Recovering Internet Symmetry in Distributed Computing
CCGRID '03 Proceedings of the 3st International Symposium on Cluster Computing and the Grid
Performance Evaluation of a Firewall-Compliant Globus-Based Wide-Area Cluster System
HPDC '00 Proceedings of the 9th IEEE International Symposium on High Performance Distributed Computing
Grid-Enabled Virtual Organization Based Dynamic Firewall
GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
glogin - A Multifunctional, Interactive Tunnel into the Grid
GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
HPDC '04 Proceedings of the 13th IEEE International Symposium on High Performance Distributed Computing
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
Bridging Organizational Network Boundaries on the Grid
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
CODO: firewall traversal by cooperative on-demand opening
HPDC '05 Proceedings of the High Performance Distributed Computing, 2005. HPDC-14. Proceedings. 14th IEEE International Symposium
A report on recent developments in TCP congestion control
IEEE Communications Magazine
| Hi-index | 0.00 |
Grids today generally assume that concurrent network connections are possible among many processors attached to high-capacity networks. However, inter-network boundaries dividing independent institutions often have firewalls, typically to restrict how many and which ports are accessible. In some cases, ports are opened indefinitely for Grid applications, but this compromises security significantly. On the other hand, solutions that manage port openings in an ad-hoc manner for applications are non-trivial to implement. An alternative firewall traversal technique is required that will provide manageable openings with less complexity involved. This is possible through proxies and managed tunnels using ports already authorized across the firewalls. We have developed a transparent connectivity mechanism for this, called Remus, which reroutes Grid connections through a tunnel on ports allowed across firewalls. However, a single tunnel presents a performance bottleneck. In this paper, we present the method by which Remus distributes several connections over multiple tunnels, improving throughput as a result. Rerouting wrappers hide the tunneling from applications, intercepting outgoing connections and rerouting them transparently. Well-known and mature tools and protocols, such as SSH and/or SOCKS, are utilized, instead of imposing customized, non-standard mechanisms. Results of our experiments are also presented for large file transfers over a Globus-based Grid that uses Remus.