[OpenAFS] AFS-Client behind masquerading firewall
Sascha Silbe
sascha-ml-openafs-info@progbbs.staticky.com
Fri, 5 Jan 2001 00:08:33 +0100
--ULyIDA2m8JTe+TiX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jan 04, 2001 at 05:20:46PM -0500, Derek Atkins [DA] wrote:
DA> Well, happy new year. :)
Thanks, same to you and everyone else on this list.
DA> All output from the client cache manager exits via UDP port 7001, and=
=20
DA> all responses to the cache manager (including callbacks) return via UDP
DA> port 7001.
Fine. How about the source port of the callback packets? Is it the same as
the destination port of the original request?
DA> Callbacks can pretty much occur at any time. HOWEVER, the client
DA> cache manager 'pings' each server periodically to make sure it is
DA> still there.
Wonderful. Does it use the same destination ports for both requests and pin=
gs?
DA> Rebooting is always a good idea in such strange situations ;)
Though it should be rare on Linux machines. :)
DA> Perhaps you should find a better ISP
It's not a technical or stability issue, but a policy one: The connection is
cut (and reopened by my firewall) after 24 hours. This is the only differen=
ce
between a so-called "Flatrate" and a real leased line, besides the prices
(Flatrate: around 40$, leased line: around 150$). There is no ISP in Germany
that provides a static IP for less than 150$ per month which is more than I
am able to afford.
DA> 1) stop AFS
Did that.
DA> 2) remove the AFS module
/etc/init.d/afs seems to already do that for me.
DA> 3) restart AFS
Did that, but no effect. :(
DA> Just keep in mind that AFS was not designed with NAT in mind=20
DA> (NAT is an abomination).
I'm of the same opinion, but I have to live with it. IPv6 will take at least
several months.
CU/Lnx Sascha
--ULyIDA2m8JTe+TiX
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6VQJxa8hvv2E1w1sRAgFXAJ9UKcLGnItUIFSvzxoZ/oj22lCSIgCfet7X
GdzItmeBL1uDsGkSaP8ZDVk=
=w03A
-----END PGP SIGNATURE-----
--ULyIDA2m8JTe+TiX--