On Aug 11, 2004, at 4:59 PM, Jack Howarth wrote:
> I have a question about the issue of LAM being blocked by
> firewalls. The FAQ entry mentioned that because LAM used random
> ports to communicate that a firewall would block the communication
> between nodes. I find this very confusing because I thought that
> the LAM rpm I was using is configured to use ssh for communication
> between LAM nodes. So far I haven't noticed any problems with
> a having each LAM node running a firewall passing only ssh. Any
> clarification would be most appreciated.
In the rsh boot module, either rsh or ssh is used to start the lamd
processes on remote nodes (i.e., during lamboot). After that, the
rsh/ssh connections are dropped and rsh/ssh are not used. The random
ports part refers to the TCP and UDP connections between the lamd's and
MPI processes on different nodes.
If you have a firewall running on each node and are still able to run
LAM properly, then you must have some kind of trust relationship setup
such that some subset of nodes are allowed to make arbitrary TCP and
UDP connections to each other.
--
{+} Jeff Squyres
{+} jsquyres_at_[hidden]
{+} http://www.lam-mpi.org/
|
