Optimizing tunneled grid connectivity across firewalls

Tan, Jefferson, Abramson, David and Enticott, Colin (2009). Optimizing tunneled grid connectivity across firewalls. In: Paul Roe and Wayne Kelly, Grid Computing and e-Research 2009 : Seventh Australasian Symposium on Grid Computing and e-Research (AusGrid 2009). 7th Australasian Symposium on Grid Computing and e-Research (AusGrid 2009), Wellington, New Zealand, (21-27). January 2009.

Author Tan, Jefferson
Abramson, David
Enticott, Colin
Title of paper Optimizing tunneled grid connectivity across firewalls
Conference name 7th Australasian Symposium on Grid Computing and e-Research (AusGrid 2009)
Conference location Wellington, New Zealand
Conference dates January 2009
Proceedings title Grid Computing and e-Research 2009 : Seventh Australasian Symposium on Grid Computing and e-Research (AusGrid 2009)   Check publisher's open access policy
Journal name Australian Computer Science Communications   Check publisher's open access policy
Series Conferences in research and practice in information technology online, 99.
Place of Publication Darlinghurst, NSW Australia
Publisher Australian Computer Society
Publication Year 2009
Year available 2009
Sub-type Fully published paper
ISBN 9781920682804
ISSN 1445-1336
Editor Paul Roe
Wayne Kelly
Volume 31
Issue 8
Start page 21
End page 27
Total pages 7
Language eng
Abstract/Summary Grids today generally assume that concurrent network connections are possible among many processors attached to high-capacity networks. However, inter-network boundaries dividing independent institutions often have firewalls, typically to restrict how many and which ports are accessible. In some cases, ports are opened indefinitely for Grid applications, but this compromises security significantly. On the other hand, solutions that manage port openings in an ad-hoc manner for applications are non-trivial to implement. An alternative firewall traversal technique is required that will provide manageable openings with less complexity involved. This is possible through proxies and managed tunnels using ports already authorized across the firewalls. We have developed a transparent connectivity mechanism for this, called Remus, which reroutes Grid connections through a tunnel on ports allowed across firewalls. However, a single tunnel presents a performance bottleneck. In this paper, we present the method by which Remus distributes several connections over multiple tunnels, improving throughput as a result. Rerouting wrappers hide the tunneling from applications, intercepting outgoing connections and rerouting them transparently. Wellknown and mature tools and protocols, such as SSH and/or SOCKS, are utilized, instead of imposing customized, non-standard mechanisms. Results of our experiments are also presented for large file transfers over a Globus-based Grid that uses Remus.
Subjects 1705 Computer Networks and Communications
1706 Computer Science Applications
1708 Hardware and Architecture
1710 Information Systems
1712 Software
Keyword Firewall virtualization
Q-Index Code E1
Q-Index Status Provisional Code
Institutional Status Non-UQ

Version Filter Type
Citation counts: Scopus Citation Count Cited 0 times in Scopus Article
Google Scholar Search Google Scholar
Created: Tue, 26 Nov 2013, 23:52:56 EST by Ms Diana Cassidy on behalf of Research Computing Centre