perfsonar-user - [perfsonar-user] Updated Firewall Document
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Jason Zurawski <>
- To: perf-node-users Users <>, perfsonar-user <>, perfsonar-ps-users <>, "" <>
- Cc: "" <>
- Subject: [perfsonar-user] Updated Firewall Document
- Date: Fri, 28 Jun 2013 15:38:36 -0400
- Authentication-results: sfpop-ironport07.merit.edu; dkim=pass (signature verified)
All;
The latest release of the pS Performance Toolkit featured some of the steps
recommended in the NTAC Performance Working Group's Firewall document, found
here:
http://psps.perfsonar.net/toolkit/firewalls.html
After some time testing around the community, we found a weakness that needs
to be corrected. We had originally targeted 200 ports to be made available
for OWAMP testing, and configured the daemon to use the ones recommended. We
have found that some sites are testing to a large number of sites, as well as
being tested to by a large number of external parties, and are quickly
exhausting the 200 available ports. To combat this we updated the
recommendation to be much larger (1200 ports) in the online documentation
found above, and in the FAQ:
http://psps.perfsonar.net/toolkit/FAQs.html#Q6
We will also be making an update to the OWAMPD RPM in the coming weeks that
will fix this issue. For now if anyone sees that owamp tests are failing you
can make a manual change to /etc/owampd/owamd.conf and alter the 'testports'
variable. We apologize for any inconvenience this may cause.
Thanks, and let us know if there are any questions;
-jason
- [perfsonar-user] Updated Firewall Document, Jason Zurawski, 06/28/2013
Archive powered by MHonArc 2.6.16.