Server

IP

Port

Kind

Requested

Expiration

Conduit
direction

Justification

STARGRID01.RCF.BNL.GOV
STARGRID02.RCF.BNL.GOV
STARGRID03.RCF.BNL.GOV STARGRID04.RCF.BNL.GOV

130.199.180.111
130.199.180.112
130.199.180.113 130.199.180.114

20000-30000

Extension

Owners: John Hoover / Wayne Betts
stargrid02: Jerome Lauret

2009/05/20
2004/10/12
2004/10/12 2004/10/12

2015/06/11
2015/10/07
2015/06/11
2015/03/20

This conduit is for the STAR RHIC users, in particular, those collaborators that are using Grid software.
This is a Grid server for STAR with the standard Globus software installed on it, either packaged by VDT directly or repackaged by the OSG (Open Science Grid). The port range (20000-30000/tcp in this case) is used by the gatekeeper's batch
job-manager processes to allow the user to query and get output fromtheir jobs. It can also be used by the GridFtp server when doing
parallel stream file transfers to open up multiple data channels. If theconduit were denied, then the user's software that requires this service would not function and they most likely would not be able to do their work effectively or at all.

STARGRID01.RCF.BNL.GOV
STARGRID02.RCF.BNL.GOV
STARGRID03.RCF.BNL.GOV
STARGRID04.RCF.BNL.GOV

130.199.180.111
130.199.180.112
130.199.180.113
130.199.180.114

2811

Extension

Owners: John Hoover / Wayne Betts
stargrid02,03: Jerome Lauret

2005/02/14
2003/05/12
2003/05/12 2004/05/20

2015/06/11
2015/10/07
2015/06/11
2015/03/20

This conduit is for the Star RHIC users, in particular, those collaborators that are using Grid software. This is a Grid server for STAR with the standard Globus software installed on it, either packaged by VDT directly or repackaged by the OSG (Open Science Grid). Port 2811/tcp is used by the globus GridFtp server for GSI authenticated file transfers. If the conduit were denied, then the user's software that requires this service would not function and they most likely would not be able to do their work effectively or at all.

STARGRID01.RCF.BNL.GOV
STARGRID02.RCF.BNL.GOV
STARGRID03.RCF.BNL.GOV
STARGRID04.RCF.BNL.GOV

130.199.180.111
130.199.180.112
130.199.180.113
130.199.180.114

2135

Extension

Owners: John Hoover / Wayne Betts
stargrid02: Jerome Lauret

2005/02/14
2003/05/12
2003/05/12
2004/05/20

2015/06/11
2015/10/07
2015/06/11 2015/03/20

This conduit is for the STAR RHIC users, in particular, thosecollaborators that are using Grid software. This is a Grid server for STAR with the standard Globus software installed on it, either packaged by VDT directly or repackaged by the OSG (Open Science Grid). Port 2135/tcp is used by the globus information provider (ldap based service) which makes information about the local site & services available to users. If the conduit were denied, then the user's software that requires this service would not function and they most likely would not be able to do their work effectively or at all.

STARGRID01.RCF.BNL.GOV
STARGRID02.RCF.BNL.GOV
STARGRID03.RCF.BNL.GOV
STARGRID04.RCF.BNL.GOV

130.199.180.111
130.199.180.112
130.199.180.113
130.199.180.114

2119

Extension

Owners: John Hoover / Wayne Betts
stargrid02: Jerome Lauret

2005/02/14
2003/05/12
2003/05/12
2004/05/20

2015/06/11
2015/10/07
2015/06/11
2015/03/20

This conduit is for the STAR RHIC users, in particular, those collaborators that are using Grid software. This is a Grid server for STAR with the standard Globus software installed on it, either packaged by VDT directly or repackaged by the OSG (Open Science Grid). Port 2119/tcp is used by the globus gatekeeper, which accepts user batch jobs for processing on a cluster. If the conduit were denied, then the user's software that requires this service would not function and they most likely would not be able to do their work effectively or at all.

STARGRID02.RCF.BNL.GOV

130.199.180.112

9443

Extension

Owners: Jerome Lauret / Wayne Betts

2008/07/10

2015/10/07
Is this still needed?

This is for WS-GRAM job submissions to the STAR-BNL OSG gatekeeper, which was specifically requested by LIGO. Denial of this conduit would prevent STAR from participating fully in OSG.

