[OpenAFS] client behind NAT firewall
chas williams - CONTRACTOR
chas@cmf.nrl.navy.mil
Thu, 7 Aug 2014 07:16:06 -0400
On Wed, 06 Aug 2014 15:33:02 -0400
Dale Pontius <pontius@btv.ibm.com> wrote:
> On 08/05/2014 11:08 AM, Simon Wilkinson wrote:
> > The complication is that firewalls/NATs only preserve these mappings
> > for a finite length of time. We attempt to keep them open through
> > regular fileserver pings, but sometimes that isn't enough. When a
> > mapping expires, the client is unable to receive callbacks until it
> > next contacts the fileserver.
...
>
> Obviously this was client side, but I find it hard to believe that
> keeping a connection mapped for the 2 hours mentioned elsewhere would be
> necessary.
Interestingly enough, the time to live for callbacks varies based on
the number of users. If your fileserver doesn't do pings, I think 2
hours might be a little short for some volumes. From viced/callback.c:
/* Time to live for call backs depends upon number of users of the file.
* TimeOuts is indexed by this number/8 (using TimeOut macro). Times
* in this table are for the workstation; server timeouts, add
* ServerBias */
static int TimeOuts[] = {
/* Note: don't make the first entry larger than 4 hours (see above) */
4 * 60 * 60, /* 0-7 users */
1 * 60 * 60, /* 8-15 users */
30 * 60, /* 16-23 users */
15 * 60, /* 24-31 users */
15 * 60, /* 32-39 users */
10 * 60, /* 40-47 users */
10 * 60, /* 48-55 users */
10 * 60, /* 56-63 users */
}; /* Anything more: MinTimeOut */
/* minimum time given for a call back */
#ifndef INTERPRET_DUMP
static int MinTimeOut = (7 * 60);
#endif