Maybe I should open another ticket, but this is the information: - the cache is using only Ipv4 - It uses hostnetwork on Kubernetes, that means is almost a bare-metal network ``` [root@stashcache xrootd]# netstat | wc -l 2025 ``` ``` ./gfal-copy -E /tmp/x509up_u46903 -f https://cf-ac-uk-cache.nationalresearchplatform.org:8443/user/ligo/test_access/access_ligo . (igwn) [fabio.andrijauskas@ldas-grid ~]$ openssl x509 -in /tmp/x509up_u46903 -noout -dates -subject notBefore=Mar 10 17:30:40 2023 GMT notAfter=Mar 22 06:35:40 2023 GMT subject=DC = org, DC = cilogon, C = US, O = LIGO, CN = Fabio Andrijauskas [log in to unmask] (igwn) [fabio.andrijauskas@ldas-grid ~]$ ``` ``` 230310 17:55:54 54436 XrootdXeq: 1fa32e3f.471944:[log in to unmask] disc 0:00:30 230310 17:55:54 54436 1fa32e3f.471944:[log in to unmask] Xrd_Poll: Poller 2 removing FD 17688 230310 17:55:54 54436 1fa32e3f.471944:[log in to unmask] Xrd_Poll: FD 17688 detached from poller 2; num=5680 230310 17:55:54 54431 anon.0:[log in to unmask] http_Protocol: SSL_accept returned :1 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: Subject name is : '/DC=org/DC=cilogon/C=US/O=LIGO/CN=Fabio Andrijauskas [log in to unmask]; hash is 1fa32e3f.0 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: Extracting auth info. 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: Certificate data extraction failed: /DC=org/DC=cilogon/C=US/O=LIGO/CN=Fabio Andrijauskas [log in to unmask] Failed. err: -1 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: No VOMS information for DN: /DC=org/DC=cilogon/C=US/O=LIGO/CN=Fabio Andrijauskas [log in to unmask] 230310 17:55:54 54431 sysXrdOucGMap::dn2user: no valid match found for DN '/DC=org/DC=cilogon/C=US/O=LIGO/CN=Fabio Andrijauskas [log in to unmask] 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: Mapping name: /DC=org/DC=cilogon/C=US/O=LIGO/CN=Fabio Andrijauskas [log in to unmask] Failed. err: -14 230310 17:55:54 54431 anon.0:[log in to unmask] http_Security: Will fallback name to subject hash: 1fa32e3f.0 http Protocol 'https' http Name '1fa32e3f.0' http Host '[::ffff:131.215.113.168]' http Vorg '' ``` ``` ./gfal-copy -vvv -E /tmp/x509up_u46903 -f https://cf-ac-uk-cache.nationalresearchplatform.org:8443/user/ligo/test_access/access_ligo . DEBUG no GFAL_CONFIG_DIR env var found, try to load configuration from default directory /etc/gfal2.d/ DEBUG try to load configuration file /etc/gfal2.d//bdii.conf ... DEBUG try to load configuration file /etc/gfal2.d//gfal2_core.conf ... DEBUG try to load configuration file /etc/gfal2.d//x509.conf ... DEBUG try to load configuration file /etc/gfal2.d//xrootd_plugin.conf ... DEBUG try to load configuration file /etc/gfal2.d//http_plugin.conf ... DEBUG Using credentials from default proxy location DEBUG Certificate: /tmp/x509up_u46903 DEBUG Private key: /tmp/x509up_u46903 DEBUG ... no GFAL_PLUGIN_DIR environment variable specified, try to load plugins in the default directory : /usr/lib64/gfal2-plugins/ DEBUG [gfal_list_directory_plugins] add plugin to list to load /usr/lib64/gfal2-plugins//libgfal_plugin_file.so DEBUG [gfal_list_directory_plugins] add plugin to list to load /usr/lib64/gfal2-plugins//libgfal_plugin_xrootd.so DEBUG [gfal_list_directory_plugins] add