Dear Reuti, thanks for the reply, indeed at the moment there is a login node, but we have plans to remove it (by setting up a route through our gateway, which makes some administrative tasks more smooth) and restricting access using firewalls. I like your idea of restricting the address range instead of the port range.
Yours, Alex On 08/24/2016 08:51 PM, Reuti wrote:
Hi, Am 24.08.2016 um 19:33 schrieb Alexander Hasselhuhn:does anyone know which ports I would have to insert into my firewall config for qrsh to work? It seems qrsh opens a port on the submit host and listens on it. The ports seem to change randomly for each execution of qrsh.How is the setup of your cluster? Often the login node has a firewall to the outside world, but inside the cluster there is less protection as noone can connect from the outside world to the nodes anyway. Also between nodes e.g. MPI needs certain ports to operate. You could setup the firewall not to look for certain ports, but allow only certain addresses it accepts connections from. -- ReutiBtw. I'm using OGS/GE 2011.11p1. Thanks, Alex _______________________________________________ users mailing list users@gridengine.org https://gridengine.org/mailman/listinfo/users
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ users mailing list users@gridengine.org https://gridengine.org/mailman/listinfo/users
