     |  |
This website is no longer maintained. Its content may be obsolete. Please visit http://home.cern/ for current CERN information.
|
Contents
|
Batch Nodes on Non-Routable NetworkUlrich Fuchs , IT / FIO Already today a free IP number is a precious thing at CERN and planning the massive machine installations for LHC computing, a practical solution had to be found. Consequently new Lxbatch cluster nodes will be installed on a private (non-routable) network, starting from the 2003 acquisitions. Additionally, machine room renovation work will necessitate moving a certain fraction of the current batch machines into the vault, where they will be re-installed and moved to this private network over the next weeks. Please note that this applies only to the batch worker nodes, other nodes such as the gateway nodes for the Grid will naturally be on routed networks. What is a "private (non-routable) network" ?The worldwide IP network community agreed on certain IP number ranges that are not supposed to be routed outside LANs. This means that a host with one of these numbers can only be seen by its immediate neighbours in the same network segment. All network traffic caused by this host is removed from the network by the first router on its path and so is any traffic aiming at this host from any other machine worldwide.What are the implications at CERN ?The CERN backbone routers were re-configured to handle private IP traffic within CERN but will not route packets to the "outside world". A host running on private IP is therefore visible to all hosts on the CERN network and can be used as any other machine (from inside CERN) but cannot be contacted from outside and also cannot contact any machine outside CERN.If your batch job is running on a machine on private IP it has
full access to all resources at CERN but cannot contact the outside
world by any means (no What can you do ?To enable you to test your programs in a private network environment, we have set up 2 machines (one Linux6 and one Linux7) on this network already and provide a special LSF queue called "wan_test" to access them. Please feel free to use this queue and test your software already today.Wouldn't using IPv6 provide all the routed addresses we need ?There are some IPv6 pilot projects at CERN but we're still years away from a production-ready service.What about the impact on Grid computing ?Worker (CPU) nodes are foreseen to be on non- routable and gateways on routable networks.Will private non-routable IPs also be available to "users" ?Private IP non-routable subnets can be given to certain projects, IT/CS group will happily discuss your needs.How to select specific nodes if one needs WAN access ?Hosts on the routed network have a resource "wan" set. When there are production nodes on non-routable network available to the shared public queues jobs will be dispatched equally to WAN and non-WAN nodes. So if your job needs external access you have to submit it with the "-R wan" option, otherwise it will go to any host.How many nodes will be on either network ?All new nodes installed from now on will be on the non-routable network. Also the nodes that will move to the vault this year will change to the non-routable network (i.e. by March 2003 more than 60% of the total batch capacity). |
|||||||||
