OK, I checked and found out that the auth server seems to announce all the needed services. In fact i use a recent 9front and it seems to have reasonable defaults regarding all this stuff. When I turn off authentication on the server side, I can mount my auth server's filesystem via 9fs script from my local standalone Plan9 installation. However if I turn authentication on, I get mount failed: phase error protocol phase error: read in state SNeedProto
So I guess that the network configuration is fine, but maybe auth configuration is not. I have to be missing something important. On Mon, Mar 24, 2014 at 6:09 PM, erik quanstrom <[email protected]> wrote: >> But is it actually possible to have the auth server and terminal not >> on the same LAN? Every configuration example I've seen has all the >> resources on the same IP address block. > > yes. i used to run a single authentication server for 2 sites. > you'll need to make sure the auth server is announcing the > right services on the right ports. assuming that you're using > net.alt (adjust to /net if not) > > aux/listen -q -t /rc/bin/service.auth -d /rc/bin/service.ext > /net.alt/tcp > > you'll need tcp567 in that directory. if you have !tcp567 in that > directory, you can simply rename it. > > additionally, it helps to have the following entries in your ndb > files. here's > > authdom=myauthdom auth=myauthserver > > if you're using dhcp, it helps to have an entry that looks > like the following. this will allow cs (through !ipinfo see > ndbipinfo in ndb(2)) to associate the correct auth server > with every machine on this subnet. (unless overridden in > a specific entry.) > > this is an example from 9atom.org > > ipnet=labs.9atom.org ip=10.220.0.0 ipmask=/112 > fs=land.9atom.org > gw=gw.9atom.org > auth=atta.9atom.org > dns=10.220.1.10 > dnsdomain=9atom.org > ipgw=10.220.10.1 > > - erik > -- Павел Анохин
