Hello !
for a special scenario, i´m thinking about running the classic userspace nfsd in parallel with the kernel based.
i think this _could_ be possible by binding the userspace one to the primary interface (eth0, ip 1.2.3.4) and the kernel based one to a virtual interface (eth0:1, ip 1.2.3.5)
i have done similar with other daemons, providing services on the same ports, but on different interfaces - think of apache ip-based virtual hosting which serves http://www.domaina.com on 1.2.3.4:80 and http://www.domainb.com on 1.2.3.5:80
since i`m unsure if this would work, can you experts give a comment if this should at least be possible in theory ?
if there isn´t a killer argument against this (does not work by design because...), i would like to try to elaborate to make this work. if this fails because there is no way to specify a dedicated interface to listen on - maybe this could be fixed with some few modifications to the code...
regards
roland
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Hi Roland,
On Saturday 16 December 2006 16:20, [email protected] wrote:
> Hello !
>
> for a special scenario, i´m thinking about running the classic
> userspace nfsd in parallel with the kernel based.
we are are already doing this for a long time.
>
> i think this _could_ be possible by binding the userspace one to the
> primary interface (eth0, ip 1.2.3.4) and the kernel based one to a virtual
> interface (eth0:1, ip 1.2.3.5)
Hmm, I thing this is presently not possible. I might be wrong, but I think =
neither knfsd nor any userspace nfs daemon presently supports binding to =
selected interfaces. Thinks they alsways bind to all interfaces.
We doing it by using different ports for the daemons, knfsd is running as =
usual on 2049 and unfsd (unfs3) is running on another port. One also needs =
to tell one of the daemon not to register to the portmapper, unfs3 also =
supports that.
[...]
> if there isn´t a killer argument against this (does not work by desi=
gn
> because...), i would like to try to elaborate to make this work. if this
> fails because there is no way to specify a dedicated interface to listen =
on
> - maybe this could be fixed with some few modifications to the code...
Any argument against simply using different ports?
Cheers,
Bernd
-- =
Bernd Schubert
PCI / Theoretische Chemie
Universit=E4t Heidelberg
INF 229
69120 Heidelberg
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
Hi Bernd, =
> we are are already doing this for a long time.
any caveats with this? just tune one of both to use different port ?
> Hmm, I thing this is presently not possible. I might be wrong, but I thin=
k =
> neither knfsd nor any userspace nfs daemon presently supports binding to =
> selected interfaces. Thinks they alsways bind to all interfaces.
i wonder very often, why there are so many applications out there which act=
ually _DON`T_ support this. if you are a security aware person, this is a =
very nice feature to be able to make your box more secure, without any fire=
walling at all. an interface which isn`t actually listening is more secure =
than one being firewalled, because you could have misconfigured your firewa=
ll or it could be down by accident. such feature gives so much greater flex=
ibility - i wished i would be able to tell "-bind 1.2.3.4:1234" instead of =
just "-port 1234" to every type of application opening a listening socket.
> We doing it by using different ports for the daemons, knfsd is running as =
> usual on 2049 and unfsd (unfs3) is running on another port. One also nee=
ds =
> to tell one of the daemon not to register to the portmapper, unfs3 also =
> supports that.
ah, thanks - this looks like one of those "caveats". btw - what about using=
userspace nfsd via xinetd? xinetd supports binding to dedicated interfaces.
> > if there isn´t a killer argument against this (does not work by de=
sign
> > because...), i would like to try to elaborate to make this work. if this
> > fails because there is no way to specify a dedicated interface to liste=
n on
> > - maybe this could be fixed with some few modifications to the code...
> =
> Any argument against simply using different ports?
ease of use for the clients? (because it´s easier to tell them to conn=
ect to a different ip than to a different port) - what if the client doesn`=
t support connecting to different port (ok, don`t know details yet about nf=
s clients and specifying ports - but i know many apps which are not able to=
use another port than the standard/default one.
thanks!
roland
_______________________________________________________________________
Viren-Scan f=FCr Ihren PC! Jetzt f=FCr jeden. Sofort, online und kostenlos.
Gleich testen! http://www.pc-sicherheit.web.de/freescan/?mc=3D022222
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
thanks - i just came across unfs3 some hours ago after searching this list =
for a while - i didn´t know that there exists a nfsv3 userspace implem=
entation.
so - maybe it`s a good replacement for classic userspace nfsd and i don`t n=
eed knfsd at all - looks like it also supports files >2gb.
will give it a try!
> -----Urspr=FCngliche Nachricht-----
> Von: Peter =C5strand <[email protected]>
> Gesendet: 16.12.06 22:01:53
> An: [email protected]
> CC: Bernd Schubert <[email protected]>, [email protected]
> Betreff: Re: [NFS] kernel+userspace based nfsd running in parallel on li=
nux?
> On Sat, 16 Dec 2006, [email protected] wrote:
> =
> > > Hmm, I thing this is presently not possible. I might be wrong, but I =
think =
> > > neither knfsd nor any userspace nfs daemon presently supports binding=
to =
> > > selected interfaces. Thinks they alsways bind to all interfaces.
> > =
> > i wonder very often, why there are so many applications out there which =
> > actually _DON`T_ support this. if you are a security aware person, this =
> =
> Actually, unfs3 does support this. Just use the -l argument. =
> =
> Regards, =
> ---
> Peter =C3�strand ThinLinc Chief Developer
> Cendio AB http://www.cendio.se
> Teknikringen 3
> 583 30 Link=C3=B6ping Phone: +46-13-21 46 00
> =
___________________________________________________________________________=
___
"Ein Herz f=FCr Kinder" - Ihre Spende hilft! Aktion: http://www.deutschlandsegelt.=
de
Unser Dankesch=F6n: Ihr Name auf dem Segel der 1. deutschen America's Cup-Y=
acht!
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Sat, Dec 16, 2006 at 05:17:30PM +0100, Bernd Schubert wrote:
> Hmm, I thing this is presently not possible. I might be wrong, but I think
> neither knfsd nor any userspace nfs daemon presently supports binding to
> selected interfaces. Thinks they alsways bind to all interfaces.
> We doing it by using different ports for the daemons, knfsd is running as
> usual on 2049 and unfsd (unfs3) is running on another port. One also needs
> to tell one of the daemon not to register to the portmapper, unfs3 also
> supports that.
The big problem will be mountd. There's only one portmapper, and you
can register only one mountd - and the file handles given out by unfs
mountd don't work with the kernel nfsd and vice versa.
Oh, and what about locking? :)
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
[email protected] | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs
On Sun, Dec 17, 2006 at 11:25:45AM +0100, Peter =C5strand wrote:
> This is no problem, you can run both the nfs and mount service without th=
e =
> portmapper. They can even run on the same port. So, typically you run =
Yeah, I know. But is that what he was asking for?
Olaf
-- =
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
[email protected] | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID=3DDE=
VDEV
_______________________________________________
NFS maillist - [email protected]
https://lists.sourceforge.net/lists/listinfo/nfs