[OpenAFS] how do clients determine server IP addresses?
Horst Birthelmer
horst@riback.net
Wed, 8 Sep 2004 21:23:06 +0200
On Sep 8, 2004, at 9:06 PM, Paul Lussier wrote:
>
> In a message dated: Wed, 08 Sep 2004 20:12:29 +0200
> Horst Birthelmer said:
>
>> What is inside and what outside??
>
> Inside: 10.1.0.31
> Outside: 67.107.99.101
That wasn't my concern. The question was direct towards that machines
behind the firewall would be your server or clients...
>
>> If you have more than on AFS server behind that firewall how would you
>> like to communicate with that servers??
>
> I have 2 file server, but only one is of concern right now (the other
> has nothing on it afaik).
That kind of answered my previous question.
>
>> If there was, how should that solve your problem??
>
> I'm not proposing it would, but it would provide me with more of an
> understanding of how AFS works. It would also indicate to me that
> where the client is getting the internal IP address; it's
> coming from either AFS, DNS, or some other magic. Knowing where it's
> coming from would help me know what needs to be tweaked to get things
> to work correctly.
Your database servers addresses are in the CellServDB. The fileserver
addresses are in the VLDB.
Does that answer your question??
There is no magic in that ...
>
>> Can you be a little more specific on who's querying what??
>
> There's a client on the internet somewhere outside my firewall trying
> to gain access to my AFS space. When it tries to connect, this
> client gets a timeout error stating it lost the connection to
> 10.1.0.31. This despite the fact that the local CellServDB file on
> this client lists only 67.107.99.101.
Now let's play ...
What would your client do for connecting the second server. Having one
server is easy because you can make it look like one server by using
some virtual server technique, whatever...
Now the client tries to access the second fileserver. What should that
system do?? No matter how much magic there is in there. If your client
connects to some 10.x.x.x address that won't get routed nowhere. If it
connects to your public address you cannot distinguish the destination
for those packets for the one or the other fileserver.
And what would your VLDB say?? I have no idea... :-))
Horst