 |
 |
Hi Artem, Convenient yes but it also violates the prime security directive here. If the security need is to keep servers separate then allowing even one to be shared destroys the whole structure (the weakest link phenomena). The security team here doesn't like wall paper security. So if you're going to violate the security policy then overtly do so. This, of course, is not to say there may be non-security reasons for doing this. Anyway, no you will need to run two redirectors to keep the server pools truly separate. Andy ----- Original Message ----- From: "Artem Trunov" <[log in to unmask]> To: <[log in to unmask]> Sent: Wednesday, February 01, 2006 6:44 AM Subject: xrootd redirection based on client's subnet > Hi Andy et all, > > Does xrootd support it? The use case is when you want to have one > redirector, but kee ptwo separate pools of servers - one for access from > WNs (servers in IFZ), and another for out of site access (servers in DMZ). > Then you'd specify selection rools in you olbd config. This is a feature > of dCache, very convinient. > > Artem. > >