[OpenAFS] Trying to figure out how to work this

Derek Atkins warlord@MIT.EDU
31 Jul 2002 15:24:36 -0400


There is not an easy way to synchronize in this manner,
certainly not in any automatic function.  AFS Cells are
autonomous units, and do not communicate.  For example,
there is no way for a user to change their password in
_both cells_ at once, and if they change it in one cell
there is no way for that change to propagate to the
other.

Question: Why don't you just run one cell in the DMZ that is
accessed from both the DMZ and the internal network?  Clearly
you can get from the internal network to the DMZ.  What is
the purpose of having two cells?

-derek

Chris Snyder <csnyder@mvpsoft.com> writes:

> I'm trying to figure out how I should go about setting OpenAFS for my
> network.  Here's my network configuration:
> 
> There are two domains on this network - mvpsoft.internal and
> mvpsoft.servers.  Mvpsoft.servers is behind a NAT firewall, and
> mvpsoft.internal is behind a firewall that is on mvpsoft.servers,
> which gives it an additional level of security.  Computers on
> mvpsoft.internal are not accessible by mvpsoft.servers, but boxes on
> mvpsoft.servers are accesible from mvpsoft.internal.  Mvpsoft.servers
> is our DMZ, containing web, mail, DNS, etc. servers.
> 
> I'm going to have two AFS cells - mvpsoft.internal, and
> mvpsoft.servers, hosted on servers on the domains that match the cell
> names. Mvpsoft.internal will be primarilly for user file storage,
> while mvpsoft.servers will have some user file storage (mainly from
> telecommuters), and will also have our web server files.
> 
> I'd like to have user data synchronized between the two cells.  Is
> there an easy way to do this automatically?  My goal is to have users
> be able to use their usernames and passwords transparently from any
> computer on the network.  Is this possible?  Thanks in advance.
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available