[OpenAFS] NetInfo and Server behind NAT

Logan O'Sullivan Bruns logan@gedanken.org
Wed, 28 Sep 2005 11:35:56 -0700


I'm new to AFS and I'm trying to allow access to a server through
NAT. I have two servers running 1.4.0rc3 on Solaris 10 with kerberos5
(SEAM). One server has the main RW/RO volumes and the other just has
RO volumes. I have windows and macosx clients running fine against it
from behind the firewall. I haven't gotten access from outside of the
NAT/Firewall working yet though.

The behavior I'm seeing is that remote clients time out trying to
connect to the internal addresses and only the internal addresses. I
can get them to talk to the server on port 7005 using the CellServDB
but then they get back a list of internal addresses that they'll never
be able to reach. It does appear to be able to talke to the server
though. For example, vos listvol works.

I did create a /usr/afs/local/NetInfo containing:

Where is the NAT/firewall ip address. I can see that it
is reading this file since there are log entries like:

Client (2) also has address f

However, it doesn't seem to be registering them in the VLDB. 

$ /usr/afs/bin/vos listaddrs -noresolve

At least I'd expect to see there and also the remote
clients only trying the other two addresses seems to confirm this.

So, should I see the fake NAT ip address in the listaddrs output and,
if so, what are of the some things I should check to find out why it
isn't showing up there.

Thanks in advance,