data:Dcache/195/server/prepare/firewall

From Dgiref
Jump to: navigation, search

dCache ports (additionally see dCache book, chapter 22)

Protocol Port(s) Direction Nodes
dCap 22125 incoming doorDomain (admin node)
any outgoing pools
GSIdCap 22128 incoming gsidcapDomain (where GSIDCAP=yes in node_config)
any outgoing pools
GridFTP 2811 incoming gridftpDomain (where GRIDFTP=yes in node_config)
20000-25000 outgoing (active FTP) pools
20000-25000 incoming (passive FTP) gridftpDomain
SRM v1 8443 incoming srmDomain
SRM v2 8444 incoming srmDomain

There are two ways to configure the Firewall ports:

  1. Before dcache setup. Firewall ports can be configured by the site-info.def variables:
    • DCACHE_PORT_RANGE_PROTOCOLS_SERVER_GSIFTP. Sets the portrange for dcache as a GSIFTP server in "passive" mode. Default value is from 50000 till 52000 ("50000,52000").
    • DCACHE_PORT_RANGE_PROTOCOLS_CLIENT_GSIFTP. Sets the portrange for dcache as a GSIFTP client in "active" mode. Default value is from 33115 till 33125 ("33115,33125").
    • DCACHE_PORT_RANGE_PROTOCOLS_SERVER_MISC. Sets the portrange for dcache as a (GSI)DCAP and xrootd server in "passive" mode. Default value is from 60000 till 62000 ("60000,62000").
  2. After dcache setup. Modify the following variables into /opt/d-cache/config/dCacheSetup
    • Java Configuration section
      • Dorg.globus.tcp.port.range to "20000,25000"
      • Dorg.dcache.net.tcp.portrange to "33115,33215"
    • Network Configuration section
      • dCapPort to "22125"
      • dCapGsiPort to "22128"
      • gsiFtpPortNumber to "2811"
      • srmPort to "8443"
      • clientDataPortRange to "20000,25000"
Retrieved from "http://dgiref.d-grid.de/wiki/data:Dcache/195/server/prepare/firewall"
Personal tools