On Sat, 6 Feb 2010, George Mamalakis wrote:
thank you for all your answers. I am planning on setting up the computer labs
of my department using kerberized nfsv3 (since v4 seems to be "more"
experimental) with a FreeBSD nfs server and Linux nfs clients. I was
wondering "how stable" such an implementation would be; meaning that I
wouldn't want to end up with an unstsable setup when receiving requests from
50-60 simultaneous clients, because that would be my everyday scenario.
I believe that the above should be stable, but your mileage may vary, as
they say. The main issue will be what your TGT lifetime will be, since
client access to the server will normally stop when the TGT expires. Some
systems (Mac OS X) will automagically renew the TGT before it expires,
if your KDC allows that. I don't think most/all Linux systems do this
by default, but there are some utilities out there (try a search for
krenew) that will do so.
Basically, I think you'll want to avoid TGTs expiring before the user
logs out. You also need a unique uid<->user principal mapping for all
users logging in.
You definitely want to do some testing with whatever Linux system you
are using for the client.
Good luck with it, rick
ps: Choosing nfsv3 vs nfsv4 is basically independent of using RPCSEC_GSS
except for the host based initiator credential needed by some clients
(Linux and Solaris10 are among those) for NFSv4.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
