...
Name Purpose PVs served Host CAS port
Beacon Port
Beacon sent to Document/Comment Upgrade Status LCLS
gwEbeamServe Serving LCLS PVs (Ebeam) to Photon
Readonly
Write for selected PVs
lcls-daemon3 5080 5081 172.21.40.63
(Photon Gateway Subnet)
Design
Admin
Allow all
Deny OTRS:DMP1:695:.*
Upgrade to 64-bit EPICS7 22 Aug 2019 gwEbeamServeWF Serving LCLS PVs (Ebeam) to Photon
Readonly
Write for selected PVs
lcls-daemon3 5079 5081 172.21.40.63
(Photon Gateway Subnet)
Deny all
Allow OTRS:DMP1:695:.*
(dedicated to serve XTCAV OTRDMP camera image PV)
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLS4FACET Serving LCLS PVs to FACET Readonly lcls-daemon10 5070 5069 172.27.75.255
(FACETCA)
Design
Admin
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLS4LCLSII Serving LCLS PVs to LCLS-II Read and Write lcls-daemon10 5060 5069 172.27.131.255 ( LCLS2IOC) and 172.27.11.255 (MCCSRV Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLSPUB Serving LCLS PVs to public Readonly lcls-prod01 5068 5069 134.79.151.255
(DMZ)
Admin
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLSARCH0 Serving LCLS and LCLS-II PVs to Archiver on DMZ Readonly lcls-prod01 5076 5069 134.79.151.255
(DMZ)
.* ALLOW (default)
Deny a list
refer gwLCLSARCH*.dat
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLSARCH1 Serving LCLS and LCLS-II PVs to Archiver on DMZ Readonly lcls-prod01 5077 5069 134.79.151.255
(DMZ)
.* DENY
Allow portion in the list
refer gwLCLSARCH*.dat
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLSARCH2 Serving LCLS and LCLS-II PVs to Archiver on DMZ Readonly lcls-prod01 5078 5069 134.79.151.255
(DMZ)
.* DENY
Allow portion in the list
refer gwLCLSARCH*.dat
Upgrade to 64-bit EPICS7 22 Aug 2019 gwLCLSARCH3 Serving LCLS and LCLS-II PVs to Archiver on DMZ Readonly lcls-prod01 5079 5069 134.79.151.255
(DMZ)
.* DENY
Allow portion in the list
refer gwLCLSARCH*.dat
Upgrade to 64-bit EPICS7 22 Aug 2019 LCLS-II
gwLCLSII4LCLS Serving LCLS-II PVs to LCLS Read and Write lcls2-daemon10 5060 5069 172.27.3.255 ( LCLSIOC) and 172.27.11.255 (MCCSRV) Upgrade to 64-bit EPICS7 22 Aug 2019 FACET
gwFACET4LCLS Serving FACET PVs to LCLS Readonly facet-daemon1 5070 5069 172.27.11.255
(LCLSCA)
Design
Admin
gwFACETPUB Serving FACET PVs to public Readonly lcls-prod01 5063 5069 134.79.151.255
(DMZ)
Design Upgrade to 64-bit EPICS7 22 Aug 2019 gwEXP2FACET Serving Fedora based PCOEdge Camera PVs in B244 to FACET controls Readonly
Write allowed from facet-srv20 to slac-dev-fed
lcls-prod01 5062 5069 facet-srv*:
172.27.72.28 172.27.72.22 172.27.72.23
Not in use currently gwFACETARCH Serving FACET PVs to Archiver on DMZ Readonly lcls-prod01 5075 5069 134.79.151.255
(DMZ)
Allow all
Upgrade to 64-bit EPICS7 22 Aug 2019 Test Facilities gwACCTESTPUB Serving Test Facilities PV to public Readonly testfac-daemon2 5048 5049 134.79.219.255
(LCLSDEV)
doc Cryo gwCRYO4LCLS Serving Cryo PVs to LCLS Read and Write cryo-daemon1 5061 5069 172.27.43.255 172.27.11.255 134.79.151.21 .* ALLOW
.* ALLOW CANWRITE
Upgrade to 64-bit EPICS7 22 Aug 2019
...
