On 8/15/2013 11:18 AM, Jeffrey Hutzelman wrote: > On Wed, 2013-08-14 at 16:51 -0400, Jeffrey Altman wrote: > >> The symptom is that clients see file servers toggle between up and down >> states. The client has an existing connection which is tied to a >> specific addr/port on the file server. > >> The actual addr/port changes and >> so the file server treats the connection as if it is being spoofed and >> drops the packets on the floor. > > That is a bug. Either the address and port are part of the connection > identifier or they're not. If they are, then the connection from a > different address and port is, to the server, a different connection and > must be treated as such. If not, then it should treat the incoming > packets as part of that connection. > > Simply dropping incoming packets on the floor because they have the same > epoch/cid as an existing connection but not the same address is not > reasonable. Of course this is causing problems! > > -- Jeff
I suspect that Jeff is correct and the new connection is being created but the sum of all of the things that happen at new connection time the client times out and marks the server down: * rxkad challenge / response * TellMeAboutYourself exchange returns known UUID with alternate address and/or port * File server attempts TellMeAboutYourself to the previous address/port for which there is no response * File server updates host table for the reported UUID and replies to the client Its been many years since I've had to triage such a connection so I may have some of the details wrong. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
