[OpenAFS] RE: AFS hungs

Nelson Chamba chamba@nambu.uem.mz
Fri, 8 Aug 2003 14:31:32 +0200 

Dear all

Is it possible to make it run with two IP address?

One will run over NAT and another one will run in a common network.

So we'll not need to take out that first IP we had configured during the
installations.

Regards,

Nelson/

-----Original Message-----
From: Nathan Davis [mailto:davisn@mailandnews.com]=20
Sent: Thursday, June 12, 2003 5:09 AM
To: Nelson Chamba
Subject: Re: AFS hungs

Nelson,

Yes, this problem is NAT-related, and unfortunately there is no solution

(other than not using NAT). The reason you are running into the problem=20
is that AFS runs over UDP. The NAT router can only guess as to when a=20
UDP "connection" is not used anymore, usually by using a timeout.=20
Unfortunately, this timeout causes callbacks from the server to be lost,

which manifests itself by the symptoms you describe. This problem is not

isolated to NAT, but will actually show up with any stateful firewall.

This is not really a bug in AFS nor is it a bug in the NAT, but rather=20
incompatible limitations imposed by the technologies in use. Of course,=20
the "solution" is to get rid of the NAT. But I assume there is some=20
reason you are using NAT instead of "real" IP adresses in the first=20
place. Perhaps it would be possible to configure the router doing NAT to

not translate addresses between the NATed subnet and the subnet the AFS=20
servers are on? I don't know your network and software setup here, but=20
I've successfully implemented that solution using linux.

Hope this was helpful,

--Nathan Davis

Nelson Chamba wrote:

> Hi,
>
> I didn=19t read all about AFS over NAT but I just want to know if =
there=20
> are the solutions for my problem or where I can read about.
>
> My AFS client get this error (The server has been paused or in process

> of being restarted) when you=19re navigating into AFS directories, but =

> after your restart the service it comes back to normal.
>
> I have AFS with KRB 5 and my Network is Novell Netware and I have NAT=20
> server running on my network.
>
> How can I solve this bug?
>
> Please help me.
>
> Regards,
>
> Nelson Chamba
>
> Backup & AFS
>
> CSU - CIUEM
>
> Phone: + 258 (1) 492601
>
> + 258 (1) 494752
>
> Cell: +258 (82) 391 721
>
> Web: http://www.csu.uem.mz <http://www.csu.uem.mz%20>
>
> Maputo-Mozambique
>