[OpenAFS] NetRestrict - change existing openafs server to use a single network interface
Horst Birthelmer
horst@riback.net
Tue, 17 Jan 2006 14:52:21 +0100
On Jan 17, 2006, at 1:36 PM, Vladimir Konrad wrote:
> hello,
>
> we have a openafs server (configured before i turned up) with two
> ehernet network interfaces (one for normal network activity, one for
> backup access). this is a production server.
>
> the operating system is Debian Woody, openafs 1.2.11...
>
> the fileserver currently tries to use both network interfaces but i
> need
> to make it use only one.
>
> i tried to use NetRestrict file (in different locations) but after the
> restart of the fileserver, nothing changes. i suspect that this has to
> do something with existing volume entries because "vos changeaddr
> -remove" fails with complaint.
Now this is rather unusual but possible ;-)
Since we don't know what the error is, it's kinda difficult to guess.
> what is the correct method to "remove" use of a network interface on
> openafs fileserver with existing volumes?
The correct method is AFAIK "vos changeaddr ..." which is precisely
what you did.
You can remove the entries for the volumes of the server in question
by using "vos delentry" than _fix_ your address problem
start the fileserver and use "vos syncvldb". Of course you can't do
this on a production server. Maybe you want to move the volumes to
another server, or something.
If you don't know where to put VosRestrict, call the fileserver using
strace and watch where the fileserver is trying to open the file.
Horst