[AG-TECH] Firewall woes ...

Thu Mar 25 13:42:20 CST 2004

The venue server will work fine with dynamic multicast addresses.  There 
is a problem with the bridgeserver in that it wants the venue server to 
use static addresses.  That problem will be addressed in the next release.

Was it experience or documentation that led you to believe you had to 
use static addressing?  If experience, it may be a bug in the software.  
If documentation, it's a bug in ours docs. 

Please let me know.

Tom

Nathan P Johnson wrote:

>Thanks! I also don't understand why I have to choose the static port
>option to get the venue server to work ( even when not using a bridge ).
>Is that the way it is designed?
>
>Thanks again,
>Nate
>
>  
>
>>>>"Thomas D. Uram" <turam at mcs.anl.gov> 3/25/2004 11:56:54 AM >>>
>>>>        
>>>>
>Hi Nathan:
>
>The current version of the bridge server does choose ports randomly.  
>The next version will allow the ports to be configured, to be more 
>friendly to admins with firewall concerns.  If you're interested, when
>
>it's usable in cvs, I can give you the info you need to try it.
>
>As for the venue server, the default ports it uses are 8000, 8002,
>8004, 
>and 8006. 
>
>You might also refer to this document about firewalls and the AG:
>
>http://www-unix.mcs.anl.gov/fl/research/accessgrid/documentation/agep/AGEP-0109.html
>
>
>Tom
>
>
>Nathan P Johnson wrote:
>
>  
>
>>I am attempting to run an AG 2.x venue server and bridge server on a
>>linux box with an iptables firewall. The bridge server seems to use
>>    
>>
>some
>  
>
>>ports it picks in an arbitrary fashion? How do I know which ports to
>>open in the firewall for both the bridge and the venue server.
>>
>>At this point I seem to have things working partially. Any
>>    
>>
>suggestions?
>  
>
>>Has anyone done this?
>>
>>Thanks,
>>Nate
>>
>>
>> 
>>
>>    
>>
>
>
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mcs.anl.gov/pipermail/ag-dev/attachments/20040325/ad812b44/attachment.htm>