[Beowulf] are compute nodes always kept in a private I/P and switch space?
Skylar Thompson
skylar at cs.earlham.edu
Wed Jan 13 20:58:34 PST 2010
Rahul Nabar wrote:
> I always took it as natural to keep all compute nodes on a private
> switch and assigned them local I/P addresses. This was almost
> axiomatic for an HPC application in my mind. This way I can channel
> all traffic to the world and logins while a select login-node. Then
> firewall the login nodes carefully.
>
> Just today, though, on a new project the admin said he always keeps
> his compute nodes with public I/Ps and runs individual firewalls on
> them.
>
> This seemed just so wrong to me in so many ways but i was curious if
> there are legitimate reasons why people might do this? Just curious.
>
>
I do everything I can to keep cluster nodes on a private network, with
only the head node visible on the public network. One exception I've had
to make is when storage is on a separate network. NAT doesn't do well
with CIFS/NFS so it's just easier giving the nodes fully-routeable IP
addresses.
--
-- Skylar Thompson (skylar at cs.earlham.edu)
-- http://www.cs.earlham.edu/~skylar/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20100113/b1232a0e/attachment.sig>
More information about the Beowulf
mailing list