[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] CCB info.

Thanks Todd. 
You understund correctly the ateam has no access to the cluster but the cluster has access to ateam lan. 
So i will configure the cluster to use ccb
How can i make sure that ccb will be used only for specific subnet? 

Thanks again. 

From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> on behalf of Todd L Miller <tlmiller@xxxxxxxxxxx>
Sent: Tuesday, March 30, 2021, 01:10
To: HTCondor-Users Mail List
Subject: Re: [HTCondor-users] CCB info.

> From all the networks in the cluster there is access to the ateam
> network but from ateam to the cluster there is no access.

         I'm not sure I understand your description.  The ateam does not
have outbound connectivity to the rest of the cluster, but it does have
inbound connectivity from the rest of the cluster?  (That seems rather

> From the submitter at the ateam network what will happen when I use
> condor_status will it proxy the request via the ccb? I can see that its
> looking for the real collectors

         CCB is not a proxy.  All that CCB does is reverse the direction of
the initial connection between two daemons, both of which must have
outbound access to the broker (collector).  The usual use case for CCB is
for machines behind a NAT: the machines can't accept inbound connections
but they can make outbound connections at will.  In such a case,
converting inbound connections from anywhere to outbound connections to
anywhere will work, and doing so only requires activating CCB on the
machines behind the NAT (and making sure they have a broker which can
accept inbound connections from anywhere).

         In the reverse case, where inbound connections are allowed but
outbound connections are not, you'd need to reverse all your other
connections: every machine _not_ in ateam would have to activate CCB and
use a broker that can accept inbound connections from anywhere (any
machine in ateam and any machine using it as a broker).

- ToddM
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting

The archives can be found at: