[AG-TECH] Access Grid 3.0 beta1 available !

Thomas D. Uram turam at mcs.anl.gov
Mon Jan 30 12:46:56 CST 2006 

Zsolt:

You are right that firewalls are a big problem for the AG.

Currently, this is a deployment issue for venue server administrators to consider.
Facilities exist in the software for:

- specifying the multicast address range
for dynamically allocated multicast addresses (there is currently no option
for setting the port range, but we should add one)

- assigning static multicast addresses/ports

- running a bridgeserver to use a specified range of ports.

I'd expect network admins to have little problem opening
the firewall for traffic from the multicast ip range, but given inflexible
network admins and policies, that may not be possible.  Perhaps
they'd have less of a problem opening the firewall for traffic from a
single, presumed trusted bridge host, so that may help.

Of course, the ideal solution would be to tunnel all traffic over
a single well-known port, and that is exactly the goal of umtp,
which is employed in the AG connector.  We'll be working with Namgon
to try to shake out bugs in AGConnector, and work to integrate
it with the core toolkit.  With the multicast detection and beacon
integrated into AG3, the goal is to be able to intelligently and reliably repair
media connectivity.  I'd encourage everyone to continue trying AGconnector
going forward, as we work to improve it.

Tom


On 1/30/06 9:19 AM, Nagykaldi, Zsolt F. (HSC) wrote:
>  
> It seems that most practical problems during implementation come from 
> firewall issues. Are you guys planning to (at least) narrow the UDP port 
> range for VIC and RAT,  or maybe (in my dreams) tunnel all audio/video
> traffic through a few number of ports that are usually open? I have been 
> networking with a lot of people who are desperate to set up their nodes 
> and they hit a brick wall every time it comes to push changes through 
> their IT departments, who are freaking out about the idea of opening 
> ports in such a wide range. More and more people would like to use the 
> system via PIGs and not necessarily big institutional nodes that require 
> weeks, if not months of negotiations and arm-twisting each time a new 
> client is added at a new location. (The AG Connector would be really 
> helpful, except it causes an ominous looping drop of all audio-video 
> connections, as it has been reported before, and it is very unreliable). 
> Extra features in v3.0 are nice, but I truly believe that the 
> firewall/ports issue is the most significant barrier to wider adoption 
> of the Toolkit.
>  
>  
> Zsolt
>  
> _ _ _
>  
> Zsolt Nagykaldi, PhD
> Research Associate, Clinical IT Specialist
> University Of Oklahoma Health Sciences Center
> Department Of Family And Preventive Medicine
> Oklahoma Center For Family Medicine Research
>  
> 900 NE 10th Street
> Oklahoma City, OK 73104
> Phone: (405) 271-8000 Ext.:1-32212
> Fax:     (405) 271-1682

More information about the ag-tech mailing list