[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] CCB info.

From all the networks in the cluster there is access to the ateam network but from ateam to the cluster there is no access.

I'm not sure I understand your description. The ateam does not have outbound connectivity to the rest of the cluster, but it does have inbound connectivity from the rest of the cluster? (That seems rather unusual.)

From the submitter at the ateam network what will happen when I use condor_status will it proxy the request via the ccb? I can see that its looking for the real collectors

CCB is not a proxy. All that CCB does is reverse the direction of the initial connection between two daemons, both of which must have outbound access to the broker (collector). The usual use case for CCB is for machines behind a NAT: the machines can't accept inbound connections but they can make outbound connections at will. In such a case, converting inbound connections from anywhere to outbound connections to anywhere will work, and doing so only requires activating CCB on the machines behind the NAT (and making sure they have a broker which can accept inbound connections from anywhere).

In the reverse case, where inbound connections are allowed but outbound connections are not, you'd need to reverse all your other connections: every machine _not_ in ateam would have to activate CCB and use a broker that can accept inbound connections from anywhere (any machine in ateam and any machine using it as a broker).

- ToddM