From owner-freebsd-hackers  Tue Oct  8 17:20:03 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id RAA18812
          for hackers-outgoing; Tue, 8 Oct 1996 17:20:03 -0700 (PDT)
Received: from DNS.Lamb.net (root@DNS.Lamb.net [206.169.44.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA18770
          for <freebsd-hackers@FreeBSD.org>; Tue, 8 Oct 1996 17:20:01 -0700 (PDT)
Received: from Gatekeeper.Lamb.net (ulf@Gatekeeper.Lamb.net [206.169.44.2]) by DNS.Lamb.net (8.7.6/8.7.3) with ESMTP id RAA04772; Tue, 8 Oct 1996 17:22:06 -0700 (PDT)
Received: (from ulf@localhost) by Gatekeeper.Lamb.net (8.7.6/8.7.6) id RAA17556; Tue, 8 Oct 1996 17:19:24 -0700 (PDT)
From: Ulf Zimmermann <ulf@Lamb.net>
Message-Id: <199610090019.RAA17556@Gatekeeper.Lamb.net>
Subject: Re: NFS problems with dual-network-interface machines
To: gilham@csl.sri.com (Fred Gilham)
Date: Tue, 8 Oct 1996 17:19:24 -0700 (PDT)
Cc: freebsd-hackers@FreeBSD.org
In-Reply-To: <199610082228.PAA05742@impulse.csl.sri.com> from Fred Gilham at "Oct 8, 96 03:28:02 pm"
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

> 
> Hello,
> 
> I've got a site where I'm using a bunch of FreeBSD boxes as file
> servers and as routers to segment a class B network into class C
> networks.  So each box has two interfaces.
> 
> I've noticed problems where putting the addresses of both interfaces
> in DNS sometimes causes NFS clients to connect to the `wrong' address
> and NFS hangs.  The tcpdump program shows that the client is getting
> icmp port unreachable messages.
> 
> I.e. machine alpha might be a router/file server with two addresses:
> 130.107.4.200
> 130.107.15.200
> 
> and machine beta might be on a different subnet having address
> 130.107.17.234.
> 
> (both alpha and beta are freebsd boxes.)
> 
> Machine beta is connected through a router similar to alpha to the
> 130.107.4 network.
> 
> When machine beta tries to mount one of machine alpha's file systems,
> and it gets 130.107.15.200 from DNS as the address of alpha, port
> unreachable errors occur.
> 
> This seems wrong to me, since machine alpha should be able to route
> from one of its addresses to the other.
> 
> I've verified that this is the problem by putting alpha's
> 130.107.4.200 address in the host table on machine beta.  Once I do
> this, everything works smoothly.  However, this means putting all the
> file servers in all the host tables of all the clients.  We're trying
> to run minimal host tables on the clients and use DNS for host
> lookups.
> 
> Am I doing something wrong?  Is there a canonical way to deal with
> this that I don't know about?  Or is this a bug?
> 
> Thanks for any help,
> 
> -Fred Gilham   gilham@csl.sri.com
> 

I had the same problem, it has to do with the "security" of nfs.
Gatekeeper.Lamb.net has 4 interfaces. Each interfaces has now
2 names (Gatekeeper and Gatekeeper-x (x = interface number)).
This resolved all my problems.

Ulf.

--------------------------------------------------------------------------
Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-865-0204
Lamb Art Internet Services | http://www.Lamb.net/ | http://www.Alameda.net