- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good morning:
I have a question and before I get too far I want to see if there is a might have a solution.
I want to forward ip comm from an incoming port like 192.168.1.1:5000 to the internal mic address 172.31.2.254:22
So that i could ssh from a networked computer directly to the mic.
Such that if I let’s say ssh to nesbphi1.ndc.nasa.gov:5000 it redirects me to the mic0.
I have tried the port forwarding and i just land at the remote host machine.
I am running MPSS 3.4 and centos 7.
Thanks in advance
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the .2.254 address is the address of the HOST mic adapter; to redirect to the MIC itself, use its IP address (usually .2.1). This works for my setup
iptables -t nat -I PREROUTING -p tcp --dport 50000 -j DNAT --to-destination 172.31.1.1:22
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok thanks i have it now.
For others here is the procedure for centos 7. No IPtables since 7 uses firewalld
In the host machine ssh into mic# and ifconfig, this gives you the ip of that mic#
open a port on the host machine i used 51818.
sudo firewall-cmd --zone=public --add-port=51818/tcp --permanent
Enable masquerading, I did this both ways and it appears to work without masquerading but i was following this
firewall-cmd --zone=public --add-masquerade
Add you port forward
sudo firewall-cmd --zone=public --add-forward-port=port=51818:proto=tcp:toport=22:toaddr=172.31.1.1 --permanent
from a remote machine
ssh you@yournetwork.com -p 51818
Boom goes the dynamite.
Thanks for the help
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can also use the GUI to do this which can be X forwarded
cli: firewall-config
Select Zone Public on the left and change to permanent on the drop-down configuration at the top.
Add port on the ports tab: 51818 for my example
I enabled masquerading: Next tab
That will bring up the port forwarding tab:
Add:
Protocol : TCP
Port: 51818
check forward to another port:
enter mic IPaddress
and for ssh port 22
Also for the previous post don't forget
sudo firewall-cmd --reload
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So lets continue:
The reason that i was doing this was because i was hoping to use port forwarding to redirect to the phi.
Which with SSH has worked but now i want to do MPI. I am using MPICH2 simple hello world.
I have opened port 51818 on both firewall (local machine:51818) and (Phiserver1:51818) and i can run the simple program.
i have set the export MPIR_CVAR_CH3_PORT_RANGE=51818:51818
These are the only open ports and it's working so it must be going in there.
So i turn on the forwarding piece listed about that in ssh lands me on the phi.
so in theory still work and Hello world runs but not on the phi?
I realize that this is not compiled for the phi so i should be getting an error correct? Like cant execute this.
So how do i get MPI to use the port forwarding?
Is there a simpler way that i am not seeing to use the server as a entry point for my local machine to run directly on a phi in that server.
I am aware that this would be easily done if there where all on the same net work but they are not.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How did you compile, install and configure mpich on the Xeon Phi's ? which version of mpich2 did you use?
What kind of firewalld/iptables rules are you using to forward and/or block traffic?
Note that the Intel compiler suite includes its own MPI support which works out of the box, i.e. no special drivers needed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How did you compile, install and configure mpich on the Xeon Phi's ?
I have not done that yet. I know that this will cause an error but wanted to see if i could hit the machine.
What kind of firewalld/iptables rules are you using to forward and/or block traffic?
rules are listed at the top of the post.
Note that the Intel compiler suite includes its own MPI support which works out of the box, i.e. no special drivers needed.
My understanding was that MPI came with Composer XE Cluster, we are using PRO.
>> mpirun -info
HYDRA build details:
Version: 3.1
Release Date: Thu Jun 19 16:35:22 EDT 2014
CC: gcc
CXX: g++
F77: gfortran
F90: gfortran
Configure options: '--disable-option-checking' '--prefix=/usr/mpi/gcc/mvapich2-2.0' '--enable-hybrid' '--enable-shared' '--cache-file=/dev/null' '--srcdir=.' 'CC=gcc' 'CFLAGS= -DNDEBUG -DNVALGRIND -O2' 'LDFLAGS=-L/lib -L/lib -L/lib -Wl,-rpath,/lib -L/lib -Wl,-rpath,/lib -L/lib -L/lib' 'LIBS=-libmad -lrdmacm -libumad -libverbs -ldl -lrt -lm -lpthread ' 'CPPFLAGS= -I/var/tmp/OFED_topdir/BUILD/mvapich2-2.0/src/mpl/include -I/var/tmp/OFED_topdir/BUILD/mvapich2-2.0/src/mpl/include -I/var/tmp/OFED_topdir/BUILD/mvapich2-2.0/src/openpa/src -I/var/tmp/OFED_topdir/BUILD/mvapich2-2.0/src/openpa/src -I/var/tmp/OFED_topdir/BUILD/mvapich2-2.0/src/mpi/romio/include -I/include -I/include -I/include -I/include'
Process Manager: pmi
Launchers available: ssh rsh fork slurm ll lsf sge manual persist
Topology libraries available: hwloc
Resource management kernels available: user slurm ll lsf sge pbs cobalt
Checkpointing libraries available:
Demux engines available: poll select
![](/skins/images/54BF544B471F3F61DFD338F1D58F9426/responsive_peak/images/icon_anonymous_message.png)
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page