[OpenAFS] OpenAFS install on Solaris 10

Russ Allbery rra@stanford.edu
Thu, 30 Apr 2009 13:17:09 -0700 

"Mukarram Syed" <muksyed@stanford.edu> writes:

> I am trying to implement OpenAFS on Solaris 10 at our dept at Stanford.
> Officially OpenAFS is not supported at Stanford,

OpenAFS is officially supported at Stanford.  It is our officially
recommended network file system for all groups and departments on campus
for network file storage unless they have specific needs for features
only available in CIFS.

What isn't supported is...

> but our apps team requires it and I chose to put it on Solaris 10,

...Solaris 10.  However, we'll make best effort to support AFS on any
platform, even platforms that we don't support directly.

> Now when I start AFS, I get this hang:
>
> # /etc/init.d/afs start
> Entry for afs already exists in /etc/name_to_sysnum
> Loading NFS server kernel extensions
> Loading AFS kernel extensions
> Starting afsd

> When I ps -ef |grep afs I get this.. and these processes never go away
> and I can't control+C out of it.

>     root   678     1   0 22:09:55 ?           0:00 /usr/vice/etc/afsd -stat
> 2000 -dcache 800 -daemons 3 -volumes 70 -afsdb

First, you want to start afsd with the -dynroot option so that it
doesn't try to contact the VLDB servers on startup.  That's almost
certainly what's hanging.

Second, you'll need to be sure that your firewall allows access to the
VLDB servers and AFS servers.  This is the iptables fragment we use,
which is a little too open but which should at least get you going in
the right direction.

-A SUL -s 171.64.0.0/255.252.0.0 -p udp -m udp --sport 7000:7007 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT 
-A SUL -s 204.63.224.0/21 -p udp -m udp --sport 7000:7007 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT 
-A SUL -s 171.64.7.0/255.255.255.0 -p udp -m udp --dport 7001 -j ACCEPT 
-A SUL -s 171.64.17.0/255.255.255.192 -p udp -m udp --dport 7001 -j ACCEPT 
-A SUL -s 171.67.16.0/255.255.254.0 -p udp -m udp --dport 7001 -j ACCEPT 
-A SUL -s 171.67.20.0/255.255.255.0 -p udp -m udp --dport 7001 -j ACCEPT 
-A SUL -s 171.67.22.0/255.255.255.0 -p udp -m udp --dport 7001 -j ACCEPT 
-A SUL -s 171.64.0.0/255.252.0.0 -p udp -m udp --dport 7000:7010 -m state --state ESTABLISHED -j ACCEPT 
-A SUL -s 204.63.224.0/21 -p udp -m udp --dport 7000:7010 -m state --state ESTABLISHED -j ACCEPT 

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>