EuroVODCA Web>WP5Grid>HowTo>EgeePage>InstallAndConfigure>FireWall (03 Sep 2008, TaffoniGiuliano)EditAttach

The middleware port list

Node	Service	From	Port	To	Port	Comments
ALL	ntp	ntp servers	123/udp	localhost	123/udp
BDII	LDAP	*{RB,UI,WN}	*	localhost	2170
		localhost	*	*{BDII}	2170
		localhost	*	*{CE,SE}	2135
		localhost	*	*{gliteCE}	2170
	FCR	localhost	*	lcg-fcr.cern.ch	8083
	US LDAP servers	localhost	*	*	2180
lcg-CE	Globus & EDG Gatekeepers (GRAM)	*{RB}	C	localhost	2119
	JobManager	*{RB}	C	*{RB}	C
	GridFTP Control	*{UI,SE,CE,WN}	C	localhost	2811
	GridFTP data (single channel)	*{UI,SE,CE,WN}	C	localhost	C
	GridFTP data (multiple channel)	*{UI,SE,CE,WN}	C	localhost	C	Direction of connection is as for dataflow !
		localhost	C	*{UI,SE,CE,WN}	C	Direction of connection is as for dataflow !
lcg-RB	Logging & Bookkeeping	*{UI}	C	localhost	9000,9001
	locallogger (logd)	*{CE}	*	localhost	9002
	CondorG	*{CE}	*	localhost	7771
	NetworkServer (GRAM)	*{UI}	C	localhost	7772
	MySQL	localhost	*	localhost	3306
	Modified GridFTP				(see lcg-CE)
PX	MyProxy	*{FTS,RB,UI}	*	localhost	7512
RLS	LRC (OracleAS)	*{RB,UI,WN}	*	localhost	7777	For LCG VO's at CERN
	LRC (tomcat)	*{RB,UI,WN}	*	localhost	8080	For non-LCG VO's
	RMC (OracleAS)	*{RB,UI,WN}	*	localhost	7777	For LCG VO's at CERN
	RMC (tomcat)	*{RB,UI,WN}	*	localhost	8080	For non-LCG VO's
	MySQL	localhost	*	localhost	3306
SE	RFIO	site{WN}	*	localhost	3147
	GridFTP					see LCG CE (at castorgrid.cern.ch is set to 20000-21000)
	SRM - httpd(apache)	*	*	localhost	80
FTS	gLite File Transfer Service	*	*	localhost	8443
LFC	LFC(daemon)	*{UI,WN}	*	localhost	5010
	LFC(DLI)	*{RB,UI,WN}	*	localhost	8085
	MySQL	localhost	*	localhost	3306
DPM	DPM	*{UI,WN,DPM Pool Nodes}	*	localhost	5015
	DPNS	*{UI,WN,DPM Pool Nodes}	*	localhost	5010
	SRMv1	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	8443
	SRMv2	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	8444
	SRMv2.2	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	8446
	RFIO	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	5001	if site supports RFIO protocol
	DPM-GSIFTP	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	2811	control port
	MySQL	localhost	*	localhost	3306
	BDII	localhost	2170	site-BDII	*
DPM Pool Node	RFIO	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	5001	if site supports RFIO protocol
	DPM-GSIFTP control	*{UI,WN,DPM Pool Nodes,other sites SEs}	*	localhost	2811	control port
	DPM-GSIFTP data	*{UI,WN,DPM Pool Nodes,other sites SEs}	C	localhost	C	20000-25000 (data ports)
GRIS	MDS (LDAP)	*{BDII,RB,UI,SE,CE,WN}	*	localhost	2135
VO	LDAP	*{RB,SE,CE}	*	localhost	389
	VOMS	*	*	localhost	8443	admin interface
		*{RB,UI,SE,CE}	*	localhost	VO-dependent	proxy retrieval and renewal
MON						Requirements depend on R-GMA configuration http://hepunx.rl.ac.uk/egee/jra1-uk/glite-r1/server.html