Change /etc/init.d/st.gwEbeamServe
on lcls-daemon3 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwEbeamServe64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-daemon3]$ /etc/init.d/st.gwEbeamServe restart
Verify that all LCLSIOC subnet PVs except for OTRS:DMP1:695:*
PVs can be seen from Photon/PCDS subnet clients. Verify that the lclshome->Network (Global)->PV Gateway Diag->Ebeam Serve display is repopulated after the restart. Check /u1/lcls/tools/gateway/gwEbeamServe.log for errors.
gwEbeamServeWF :
Change /etc/init.d/st.gwEbeamServeWF
on lcls-daemon3 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwEbeamServeWF64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-daemon3]$ /etc/init.d/st.gwEbeamServeWF restart
Verify that only OTRS:DMP1:695:*
PVs can be seen from Photon/PCDS subnet clients. lcls-daemon10 gwLCLS4FACET :
Verify that the lclshome->Network (Global)->PV Gateway Diag->Ebeam Serve WF display is repopulated after the restart. Check /u1/lcls/tools/gateway/gwEbeamServeWF.log for errors. ...
lcls-daemon10 gwLCLS4FACET :
Change /
Change / etc/init.d/st.gwLCLS4FACET
on lcls-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLS4FACET64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-daemon10]$ /etc/init.d/st.gwLCLS4FACET restart
Verify that LCLSIOC subnet PVs can be seen from FACETCA subnet clients.
gwLCLS4LCLSII :
Verify that the lclshome->Network (Global)->PV Gateway Diag->LCLS 4 FACET display is repopulated after the restart. Check /u1/lcls/tools/gateway/gwLCLS4FACET.log for errors.
gwLCLS4LCLSII :
Change /etc/init.d/st.gwLCLS4LCLSII
on lcls- Change /etc/init.d/st.gwLCLS4LCLSII
on lcls- daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLS4LCLSII_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-daemon10]$ /etc/init.d/st.gwLCLS4LCLSII restart
Verify that LCLSIOC subnet PVs can be seen from LCLS2IOC subnet clients. Check /u1/lcls/tools/gateway/gwLCLS4LCLSII.log for errors. ...
lcls- lcls- prod01gwLCLSPUB :
Change /etc/init.d/st.gwLCLSPUB
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSPUB64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSPUB restart
Verify that LCLS production PVs can be seen when running lclshome
on LCLSDEV/LCLSDMZ nodes (e.g., mcclogin). Verify that the lclshome->Network (Global)->PV Gateway Diag->LCLS PUB display is repopulated after the restart. Check /nfs/slac/g/lcls/tools/gateway/gwLCLSPUB.log for errors.
gwLCLSARCH0 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH0
on lcls-prod01 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH0_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH0 restart
lcls-home Verify that the lclshome ->Network (Global)->PV Gateway Diag->LCLS ARCH0 display is repopulated after the restart.
Check /nfs/slac/g/lcls/tools/gateway/gwEbeamServe gwLCLSARCH0 .log Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH0.dat
...
# allow everthing, deny patterns
EVALUATION ORDER ALLOW, DENY
.* ALLOW
^[A-Za-z0-9]+:UND1:.* DENY
^[A-Za-z0-9]+:LTU1:.* DENY
^[A-Za-z0-9]+:LTU0:.* DENY
^[A-Za-z0-9]+:DMP1:.* DENY
^[A-Za-z0-9]+:IN20:.* DENY
^[A-Za-z0-9]+:BSY0:.* DENY
^[A-Za-z0-9]+:BSYA:.* DENY
^[A-Za-z0-9]+:MCC0:.* DENY
^[A-Za-z0-9]+:SYS0:.* DENY
^[A-Za-z0-9]+:LR20:.* DENY
^[A-Za-z0-9]+:NEH:.* DENY
^[A-Za-z0-9]+:NEH1:.* DENY
^[A-Za-z0-9]+:FEH:.* DENY
^[A-Za-z0-9]+:FEH1:.* DENY
^[A-Za-z0-9]+:FEE1:.* DENY
^[A-Za-z0-9]+:SYS2:.* DENY
^[A-Za-z0-9]+:CLTH:.* DENY
^[A-Za-z0-9]+:GUNB:.* DENY
^[A-Za-z0-9]+:LGUN:.* DENY
^[A-Za-z0-9]+:ALH2:.* DENY
^[A-Za-z0-9]+:ALH0:.* DENY
^[A-Za-z0-9]+:ACR0:.* DENY
^[A-Za-z0-9]+:GBL0:.* DENY
^[A-Za-z0-9]+:R02:.* DENY
^[A-Za-z0-9]+:XRT1:.* DENY
gwLCLSARCH1 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH1
on lcls-daemon10 to use CMDPATH= /afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
1_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH1 restart
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH1.dat
...
# deny everything, allow the patterns
# For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs
EVALUATION ORDER DENY, ALLOW
.* DENY
^[A-Za-z0-9]+:UND1:.* ALLOW
^[A-Za-z0-9]+:LTU1:.* ALLOW
^[A-Za-z0-9]+:LTU0:.* ALLOW
^[A-Za-z0-9]+:DMP1:.* ALLOW
^[A-Za-z0-9]+:IN20:.* ALLOW
^[A-Za-z0-9]+:BSY0:.* ALLOW
^[A-Za-z0-9]+:BSYA:.* ALLOW
GWLCLSARCH1:.* ALLOW
gwLCLSARCH2 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH2
on lcls-prod01 to use CMDPATH= /afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
2_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH2 restart
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH2.dat
...
