[OpenAFS] Where to put NetRestrict?

Jakub Witkowski jpw@wszib.edu.pl
Tue, 26 Sep 2006 10:03:31 +0200

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable


I remember this once mentioned on this list, but my recent experience
shows this problem is still open:

I have a server that usually has only one IP addres, a public one. Due
to various outside conditions, I had to plug a crossover cable to
another interface in that machine and assign it a private IP; I have not
intended it to be used for AFS.=20
However, even despite no fs server restarts, it somehow picked up the
new address and put it into vldb.=20

Noticing that, I have put NetRestrict files all over the /etc/openafs,
with following contents:

and happily restarted fs process (using bos restart method). To my
surprise, the private ip (, to be exact) showed right back up
in vos listaddr output, and while I can suppress it by using vos
changeaddr, it's only a temporary kludge.=20

I have put NetRestrict in following locations:

All of the above files are identical.
The fs server in question runs OpenAFS 1.4.1-2 from Debian (Ubuntu)

Any suggestions?

Jakub Witkowski.

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: To jest =?UTF-8?Q?cz=C4=99=C5=9B=C4=87?= listu
	podpisana cyfrowo

Version: GnuPG v1.4.2.2 (GNU/Linux)