Subject: Re: Host access philosophy (Was: restricting NFS (and associated services) to one IP address)
To: Byron Servies <bservies@pacang.com>
From: Andy Ruhl <acruhl@gmail.com>
List: tech-net
Date: 10/09/2006 19:48:13
On 10/9/06, Byron Servies <bservies@pacang.com> wrote:
> I freely admit I am out of my depth, but wasn't NFSv4 designed to
> solve a lot of these long-standing NFS problems?

(Me too, but you never learn anything by hanging out with people who
tell you stuff you already know. :)

I think NFS4 isn't the only answer though. There's AFS too, and other
variants. I don't think NFS4 should necessarily be the "next"
networked filesystem that NetBSD uses simply because it's called NFS,
but I haven't really done my NFS4 homework either.

This subject probably has the ability to get way too big inside this
thread. It probably already has.

Seems like there are too many ways to solve these types of problems,
depending on preference, application, etc. I'm probably not smart
enough to make this statement, but when one starts really considering
how to solve these problems in some sort of unified way, Plan9 seems
to make more and more sense.

But then, I don't think anyone is really requiring unity, just some
good solution for their particular situation and preference. Or maybe
I'm missing something?

Seems like I've opened a can of worms here, which I didn't mean to do.
My comment earlier about having some sort of firewall software
included with an operating system really is only a reaction to the
idea that one would have to block a port with a "firewall" in order to
run an application which can't control it's use of IP addresses or
ports. I think this is common, and it's kind of sad. It's the only
simple solution I found to the original subject though.

Andy