STARGRID02.RCF.BNL.GOV

130.199.6.168

6001-6003

 to {192.91.245.5, 192.91.244.18, 131.215.207.61, 131.215.207.35, 131.215.145.190}

Obsolete

Owners: Jay Packard / John Hover

2008/01/17

2009/01/17
Conduit dropped at GK upgrade in 2009

The conduit's purpose is to provide computer status and usage
information within a resource discovery and monitoring system called MonALISA, as used by the Open Science Grid (OSG). The OSG is a DOE-supported grid computing framework, in which STAR is a contributor, as well as a beneficiary. Without this service functioning (as would be the case without this conduit), the ability of STAR to contribute (and benefit) from OSG efforts would be greatly hampered, since we would not be using one of the primary tools at the heart of the OSG framework.
The ability of STAR collaborators to monitor our own activities would be
diminished, and the OSG community's perception of STAR's level of commitment would be reduced.

ONLDB.STARP.BNL.GOV
ONLDB2.STARP.BNL.GOV
ONL10.STARP.BNL.GOV
ONL11.STARP.BNL.GOV

130.199.60.70
130.199.60.89
130.199.60.101
130.199.60.102

3501-3503

Extension

Owners: Jerome Lauret / Wayne Betts

2007/01/20
2009/12/02
2010/04/05
2010/04/05

2015/04/18
2015/03/20
2015/06/11
2015/06/11

MySQL port opening for reading ShiftLog information from remote. Using an OS portable and stand-alone GUI, STAR users will be able to view events and display the content of our electronic ShiftLog. Write access may also be granted and controlled at MySQL access grant level. Necessary for remote sub-system expert support, the impact of having this conduit denied would be that we would not be able to leverage remote expertise and would lose information.

MySQL port opening for reading Shift related information for our local domains. Several nodes are provided for internal load balancing purposes.

Port range was created in 2010 only (consistency lacked prior).
3501 RunLog, 3502 Conditions, 3503 DAQ. Only Runlog needs world access.

Re-created

Owners: Jerome Lauret / Wayne Betts

This conduit is required to get monitoring information from the new Online AMQP-based data collection system, a system which will gradually replace our current EPICS based system. Without this conduit, we would not be able to run this system and hence, not able to monitor the experiment's environmental conditions.

Created

Owners: Jerome Lauret / Wayne Betts

HESTON.STAR.BNL.GOV

130.199.88.128

3336

Obsolete

2008/01/17

2009/01/17
Closed
2010/03/16

As duvall i.e. as request 2679, this node need port 3336 to be exported to remote site for FileCatalog access at remote site. MySQL protections will allow outbound-in read-only access however. This node and the next request (heston) are part of a two db-slave layout. If the conduit were denied BNL would not be able to provide the FileCatalog service to other sites. If the conduit were denied BNL would not be able to provide the FileCatalog service to other sites not benefiting from a private local copy.

DB05.STAR.BNL.GOV

130.199.88.63

3316

Extension

Owners: Jerome Lauret / Wayne Betts

2008/08/15

2010/08/20
Expired, not exported + node moved to .54

We request port 3316 to be opened and by then, adding one more database server for export. This server is used for exporting (read-only) calibration constant database information to our Tier 1 and Tier 2 users as necessary. It is part of a a bundle of secondary server export to the outside world.

DB06.STAR.BNL.GOV

130.199.59.206

3316

Extension

Owners: Jerome Lauret / Wayne Betts

2008/01/19

2015/03/20

This is an alternate read-only server for the STAR experiment's run conditions database for use by the BNL data production. 3316  is a nonstandard MySQL port.

DB06.STAR.BNL.GOV

130.199.88.67

3316

Obsolete

2006/11/02

2008/11/21

We request port 3316 to be opened and by then, adding one more database server for export. This server is used for exporting (read-only) calibration constant database information to our Tier 1 and Tier 2 users as necessary. It is part of a a bundle of secondary server export to the outside world.

DB07.STAR.BNL.GOV

130.199.59.207

3316

Extension

Owners: Jerome Lauret / Wayne Betts

2008/01/17

2015/03/20

We request port 3316 to be opened and by then, adding one more database server for export. This server is used for exporting (read-only) calibration constant database information to our Tier 1 and Tier 2 users as necessary. It is part of a a bundle of secondary server export to the outside world.

