[OpenAFS] vlserver sync failure... VPN a problem?

Matt antisthenes@yahoo.com
Wed, 22 May 2002 19:01:34 -0700 (PDT)

OK, so I (theoretically) solved my previous issue with
OpenAFS behind NAT (more on that later), but now I
can't seem to get my basic setup to work.  Either I'm
missing something, or AFS is mixing badly with

I have a VPN set up at three (geographically distant)
sites, using Linux FreeS/WAN-based IPSec.  The three
site's private networks have addresses in the ranges
10.0.0.x, 10.0.1.x, and 10.0.2.x.  At each site, I'm
trying to set up an AFS server (OpenAFS-1.2.3), with
address 10.0.y.2 (where y={0,1,2}).  Everything goes
fine until I try to add the second server, at which
point Ubik fails to be able to synchronize the
Output of 'udebug <system control machine> vlserver':

Host's addresses are:
Host's time is Thu May 23 01:40:23 2002
Local time is Thu May 23 01:40:24 2002 (time
differential 1 secs)
Last yes vote for was 0 secs ago (sync site);
Last vote started 0 secs ago (at Thu May 23 01:40:24
Local db version is 1022117202.3
I am sync site until 60 secs from now (at Thu May 23
01:41:24 2002) (2 servers)
Recovery state f
Sync site's db version is 1022117202.3
0 locked pages, 0 of them for write
Last time a new db version was labelled was:
         821 secs ago (at Thu May 23 01:26:43 2002)

Server ( (db 0.0)
    last vote rcvd 0 secs ago (at Thu May 23 01:40:24
    last beacon sent 0 secs ago (at Thu May 23
01:40:24 2002), last vote was yes
    dbcurrent=0, up=1 beaconSince=1

I don't think it's the VPN's fault, as the above
suggests that packets are clearly being exchanged on
port 7003 (and I've verified that with tcpdump), but
I've tried everything I can think of (including
running the vlservers with -nojumbo).

I've been beating my head against this for quite a
while now, so any thoughts or help would be greatly


