[OpenAFS] Re: UDP timeouts

Jeffrey Altman jaltman@secure-endpoints.com
Mon, 09 May 2011 11:03:42 -0400

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 5/9/2011 10:47 AM, Andrew Deason wrote:
> On Fri, 6 May 2011 15:02:47 -0500
> Andrew Deason <adeason@sinenomine.net> wrote:
>> After that, we won't ping the server anymore, but the fileserver still=

>> has the client's associated host structure in memory, and only pings
>> the client every 15 minutes.
> ...but this is also only if the client still has active callback
> promises. Oops.

FYI, the Windows client doesn't care about outstanding callback
promises.  It always probes the status of the known servers.

> So, yeah, it's pretty clear this doesn't work unless you set the
> timeouts really really high, since we don't guarantee any reasonable
> frequency of client<->fileserver communication.
> Perhaps should the CheckHost_r fileserver logic be changed to "if the
> host has callbacks active, or its accessing from non-7001"? Or better
> yet, why don't we rx_SetConnSecondsUntilNatPing for host->callback_rxco=
> when the port is non-7001, so you don't need to upgrade all of your
> clients to get NAT to work?

The port number used is irrelevant.  The question is whether the
firewall or NAT keeps the port open or not.  There is no guarantee that
a client will use port 7001 either.  That is simply the standard port.

The file server can use rx NatPing on the callback connection.  It just
shouldn't be conditional on a port number.

Jeffrey Altman

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.9 (MingW32)