DB08.STAR.BNL.GOV

130.199.88.43

3316

Extension

2006/10/10

2008/11/28
Closed 2008/12/09

INBOUND ONLY - This is an alternate read-only server for the STAR experiment's run conditions database for use by the BNL data production. 3316 is a nonstandard MySQL port.

DB08.STAR.BNL.GOV

130.199.59.208

3316

Extension

Owners: Jerome Lauret / Wayne Betts

2008/12/15
2011/02/04
2012/03/02

2011/01/04
2012/02/04
2015/03/20

INBOUND ONLY - This is an alternate read-only server for the STAR experiment's run conditions database for use by the BNL data production. 3316 is a nonstandard MySQL port. The server is used for exporting (read-only) calibration constant database information to our Tier 1 andTier 2 users as necessary.

FC1.STAR.BNL.GOV

130.199.59.221

3336

New

Owners: Jerome Lauret / Wayne Betts

2009/09/25
2011/02/23

2010/09/25
2015/03/20

This node need port 3336 to be exported to remote site for FileCatalog access at remote site. This node is part of a multi-master db-slave layout. If the conduit were denied BNL would not be able to provide the integrated FileCatalog service to other sites.

ORION.STAR.BNL.GOV

130.199.59.198

443

Extension

Owners: Jerome Lauret / Wayne Betts

2007/01/04

2013/10/17

THIS IS A REPLACEMENT WEB SERVER FOR CONNERY. Public web server used to coordinate STAR collaboration provide public and private web access to our collaborators in support of the Physics Program (Physics Working group documents, mailing lists access via web, STAR collaboration web server). If the conduit were removed we would not be able to perform our science nor disseminate our findings and excitement of our field (as required by DOE).

ORION.STAR.BNL.GOV

130.199.59.198

80

Extension

Owners: Jerome Lauret / Wayne Betts

2007/01/04

2013/10/17

(same as above)

DUVALL.STAR.BNL.GOV

130.199.88.125

3316

Obsolete

2006/02/10

2003/05/12

The STAR MySQL database server is running on this machine and port. Any STAR collaborator running STAR event reconstruction will need access to this data-server regardless of where their process is executing. This could be on a number of machines at any of the 45 STAR institutions.

DUVALL.STAR.BNL.GOV

130.199.59.233

3316

Extension

Owners: Jerome Lauret / Wayne Betts

2003/05/12

2013/03/26

The MySQL database server is running on this machine and port. The service supports STAR operations (data production, file management) and is essential to smooth operations. Any users at BNL (internal or wireless) should be able to access the information from the database service running there. Access from outside BNL is not required.

CH2LINUX.STAR.BNL.GOV

130.199.162.131

80

Obsolete

N/A

2008/09/05
Closed 2008/09/19

This online STAR web server is the primary source of information for worldwide collaborators to check on the current and past status of the STAR detector and data acquisition in operation. Without sharing this information, STAR collaborators would be unable to effectively participate in the experiment and their ability to do physics analysis would be negatively impacted.

Note: All operational functions should be provided from dean.star.bnl.gov aka online.star.bnl.gov

CH2LINUX.STAR.BNL.GOV

130.199.162.131

8080

Obsolete

2006/08/23

2007/08/24
Closed / upgrade

This online STAR web server is the primary source of information for worldwide collaborators to check on the current and past status of the STAR detector and data acquisition in operation. Without sharing this information, STAR collaborators would be unable to effectively participate in the experiment and their ability to do physics analysis would be negatively impacted.

DEAN.STAR.BNL.GOV

130.199.162.136

80

Extension

Owners: Jerome Lauret / Wayne Betts

2007/02/23

2015/03/20

Reverse Proxy 2012/04/11 for www alias.This should no longer be needed

[Confirmed]

This server will be a replacement for ch2linux This conduit is for the
STAR experiment, within the physics department. This web server is the
primary source of information for worldwide collaborators to check on
the current (including dynamic near-real time content) and past status of the STAR detector and data acquisition in operation. Without some method of sharing this information with the world, STAR collaborators from institutions around the world would be unable to effectively participate in the experiment -- they would be unable to sign-up for experiment shifts or to monitor the ongoing activities and even their ability to do physics analysis would be negatively impacted.

