# For gLite 3.2 # Node Service From: Port To: Port Comments. # all ntpd ntp servers 123/udp localhost 123/udp 21st July Add CVS URL and some formatting 23rd July SE: Modify castorgrid port range # Top-Level BDII LDAP * * localhost 2170 # Anyone may query Top-Level BDII. ANYONE. # Site BDII LDAP * * localhost 2170 # Anyone may query Site BDII. ANYONE. Security? localhost * Top-Level BDII 2170 # Top-Level BDII pulls from Site BDIIs # BDII LDAP *{RB,UI,WN} * localhost 2170 2nd Aug Fix CE 2199 to 2119 localhost * *{BDII} 2170 9th Aug Add experiment WN connection table # PX MyProxy *{FTS,RB,UI} * localhost 7512 # FTS gLite File Transfer Service * * localhost 8443 # LFC LFC(daemon) *{UI,WN} * localhost 5010 LFC(DLI) *{RB,UI,WN} * localhost 8085 MySQL localhost * localhost 3306 # DPM DPM *{UI,WN,DPM Pool Nodes} * localhost 5015 DPNS *{UI,WN,DPM Pool Nodes} * localhost 5010 SRMv1 *{UI,WN,other sites SEs} * localhost 8443 SRMv2 *{UI,WN,other sites SEs} * localhost 8444 SRMV2.2 *{UI,WN,other sites SEs} * localhost 8446 RFIO *{UI,WN,DPM Pool Nodes,other sites SEs} * localhost 5001 if site supports RFIO protocol RFIO Data *{UI,WN,DPM Pool Nodes,other sites SEs} * localhost C # 20000-25000 (data ports) configurable by RFIO_PORT_RANGE DPM-GSIFTP *{UI,WN,DPM Pool Nodes,other sites SEs} * localhost 2811 control port MySQL localhost * localhost 3306 BDII Site BDII * localhost 2170 # DPM Pool Node RFIO *{UI,WN,DPM Pool Nodes,other sites SEs} * localhost 5001 if site supports RFIO protocol DPM-GSIFTP control *{UI,WN,DPM Pool Nodes,other sites SEs} * localhost 2811 control port DPM-GSIFTP data *{UI,WN,DPM Pool Nodes,other sites SEs} C localhost C C -> 20000-25000 (data ports) see comments under LCG CE GridFTP # VO LDAP *{RB,SE,CE} * localhost 389 VOMS * * localhost 8443 admin interface *{RB,UI,SE,CE} * localhost VO-dependent proxy retrieval and renewal # MON Requirements depend on R-GMA configuration http://hepunx.rl.ac.uk/egee/jra1-uk/glite-r1/server.html RGMA - http(tomcat) site{*} * localhost 8080,8443 From producer or consumer localhost * *{see comment} 8080,8443 To Information Catalogue or other MON *{see comment} * localhost 8080,8443 From Information Catalogue or other MON RGMA *{MON} * localhost 8088 localhost * *{MON} 8088 # Misc NFS site{SE,CE,WN} * localhost 2049 Requirement depends on site configuration portmap site{SE,CE,WN} * localhost 111(udp & tcp) Requirement depends on site configuration openssh site{CE,WN} * localhost 22 Requirement depends on site configuration # CREAM CREAM and CEMonitor *{WMS} * localhost 8443 Admin Tomcat port localhost * localhost 8005 Admin Tomcat port localhost * localhost 8009 Job status changes *{site} * localhost 9091 Specified by LRMS_EVENT_LISTENER_PORT in the CREAM config file CREAM job sensor plugin *{site} * localhost 9099 Specified by CREAM_JOB_SENSOR_PORT in the CREAM config file LB local logger glite-lb-logd *{WN} * localhost 9002 gridftp server *{WMS} C localhost 2811 BDII mysql localhost * localhost 3306 # BLAH BLParser PBS Parser listening port *{WN} * localhost 33332 Specified by GLITE_CE_BLPARSERPBS_PORTx in the BLParser conf file PBS Parser listening CREAM port site CE * localhost 56565 Specified by gLITE_CE_BLPARSERPBS_CREAMPORTx in the BLParser conf file LSF Parser listening port *{WN} * localhost 33333 Specified by GLITE_CE_BLPARSERLSF_PORTx in the BLParser conf file LSF Parser listening CREAM port site CE * localhost 56566 Specified by GLITE_CE_BLPARSERLSF_CREAMPORTX in the BLParser conf file # Batch system server BLAH Site CE * localhost 33332 # Worker Nodes (WN) # # There is no batch system-specfic information provided here. # This is site-specific. # Please ensure that the appropriate batch system ports are open for head and worker nodes. # BPRServer *{CE} C localhost 20000:25000 BPRServer for incoming proxies. STOMP localhost C * 6163 Connection to the NAGIOS Message Brokers STOMP (over SSL) localhost C * 6162 Connection to the NAGIOS Message Brokers # LB Server WMS,UI C localhost 9000 queries Site CE,WMS C localhost 9001 logging events UI C localhost 9003 queries # gLite UI WM Proxy localhost C *{WMS} 7443 gridFTP server localhost C *{WMS} 2811 Logging and Bookkeeping(LB) localhost C *{LB} 9000 Logging and Bookkeeping(LB) localhost C *{LB} 9003 # gLite WMS gridFTP server *{UI},*{WN} C localhost 2811 WM Proxy *{UI} C localhost 7443 CEMON asynchronous notification *{CE} C localhost 5120 CE GRAM Gatekeeper localhost C *{CE} 2119 CEMON synchronous localhost C *{CE} 8443 Logging and Bookkeeping localhost C *{LB} 9000 Logging and Bookkeeping localhost C *{LB} 9001 Condor Collector *{CE} C localhost 9618 Has information about all resources in the Condor Pool. Condor Collector *{CE} C localhost 9618/udp # Delegation Server delegation server *{delegation client} C localhost 8443 delegation client localhost C *{deleg server} 8443 # AMGA AMGA Daemon * C localhost 8822 Connections from AMGA clients. # General Security mysqld (JR) localhost C localhost 3306 myproxyd *{WMS},*{UI} C localhost 7512 Standard MyProxy port VOMS *{UI},*{WMS} C localhost 150xx VO-dependent. Start at 15000 and up. # SCAS Site Central Authorization Service SCAS service *{WN} C localhost 8443 This service should only be visible within a site # C Controllable Ephemeral range (e.g. 20000-25000). Note: In practice, # although this port-range is locally configurable using the GLOBUS_TCP_PORT_RANGE # environment variable, the values applying at a remote service cannot be predicted. # consequently reliable connection can only be established if all ports >1023 are # left open for outbound connections.