[Beowulf] are compute nodes always kept in a private I/P and switch space?

Skylar Thompson skylar at cs.earlham.edu
Wed Jan 13 20:58:34 PST 2010

Rahul Nabar wrote:
> I always took it as natural to keep all compute nodes on a private
> switch and assigned them local I/P addresses. This was almost
> axiomatic for an HPC application in my mind. This way I can channel
> all traffic to the world and logins while a select login-node. Then
> firewall the login nodes carefully.
> Just today, though, on a new project the  admin said he always keeps
> his compute nodes with public I/Ps and runs individual firewalls on
> them.
> This seemed just so wrong to me in so many ways but i was curious if
> there are legitimate reasons why people might do this? Just curious.
I do everything I can to keep cluster nodes on a private network, with
only the head node visible on the public network. One exception I've had
to make is when storage is on a separate network. NAT doesn't do well
with CIFS/NFS so it's just easier giving the nodes fully-routeable IP

-- Skylar Thompson (skylar at cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20100113/b1232a0e/attachment.sig>

More information about the Beowulf mailing list