# deny everything, allow the patterns
# For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs
EVALUATION ORDER DENY, ALLOW
.* DENY
^[A-Za-z0-9]+:MCC0:.* ALLOW
^[A-Za-z0-9]+:SYS0:.* ALLOW
^[A-Za-z0-9]+:LR20:.* ALLOW
^[A-Za-z0-9]+:NEH:.* ALLOW
^[A-Za-z0-9]+:NEH1:.* ALLOW
^[A-Za-z0-9]+:FEH:.* ALLOW
^[A-Za-z0-9]+:FEH1:.* ALLOW
^[A-Za-z0-9]+:FEE1:.* ALLOW
^[A-Za-z0-9]+:ALH0:.* ALLOW
^[A-Za-z0-9]+:ACR0:.* ALLOW
^[A-Za-z0-9]+:GBL0:.* ALLOW
^[A-Za-z0-9]+:R02:.* ALLOW
^[A-Za-z0-9]+:XRT1:.* ALLOW
GWLCLSARCH2:.* ALLOW
gwLCLSARCH3 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
for errors.
gwLCLSARCH1 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH1
on lcls-prod01 to use CMDPATH= /afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
1_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH1 restart
Verify that the lclshome->Network (Global)->PV Gateway Diag->LCLS ARCH1 display is repopulated after the restart. Check /nfs/slac/g/lcls/tools/gateway/gwLCLSARCH1.log for errors.
gwLCLSARCH2 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH2
on lcls-prod01 to use CMDPATH= /afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH
2_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH2 restart
Verify that the lclshome->Network (Global)->PV Gateway Diag->LCLS ARCH2 display is repopulated after the restart.
Check /nfs/slac/g/lcls/tools/gateway/gwLCLSARCH2.log for errors.
gwLCLSARCH3 :
NoteArchiver Gateways should be stopped and restarted one at a time to independently verify that ACLs are working properly.
Change /etc/init.d/st.gwLCLSARCH3
on lcls-daemon10 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH3_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH3 restart
Verify that the lclshome->Network (Global)->PV Gateway Diag->LCLS ARCH3 display is repopulated after the restart.
Check /nfs/slac/g/lcls/tools/gateway/gwLCLSARCH3.log for errors.
Change /etc/init.d/st.gwLCLSARCH3
on lcls-daemon10 to use CMDPATH=/afs/slac/g/lcls/tools/gateway/script/st.gwLCLSARCH3_64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ /etc/init.d/st.gwLCLSARCH3 restart
Verify that the following PV patterns are archived in the LCLS Archiver according to the permissions below:
Code Blocklanguage bash theme Midnight
[laci@lcls-prod01]$ cat $TOOLS/gateway/config/gwLCLSARCH3.dat
...
# deny everything, allow the patterns
# For every allow pattern here, we should have a deny pattern in gwLCLSARCH0.dat; otherwise we'll get duplicate PVs
EVALUATION ORDER DENY, ALLOW
.* DENY
^[A-Za-z0-9]+:SYS2:.* ALLOW
^[A-Za-z0-9]+:CLTH:.* ALLOW
^[A-Za-z0-9]+:GUNB:.* ALLOW
^[A-Za-z0-9]+:LGUN:.* ALLOW
^[A-Za-z0-9]+:ALH2:.* ALLOW
GWLCLSARCH3:.* ALLOW
...
lcls2-daemon10 gwLCLSII4LCLS :
Change /etc/init.d/st.gwLCLSII4LCLS
on lcls2-daemon10 to use CMDPATH=/usr/local/lcls/tools/gateway/script/st.gwLCLSII4LCLS64
Restart gateway:
Code Blocklanguage bash theme Midnight
[laci@lcls2-daemon10]$ /etc/init.d/st.gwLCLSII4LCLS restart
Verify that LCLS2IOC subnet PVs are readable and writable from LCLSIOC subnet clients.
Check /u1/lcls/tools/gateway/gwLCLSII4LCLS .log for errors.
...
AnchorFACET Gateway Test Procedures FACET Gateway Test Procedures
...
Change /etc/init.d/st.gwACCTESTPUB
on testfac-daemon2 to use CMDPATH=/afs/slac/g/acctest/tools/gateway/script/st.gwACCTESTPUB64
Restart gateway:
Code Blocklanguage bash theme Midnight
[acctf@testfac-daemon2]$ /etc/init.d/st.gwACCTESTPUB restart
Verify that ACCTESTFAC subnet PVs can be seen when running xtahome
on LCLSDEV/LCLSDMZ nodes (e.g., mcclogin).
...
AnchorCryo Gateway Test Procedures Cryo Gateway Test Procedures
Cryo Gateway Test Procedures
...