Cluster IP ranges
This page documents the IP ranges for the ETH central clusters. You can use these to define firewall rules or NFS export permissions for connections originating from the clusters. You will generally need to add rules for all node types. Watch this page to track changes and watch its talk page to be aware of any upcoming changes.
Euler
Source node | Name | IPv4 IP range | recommended options for NFS export |
---|---|---|---|
Login nodes | (TBA) | 129.132.93.64/26 | rw, root_squash, secure |
Compute nodes | (TBA) | 10.205.0.0/16 | rw, root_squash, secure |
Compute nodes | (TBA) | 10.204.0.0/16 | rw, root_squash, secure |
If you use an external license server, you need to allow also connections from the nat gateway
Source node | Name | IPv4 IP range | recommended options for NFS export |
---|---|---|---|
Nat gateway | 129.132.182.80/28 | rw, root_squash, secure |
NETng Firewall Network Objects
You can use the following network objects to configure your firewall rules in the NETng firewall.
Network Object | Purpose |
---|---|
EULER-LOGIN | Euler login nodes |
EULER-CLUSTER | All IP networks used withing the Euler cluster, including login and compute nodes |
Example for NFS server export list
Please find below an example for an NFS server export list (file /etc/exports):
/export 129.132.93.64/26(rw,root_squash,secure) 10.205.0.0/16(rw,root_squash,secure) 10.204.0.0/16(rw,root_squash,secure)
(All on one line.)
If the NAS share is located on the IBM Spectrum Scale storage system, then please also ask for the following options to be set by the storage group:
PriviledgedPort=TRUE Manage_Gids=TRUE
Please note that these options should only be applied to the Euler and/or Leonhard subnet.