plugin to list to load /usr/lib64/gfal2-plugins//libgfal_plugin_http.so INFO [gfal_module_load] plugin /usr/lib64/gfal2-plugins//libgfal_plugin_file.so loaded with success DEBUG gfal_plugin loaded successfully : /usr/lib64/gfal2-plugins//libgfal_plugin_file.so INFO [gfal_module_load] plugin /usr/lib64/gfal2-plugins//libgfal_plugin_xrootd.so loaded with success DEBUG gfal_plugin loaded successfully : /usr/lib64/gfal2-plugins//libgfal_plugin_xrootd.so DEBUG Davix: Enable GRID profile for DAVIX DEBUG Davix: Adding CA path /etc/grid-security/certificates/ to valid CA path list DEBUG Davix: Using standard location for proxy: /tmp/x509up_u46903 DEBUG Davix: HTTP/SSL Session caching ENABLED DEBUG Davix: Redirection Session caching ENABLED DEBUG Davix: libdavix path /lib64/libdavix.so.0, version: 0.8.4 DEBUG Davix: Enable GRID profile for DAVIX DEBUG Davix: Adding CA path /etc/grid-security/certificates/ to valid CA path list DEBUG Davix: Using standard location for proxy: /tmp/x509up_u46903 INFO [gfal_module_load] plugin /usr/lib64/gfal2-plugins//libgfal_plugin_http.so loaded with success DEBUG gfal_plugin loaded successfully : /usr/lib64/gfal2-plugins//libgfal_plugin_http.so DEBUG plugin priority order: file-2.21.3 -> xrootd-2.21.3 -> http-2.21.3 -> DEBUG Impossible to get string_list parameter HTTP:CF-AC-UK-CACHE.NATIONALRESEARCHPLATFORM.ORG:HEADERS, set to a default value (null), err Key file does not have group “HTTP:CF-AC-UK-CACHE.NATIONALRESEARCHPLATFORM.ORG” DEBUG Impossible to get string_list parameter HTTP PLUGIN:HEADERS, set to a default value (null), err Key file does not have key “HEADERS” in group “HTTP PLUGIN” DEBUG Impossible to get integer parameter HTTP PLUGIN:OPERATION_TIMEOUT, set to default value 1800, err Key file does not have key “OPERATION_TIMEOUT” in group “HTTP PLUGIN” DEBUG Using client X509 for HTTPS session authorization DEBUG Impossible to get string parameter BEARER:TOKEN, set to default value (null), err Key file does not have group “BEARER” DEBUG Impossible to get string_list parameter HTTP:CF-AC-UK-CACHE.NATIONALRESEARCHPLATFORM.ORG:HEADERS, set to a default value (null), err Key file does not have group “HTTP:CF-AC-UK-CACHE.NATIONALRESEARCHPLATFORM.ORG” DEBUG Impossible to get string_list parameter HTTP PLUGIN:HEADERS, set to a default value (null), err Key file does not have key “HEADERS” in group “HTTP PLUGIN” DEBUG Impossible to get integer parameter HTTP PLUGIN:OPERATION_TIMEOUT, set to default value 1800, err Key file does not have key “OPERATION_TIMEOUT” in group “HTTP PLUGIN” DEBUG Using client X509 for HTTPS session authorization DEBUG Davix: Create HttpRequest for https://cf-ac-uk-cache.nationalresearchplatform.org:8443/user/ligo/test_access/access_ligo DEBUG Davix: -> negotiateRequest DEBUG Davix: NEON start internal request DEBUG Davix: no cached ne_session, create a new one DEBUG Davix: HTTP session to https://cf-ac-uk-cache.nationalresearchplatform.org:8443 begins. DEBUG Davix: configure session... DEBUG Davix: define connection timeout to 30 DEBUG Davix: define operation timeout to 1800 DEBUG Davix: add CA PATH /etc/grid-security/certificates/ DEBUG Davix: disable login/password authentication DEBUG Davix: enable client cert authentication by callback DEBUG Davix: Running pre_send hooks INFO Davix: > POST /user/ligo/test_access/access_ligo HTTP/1.1 > User-Agent: gfal2-util/1.8.0 gfal2/2.21.3 neon/0.0.29 > Keep-Alive: > Connection: Keep-Alive > TE: trailers > Host: cf-ac-uk-cache.nationalresearchplatform.org:8443 > Content-Type: application/macaroon-request > Content-Length: 61 > DEBUG Davix: Sending request-line and headers: DEBUG Davix: Doing DNS lookup on cf-ac-uk-cache.nationalresearchplatform.org... DEBUG Davix: clicert callback DEBUG Davix: call client cert callback DEBUG Davix: Sending request body: DEBUG Davix: Request body sent successfully DEBUG Davix: Request sent; retry is 0. INFO Davix: < HTTP/1.1 200 OK INFO Davix: < Connection: Keep-Alive INFO Davix: < Server: XrootD/v5.5.3 INFO Davix: < Content-Length: 465 INFO Davix: < DEBUG Davix: End of headers. DEBUG Davix: Running post_headers hooks DEBUG Davix: <- negotiateRequest DEBUG Davix: Davix::BackendRequest::readSegment: want to read 1048576 bytes DEBUG Davix: Reading 465 bytes of response body. DEBUG Davix: Got 465 bytes. DEBUG Davix: StandaloneNeonRequestNeonRequest::readBlock read 465 bytes DEBUG Davix: StandaloneNeonRequestNeonRequest::readBlock read 0 bytes DEBUG Davix: Destroy HttpRequest DEBUG Davix: Running post_send hooks DEBUG Davix: Running destroy hooks. DEBUG Davix: Request ends. DEBUG Davix: add old session to cache httpscf-ac-uk-cache.nationalresearchplatform.org:8443 DEBUG (SEToken) Set bearer token in credential_map[https://cf-ac-uk-cache.nationalresearchplatform.org:8443/user/ligo/test_access/access_ligo] (access=read) (validity=180) INFO Using bearer token for HTTPS request authorization DEBUG Identified stat over HTTP protocol. Attempting stat over WebDav first DEBUG Davix: Create HttpRequest for https://cf-ac-uk-cache.nationalresearchplatform.org:8443/user/ligo/test_access/access_ligo DEBUG Davix: -> executeRequest DEBUG Davix: -> negotiateRequest DEBUG Davix: NEON start internal request DEBUG Davix: no cached ne_session, create a new one DEBUG Davix: HTTP session to https://cf-ac-uk-cache.nationalresearchplatform.org:8443 begins. DEBUG Davix: configure session... DEBUG Davix: define connection timeout to 30 DEBUG Davix: define operation timeout to 1800 DEBUG Davix: add CA PATH /etc/grid-security/certificates/ DEBUG Davix: disable login/password authentication DEBUG Davix: enable client cert authentication by callback DEBUG Davix: Running pre_send hooks INFO Davix: > PROPFIND /user/ligo/test_access/access_ligo HTTP/1.1 > User-Agent: gfal2-util/1.8.0 gfal2/2.21.3 neon/0.0.29 > Keep-Alive: > Connection: Keep-Alive > TE: trailers > Host: cf-ac-uk-cache.nationalresearchplatform.org:8443 > Depth: 0 > Authorization: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > DEBUG Davix: Sending request-line and headers: DEBUG Davix: Doing DNS lookup on cf-ac-uk-cache.nationalresearchplatform.org... DEBUG Davix: clicert callback DEBUG Davix: call client cert callback DEBUG Davix: Request sent; retry is 0. ``` Please, I will keep the cache in that state as long as I can. Let me know more tests you would like -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1940#issuecomment-1464184570 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1