-
Notifications
You must be signed in to change notification settings - Fork 136
Xrootd Third Party Copy
Starting with dCache 4.2, native third-party transfers between dCache and another xrootd server (including another dCache door) are possible. These can be done either in unauthenticated mode, or with GSI (X509) authentication, using the client provided by SLAC (xrdcp or xrdcopy).
To enforce third-party copy, one must execute the transfer using
xrdcp --tpc only <source> <destination>
One can also try third party and fail over to one-hop two-party (through the client) by using
xrdcp --tpc first <source> <destination>
Because authentication is enforced between the source and destination servers (even though they are both holding a rendezvous token), the following must be done:
-
all dCache xrootd doors, but also write pools serving xrootd transfers, must have a valid host certificate and set of CA CRLS.
-
all dCache write pools serving xrootd transfers must be configured for the gsi client plugin; this means defining two properties:
pool.mover.xrootd.tpc-authn-plugins=gsi xrootd.gsi.hostproxy=/etc/grid-security/hostproxy
arrangements must be made to make a proxy available to the non-dCache (SLAC) server (dCache automatically