Mailing List ArchivesAuthenticated access |
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesAuthenticated access |
|
|
Dear HTCondor experts,
I have a use case in which grid universe jobs are submitted to a local
HTCondor set-up that then handles the submission to remote CEs.
As the local set-up should only serve the given use case,
I would like to have port 9618 listened on from
localhost only,
instead of relying on blocking that port in
the host firewall...
I tried to take inspiration from a mini HTCondor on a single host,
which comes with these configuration lines:
NETWORK_INTERFACE = 127.0.0.1 BIND_ALL_INTERFACES = False CONDOR_HOST = 127.0.0.1
That protects the local HTCondor quite nicely, but it also causes
a condor_ping of a remote CE to hang for a while and then fail:
ERROR: couldn't locate remote-ce.remote-domain!
With "strace" it became clear what is happening:
bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("127.0.0.1")}, 16) = 0 [...] connect(3, {sa_family=AF_INET, sin_port=htons(9619), sin_addr=inet_addr("123.45.67.89")}, 16) = -1 EINVAL (Invalid argument)
A socket bound to localhost cannot be used to reach a remote host.
Such commands work fine with an unrestricted NETWORK_INTERFACE.
I have browsed the admin docs and tried various settings to no avail:
who has a suggestion?
Thanks!
|