	RGMA - http(tomcat)	site{*}	*	localhost	8080,8443	From producer or consumer
		localhost	*	*{see comment}	8080,8443	To Information Catalogue or other MON
		*{see comment}	*	localhost	8080,8443	From Information Catalogue or other MON
	RGMA	*{MON}	*	localhost	8088
		localhost	*	*{MON}	8088
GridICE
	Extended GRIS (LDAP)	*{GridICE server}	*	localhost	2136
	GRIS (see also GRIS above)	*{GridICE server}	*	localhost	2135	Used to announce presence of EX GRIS service
	LEMON	site{RB,UI,SE,CE,WN,GridICE server}	*	localhost	12409(udp & tcp)
Misc
	NFS	site{SE,CE,WN}	*	localhost	2049	Requirement depends on site configuration
	portmap	site{SE,CE,WN}	*	localhost	111(udp & tcp)	Requirement depends on site configuration
	openssh	site{CE,WN}	*	localhost	22	Requirement depends on site configuration
gLite-CE
	GRAM gatekeeper	*{WMS}	2119	localhost	2119
	Synchronous CE Mon	*{WMS}	8443	localhost	8443
	GRAM job managers	*{WMS}	C	localhost	C
	Condor-C	*{WMS}	C	localhost	C
	gridFTP server Control	Operations	2811	localhost	C	Admin purposes only.
	gridFTP server data (single)	Operations	C	localhost	C	Admin purposes only.
	gridFTP server data (mult)	Operations	C	localhost	C	Admin purposes only.
	asynchronous CEMON	localhost	5120	*	C
	locallogger	*{WN}	C	localhost	9002
	locallogger	localhost	C	*{LB}	9001
	Job Repository	Operations	C	localhost	3306	Currently local root access only.
WN
	BPRServer	*{CE}	C	localhost	20000:25000	BPRServer for incoming proxies.
LB
		WMS,UI	C	localhost	9000	queries
		Site CE,WMS	C	localhost	9001	logging events
		UI	C	localhost	9003	queries
glite-UI	Network Server	localhost	C	*{WMS}	7772
	WM Proxy	localhost	C	*{WMS}	7443
	gridFTP server	localhost	C	*{WMS}	2811
	Logging and Bookkeeping(LB)	localhost	C	*{LB}	9000
	Logging and Bookkeeping(LB)	localhost	C	*{LB}	9003
WMS
	gridFTP server	{UI},{WN}	C	localhost	2811
	Network Server	*{UI}	C	localhost	7772
	WM Proxy	*{UI}	C	localhost	7443
	CEMON asynchronous notification	*{CE}	C	localhost	5120
	CE GRAM Gatekeeper	localhost	C	*{CE}	2119
	CEMON synchronous	localhost	C	*{CE}	8443
	Logging and Bookkeeping	localhost	C	*{LB}	9000
	Logging and Bookkeeping	localhost	C	*{LB}	9001
	Condor Collector	*{CE}	C	localhost	9618	Has information about all resources in the Condor Pool
	Condor Collector	*{CE}	C	localhost	9618/udp
Delegation Server
	Delegation Server	*{delegation client}	C	localhost	8443
	Delegation Client	localhost	C	*{deleg server}	8443
General Security
	mysqld (JR)	localhost	C	localhost	3306
	myproxyd	{WMS},{UI}	C	localhost	7512	Standard MyProxy port
	VOMS	{UI},{WMS}	C	localhost	150xx	VO-dependent. Start at 15000 and up.

-- TaffoniGiuliano - 03 Sep 2008

Topic revision: r1 - 03 Sep 2008 - 15:26:26 - TaffoniGiuliano

EuroVODCA

Links
Euro-VO
Euro-VO AIDA
IVOA
VOTech
Communication Network Development in FP6

Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback