Cluster IP ranges

From ScientificComputing
Jump to: navigation, search

This page documents the IP ranges for the ETH central clusters. You can use these to define firewall rules or NFS export permissions for connections originating from the clusters. You will generally need to add rules for all node types. Watch this page to track changes and watch its talk page to be aware of any upcoming changes.

Euler

Source node Name IPv4 IP range recommended options for NFS export
Login nodes (TBA) 129.132.93.64/26 rw, root_squash, secure
Compute nodes (TBA) 10.205.0.0/16 rw, root_squash, secure
Compute nodes (TBA) 10.204.0.0/16 rw, root_squash, secure

If you use an external license server, you need to allow also connections from the nat gateway

Source node Name IPv4 IP range recommended options for NFS export
Nat gateway 129.132.182.80/28 rw, root_squash, secure

NETng Firewall Network Objects

You can use the following network objects to configure your firewall rules in the NETng firewall.

Network Object Purpose
EULER-LOGIN Euler login nodes
EULER-CLUSTER All IP networks used withing the Euler cluster, including login and compute nodes

Example for NFS server export list

Please find below an example for an NFS server export list (file /etc/exports):

/export 129.132.93.64/26(rw,root_squash,secure) 10.205.0.0/16(rw,root_squash,secure) 10.204.0.0/16(rw,root_squash,secure) 

(All on one line.)

If the NAS share is located on the IBM Spectrum Scale storage system, then please also ask for the following options to be set by the storage group:

PriviledgedPort=TRUE
Manage_Gids=TRUE

Please note that these options should only be applied to the Euler and/or Leonhard subnet.