starp communication with BNL systems external to starp
This is a roughhewn list of communication between starp and other networks internal to BNL. Initially, most of it is pulled from the *limited* sFlow sampling available on some starp network switches during the week of Sept. 12, 2016. Additional items may be added based on other monitoring or known uses. Yellow highlighted entries are connections known to originate from outside starp.
The oddest thing seen (and a little worrisome): fmsled.starp.bnl.gov talking to ec2-54-86-95-154.compute-1.amazonaws.com (over https, port 443)
There's also a bunch of multicast and network device chatter.
| External System(s) | STARP System(s) | Explanation/Notes |
|---|---|---|
| dean.star.bnl.gov | Online Linux Pool (OLP) | subsystem monitoring generating online web content (writing over NFS) |
| dean.star.bnl.gov | interactive systems | web browsing |
| dean.star.bnl.gov | Windows and Linux systems | OCS inventory agent sending data to dean (I don't recall - is this initiated by dean or the agents?) |
| dean.star.bnl.gov | (mostly) Linux systems | Ganglia gmonds sending data to dean |
| sun.star.bnl.gov | Linux systems | SKM clients contacting starkeyd |
| sun.star.bnl.gov | interactive systems | web browsing |
| db0{6,7,8}.star.bnl.gov | OLP | offline database servers used by jobs running on OLP |
| f5-http-vip.sec.bnl.local | various | BNL outbound web proxy server? |
| nx06.rcf.bnl.gov |
xeon-phi-dev |
observed this particular pair, but know there are more widely used RCF NX <--> starp |
| scannerXX.bnl.gov | everything | not actually seen in sFlow, but of course it is present |
| ordo.bnl.gov | Linux systems | Ordo, ITD's Linux/Unix system inventory software |
| secadm3.itd.bnl.gov | Linux systems | remote syslog |
| stargrid0{2,3,4}.rcf.bnl.gov | OLP | GridFTP transfers initiated on OLP |
| stargrid01.rcf.bnl.gov | stargw3 | Grid job submission (eg, nightly library tests), not actually seen in sFlow, but known to occur. |
| rafs{02,03,21,22,24}.rcf.bnl.gov | Linux systems | AFS - could easily be more AFS servers/services involved |
| various |
stargw{4,5} | inbound SSH connections (not actually seen in sFlow, because stargw machines are connected directly to ITD switch) |
| bnldc1.itd.bnl.gov | Windows systems | Windows Domain Controller (possibly others?) |
| splunk{2,3,4,6}.itd.bnl.gov | Windows systems | Splunk remote logging, possibly other splunk servers are present |
| bnl-dns{1,2}.itd.bnl.gov | Windows systems | NetBIOS name resolution? |
| bnldccore.itd.bnl.gov | Windows systems | Windows domain stuff? |
| wsus.b459.bnl.gov | Windows systems | ITD's internal MS/Windows update server |
| mir.itd.bnl.gov | Windows systems | ? |
| itd-trend11.bnl.gov | Windows systems | ITD's TrendMicro server - others? |
| sao-ldms.b459.bnl.gov | Windows systems | Landesk |
| various ITD backup systems | Various Windows and Linux systems | Legato/Networker and Avamar backup systems |
| mirror.bnl.gov | Scientific Linux systems | Scientific Linux repositories |
| rhn.bnl.gov | Red Hat servers | Red Hat updates |
Miscellaneous notes from sFlow observations
The oddest thing seen (and a little worrisome): fmsled.starp.bnl.gov talking to ec2-54-86-95-154.compute-1.amazonaws.com (over https, port 443)
There's also a bunch of multicast and network device chatter.
Groups:
- wbetts's blog
- Login or register to post comments