[OpenAFS] Re: Weird LAN/WAN login problem

Andrew Deason adeason@sinenomine.net
Tue, 26 Feb 2013 16:51:46 -0600 

On Tue, 26 Feb 2013 22:38:44 +0200 (EET)
jukka.tuominen@finndesign.fi wrote:

> Also, I wonder what happens when I create a new user? Should I get rid
> of the local IP in CellServDB file, or will it be fine?

Okay, now that the existing database entries are all cleared up, you
should make sure that future entries will be okay. The IP in your
CellServDB isn't really relevant to the issues here. For clients, that
should probably be the public IP; for the server, you should be able to
put either one. But if you put the public IP in there, then it's the
same as your client machines and that's probably less confusing; if you
put the local/private IP in there, maybe it's less likely to change. So,
one of those may be more convenient to you.

What matters more for this issue is what IPs the fileserver reports when
it starts up. That is controlled by the files NetInfo and NetRestrict,
but by default, the fileserver advertises all IP address it has (so,
assuming both the public and local IPs show up in 'ifconfig', it will
advertise both of them). If that's okay with you, you don't need to mess
around with NetInfo or NetRestrict. The manpages for those should
describe well enough what they do, if you want to use them.

Since the fileserver does this when it starts up, what you should
probably do is restart the fileserver sometime, make sure everything is
still okay, and check if FileLog mentions any errors about registering
IP addresses. And then, running 'vos listaddrs -printuuid -noresolv'
should show one entry with the public IP (or both the public and private
IPs, depending on what you configured above). And running 'vos listvldb
-noresolv' should show only one IP address for all of the entries.

If all that looks good, you can try making a new volume (if you want to
make a new user with their home directory, that's one way), and make
sure that volume looks correct with 'vos examine' and is accessible from
both your WAN and LAN networks.

-- 
Andrew Deason
adeason@sinenomine.net