[OpenAFS] OpenAFS and VPN
Martin Podworny
Martin Podworny <podworny@ub.uni-koeln.de>
Fri, 6 Jun 2025 12:36:26 +0200
Hi,
we have been running an AFS-Cell on Debian for years without any problems=
.
Now we had to upgrade the Debian-Cellserver from Debian 9 (Stretch) via D=
ebian 10 (Buster) and Debian 11 (Bullseye) to Debian 12 (Bookworm). We on=
ly use standardized packages from the Debian repositories.
The problem we have now is that clients that are connected from the Unive=
rsity's VPN can obtain a Kerberos ticket, but they cannot fetch data from=
cells fileserver. While the cell works flawlessly for all other clients.
This behavior starts with Debian 11 which installs OpenAFS 1.8.6-5 and ke=
rnel 5.10.237-1. On Debian 10 with OpenAFS 1.8.2 and 4.19.249-2 everythin=
g still works, even for VPN-Clients.
Do you have any idea how to explain or eliminate this behavior? Are there=
any correlations with kernel parameter or settings for file- and dbserve=
r?
If it is useful, i can attach some debug data from cells fileserver.
Thank you,
Martin
--
University and City Library of Cologne
IT-Department
Universit=C3=A4tsstr. 33 :: D-50931 K=C3=B6ln
Tel.: +49 221 470-2593 :: Fax: +49 221 470-5166
podworny@ub.uni-koeln.de :: www.ub.uni-koeln.de