[OpenAFS] Multihomed issues

Jaap Winius jwinius@umrk.nl
Tue, 18 Jan 2011 03:49:32 +0100


Quoting Russ Allbery <rra@stanford.edu>:

> Hm, I would have thought that would be enough.  If you have NetInfo, that
> should be all you need.  What directory did you create that file in?

/var/lib/openafs/local/

>> I did mean /etc/openafs/server/CellServDB, but, like the original
>> server, this new (second) server is both a file server and a VLDB
>> server.
>
> I don't understand how anything would have ended up there without you
> explicitly adding it.  Hm.  Oh, the openafs-client postinst will add all
> the IP addresses for the VLDB servers you give.  Do you have the private
> IP addresses in DNS?  If so, that's where it came from.

Yes, each AFS server can see one of its private IP addresses in DNS. I  
suspected that might be influencing the matter.

> Yeah, sorry, I should have warned like Darrick did.  vos remsite was the
> command you wanted.  vos delentry nukes the whole entry, so it nuked your
> root.cell VLDB entry.

I'll try to remember that.

In the mean time, things are not working as well as I thought. When I  
next attempted to use vos addsite to create some RO copies of the user  
and service volumes on the second server, it didn't work. I ran these  
commands on the second server and it ended up telling the system to  
use its private IP address (192.168.26.10) as the target.

This is frustrating. These private IP addresses keep showing up in the  
VLDB. The first AFS server has had both NetInfo and NetRestrict files  
(in the dir mentioned above) for a while, yet I can't stop it's  
private IP addresses from being used either.

If this is all because of DNS, what should I do? Both AFS servers also  
run Bind9 with split views -- internal and external. Each AFS server  
sees an internal view that includes its private IP address.

Perhaps I should simply associate each server's internal address with  
a different name. That way, the current names of the servers will only  
be associated with their public IP addresses -- both internally and  
externally. If DNS is causing these problems, I think this will fix it.

I'll let you know how things work out.

Cheers,

Jaap