[OpenAFS] NetInfo / NetRestrict issue

Måns Nilsson mansaxel@besserwisser.org
Fri, 20 Dec 2013 09:52:22 +0100 

--KDt/GgjP6HVcx58l
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,=20

I've got a server on FreeBSD9 ( acting as fs + db) that listens on a number=
 of IP adresses,
on more than one interface, but one interface has got several addresses
in the same broadcast domain.

I want the OpenAFS processes to listen on only one address, for all sorts o=
f reasons.=20

I've made a NetInfo file and a NetRestrict file, the first one containing t=
he desired address, the second all the undesired ones. The file server stil=
l shows up on every interface if I try a 'vos lista':=20

vsu_ClientInit: Could not get afs tokens, running unauthenticated.
UUID: 00537082-7247-12b1-bb-db-367324c0aa77
192.36.115.54
192.36.115.56
192.36.115.53
10.194.13.2

UUID: 004fe17e-3dda-17da-92-31-585002ccaa77
192.36.115.42

UUID: 008ba0ba-e61a-106d-91-3c-82edeafdaa77
130.237.234.253

=2E..yet the same file server is well behaved in the log:=20

laka# bos getlog laka FileLog -locala | grep add
Wed Dec 18 11:07:25 2013 Getting FileServer address...
Wed Dec 18 11:07:25 2013 FileServer laka.besserwisser.org has address 192.3=
6.115.54 (0x367324c0 or 0xc0247336 in host byte order)

udebugging the ptserver gives similar results:=20

udebug laka 7002 | head -1
Host's addresses are: 192.36.115.54 192.36.115.56 192.36.115.53 10.194.13.2=
=20

I've restarted everything except bosserver and the OS.=20


I've built with these --prefix values:=20

	--prefix=3D/usr/local/openafs162=20
	--sysconfdir=3D/etc=20
	--localstatedir=3D/var

In between  reading the manual and discussing with Harald I've
concluded that the proper place for NetInfo and NetRestrict ought to be
/etc/openafs/server and there they are. Is this correct?

thanks,=20
--=20
M=C3=A5ns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE                             +46 705 989668
=2E.. I'm IMAGINING a sensuous GIRAFFE, CAVORTING in the BACK ROOM
of a KOSHER DELI --

--KDt/GgjP6HVcx58l
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlK0BUUACgkQ02/pMZDM1cXEogCfXohC+Umw1B9KsFhiocjINugz
38wAnjtOk9G9aJNo8R//tuKU52y+ll5I
=yf2Z
-----END PGP SIGNATURE-----

--KDt/GgjP6HVcx58l--