Hi Victor, Indeed I also think this is an interesting and useful ideal, and it is likely easy to do. Something for Lukasz to think of … In your case, you probably can use the following example in /etc/sysconfig/iptables on batch nodes *nat :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] # Traffic going to LFC @ BNL (192.12.15.102:5010) will be redirected to 134.79.198.159:5010 -A PREROUTING -p tcp -d 192.12.15.102 --destination-port 5010 -j DNAT --to-destination 134.79.198.159:5010 -A OUTPUT -p tcp -d 192.12.15.102 --destination-port 5010 -j DNAT --to-destination 134.79.198.159:5010 -A POSTROUTING -p tcp -s 134.79.198.159 --source-port 5010 -j SNAT --to-source 192.12.15.102:5010 Wei Yang | [log in to unmask] | 650-926-3338(O) On Jun 26, 2013, at 10:10 PM, Victor Kotlyar <[log in to unmask]> wrote: > Hi Wei > > on 26.06.2013 23:18, Yang, Wei wrote: >> Hi Victor, >> >> Try to understand your question: is this about something like root_proxy variable? Since you have done a proxy setup so I suppose your question is not about if and how for setting up a proxy. I don't think we currently have this. But I think you can request such a feature to be implemented. In the mean time, I am doing similar things at SLAC by manipulating the NAT table in iptables (modify TCP head so that traffic to host A is sent to host B, etc.) > > Yes it is like a root_proxy variable. > I do not know if it will be widely used but maybe idea is interesting. > When everybody and everywhere in HEP switched to root it might be useful. > > > In our case: > we have WN's after GW (NAT) in our network and a server outside our > network. We would like to reroute all xroot\root traffic to our WNs GW > through that particular server. > > If you have similar setup could you please describe it a little bit. > > Best regards, > Victor Kotlyar > >> >> regards, >> Wei Yang | [log in to unmask] | 1-650-926-3338 >> >> >> >> >> On Jun 26, 2013, at 11:43 AM, Victor Kotlyar<[log in to unmask]> wrote: >> >>> Dear xrootd experts. >>> >>> Since 6th of June we have problems with connection to outside Russia for >>> our institute. >>> We investigate any possibility to use another Institutes for rerouting >>> our Grid traffic. >>> >>> So I have a very simple question: is it possible to create a proxy >>> server for xroot? >>> >>> For example we use http_proxy environment variable to redirect all http >>> traffic through http proxy server on WorkingNodes. >>> >>> On our Grid site Alice experiment initiates many connections on 1095tcp >>> port to outside storage servers and it would be very usefull just to set >>> xroot_proxy environment variable and install xrootd in proxy mode on >>> other site. >>> >>> I guess that it is not so simple. Could you please make any >>> recomendations what is possible to try in our case? >>> >>> Many thanks >>> Best regards, >>> Victor Kotlyar >>> >>> ######################################################################## >>> Use REPLY-ALL to reply to list >>> >>> To unsubscribe from the XROOTD-L list, click the following link: >>> https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1 >> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-L list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1