[AG-TECH] AG 2.0 and static multicast addresses
Ivan R. Judson
judson at mcs.anl.gov
Tue Feb 4 16:18:29 CST 2003
Hi Jennifer, and everybody else :-),
We have been thinking about these issues, more lately than ever before. As
anyone who was in the town hall realized today, ANL is now a corporate-like
institution wrt firewalls. We have one, and we don't accept incoming
connections unless we put conduits in place.
However, we do have a plan in our minds -- we're working on getting it on
paper (well digital paper) -- to share with the community soon; probably
before the retreat.
I'm glad you brought this up, since it's probably a concern that affects
more and more users.
--Ivan
> -----Original Message-----
> From: owner-ag-tech at mcs.anl.gov
> [mailto:owner-ag-tech at mcs.anl.gov] On Behalf Of Jennifer Teig
> von Hoffman
> Sent: Tuesday, February 04, 2003 3:52 PM
> To: ag-tech at mcs.anl.gov
> Subject: [AG-TECH] AG 2.0 and static multicast addresses
>
>
> Hi everybody, and especially Ivan :-) ,
>
> Having had a bit of time to reflect on today's town hall, I'm quite
> worried about the fact that AG 2.0 will shift us to a system of
> exclusively dynamically-generated multicast addresses for
> venues (even
> allowing for some transition time and special transition venues).
>
> At first this worried me purely in the context of the implications of
> nodes running 1.x not being able to co-exist in virtual venues with
> nodes running 2.x; if this incompatibility exists, it's going to be a
> nightmare for those of us planning even very small events,
> even if the
> transitional rooms Ivan spoke of today were available. If you
> were, say,
> planning a meeting among 5 sites, you'd need to either be sure that
> everybody was running the same version of the software, or be sure to
> reserve the "transitional" venue where everybody could co-exist. My
> hunch is that most events would take place in these
> transitional rooms,
> since most of us wouldn't be able to find the time to ask
> everybody what
> version of AGTk they were running.
>
> But then, after some time worrying about that, I started
> worrying about
> ports and firewalls and such. I'm already aware of a couple AG nodes
> where they have to ask their firewall admins to unblock specific
> ports/addresses in order to participate in a given meeting;
> surely that
> sort of firewall reconfiguration won't happen on the fly
> along with the
> dynamic address allocation. So people at those nodes wouldn't
> be able to
> upgrade to 2.0 unless they could convince their network
> security staff
> to make some substantial changes.
>
> And I'm guessing that if I (a relatively non-technical user)
> am coming
> up with these concerns, there are probably more big issues
> here too --
> it's a major change in the underpinnings of the AG.
>
> - Jennifer
>
>
More information about the ag-tech
mailing list