Hello, In my cell, all machines have both a public and a private address (actually, an alias address on the same physical interface) used for tunneling nis / nfs through ipsec. I would like to restrict afs to the public interfaces because the ipsec interfaces coming up and down seem to confuse the afs client occasionally. I am using Debian/unstable with OpenAFS 1.2.11. Here is what I do:
dick:~# locate NetRestrict /etc/openafs/NetRestrict /etc/openafs/server-local/NetRestrict /usr/afs/local/NetRestrict dick:~# cat `locate NetRestrict` 192.168.107.176 192.168.107.176 192.168.107.176 dick:~# vos lista vsu_ClientInit: Could not get afs tokens, running unauthenticated. tell-sec.physnet.uni-hamburg.de tell.physnet.uni-hamburg.de dick-sec.physnet.uni-hamburg.de dick.physnet.uni-hamburg.de dick:~# fs getclienta 134.100.107.176 (*-sec refers to the private interface). So the client seems to use only the public address as expected, but the server doesn't. What's going wrong here? Thanks for any help, Christian Ospelkaus _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
