[OpenAFS] how do clients determine server IP addresses?

pll+afs@permabit.com pll+afs@permabit.com
Thu, 09 Sep 2004 09:52:18 -0400

In a message dated: Wed, 08 Sep 2004 12:28:34 MDT
Systems Administration said:

>The AFS volume server matches the server identity to a volume record, 
>if you supply a hostname during volume creation it will perform a DNS 
>lookup and use the IP address returned.  If that is incorrect you can 
>change the associated IP address in the VOS database.
>vos listaddrs
>vos changeaddr

Ahhhhh!  This is what I was looking for! (I've inherited this AFS 
cell, and therefore, have no experience *creating* one).

>Your method of access is probably the cause of the conflict, when the 
>client attempts to access a volume it queries the VOS server and is 
>receiving the IP address that was looked up at volume creation time, 
>from your question I'm guessing that its an internal IP.

Yep!  The CellServDB on the server lists internal 10.x.x.x addresses, 
which must be getting passed back to the server.

>If you cant change anything else you can alter the VOS database to use
>the world accessible IP addresses in the volume records, but your
>internal hosts will then route their AFS communications through your
> firewall, if it can handle the load your up.

Our firewall configuration is screwed up enough to make this not 
worth the effort.  The real answer to my problems seems to be

   "Fix the firewall/network design such that servers which require
    access from the internet have only one single address equally
    accessible from both sides of the firewall and stop playing NAT
    games!" :)

Unless, what I can do is add IP addresses to the CellServDB such that 
the clients get passed 2 IP addresses, one of which will time out
(b/c it's a 10. address, and the other which should succeed) ?

Thanks a lot!


GPG Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

	 If you're not having fun, you're not doing it right!