[OpenAFS-devel] Re: fileserver -> client NAT ping

[Jeffrey Hutzelman]

On Wed, 2013-08-14 at 16:51 -0400, Jeffrey Altman wrote:

> The symptom is that clients see file servers toggle between up and down
> states.  The client has an existing connection which is tied to a
> specific addr/port on the file server.


> The actual addr/port changes and
> so the file server treats the connection as if it is being spoofed and
> drops the packets on the floor.  

That is a bug.  Either the address and port are part of the connection
identifier or they're not.  If they are, then the connection from a
different address and port is, to the server, a different connection and
must be treated as such.  If not, then it should treat the incoming
packets as part of that connection.

Simply dropping incoming packets on the floor because they have the same
epoch/cid as an existing connection but not the same address is not
reasonable.  Of course this is causing problems!

-- Jeff