|
Back
Midas
Rome
Roody
Rootana
|
Midas DAQ System |
Not logged in |
|
|
24 Jun 2010, Jimmy Ngai, Forum, Error connecting to back-end computer
|
26 Jun 2010, Konstantin Olchanski, Forum, Error connecting to back-end computer
|
27 Jun 2010, Jimmy Ngai, Forum, Error connecting to back-end computer
|
28 Jun 2010, Stefan Ritt, Forum, Error connecting to back-end computer
|
28 Jun 2010, Jimmy Ngai, Forum, Error connecting to back-end computer
|
29 Jun 2010, Konstantin Olchanski, Forum, Error connecting to back-end computer
|
|
Message ID: 711
Entry time: 29 Jun 2010
In reply to: 710
|
Author: |
Konstantin Olchanski |
Topic: |
Forum |
Subject: |
Error connecting to back-end computer |
|
|
> > The way connections work under Midas is there is a callback scheme. The client starts
> > mserver on the back-end, then the back-end connects back to the front-end on three
> > different ports. These ports are assigned dynamically by the operating system and are
> > typically in the range 40000-60000. So you also have to allow the reverse connection on
> > your firewalls.
>
> It works now after allowing ports 40000-60000 in the front-end computer. Thanks!
Yes, right. Midas networking does not like firewalls.
In the nutshell, TCP connections on all TCP ports have to be open between all computers
running MIDAS. I think in practice it is not a problem: you only ever have a finite (a small
integer) number of computers running MIDAS and you can be added them as exceptions to the
firewall rules. These exceptions should not create any security problem because you still have
the MIDAS computers firewalled from the outside world and one hopes that they will not be
attacking each other.
P.S. Permitting ports 40000-60000 is not good enough. TCP ports are allocated to TCP
connections semi-randomly from a 16-bit address space (0..65535) and your system will bomb
whenever port numbers like 39999 or 60001 get used.
K.O. |