hi jeffrey,
thank you. :)
i modified my iptables as following:
$IPTABLES -A udp_packets -p UDP -s $ALLOW_IP --sport
$CLIENT_AFS_PORT --dport 1024:65535 -j allowed -m conntrack --ctexpire 600
$IPTABLES -A udp_packets -p UDP -s $ALLOW_IP --sport 1024:65535
--dport $AFS_PORT -j allowed -m conntrack --ctexpire 600
it became more stable. but, i still can see "Lost contact" in the system
logs(/var/log/messages) from time to time. could i adjusted any settings
to improve this problem?
thank you for your useful helps!!
best, sam
Jeffrey Altman wrote:
Derrick Brashear wrote:
the other thing, NAT server itself also has "Lost contact" problem.
please give me some hints. thank you.
Expire your NAT udp port mappings less aggressively?
NAT UDP port mappings should have a lifetime of at least ten minutes.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
