[OpenAFS] OpenAFS server behind NAT?

Noel Burton-Krahn noel@bkbox.com
Mon, 19 May 2003 11:05:04 -0700


Thanks, Derrick.

I added a "f" infrom of my real ip in NetInfo and restarted afs, but now I
get this:

Client (2) also has address f218.103.121.157
/usr/sbin/buserver: problems with host name Ubik init failed
afsd: All AFS daemons started.
FSYNC_clientInit temporary failure (will retry): Connection refused
FSYNC_clientInit temporary failure (will retry): Connection refused

==> VLLog <==
 /usr/afs/lovlserver: Ubik init failed with code 5385


Sigh.  I don't think that's the answer.  Do you know of any setups with an
AFS server behind NAT?

--Noel



----- Original Message -----
From: "Derrick J Brashear" <shadow@dementia.org>
To: <openafs-info@openafs.org>
Sent: Monday, May 19, 2003 9:58 AM
Subject: Re: [OpenAFS] OpenAFS server behind NAT?


> On Sun, 18 May 2003, Noel Burton-Krahn wrote:
>
> >
> > Anyone set up an AFS server behind a NAT firewall?   I've had no luck in
the
> > archives.  Here's my setup:
> >
> > I've got an AFS server with a 192.168 address behind a NAT firewall with
a
> > real IP.
> >
> > Internet
> > |
> > |
> > NAT firewall
> > ip.real
> > |
> > |
> > AFS server
> > 192.168.1.1
> >
> > First problem: AFS reports its 192.168.1.1 address to clients, who of
course
> > can't connect back.  I fixed that by putting the real IP in NetInfo and
the
> > fake in NetRestrict.  I also had to add a fake interface on the AFS
server
> > with the real IP address
> >
> > # /usr/afs/etc/NetInfo
> > ip.real
> >
> > # /usr/vice/local/NetRestrict
> > 192.168.1.1
> >
> > # set up fake interface on AFS server with real IP
> > ifconfig eth0:0 ip.real
>
> you don't need to do that. you can use a line prefixed by an "f" in
> NetInfo to publish bogus addresses.
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
>