[OpenAFS] Placing an AFS server behind a NAT

David Botsch dwb7@ccmr.cornell.edu
Thu, 10 Jun 2004 14:37:17 -0400 

Here is my setup for afs server behind a nat (which seems to work 
properly):

/usr/afs/etc/CellServDB has the private (behind the nat box) address of 
the server

/usr/afs/local/NetInfo has two lines:
private ip
f public-realipofnatbox

clients behind the nat box have the private ip. Clients in the public 
net have the real ip of the nat box.

There is an initial timeout from clients while trying to talk to the 
other ip (the afs server must say my ips are such and such and then the 
client tries to talk to both and fails), and then all works well.

I also have the krb4 and afs server ports being forwarded through the 
nat box.

On 2004.06.10 13:50 Lester Barrows wrote:
> I'm attempting to place an AFS fileserver behind a NAT experimentally.
> I've
> statically assigned a routable IP address on the router to redirect
> traffic
> to the AFS server, and created the /usr/afs/local/NetInfo file as
> such:
> 
> f (external IP address)
> 
> This doesn't seem to work, as other systems still see the internal (to
> the
> NAT) IP address, and never fail over to the external address. This is
> the
> case even if I create a /usr/afs/local/NetRestrict file containing the
> 
> internal IP address and restart the AFS server. I've even tried
> putting the
> internal IP address in the NetInfo file before the "fake" address, but
> it
> doesn't seem to work either way.
> 
> Is there anything that I'm missing, or are there perhaps additional
> steps
> which need to be taken in order to get the VLDB to advertise the
> external IP
> address? I'm running the 1.2.11 RPMs on Redhat AS 3.0 downloaded from
> openafs.org.
> 
> Regards,
> 
> Lester Barrows
> Asani Solutions, LLC
> Code IC Systems Group
> NASA Ames Research Center
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> 

-- 
********************************
David William Botsch
Consultant/Advisor II
CCMR Computing Facility
dwb7@ccmr.cornell.edu
********************************