hi jeffrey, sorry. please allow me re-send it.
thank you. :) i modified my iptables as following: $IPTABLES -A udp_packets -p UDP -s $ALLOW_IP --sport $CLIENT_AFS_PORT --dport 1024:65535 -j allowed -m conntrack --ctexpire 600 $IPTABLES -A udp_packets -p UDP -s $ALLOW_IP --sport 1024:65535 --dport $AFS_PORT -j allowed -m conntrack --ctexpire 600 it became more stable. but, i still can see "Lost contact" in the system logs(/var/log/messages) from time to time. could i adjusted any settings to improve this problem? thank you for your useful helps!! best, sam On Sat, Apr 19, 2008 at 9:23 PM, Jeffrey Altman < [EMAIL PROTECTED]> wrote: > Derrick Brashear wrote: > > > the other thing, NAT server itself also has "Lost contact" problem. > > > > > > please give me some hints. thank you. > > > > > > > > Expire your NAT udp port mappings less aggressively? > > > > NAT UDP port mappings should have a lifetime of at least ten minutes. > > > _______________________________________________ > OpenAFS-info mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-info > -- Sam Tseng Academia Sinica Institute of Astronomy and Astrophysics Tel.: +886-2-33652200 ext 742 Fax: +886-2-23677849
