On Jun 12, 2007 17:16 -0400, Jim McCusker wrote: > Brian J. Murrell wrote: > >It seems pretty clear that the NATting is confusing the MDS, but why, > >I'm not sure. I thought the protocol was pretty NAT friendly. > > This seems to be the culprit: > > Jun 12 17:00:13 chai kernel: LustreError: > 12198:0:(acceptor.c:422:lnet_acceptor()) Refusing connection from > 128.36.115.10: insecure port 35203 > > We seem to be remapping to high ports, a common strategy when using > NAT. Is there a way of disabling this check?
On the MDS (and the OSTs for that matter) you need to add to modprobe.conf options lnet accept=all [other networks config if any] This disables the secure source-port check on the server. There will still be a problem connecting from the MDS/OSTs to the clients, which can happen on occasion if the network fails and then the server needs to contact the client for some reason (e.g. lock cancellation). This is not very common, and at worst the client will get an error after the network failure, and then continue on once it establishes a client->server connection. Cheers, Andreas -- Andreas Dilger Principal Software Engineer Cluster File Systems, Inc. _______________________________________________ Lustre-discuss mailing list [email protected] https://mail.clusterfs.com/mailman/listinfo/lustre-discuss
