Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 26 Feb 2002 08:52:21 -0800 (PST)
From:      "Shawn O'Connor" <soconnor@mail.e-perception.com>
To:        Ian Dowse <iedowse@maths.tcd.ie>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: NFS replies with different IP address 
Message-ID:  <20020226083448.B62491-100000@mail.e-perception.com>
In-Reply-To: <200202260102.aa41839@salmon.maths.tcd.ie>

next in thread | previous in thread | raw e-mail | index | archive | help
I'm trying not to just mount to the 10.1.1.10 IP address because the machine
in question is part of a veritas cluster and whichever node is controlling
NFS at that time assumes a virtual interface with an IP address of 10.1.1.9.

I agree that this is a Solaris problem.  I find it disconcerting that
the Solaris box would respond back with it's primary IP address.  I was
just wondering if there was an easy work around.


	-Shawn

On Tue, 26 Feb 2002, Ian Dowse wrote:

> Why not just use the IP address that does work! Accepting replies
> from any source address whatsoever (only the XID is checked) is not
> a very secure behaviour; I don't think this has been ever allowed
> in FreeBSD. As the RFC you quoted suggests, this is more a problem
> with Solaris than FreeBSD. If you use FreeBSD as a multi-homed NFS
> server there is a "-h" option to nfsd that allows you to bind to
> each IP address to ensure that replies come from the right one.
>
> Ian


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020226083448.B62491-100000>