On Thu, 05 May 2011 16:40:25 +0200
Jaap Winius wrote:
> Nevertheless, 10-15 minutes is still 20-30x the default value. As an
> alternative solution, could setting something like...
>
> fs checkservers -interval 10
>
> ... on the clients be just as effective? Or, even if it is, would that
On 5/5/2011 10:40 AM, Jaap Winius wrote:
> Quoting Jeffrey Altman :
>
>> 10 to 15 minutes is more than sufficient.
>
> Ah, that makes me feel much better!
>
> Nevertheless, 10-15 minutes is still 20-30x the default value. As an
> alternative solution, could setting something like...
>
>fs c
Quoting Jeffrey Altman :
10 to 15 minutes is more than sufficient.
Ah, that makes me feel much better!
Nevertheless, 10-15 minutes is still 20-30x the default value. As an
alternative solution, could setting something like...
fs checkservers -interval 10
... on the clients be just as
Quoting Stanisław Kamiński :
Could you share how did you find that they are dropped?
Mostly I's see lines like the following in the syslog of the host
running the firewall:
Apr 30 16:33:16 noord kernel: [181949.998779] DROP IN=br1 OUT=
PHYSIN=eth1 MAC=00:16:0a:24:d5:3d:00:25:2e:64:1a:8f:
On 5/5/2011 8:42 AM, Jaap Winius wrote:
> But I'm worried now that 28800 is probably overdoing it.
10 to 15 minutes is more than sufficient.
Jeffrey Altman
signature.asc
Description: OpenPGP digital signature
On 2011-05-05 14:42, Jaap Winius wrote:
Hi folks,
At my site all of the the OpenAFS servers are separated from the clients
by stateful iptables firewalls that include NAT. The first OpenAFS
clients had been running for less than week when I figured that the AFS
packets being dropped by the firew
Hi folks,
At my site all of the the OpenAFS servers are separated from the
clients by stateful iptables firewalls that include NAT. The first
OpenAFS clients had been running for less than week when I figured
that the AFS packets being dropped by the firewall (mostly SPT=7000
DPT=7001) mi