Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Introduction to the Generic Connection Broker (GCB)

advertisement 
Introduction to the
Generic Connection Broker
(GCB)
Condor Project
Computer Sciences Department
University of Wisconsin-Madison
condor-admin@cs.wisc.edu
http://www.cs.wisc.edu/condor
GCB:The goal
› Separation of direction from role
Role
Client
listen
accept
connect
Server
Direction of initial packet is decided
based on relative topology
• Client  Server
• Client  Server
• Client  Relay Point  Server
http://www.cs.wisc.edu/condor
2
What about SOCKS?
› No support for connections from
legacy clients to a server behind a
firewall
› No support for private network
Think private to private
› SOCKS server requires a strong trust
from firewalls
Relay system: everything is forwarded
http://www.cs.wisc.edu/condor
3
GCB layer
connect
translate
Client app
TCP/IP
listen
accept
Server app
GCB layer
TCP/IP
Relay point
http://www.cs.wisc.edu/condor
4
Overview
Broker
want to talk
to server
server will
contact you
call
client
Server
SYN
Client
http://www.cs.wisc.edu/condor
5
Binding & Registration
Officially
bound to
X
B = socket();
bind(B, ANY);
Locally
bound to
B
getsockname (B, X)
Server
X
Registere
d (X, B)
B
Broker
X
GCB
lib
X
http://www.cs.wisc.edu/condor
6
Public-Private Connection
connect(A, X)
Client
GCB
lib
Server
A
CONNECT (X)
CONTACT (A)
B
GCB
lib
PASSIVE
X
http://www.cs.wisc.edu/condor
7
Private-Private Connection
connect(A, X)
Client
GCB
lib
Server
A
CONNECT (X)
CONTACT (Y)
B
GCB
lib
ACTIVE (X)
X
Y
http://www.cs.wisc.edu/condor
8
Intra Connection
Client
GCB lib
A
CONNECT (X)
ACTIVE (B)
Server
GCB lib
B
X
http://www.cs.wisc.edu/condor
9
Condor Scenario
Match note
with exec’s
official addr
CM
Advertise
official addr
exec
PASSIVE
registraton,
official addr
submit
CONNECT
CONTACT
http://www.cs.wisc.edu/condor
10
Supporting Environment
› Any firewall or NAT box is OK
Full cone, symmetric, etc.
› Outbound connections must be
allowed
› Private nodes must be Linux
› Regular client can connect to
GCBnized server
Older version of Condor in the public
side is OK
http://www.cs.wisc.edu/condor
11
Running Broker
› Where to place your Broker?
 Condor nodes must be able to talk to it
 Typically Public or Edge
› Environment variables
 Log file, log level, maximum size
 ACTIVE_TO_CLIENT
• Can Broker talk to nodes inside the private network?
› BrokerMaster -i ipaddr
 ipaddr must be public
http://www.cs.wisc.edu/condor
12
Running Condor
› How to GCBize and application
› Condor GCBized in v6.7.x
› Condor config file
 GENERIC_ENABLE = TRUE
 GENERIC_SERVICE = GCB
 GENERIC_INAGENT = ipaddr of Broker
 GENERIC_ROUTE = the full path of the GCB
routing table
http://www.cs.wisc.edu/condor
13
Running Condor
› GCB routing table
 Given the address to connect, should I use GCB?
 Each machine must have one or more
 One rule per line
 Specific line first
 Default is not using GCB
 Example
128.105.144.68/32 GCB
128.105.104.128/25 GCB
128.105.144.68/24 direct
0.0.0.0/0 direct
http://www.cs.wisc.edu/condor
14
Related and Ongoing
› DPF (Dynamic Port Forwarding)
› eGCB
http://www.cs.wisc.edu/condor
15
Thank you!
› www.cs.wisc.edu/~sschang/firewall/gcb
› Email: condor-admin@cs.wisc.edu
http://www.cs.wisc.edu/condor
16
Related documents
Corresponding Author`s Details:
Corresponding Author`s Details:
Forest and Wildlife Ecology
Forest and Wildlife Ecology
Physics 736 - Course Project Proposal 1 Instructions
Physics 736 - Course Project Proposal 1 Instructions
ODOS New Hire Check List
ODOS New Hire Check List
PowerPoint - OU Supercomputing Center for Education & Research
PowerPoint - OU Supercomputing Center for Education & Research
Download
advertisement