[OpenAFS] Only db server host can log into a "remote" fileserver volume

John Betts bettsjohn@mac.com
Sun, 01 Mar 2009 14:38:50 -0500

Upon consultation and recommendation of the fine folks on #openafs, I  
ended up downgrading the second file server to 1.4.8, it now works.

For the record this was not a network issue as it was a local subnet,  
with no firewalls or local ACL's involved, but something to do with  
the 1.5.57 build I created for sparc_linux26.

Best regards,

On Mar 1, 2009, at 1:31 PM, Hartmut Reuter wrote:

> John Betts wrote:
>> I am having trouble accessing a particular volume hosted by a
>> stand-alone OpenAFS fileserver, from any client other than the one
>> running on the DB Server Host.
>> (_including_ the client running on the file server hosting the  
>> volume in
>> question).
>> When I try and access the volume I get the following error in
>> /var/log/system:
>> Feb 27 20:39:23 [client] kernel: afs: Lost contact with file server
>> [file.server.host2.ip] in cell [my.cell] (all multi-homed ip  
>> addresses
>> down for the server)
>> Feb 27 20:39:34 [client] kernel: afs: file server  
>> [file.server.host2.ip]
>> in cell [my.cell] is back up (multi-homed address; other same-host
>> interfaces may still be down)
>> I would appreciate any help you could provide me in debugging this  
>> problem.
> What says "vos listaddr" about the server in question? When the
> fileserver starts it sends its uuid along with IP-adresses to the
> vldb-server to register. "vos listaddr" shows these IP-addresses.
> Perhaps the fileserver registered an address on a private network only
> known to the db-server?
> Which addresses are used you can influence with NetInfo or NetRestrict
> files in /usr/afs/local.
> But if your servers have only single interfaces the problem must be a
> different one. What about firewall rules on the clients and servers?
> Hartmut
>> My setup is as follows (all on same local subnet, all servers only  
>> have
>> one network interface)
>> host1 - DB Server + File Server (Ubuntu 8.10 Server Linux i386  
>> OpenAFS
>> 1.4.7) - hosting volume cell.shared on vicepa mounted on
>> /afs/my.cell/shared
>> host2 - File Server (Linux sparc OpenAFS 1.5.57) - hosting volume
>> cell.data on vicepa mounted on /afs/my.cell/data
>> host3 - Client (Intel OS X 10.5 Client - OpenAFS 1.5.57)
>> host4 - Client (PPC OS X 10.5 Server - OpenAFS 1.5.57 + Kerberos v5  
>> KDC)
>> ACL's on cell.shared and cell.data are both [loosened for debugging
>> purposes]:
>> fs listacl testdata
>> Access list for testdata is
>> Normal rights:
>> system:administrators rlidwka
>> system:anyuser rlidwka
>> 1) if I am on any of the above hosts, I can go to /afs/my.cell/shared
>> and perform any operation
>> 2) if I am on host1 (DB Server host), I can go to /afs/my.cell/data  
>> and
>> perform any operation
>> 3) if I am on any host other than host1, including host 2 where
>> cell.data is hosted, I get the Lost contact with file server error.
>> I checked all the log files (BosLog,FileLog,VolserLog,etc.) and saw  
>> no
>> activity.  The only file that got showed any error was the system  
>> log.
>> For what it's worth, my kerberos realm and AFS cell's differ,  
>> though I
>> have krb.conf that points to my realm.
>> I am stumped.
>> Thanks in advance,
>> JB
>> _______________________________________________
>> OpenAFS-info mailing list
>> OpenAFS-info@openafs.org
>> https://lists.openafs.org/mailman/listinfo/openafs-info