[OpenAFS] Multiple hosts behind firewall and AFS cell
Derek Atkins
warlord@MIT.EDU
05 Oct 2002 11:30:57 -0400
Turbo Fredriksson <turbo@bayour.com> writes:
> Since it's NAT, _ALL_ machines have the same IP/port (from the server's
> stand point any way).
No, all clients have the same IP. They do NOT have the same port
(unless you misconfigred your NAT box).... If you specifically set up
port-forwarding for port 7001 in your NAT box, then yes, you have shot
yourself in the foot. However, if you let the ports float (i.e., if
you let the NAT box choose an arbitrary port for every "connection")
then it should work just fine.
Assume you have a picture like this:
A--\ ______
B---\___| NAT |-- AFS Server
... / ------
X--/
The AFS server will see 'A' as 'NAT:12345', 'B" as 'NAT:23456' and 'X'
as 'NAT:23489' (just to throw out random numbers).
FTR, I'm running two VMware guest machines behind NAT on this host and
both can access AFS just fine.
If you are having NAT problems it is almost assuredly a NAT
configuration bug on your part. Note that Linux-2.4's NAT has
hard-coded UDP timeouts -- you need to recompile your kernel to fix
that.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available