[OpenAFS] AFS-Client behind masquerading firewall

Sascha Silbe sascha-ml-openafs-info@progbbs.staticky.com
Thu, 4 Jan 2001 22:29:15 +0100

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Dec 19, 2000 at 01:29:41PM -0500, Derek Atkins [DA] wrote:

Sorry for the long delay, I was away for christmas and new year's eve.

 DA> AFS does not currently support TCP operations.
That could be a real problem for masqueraded machines, depending on how the
protocol works. Unfortunately, I could not find any docs at all regarding t=
protocol itself.

 DA> AFS _does_ work behind a masquerading firewall provided that you set t=
 DA> UDP timeouts high enough to allow callbacks to occur.
When do callbacks occur? Only within some time after a client request or
anytime? On the same ports as the request or on a separate one?

 DA> I would recommend UDP timeouts in the range of 10-15 minutes.
Thanks! I'll see if it helps. Strangely the OpenAFS client does not work at=
all currently. Perhaps I have to reboot the machine after stopping arla and
before starting OpenAFS.

 DA> You should also note that AFS might "hiccup" when the IP address
 DA> changes, at least until new callbacks can be set with the new IP.
That's currently a big problem here, both with arla and OpenAFS. Even=20
restarting the client does not help. :(

CU/Lnx Sascha

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org