Re: "NFS Slave"??
> I have two Beowulf clusters on two subnets hanging off different
> machines. (Actually, one has six different subnets to make it a flat
> network topology on more machines than will fit on a single switch, but
> that's not important.) One head node (call it "head1") is my NIS/NFS
> server, so that cluster's config was easy. The other head node
> ("head2") is an NIS/NFS client.
>
> I've set up an NIS slave on head2, which doesn't quite work (but I think
> I know why and haven't exhausted all of the possible things to do).
It does work, we used this here in the past.
> But is there such a thing as an NFS slave? I try to export /home from
> head2, which mounts it from head1, but when clients mount it from head2,
> /var/log/messages shows:
The solution to your problem is: put the 2.4 kernel on head2 and configure
it for masquerading (netfilter, NAT, etc). The 2.4 kernels are able to do
NFS masquerading. You export whatever from head1 to head2 and on the nodes
of head2 you just mount from head1, ignoring the fact that it is on the
external network, using of course head1's address on the Internet. Instead
of the ipchains of 2.2, you must install and use iptables.
This works very well, we use it here. In order do enable ftp to outside
you must install special modules by hand. Besides the support in the
kernel, you need a script to set it all up during the boot of the server.
Below is a copy of the "/etc/rc.boot/setipforward-masq" script we use to
do this. It is set up for both 2.2 and 2.4 kernels, but note that NFS
masquerading only works on 2.4. Note that 143.107.129.23 is the IP of our
server, the one which plays the role of your head2.
Cheers,
----------------------------------------------------------------
Jorge L. deLyra, Associate Professor of Physics
The University of Sao Paulo, IFUSP-DFMA
For more information: finger delyra@latt.if.usp.br
----------------------------------------------------------------
#!/bin/tcsh -f
# JLdL 19Mar02.
#
# Editing kernel parameters.
#
# Only do this for the 2.2.* kernels.
if ( "`uname -r | cut -d . -f 1-2`" == "2.2" ) then
#
# Print out a message.
echo "installing the FTP module"
#
# Installing the module.
modprobe ip_masq_ftp
#
# Turn on IP forwarding.
echo 1 >! /proc/sys/net/ipv4/ip_forward
#
# Print out a message.
echo -n "activate IP forwarding: " ; cat /proc/sys/net/ipv4/ip_forward
#
# Set up masquerading for the pmcnet.
ipchains -P forward DENY
ipchains -A forward -s 192.168.0.0/255.255.0.0 -j MASQ
#
# Print out a message.
echo "masquerading network 192.168.0.0/255.255.0.0"
endif
#
# Only do this for the 2.4.* kernels.
if ( "`uname -r | cut -d . -f 1-2`" == "2.4" ) then
#
# Print out a message.
echo "installing the FTP modules"
#
# Installing the modules.
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp
#
# Set up masquerading for the pmcnet.
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 143.107.129.23
iptables -A FORWARD -i ! eth0 -o eth0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -P FORWARD DROP
#
# Print out a message.
echo "masquerading the private network on eth1"
#
# Turn on IP forwarding.
echo 1 > /proc/sys/net/ipv4/ip_forward
#
# Print out a message.
echo -n "activate IP forwarding: " ; cat /proc/sys/net/ipv4/ip_forward
endif
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: