On Sat, 6 Feb 2010, George Mamalakis wrote: > > thank you for all your answers. I am planning on setting up the computer labs > of my department using kerberized nfsv3 (since v4 seems to be "more" > experimental) with a FreeBSD nfs server and Linux nfs clients. I was > wondering "how stable" such an implementation would be; meaning that I > wouldn't want to end up with an unstsable setup when receiving requests from > 50-60 simultaneous clients, because that would be my everyday scenario. > I believe that the above should be stable, but your mileage may vary, as they say. The main issue will be what your TGT lifetime will be, since client access to the server will normally stop when the TGT expires. Some systems (Mac OS X) will automagically renew the TGT before it expires, if your KDC allows that. I don't think most/all Linux systems do this by default, but there are some utilities out there (try a search for krenew) that will do so. Basically, I think you'll want to avoid TGTs expiring before the user logs out. You also need a unique uid<->user principal mapping for all users logging in. You definitely want to do some testing with whatever Linux system you are using for the client. Good luck with it, rick ps: Choosing nfsv3 vs nfsv4 is basically independent of using RPCSEC_GSS except for the host based initiator credential needed by some clients (Linux and Solaris10 are among those) for NFSv4.Received on Sun Feb 07 2010 - 21:22:58 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:00 UTC