[OpenAFS-devel] NAT conntracking module

Roland Kuhn rkuhn@e18.physik.tu-muenchen.de
Wed, 1 Jun 2005 18:32:20 +0200 

--Apple-Mail-1--250096017
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed

Hi Hans!

On Jun 1, 2005, at 5:28 PM, Hans Dampf wrote:

> Hi everybody,
>
> Actually i'm working on a linux-cluster which is separated to  
> another network by a little router with a masquerading NAT. The  
> jobs the cluster should work on are placed in the afs tree behind  
> this server. The NAT only masquerades outgoing packages. I've not  
> set a filter chain at the moment.
>
> When I now submit some jobs there appears a connection timeout  
> after about 30 minutes.  I notices that there are a few other  
> threads in this list which discuss the problem with AFS and NAT and  
> mention that this is a problem of the connection tracking table of  
> the NAT.

Recently it was suggested to increase the UDP conntrack timeout to  
 >600sec, so I suppose that's the RX keepalive period. Decreasing the  
timeout should only make it worse. With your directory-reading  
program you simply shortened the effective keepalive period, so that  
it becomes smaller than your UDP timeout.

Ciao,
                     Roland

--
TU Muenchen, Physik-Department E18, James-Franck-Str. 85747 Garching
Telefon 089/289-12592; Telefax 089/289-12570
--
A mouse is a device used to point at
the xterm you want to type in.
Kim Alm on a.s.r.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GS/CS/M/MU d-(++) s:+ a-> C+++ UL++++ P-(+) L+++ E(+) W+ !N K- w--- M 
+ !V Y+
PGP++ t+(++) 5 R+ tv-- b+ DI++ e+++>++++ h---- y+++
------END GEEK CODE BLOCK------



--Apple-Mail-1--250096017
content-type: application/pgp-signature; x-mac-type=70674453;
	name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFCneMYI4MWO8QIRP0RAg33AKCjlsQtrPndEBr6cBPX4uptc06JkgCgiSkm
gI5IXOP7qG04cPrtvwf6auw=
=wfUs
-----END PGP SIGNATURE-----

--Apple-Mail-1--250096017--