DEAN.STAR.BNL.GOV

130.199.162.136

443

Extension

Owners:

Jerome Lauret / Wayne Betts

2007/02/23

2015/03/20

Reverse Proxy 2012/04/11

(same as above)

DEAN.STAR.BNL.GOV

130.199.162.136

8649

Extension

Owners:

Jerome Lauret / Wayne Betts

2009/02/20

2015/03/20

dean, our online Web server, needs to be able to access ANY of the .60 nodes for communicating with Ganglia monitoring. dean is the communicator and need access to the .60 8649 port. Not having this
conduit will make either the scalability of our Ganglia monitoring doubtful or prevent monitoring from the two domains. There are NO NEEDS to have this port opened to something else than for .60 to the .162 communication (and only dean needs to be able to communicate with this
port).

ROBINSON.STAR.BNL.GOV

130.199.59.230

3336

Extension

Owners: Jerome Lauret / Wayne Betts

2009/07/23
2008/01/23

2013/09/28
2010/09/04

[IN-BOUND 128.55.36.0 255.255.255.0]
This conduit is required to allow database synchronization between STAR database servers at NERSC and BNL.

Note:  Confirmed D.A. 2013/05/07 this conduit is no longer needed.

[INBOUND 128.55.24.46]
File Catalog data is being replicated via MYSQL Master/Slave Replication on a single port to NERSC. The M/S replication additionally provides an offsite, redundant backup for the file catalog replication. The absence of this conduit would have a medium impact: distributed computing and awareness of file replica is essential to scheduling optimization and data transfer which would cease.

ROBINSON.STAR.BNL.GOV

130.199.59.230

3306

Extension

Owners: Jerome Lauret / Wayne Betts

2012/11/02
2003/05/12

2014/08/11
2012/10/18

Provides a public database access needed to co-ordinate STAR detector work INBOUND ONLY access only - provides a public database access needed to co-ordinate STAR detector work. Without this conduit, local data mining cannot be executed.

CONNERY.STAR.BNL.GOV

130.199.89.5

80

Extension

2006/09/15

2007/03/18

public web server used to coordinate STAR collaboration provide public and private web access to our collaborators in support of the Physics Program (Physics Working group documents, mailing lists access via web, STAR collaboration web server). If the conduit were removed we would not be able to perform our science nor disseminate our findings and excitement of our field (as required by DOE).

Note: Server replaced by orion.star.bnl.gov along an OS upgrade.

CONNERY.STAR.BNL.GOV

130.199.89.5

8080

Extension

2006/09/15

2007/03/18

public web server used to coordinate STAR collaboration provide public and private web access to our collaborators in support of the Physics Program (Physics Working group documents, mailing lists access via web, STAR collaboration web server). If the conduit were removed we would not be able to perform our science nor disseminate our findings and excitement of our field (as required by DOE).

Note: Server replaced by orion.star.bnl.gov along an OS upgrade.

ALTERA.STAR.BNL.GOV

130.199.88.15

47

Extension

2007/03/16

This conduit will use protocol 47 (Generic Routing Encapsulation) to share licensed software for collaboration work within the Atlas Experiment between the indicated CERN machine and the BNL machine. Software license are currently in use for the STAR experiment as well, hence the ownership of the conduit.

Note: Conduit was not renewed, service no longer needed.

AUTEUIL.STARP.BNL.GOV

130.199.60.137

to port 7778
on Avamar1

New

Owners: Jerome Lauret / Wayne Betts

2013/08/01

2014/08/12

This conduit is for auteuil to contact the Avamar server (130.199.76.196) on port 7778 to run the Avamar administrator console (to perform restore  operations).

DASHBOARD1.STAR.BNL.GOV

130.199.162.181

80
443

New

Owners: Jerome Lauret / Wayne Betts

2014/09/23

This secondary Web server for our online enclave will host a WebSocket based service in order to provide low-latency updates to real-time monitoring plots to remote participants. Normal HTTP cannot provide the feature we seek to support > 1000 channel updates / seconds. WebSocket is a typical solution for scalable high throughput updates requirements. A transparent reverse proxy setup (via Squid) does not support WebSocket hence the conduit is needed for providing remote collaborators with real-time graphical representation of the detector monitoring. All content of this Web server will be access protected (there will be no public information).

Without this conduit, STAR would be an impasse and not able to pursue the deployment of its scalable architecture aimed at providing full support for detector upgrade and increase data demands.