help with vic firewall issue

Robert Olson olson at mcs.anl.gov
Mon Feb 16 12:29:16 CST 2004 

Don't ivan's recent changes to vic fix this?

At 11:56 AM 2/16/2004, Eric Olson wrote:

>There's been a firewall issue with vic that's been on ag-tech recently.
>Basically, sockets' local ports (not normally important) need to be set
>correctly to get through some firewalls when using unicast.
>Here's a more complete description:
>http://www-unix.mcs.anl.gov/web-mail-archive/lists/ag-tech/2004/01/msg00129.html
>
>A patch was checked in (cvs: ag-media/net/net-ip.cpp) that fixed the
>windows version (in my tests), but gives a "port in use" error in linux.
>http://fl-cvs.mcs.anl.gov/viewcvs/viewcvs.cgi/ag-media/vic/net/net-ip.cpp.diff?r2=1.2&r1=1.1&diff_format=l
>
>Setting the ports to be reuseable (SO_REUSEADDR) got rid of the error, but
>didn't show me any streams in vic (and no firewall was in use).
>
>Anyone have any suggestions to try?
>
>If you want to reproduce the problem from mcs (outside argonne could be
>blocked by other firewall issues):
>Go to aps BM Beamline venue (url below), you will see a stream in
>multicast, but not in unicast due to the firewall (unless you have the
>windows patched vic).
>https://bmc90.ser.aps.anl.gov:8000/Venues/000000f9613ebb60007f00000000000101e
>
>Shortcuts for testing
>APS BM Beamline venue bridge and multicast
>./vic -K 7046b5a1 bmc90.ser.aps.anl.gov/9008
>./vic -K 7046b5a1 -t 127 224.1.2.5/1234
>
>I also have a local stream up for testing (although it's blue).
>FL Hangount on ag2-test:8000 bridge and multicast:
>./vic -K 4fc7b938 ag-tech.mcs.anl.gov/25000
>./vic -K 4fc7b938 -t127 224.2.224.69/64020
>https://ag-2.mcs.anl.gov:8000/Venues/000000f744de3387008c00dd000b004f3ea
>
>Also, /usr/sbin/lsof -i will show what ports are being used on both sides
>of socket connections.  Here's sample output from the old vic using a
>bridge; notice the ports on the fourth line do not match.
>vic       UDP eolson-laptop-34:32793->ag-tech.mcs.anl.gov:25000
>vic       UDP *:47000
>vic       UDP eolson-laptop-34:25000->ag-tech.mcs.anl.gov:*
>vic       UDP eolson-laptop-34:32794->ag-tech.mcs.anl.gov:25001
>vic       UDP eolson-laptop-34:25001->ag-tech.mcs.anl.gov:*
>
>I'd welcome any suggestions or help.
>Thanks,
>Eric

More information about the ag-dev mailing list