FYI:
I found a not-so-nice-solution by injecting the NAT DNS name, paired with the private IP address, into
/etc/hosts

xrdfs now works.
(When paired with rpipa)

May be good enough for the short term, but I don’t want to run like this in the long run!

I would really like to have a knob in the Xrootd config that sets that string in Xrootd-domain, not at a system level!
(Please let me know if there is already such a thing… could not find it)

Thanks,
  Igor

On Feb 14, 2019, at 12:22 PM, Sfiligoi, Igor <[log in to unmask]> wrote:

Let me clarify that I was using the default 
xrd.network in the previous test.

If I set
xrd.network rpipa

I get a slightly different error, but still does not work:
[2019-02-14 11:56:55.701144 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Got the server hand shake response (type: server [], protocol version 400)
[2019-02-14 11:56:55.701246 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] kXR_protocol successful (type: server [], protocol version 400)
[2019-02-14 11:56:55.703790 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Sending out kXR_login request, username: isfiligo, cgi: ?xrd.cc=us&xrd.tz=-8&xrd.appname=xrdfs&xrd.info=&xrd.hostname=test-012.t2.ucsd.edu&xrd.rn=v20181017-9b957ca, dual-stack: true, private IPv4: false, private IPv6: false
[2019-02-14 11:56:55.758626 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Logged in, session: 010000000c0000003b00000001000000
[2019-02-14 11:56:55.758778 -0800][Debug  ][PostMaster        ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0] Stream 0 connected.
[2019-02-14 11:56:55.758830 -0800][Debug  ][Utility           ] Monitor library name not set. No monitoring
[2019-02-14 11:56:55.814259 -0800][Debug  ][PostMaster        ] Creating new channel to: stashcache-origin-merra2-6bbd895cc4-jlpwp:31094 1 stream(s)
[2019-02-14 11:56:55.814335 -0800][Debug  ][PostMaster        ] [stashcache-origin-merra2-6bbd895cc4-jlpwp:31094 #0] Stream parameters: Network Stack: IPAuto, Connection Window: 120, ConnectionRetry: 5, Stream Error Window: 1800
[2019-02-14 11:56:55.815528 -0800][Debug  ][TaskMgr           ] Registering task: "TickGeneratorTask for: stashcache-origin-merra2-6bbd895cc4-jlpwp:31094" to be run at: [2019-02-14 11:57:10 -0800]
[2019-02-14 11:56:55.824494 -0800][Error  ][Utility           ] Unable to resolve stashcache-origin-merra2-6bbd895cc4-jlpwp:31094: Name or service not known
[2019-02-14 11:56:55.824558 -0800][Error  ][PostMaster        ] [stashcache-origin-merra2-6bbd895cc4-jlpwp:31094 #0] Unable to resolve IP address for the host
[2019-02-14 11:56:55.824613 -0800][Error  ][XRootD            ] [stashcache-origin-merra2-6bbd895cc4-jlpwp:31094] Unable to send the message kXR_dirlist (path: /merra2): [FATAL] Invalid address

xrdfs now tries to talk to the server-internal DNS name, which obviously is a no-go from outside the cluster :(

Any further suggestions welcome.

Igor

On Feb 13, 2019, at 8:55 AM, Sfiligoi, Igor <[log in to unmask]> wrote:

Dear Xrootd team.

I am deploying a Xrootd server (4.9) behind a port-forwarding NAT.
I.e. the node itself only has a private IP address, but it can be contacted via the NAT’s public IP address.

The problem is, 
xrdfs <URL> ls
does not work!
(While xrdcp does, at least for a small file)

Looking at the debug messages, I see that xrdfs first successfully contacts the Xrootd server, 
but then tries to open a new connection to the internal IP address.

How can I tell the Xrootd server to never use the internal IP address, and use the NAT’s public IP instead?
Note that xrootd on the node itself has no way to auto-detect this information.

