Message: 7 Date: Tue, 30 Sep 2003 10:25:41 -0400 (EDT) From: Derrick J Brashear <[EMAIL PROTECTED]> To: OpenAFS-devel <[EMAIL PROTECTED]> Subject: Re: [OpenAFS-devel] Stop me before I NAT again...
On Tue, 30 Sep 2003, Mitch Collinsworth wrote:
In general this sounds like a great idea. I'm not certain about the run-time configuration idea though. Again, what about mobile clients that may pop up behind a NAT one time and on their own IP the next? I think we need to decide that either a) it's ok to make this change global for all clients, or b) it's not ok, only NAT-bound clients should do this, and therefore the client should somehow auto-discover if it's NAT-bound dynamically and adjust its behavior accordingly. Then it will
I think b) is the right answer, but I'm unsure if there's any useful way to discover we're NATd. I can't think of any that doesn't involve being helped by new code in some remote agent.
Is there any way to tie this to the Kerberos layer? For K5 you have a real address unless you specifically get an addressless ticket (in which case you are probably doing it because you are behind a NAT).
Alternatively, (if we can't find a better way) we could assume NAT if we have a non-routable IP address (A: 10.x.x.x, B: <I forget>, C: 192.168.x.x).
I'm just talking here. I think we ought to add something specific to identify the situation in "the remote agent". If the feature isn't implemented on one side then the above might be fallback defaults.
--
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
[EMAIL PROTECTED], or [EMAIL PROTECTED]
_______________________________________________
OpenAFS-devel mailing list
[EMAIL PROTECTED]
https://lists.openafs.org/mailman/listinfo/openafs-devel
