[OpenAFS] AFS over NAT
Leif Johansson
leifj@it.su.se
Wed, 07 Aug 2002 15:28:41 +0200
Derek Atkins wrote:
>This wouldn't work if you encrypt the RPCs, becuase this AFS-NAT box
>would have to change the _contents_ of a number of the RPCs instead of
>just being a forwarder. The filserver would still be advertising the
>wrong IP, and that would need to get fixed.
>
>
Or you give your AFS-NAT enough keys to decrypt-modify-encrypt the RPCs.
>The right approach is to not use NAT... Or use ipv6 (not that AFS
>supports that, yet, but getting AFS to support ipv6 is probably a more
>useful use of your time than creating a NAT filter that can't work).
>
>
I believe most applications on the internet should find a way to work both
with NATs and ipv6. There will probably be lots of NATs around long after
ipv6 is widely deployed!
For instance: can you place replica fileservers behind a NAT used in
front of a
cluster while the "rest" of the cell sits outside?
MVH leifj