[OpenAFS] AFS & Firewalls
Derrick J Brashear
shadow@dementia.org
Fri, 27 Dec 2002 11:06:54 -0500 (EST)
On Fri, 27 Dec 2002, Michael Aldrich wrote:
> Hi all,
> Please tell me if this does not make sense and I will try to clarify:
> Primary and backup AFS servers housed in a DMZ.
> I have created a second DMZ environment, hoping to add a third AFS server. I
> am trying to configure it as a client first.
> In my CellServDB file on the new client machine, I have two translated IP
> address for the established servers. I can ping, ssh, etc. to these IP
> addresses. I also have a translation to the new client from the existing
> servers.
> My problem is, when I try to start the client on the new machine, I get the
> 'Cannot mount /afs' error. Tailing /var/log/messages, I see the actual IPs of
> the existing servers instead of the translated ones. Does the AFS server send
> back a response that includes its' IP address according to the network
> interfaces? Is there a way around this?
> I tried /usr/afs/local/NetInfo with no luck. All servers and clients are
> running OpenAFS 1.2.7 & RedHat 7.3.
We included "fake address" support in OpenAFS 1.2.8; The Release Notes
should include the relevant information. If they don't I will try to dig
up the notes from Todd DeSantis, who was kind enough to send the
implementation.