[OpenAFS] AFS & Firewalls
Marc Schmitt
schmitt@inf.ethz.ch
Sat, 28 Dec 2002 11:54:41 +0100
--------------010304080709030703010307
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Derrick J Brashear wrote:
>On Fri, 27 Dec 2002, Michael Aldrich wrote:
>
>
>
>>Hi all,
>>Please tell me if this does not make sense and I will try to clarify:
>>Primary and backup AFS servers housed in a DMZ.
>>I have created a second DMZ environment, hoping to add a third AFS server. I
>>am trying to configure it as a client first.
>>In my CellServDB file on the new client machine, I have two translated IP
>>address for the established servers. I can ping, ssh, etc. to these IP
>>addresses. I also have a translation to the new client from the existing
>>servers.
>>My problem is, when I try to start the client on the new machine, I get the
>>'Cannot mount /afs' error. Tailing /var/log/messages, I see the actual IPs of
>>the existing servers instead of the translated ones. Does the AFS server send
>>back a response that includes its' IP address according to the network
>>interfaces? Is there a way around this?
>>I tried /usr/afs/local/NetInfo with no luck. All servers and clients are
>>running OpenAFS 1.2.7 & RedHat 7.3.
>>
>>
>
>We included "fake address" support in OpenAFS 1.2.8; The Release Notes
>should include the relevant information. If they don't I will try to dig
>up the notes from Todd DeSantis, who was kind enough to send the
>implementation.
>
>
"fake address" support implements
https://lists.openafs.org/pipermail/openafs-info/2002-December/007272.html
assuming NetInfo can contain only one single fake IP address, correct?
Regards,
Marc
--------------010304080709030703010307
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1">
<title></title>
</head>
<body>
Derrick J Brashear wrote:<br>
<blockquote type="cite"
cite="midPine.LNX.3.96L.1021227110555.10666C-100000@scully.trafford.dementia.org">
<pre wrap="">On Fri, 27 Dec 2002, Michael Aldrich wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all,
Please tell me if this does not make sense and I will try to clarify:
Primary and backup AFS servers housed in a DMZ.
I have created a second DMZ environment, hoping to add a third AFS server. I
am trying to configure it as a client first.
In my CellServDB file on the new client machine, I have two translated IP
address for the established servers. I can ping, ssh, etc. to these IP
addresses. I also have a translation to the new client from the existing
servers.
My problem is, when I try to start the client on the new machine, I get the
'Cannot mount /afs' error. Tailing /var/log/messages, I see the actual IPs of
the existing servers instead of the translated ones. Does the AFS server send
back a response that includes its' IP address according to the network
interfaces? Is there a way around this?
I tried /usr/afs/local/NetInfo with no luck. All servers and clients are
running OpenAFS 1.2.7 & RedHat 7.3.
</pre>
</blockquote>
<pre wrap=""><!---->
We included "fake address" support in OpenAFS 1.2.8; The Release Notes
should include the relevant information. If they don't I will try to dig
up the notes from Todd DeSantis, who was kind enough to send the
implementation.
</pre>
</blockquote>
"fake address" support implements<br>
<a class="moz-txt-link-freetext" href="https://lists.openafs.org/pipermail/openafs-info/2002-December/007272.html">https://lists.openafs.org/pipermail/openafs-info/2002-December/007272.html</a><br>
assuming NetInfo can contain only one single fake IP address, correct?<br>
<br>
Regards,<br>
Marc<br>
<br>
<br>
</body>
</html>
--------------010304080709030703010307--