Thank you in advance,
  Igor Sfiligoi
  OSG and PRP teams

Excerpt from the XRD_LOGLEVEL=Debug xrdfs root://stashcache-origin-merra2.nautilus.optiputer.net:31094 ls /merra2/
(stashcache-origin-merra2.nautilus.optiputer.net is the NAT’s DNS name, 10.244.22.53 is the private IP addres)
...
[2019-02-13 08:52:39.235574 -0800][Debug  ][TaskMgr           ] Registering task: "FileTimer task" to be run at: [2019-02-13 08:52:39 -0800]
[2019-02-13 08:52:39.235620 -0800][Debug  ][PostMaster        ] Creating new channel to: stashcache-origin-merra2.nautilus.optiputer.net:31094 1 stream(s)
[2019-02-13 08:52:39.235646 -0800][Debug  ][PostMaster        ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0] Stream parameters: Network Stack: IPAuto, Connection Window: 120, ConnectionRetry: 5, Stream Error Window: 1800
[2019-02-13 08:52:39.236480 -0800][Debug  ][TaskMgr           ] Registering task: "TickGeneratorTask for: stashcache-origin-merra2.nautilus.optiputer.net:31094" to be run at: [2019-02-13 08:52:54 -0800]
[2019-02-13 08:52:39.238006 -0800][Debug  ][PostMaster        ] [stashcache-origin-merra2.nautilus.optiputer.net:31094] Found 6 address(es): [::ffff:198.17.101.70]:31094, [::ffff:198.17.101.46]:31094, [::ffff:130.191.103.1]:31094, [::ffff:128.114.109.70]:31094, [::ffff:171.66.4.10]:31094, [::ffff:198.48.92.50]:31094
[2019-02-13 08:52:39.238071 -0800][Debug  ][AsyncSock         ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Attempting connection to [::ffff:198.48.92.50]:31094
[2019-02-13 08:52:39.238133 -0800][Debug  ][Poller            ] Adding socket 0x1715ab0 to the poller
[2019-02-13 08:52:39.293202 -0800][Debug  ][AsyncSock         ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Async connection call returned
[2019-02-13 08:52:39.293382 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Sending out the initial hand shake + kXR_protocol
[2019-02-13 08:52:39.348512 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Got the server hand shake response (type: server [], protocol version 400)
[2019-02-13 08:52:39.348611 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] kXR_protocol successful (type: server [], protocol version 400)
[2019-02-13 08:52:39.351161 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Sending out kXR_login request, username: isfiligo, cgi: ?xrd.cc=us&xrd.tz=-8&xrd.appname=xrdfs&xrd.info=&xrd.hostname=test-012.t2.ucsd.edu&xrd.rn=v20181017-9b957ca, dual-stack: true, private IPv4: false, private IPv6: false
[2019-02-13 08:52:39.405956 -0800][Debug  ][XRootDTransport   ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0.0] Logged in, session: 030000000b0000003e00000003000000
[2019-02-13 08:52:39.406091 -0800][Debug  ][PostMaster        ] [stashcache-origin-merra2.nautilus.optiputer.net:31094 #0] Stream 0 connected.
[2019-02-13 08:52:39.406114 -0800][Debug  ][Utility           ] Monitor library name not set. No monitoring
[2019-02-13 08:52:39.461686 -0800][Debug  ][PostMaster        ] Creating new channel to: 10.244.22.53:31094 1 stream(s)
[2019-02-13 08:52:39.461765 -0800][Debug  ][PostMaster        ] [10.244.22.53:31094 #0] Stream parameters: Network Stack: IPAuto, Connection Window: 120, ConnectionRetry: 5, Stream Error Window: 1800
[2019-02-13 08:52:39.463259 -0800][Debug  ][TaskMgr           ] Registering task: "TickGeneratorTask for: 10.244.22.53:31094" to be run at: [2019-02-13 08:52:54 -0800]
[2019-02-13 08:52:39.463348 -0800][Debug  ][PostMaster        ] [10.244.22.53:31094] Found 1 address(es): [::ffff:10.244.22.53]:31094
[2019-02-13 08:52:39.463413 -0800][Debug  ][AsyncSock         ] [10.244.22.53:31094 #0.0] Attempting connection to [::ffff:10.244.22.53]:31094
[2019-02-13 08:52:39.463499 -0800][Debug  ][Poller            ] Adding socket 0x170ff20 to the poller
 



Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1