Thanks for this. How do you check this reverse lookup? m248.gc.cuny.edu has ip address 10.10.32.248 and is not in any DNS. It's in /etc/hosts
[EMAIL PROTECTED] ~ $ host 10.10.32.248 Host 248.32.10.10.in-addr.arpa not found: 3(NXDOMAIN) [EMAIL PROTECTED] ~ $ host 146.96.129.99 99.129.96.146.in-addr.arpa domain name pointer grid.gc.cuny.edu. [EMAIL PROTECTED] ~ $ Incidentally, even after changing the hostname to m248.gc.cuny.edu and regenerating host and containerkey certificates, I still have the same behavior. Does this mean I need to set up DNS services for the internal network? [EMAIL PROTECTED] ~ $ globusrun-ws -s -submit -c /bin/hostname Delegating user credentials...Done. Submitting job...Done. Job ID: uuid:ce8a6d50-6550-11dc-9e6a-0002b323da69 Termination time: 09/18/2007 19:04 GMT Current job state: Active Current job state: CleanUp-Hold globusrun-ws: ignoring error while streaming gsiftp://grid.gc.cuny.edu:2811/home/m248/globus/ce8a6d50-6550-11dc-9e6a-0002b323da69.0.stdout: globus_ftp_control: gss_init_sec_context failed GSS Major Status: Unexpected Gatekeeper or Service Name globus_gsi_gssapi: Authorization denied: The name of the remote host (m248.gc.cuny.edu), and the expected name for the remote host (grid.gc.cuny.edu) do not match. This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem. globusrun-ws: ignoring error while streaming gsiftp://grid.gc.cuny.edu:2811/home/m248/globus/ce8a6d50-6550-11dc-9e6a-0002b323da69.0.stderr: globus_ftp_control: gss_init_sec_context failed GSS Major Status: Unexpected Gatekeeper or Service Name globus_gsi_gssapi: Authorization denied: The name of the remote host (m248.gc.cuny.edu), and the expected name for the remote host (grid.gc.cuny.edu) do not match. This happens when the name in the host certificate does not match the information obtained from DNS and is often a DNS configuration problem. Current job state: CleanUp Current job state: Failed Destroying job...Done. Cleaning up any delegated credentials...Done. globusrun-ws: Job failed: Staging error for RSL element fileCleanUp. [EMAIL PROTECTED] ~ $ -----Original Message----- From: Charles Bacon [mailto:[EMAIL PROTECTED] Sent: Mon 9/17/2007 3:02 PM To: Lengyel, Florian Cc: [email protected] Subject: Re: [gt-user] logicalHost -- when does globus decide to use hostname? The client machine is doing a reverse-IP lookup on the address it connects to. The issue here does not appear to be with the server hostname configuration, but the client's resolution process. I see that you're connecting from the same machine - is it possible that it's getting 127.0.0.1 as the server's address, then reverse-looking that up to the wrong name? Does the same thing happen from a second machine? Charles On Sep 17, 2007, at 12:44 PM, Lengyel, Florian wrote: > > > > -----Original Message----- > From: [EMAIL PROTECTED] on behalf of Lengyel, Florian > Sent: Mon 9/17/2007 1:35 PM > To: [email protected] > Subject: [gt-user] logicalHost -- when does globus decide to use > hostname? > > > I have had a persistent problem with the globus toolkit for several > years now. > The problem concerns the semantics of logicalHost. The idea of > logicalHost is > that it overrides hostname. At least it should, only I haven't seen > it do this > consistently in all of the years that I have been using the globus > toolkit. > If I try to set the hostname to the logicalHost that I want > globus to use, even if that means breaking other systems that might > have > depended on my original hostname, then globus seems to use the > hostname > under which it was compiled. > > > > Here's an example. Originally I compiled globus on a machine with > hostname grid.gc.cuny.edu. That was the hostname under which > the simpleCA was created--perhaps this is related. > > I wanted the logicalHost name to be m248.gc.cuny.edu, > which refers to a different interface. The following error occurs > > a) with hostname grid.gc.cuny.edu and logicalHost m248.gc.cuny.edu > b) with hostname m248.gc.cuny.edu and logicalHost m248.gc.cuny.edu > > It's clear that the command /bin/hostname executes - I have the > output. Only the attempt by globus to return the output fails, > because for some reason globus expects to see grid.gc.cuny.edu as > the hostname, even though it is running on m248.gc.cuny.edu, > and that is the hostname. > > [EMAIL PROTECTED] ~ $ globusrun-ws -s -submit -c /bin/hostname > Delegating user credentials...Done. > Submitting job...Done. > Job ID: uuid:dfa17d24-6544-11dc-88ad-0002b323da69 > Termination time: 09/18/2007 17:38 GMT > Current job state: Active > Current job state: CleanUp-Hold > globusrun-ws: ignoring error while streaming gsiftp:// > grid.gc.cuny.edu:2811/home/m248/globus/ > dfa17d24-6544-11dc-88ad-0002b323da69.0.stdout: > globus_ftp_control: gss_init_sec_context failed > GSS Major Status: Unexpected Gatekeeper or Service Name > globus_gsi_gssapi: Authorization denied: The name of the remote > host (m248.gc.cuny.edu), and the expected name for the remote host > (grid.gc.cuny.edu) do not match. This happens when the name in the > host certificate does not match the information obtained from DNS > and is often a DNS configuration problem. > globusrun-ws: ignoring error while streaming gsiftp:// > grid.gc.cuny.edu:2811/home/m248/globus/ > dfa17d24-6544-11dc-88ad-0002b323da69.0.stderr: > globus_ftp_control: gss_init_sec_context failed > GSS Major Status: Unexpected Gatekeeper or Service Name > globus_gsi_gssapi: Authorization denied: The name of the remote > host (m248.gc.cuny.edu), and the expected name for the remote host > (grid.gc.cuny.edu) do not match. This happens when the name in the > host certificate does not match the information obtained from DNS > and is often a DNS configuration problem. > Current job state: CleanUp > Current job state: Failed > Destroying job...Done. > Cleaning up any delegated credentials...Done. > globusrun-ws: Job failed: Staging error for RSL element fileCleanUp. > [EMAIL PROTECTED] ~ $ >
