Hi all,
Please help me to make a decision here. I am trying to determine whether
Openafs is the right choice for us and it is not clear for me if
modifying client's firewall is mandatory or not. The situation is like
this:
-all Openafs servers are behind the same NAT firewall. Firewall rules
can
On Tue, 2014-08-05 at 09:30 +0200, Alex wrote:
Now, I didn't find in the admin guide or wiki[1] some useful
information
about client's firewall, but I could find some information on the
Internet saying that client doesn't work without opening 7001 for
incoming UDP [2]. This should be open for
On 2014-08-05, at 15:08, Brandon Allbery ballb...@sinenomine.net wrote:
On Tue, 2014-08-05 at 09:30 +0200, Alex wrote:
Now, I didn't find in the admin guide or wiki[1] some useful
information
about client's firewall, but I could find some information on the
Internet saying that client
On 2014-08-05, at 9:30, Alex euergetiko...@gmail.com wrote:
Please help me to make a decision here. I am trying to determine whether
Openafs is the right choice for us and it is not clear for me if
modifying client's firewall is mandatory or not. The situation is like
this:
-all Openafs
On 08/05/14 15:08, Brandon Allbery wrote:
On Tue, 2014-08-05 at 09:30 +0200, Alex wrote:
Now, I didn't find in the admin guide or wiki[1] some useful
information
about client's firewall, but I could find some information on the
Internet saying that client doesn't work without opening 7001 for
On 8/4/2014 9:35 PM, Andrew Deason wrote:
On Mon, 04 Aug 2014 15:21:36 -0500
Douglas E Engert deeng...@gmail.com wrote:
User's have to login to other network file systems like DropBox,
Box, or other Cloud systems. The issue of having to login twice, is a
trust issue. Users live with it
On Tue, 2014-08-05 at 16:12 +0200, Alex wrote:
Parallel access is a must for us.The main
concern is the possibility that one client overwrites modifications of
another one who is editing the file in the same time.
This is going to bite you if you don't have callbacks working.
--
brandon s
On 8/5/2014 3:30 AM, Alex wrote:
Hi all,
Please help me to make a decision here. I am trying to determine whether
Openafs is the right choice for us and it is not clear for me if
modifying client's firewall is mandatory or not. The situation is like
this:
-all Openafs servers are behind
On Tue, 2014-08-05 at 09:34 -0500, Douglas E Engert wrote:
A side question is can AFS use some other authentication
method other then Kerberos?
Not yet. This is one of the things rxgk is supposed to address; we can
then use any GSSAPI-provided service. (The Globus stuff included a
minimal
On 5 Aug 2014, at 14:08, Brandon Allbery ballb...@sinenomine.net wrote:
On Tue, 2014-08-05 at 09:30 +0200, Alex wrote:
Now, I didn't find in the admin guide or wiki[1] some useful
information
about client's firewall, but I could find some information on the
Internet saying that client
On Tue, 2014-08-05 at 16:08 +0100, Simon Wilkinson wrote:
The complication is that firewalls/NATs only preserve these mappings
for a finite length of time. We attempt to keep them open through
regular fileserver pings, but sometimes that isn't enough. When a
mapping expires, the client is
On 5 Aug 2014, at 16:09, Brandon Allbery ballb...@sinenomine.net wrote:
On Tue, 2014-08-05 at 16:08 +0100, Simon Wilkinson wrote:
The complication is that firewalls/NATs only preserve these mappings
for a finite length of time. We attempt to keep them open through
regular fileserver pings,
On 5 Aug 2014, at 15:57, Brandon Allbery ballb...@sinenomine.net wrote:
Not yet. This is one of the things rxgk is supposed to address; we can
then use any GSSAPI-provided service. (The Globus stuff included a
minimal GSSAPI support mechanism with a number of shortcomings, IIRC.)
The Globus
On Tue, 05 Aug 2014 16:12:41 +0200
Alex euergetiko...@gmail.com wrote:
On 08/05/14 15:08, Brandon Allbery wrote:
So you might be able to get by with just running fs checkvolumes
periodically in a cron job to make up for missing callback breaks on
volume releases.
That only refreshes the
On Tue, 2014-08-05 at 10:36 -0500, Andrew Deason wrote:
On Tue, 05 Aug 2014 16:12:41 +0200
Alex euergetiko...@gmail.com wrote:
On 08/05/14 15:08, Brandon Allbery wrote:
So you might be able to get by with just running fs checkvolumes
periodically in a cron job to make up for missing
On Tue, 05 Aug 2014 09:34:30 -0500
Douglas E Engert deeng...@gmail.com wrote:
On 8/4/2014 9:35 PM, Andrew Deason wrote:
Users of all other kerberized services do not need to login to every
service they use. If everything is configured properly to use kerberos,
I don't need to separately
On 08/05/14 17:36, Andrew Deason wrote:
On Tue, 05 Aug 2014 16:12:41 +0200
Alex euergetiko...@gmail.com wrote:
[snip]
Thank you all for answering, I guess we should test it more carefully
to check how it will work. Parallel access is a must for us.The main
concern is the possibility that
On 8/5/2014 10:43 AM, Andrew Deason wrote:
On Tue, 05 Aug 2014 09:34:30 -0500
Douglas E Engert deeng...@gmail.com wrote:
On 8/4/2014 9:35 PM, Andrew Deason wrote:
Users of all other kerberized services do not need to login to every
service they use. If everything is configured properly to
On 08/05/14 16:55, Jeffrey Altman wrote:
-all Openafs servers are behind the same NAT firewall. Firewall rules
can be changed.
How many OpenAFS servers and how many public IP addresses on the NAT?
to simplify for now, and for testing, we will use just one machine with
one IP behind the
On 5 Aug 2014, at 17:21, Alex euergetiko...@gmail.com wrote:
yes, what I meant is that I need the client to be aware that some other
client is editing, (and refresh the cache), which is the function of
callback if I am not mistaken. As I understand, this is not possible
behind a NAT
On Tue, 5 Aug 2014 15:39:48 +
Brandon Allbery ballb...@sinenomine.net wrote:
On Tue, 2014-08-05 at 10:36 -0500, Andrew Deason wrote:
On 08/05/14 15:08, Brandon Allbery wrote:
So you might be able to get by with just running fs
checkvolumes periodically in a cron job to make up for
On Tue, 5 Aug 2014, Brandon Allbery wrote:
On Tue, 2014-08-05 at 09:34 -0500, Douglas E Engert wrote:
A side question is can AFS use some other authentication
method other then Kerberos?
Not yet. This is one of the things rxgk is supposed to address; we can
then use any GSSAPI-provided
22 matches
Mail list logo