[OpenAFS] Re: UDP timeouts

Jeffrey Altman jaltman@secure-endpoints.com
Mon, 09 May 2011 11:03:42 -0400 

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig66F301E57DA067AE75FCC196
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 5/9/2011 10:47 AM, Andrew Deason wrote:
> On Fri, 6 May 2011 15:02:47 -0500
> Andrew Deason <adeason@sinenomine.net> wrote:
>=20
>> After that, we won't ping the server anymore, but the fileserver still=

>> has the client's associated host structure in memory, and only pings
>> the client every 15 minutes.
>=20
> ...but this is also only if the client still has active callback
> promises. Oops.

FYI, the Windows client doesn't care about outstanding callback
promises.  It always probes the status of the known servers.

> So, yeah, it's pretty clear this doesn't work unless you set the
> timeouts really really high, since we don't guarantee any reasonable
> frequency of client<->fileserver communication.
>=20
> Perhaps should the CheckHost_r fileserver logic be changed to "if the
> host has callbacks active, or its accessing from non-7001"? Or better
> yet, why don't we rx_SetConnSecondsUntilNatPing for host->callback_rxco=
n
> when the port is non-7001, so you don't need to upgrade all of your
> clients to get NAT to work?

The port number used is irrelevant.  The question is whether the
firewall or NAT keeps the port open or not.  There is no guarantee that
a client will use port 7001 either.  That is simply the standard port.

The file server can use rx NatPing on the callback connection.  It just
shouldn't be conditional on a port number.

Jeffrey Altman






--------------enig66F301E57DA067AE75FCC196
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iQEcBAEBAgAGBQJNyAJRAAoJENxm1CNJffh4Bm4H+wRNYubvO4WSu2DEw7eVCAB2
c7f1b0d68zoiRPbEHqxgH0Ygn7J/X7v6aOU/UcOeexZesay04b4UlykOSf0VwIiR
3KxdklMLPywiaSCBMh2upl3ImCUPKjd5caMHaIK2dOeYxXMfznmPcCL2nuF779u7
p1eqMcTOcIkB/9FYiE7rE+ahPEBNSoVamKgVQ4BNhRkTSYP3LpHdwPXEtEvFRx8j
kSUlCboCGoOP1VlicvDnbxDVC/7ivX5tWUlxvtZOLET+EpyUj3okJxrDnxwLYu7s
pPQCjnwL7r3ky0aErGFG8myG1TezaB/QCusNBi7f9F43O4AfD+Oy5O+t/CS90yY=
=ra5h
-----END PGP SIGNATURE-----

--------------enig66F301E57DA067AE75FCC196--