if we remove the TCP_FORWADING they can access the CM's using the 192.168's IP, but we can access it from nodes ouside the campus.

We have no port restrictions between Zone A and Zone B, so any port needed by Condor is available, outside campus, we have some port restrictions but we tested an execute node in EC2 and it's working at the moment, our problem now is the Department's NATs.

I hope this time I was more clear, if you need more information, just ask me :D

Thank you very much for your help.

Inline image 1

On Wed, Nov 30, 2016 at 12:37 PM, Todd Tannenbaum <tannenba@xxxxxxxxxxx> wrote:
On 11/30/2016 10:40 AM, Edier Zapata wrote:
Hi everyone,
Âwe are trying to integrate some labs to the existing campus pool, but
they're behind a 2nd nat, I mean:

ÂWe have a Campus LAN in network 192.168, and some of the buildings have
one output point in net 192.168, but inside they're PCs are in another
Net (i.e 172.17), the condor's central manager has public IP, so outside
campus have 1 IP in net 180.101 and inside campus another in net
192.168

 I could perhaps help if you could take some additional time to more clearly explain the above paragraph.

Also, in your clarified description, please explain where are your submit machines vs execute machines vs central manager, which machine of each type has what network interfaces, etc.

thanks
Todd

_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxx.edu with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users

The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/



--
Edier Alberto Zapata HernÃndez
Ingeniero de Soporte en Infraestructura
CIER - Sur