Is anyone using AFS (either client or server) on a solaris 10 system with
ipfilter running that can share their rule sets?
I am seeing large numbers of blocked fragmented packets, which is killing
the performance.
My ruleset looks something like this:
pass out all keep state keep frags
Here's a fragment of what I use on my AFS servers.
You really don't want to state-track your AFS stuff. You really
don't want ipfilter to have to keep track of all of that -- if your
cell is reasonably busy, those internal tables will get rather big.
I just pass in/out the frags -- you
Any ideas anyone?
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5 (Tikanga)
# uname -a
Linux rcf-kerbtest-linux 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:21 EST
2007 i686 i686 i386 GNU/Linux
# ./configure --enable-transarc-paths --disable-afsdb
I've no idea what I did the 3rd time around (the 1st 2
times before emailing the list), but everything works
now... :|
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
