:I was wondering if I could get some help.
:
:I am running a FreeBSD 2.2.8 machine configured as a nfs server. We are
:trying to get another machine running 2.2.8 to mount from the nfs
:server. Our challenge is that we are using a virtual ip and would like
:to mount the virtual ip. We are already doing this with SCO unix as
:well as Sun Solaris. The problem is that when I type
:
:mount -t argonnfs:/u /u
:(I have also tried with -o -i,-s,-r=1024,-w=1024 options and all
:permutation of the options, including mount_nfs -T)
:
:I'll hang waiting for the request to time out. After extensive trouble
:shooting, I think it is because of the "security feature" to prevent NFS
:cookie spoofing based attacks. Basically, there is an nfs check that
:will not allow freebsd nfs client to request an nfs mount and have the
:machine where the nfs request is being made to reply with its real ip
The problem is due to the NFS server responding to the NFS client's
request using a different IP address. The NFS client is expecting the
response from the same IP that it sent the request too.
The bug is on the server-side, not really the client side. Many people
have been bitten by this problem and it would be cool if someone submitted
a patch to fix it. I will get to it eventually but I'm kinda tied up
at the moment.
It would be a severe security hole to allow the client to process
responses from a different IP address then the request was sent to.
-Matt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
