Another option is to leave iptables enabled, but allow TCP sockets with random source/destination port numbers between trusted machines.
On Mar 25, 2013, at 10:21 AM, Ralph Castain <r...@open-mpi.org> wrote: > > On Mar 25, 2013, at 7:13 AM, Baptiste Robert <baptisterober...@gmail.com> > wrote: > >> Yes, I read that we don't have the choice, we have to disable iptables. This >> information is not crystal clear in the user manual. >> Furthermore this mean that we can't launch mpi on a remote web server in >> total security. > > Well, you could do that - look at the static ports option. It lets you > specify one or more ports for OMPI to use. There are separate options for the > daemon (out-of-band or OOB) and MPI procs (the TCP BTL) to use, so you'd need > to specify both. Then you need to tell iptables on the web server to allow > those ports. > > ompi_info --param oob tcp > ompi_info --param btl tcp > > >> >> Thank you for your help, I really appreciate it. >> >> >> 2013/3/25 Ralph Castain <r...@open-mpi.org> >> >> On Mar 25, 2013, at 3:26 AM, Baptiste Robert <baptisterober...@gmail.com> >> wrote: >> >>> Hi. >>> >>> Thank you very much for your answer. I've disabled iptables on both >>> computers and then... work like a charm. But here's come my next question, >>> what are the ports that the daemon use ? Because I haven't set iptables, >>> it's by default and I don't understand why is filtered. >> >> iptables will block all ports other than the specific ones you list in its >> config file. Since the daemon takes a random port, that means it will be >> blocked. >> >>> >>> >>> >>> 2013/3/25 Ralph Castain <r...@open-mpi.org> >>> Check if iptables or some other firewall is running. Configure mpirun with >>> --enable-debug and then add "-mca plm_base_verbose 10" to your cmd line to >>> see if the remote daemon is communicating back correctly. >>> >>> >>> On Mar 24, 2013, at 1:50 PM, Baptiste Robert <baptisterober...@gmail.com> >>> wrote: >>> >>>> Hi everybody ! >>>> >>>> Here's my problem. I've installed openmpi on my two machines running on >>>> fedora 17. I've set the path and LD_LIBRARY_PATH correctly, mpirun and >>>> mpicc work on the two machines without trouble. >>>> >>>> My problem is when I try to run the helloWorld on all node through ssh >>>> (already configure with certificate) nothing append, I've to kill mpi to >>>> get the prompt back. >>>> >>>> I launched this command : mpirun -d -host myRemoteNode -n 2 hello_c >>>> And this give me : >>>> >>>> [baptiste@baptiste RE51]$ mpirun -d -hostfile hosts hello_c >>>> [baptiste.thinkFed:02666] procdir: / >>>> tmp/openmpi-sessions-baptiste@baptiste.thinkFed >>>> _0/53471/0/0 >>>> [baptiste.thinkFed:02666] jobdir: / >>>> tmp/openmpi-sessions-baptiste@baptiste.thinkFed >>>> _0/53471/0 >>>> [baptiste.thinkFed:02666] top: >>>> openmpi-sessions-baptiste@baptiste.thinkFed >>>> _0 >>>> [baptiste.thinkFed:02666] tmp: /tmp >>>> [roommateServer:01102] procdir: >>>> /tmp/openmpi-sessions-baptiste@roommateServer_0/53471/0/1 >>>> [roommateServer:01102] jobdir: >>>> /tmp/openmpi-sessions-baptiste@roommateServer_0/53471/0 >>>> [roommateServer:01102] top: openmpi-sessions-baptiste@roommateServer_0 >>>> [roommateServer:01102] tmp: /tmp >>>> >>>> >>>> And nothing else. But if I run the hello_c on a single machine, >>>> separately, the job is done and work well. >>>> >>>> >>>> >>>> >>>> >>>> If anyone have an idea it would be awesome.. I don't have a clue why it >>>> isn't work. >>>> >>>> Thank. >>>> >>>> >>>> >>>> >>>> _______________________________________________ >>>> users mailing list >>>> us...@open-mpi.org >>>> http://www.open-mpi.org/mailman/listinfo.cgi/users >>> >>> >>> _______________________________________________ >>> users mailing list >>> us...@open-mpi.org >>> http://www.open-mpi.org/mailman/listinfo.cgi/users >>> >>> _______________________________________________ >>> users mailing list >>> us...@open-mpi.org >>> http://www.open-mpi.org/mailman/listinfo.cgi/users >> >> >> _______________________________________________ >> users mailing list >> us...@open-mpi.org >> http://www.open-mpi.org/mailman/listinfo.cgi/users >> >> _______________________________________________ >> users mailing list >> us...@open-mpi.org >> http://www.open-mpi.org/mailman/listinfo.cgi/users > > _______________________________________________ > users mailing list > us...@open-mpi.org > http://www.open-mpi.org/mailman/listinfo.cgi/users -- Jeff Squyres jsquy...@cisco.com For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/
