TWiki> LCG Web>LCGSecurity>VomsCern>VomsConnectivity (2013-12-18, AlbertoRodriguezPeon) EditAttachPDF

Details of VOMS LanDB sets and Firewall rules.

Here is the list of ports used:

* tcp/15000-15020: VOMS-Core (one port per VO, so actually 15000-15010 for the moment ; 11 VOs) * tcp/8443: VOMS-admin and VOMRS

all ports are open on all VomsNodes as part of the GD_VOMS LanDB set.

Note that lcg-fw, a GD-made central firewall service, is used in order to configure IPTables on each node. Do not try to modify iptable rules by hand, else they will overloaded at the next rule update (about 1 per hour). So, to make a change to firewall rules, please send a mail to gd-firewall@cernSPAMNOTNOSPAMPLEASE.ch, specifying which port you want to open/close, why, and in case of port opening, if it must be accessible from outside CERN or not.

In time when moving to SL5 and the new CDB template structure this should move to CDB managed iptables rules.

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r2 - 2013-12-18 - AlbertoRodriguezPeon
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright &© 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback