[OpenAFS] OpenAFS server behind NAT?
Derrick J Brashear
shadow@dementia.org
Mon, 19 May 2003 12:58:20 -0400 (EDT)
On Sun, 18 May 2003, Noel Burton-Krahn wrote:
>
> Anyone set up an AFS server behind a NAT firewall? I've had no luck in the
> archives. Here's my setup:
>
> I've got an AFS server with a 192.168 address behind a NAT firewall with a
> real IP.
>
> Internet
> |
> |
> NAT firewall
> ip.real
> |
> |
> AFS server
> 192.168.1.1
>
> First problem: AFS reports its 192.168.1.1 address to clients, who of course
> can't connect back. I fixed that by putting the real IP in NetInfo and the
> fake in NetRestrict. I also had to add a fake interface on the AFS server
> with the real IP address
>
> # /usr/afs/etc/NetInfo
> ip.real
>
> # /usr/vice/local/NetRestrict
> 192.168.1.1
>
> # set up fake interface on AFS server with real IP
> ifconfig eth0:0 ip.real
you don't need to do that. you can use a line prefixed by an "f" in
NetInfo to publish bogus addresses.