[OpenAFS-devel] NAT conntracking module

[Hans Dampf]

This is a multi-part message in MIME format.

----Boundary-=_b9dc08ab4c5dcaf304d71ca7b5704aea
Content-Type: text/plain; CHARSET=iso-8859-1

Hi everybody,

Actually i'm working on a linux-cluster which is separated to another network by a little router with a masquerading NAT. The jobs the cluster should work on are placed in the afs tree behind this server. The NAT only masquerades outgoing packages. I've not set a filter chain at the moment.

When I now submit some jobs there appears a connection timeout after about 30 minutes.  I notices that there are a few other threads in this list which discuss the problem with AFS and NAT and mention that this is a problem of the connection tracking table of the NAT.

I've made a few tests while decreasing the udp conntrack timeout, variate the number of nodes running jobs and trying some other things. But nothing seems to work for my problem. I also wrote a little tool which reads a directory in the afs with the hope to create a artificially "keep alive". When running this tool in the background there where no connection timeouts. Even after 3 days continous use.

I'm not very familar with afs internals and I couldn't explain to me this behavior at all. Perhaps someone of you could tell me what I can do to solve this in a better way. Isn't it possible to write a little kernel module to prevent afs connection timeouts? Like the ip_conntrack_ftp module? 
Or does somebody even wrote such a module?

Best regards,

Martin


_____________________________________________________
Kostenloser Mailservice von Acampo
http://www.acampo.net/
100MB Mailspeicher + 50MB Webdisk

----Boundary-=_b9dc08ab4c5dcaf304d71ca7b5704aea--