Very Computer

Looks like nfs is open; see below.

    Starting Nmap 5.21 ( http://nmap.org ) at 2010-12-27 10:50 PST
    Nmap scan report for santa (192.168.1.3)
    Host is up (0.013s latency).
    rDNS record for 192.168.1.3: santa.cosgrove.com
    Not shown: 992 closed ports
    PORT     STATE SERVICE
    22/tcp   open  ssh
    25/tcp   open  smtp
    111/tcp  open  rpcbind
    139/tcp  open  netbios-ssn
    631/tcp  open  ipp
    2049/tcp open  nfs
    4000/tcp open  remoteanything
    4002/tcp open  mlchat-proxy
    MAC Address: 00:A0:CC:59:82:5E (Lite-on Communications)

    Nmap done: 1 IP address (1 host up) scanned in 1.55 seconds

This:

    sudo mount -t nfs -o rw santa:/home /net/santa/home

tries to grab the external (wild internet) interface IP of santa
and mount that.  But, I block NFS to the wild with shorewall and
with my DSL modem.

This:

    sudo mount -t nfs -o rw 192.168.1.3:/home /net/santa/home

works just fine.  That means that NFS is working.  Autofs
might be working, but it's based on name lookup and that seems
suspicious to me.

My /etc/hosts entries for santa are thus:

    192.168.1.3             santa.cosgrove.com santa
    75.75.195.30            Xsanta.cosgrove.com

Ping works correctly:

    PING santa.cosgrove.com (192.168.1.3) 56(84) bytes of data.
    64 bytes from santa.cosgrove.com (192.168.1.3): icmp_seq=1 ttl=64 \
        time=0.790 ms
    64 bytes from santa.cosgrove.com (192.168.1.3): icmp_seq=2 ttl=64 \
        time=0.777 ms

But, autofs is tries to do a DNS lookup of santa and comes up
with the external IP address.  This DID NOT happen like this
until the auto update from 2010.1 to 2010.2.  I searched the web
a bit for things like "/etc/hosts ignored".  Someone there wrote
that /etc/nsswitch.conf needs to have "files" before DNS things
on the "hosts:" line.  My file wasn't like that.  The file had an
August 2010 date on it, so I didn't think that it would be part
of 2010.2.  Even so, I tried swapping the putting "files" before
the DNS stuff, which had no effect.

I'm stuck again.

I hope it's OK, netequette-wise, for me to move this discussion to
comp.os.linux.networking.  This message is crossposted there with
followups set.

Thanks!

--
PLEASE post a SUMMARY of the answer(s) to your question(s)!
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.

Not suspicious but maybe a normal operation.

Heheheh, A quick check shows

$ host santa.cosgrove.com
santa.cosgrove.com has address 208.106.141.71

With your current setup, resolution came from the Internet before
values found on the node.

In my stupid opinion, LAN domain should not be a registered domain
unless you own the domain. For those cases, top level domain should be
test or invalid.

In the event you own the domain, and have set a valid Internet node
name for your domain, I would not have a LAN FQDN of the registered FQDN.

Alas, I did a bad job of obfuscating my real host name and ended
up with something that actually resolved.  Maybe next time FDQN
of santa.north.pole would be a better choice?

I do own a hostname, and it does resolve.  But, the host is also in
/etc/hosts with 192.168.1.3 and ping to santa resolves to the
192.168.1.3 and not the external IP.

FWIW, the nsswitch.conf alteration I made, putting "files" on
the "hosts:" line prior to anything DNS related, might have done
the trick.  After doing that, I restarted my network services.
But, that didn't help.  However after rebooting, my autofs stuff
started working and I can mount by specifying santa:/home (or
should that be santa:/igloo).

After this 2010.2 machine started having troubles I held off on
letting either of my other 2010.1 machines update.  Now they're
updated, and neither of them has trouble.  I guess I'm happy about
that.  But, I wish it was predictable.

Thanks....

--
PLEASE post a SUMMARY of the answer(s) to your question(s)!
Unless otherwise noted, the statements herein reflect my personal
opinions and not those of any organization with which I may be affiliated.

The problem with your methodology is that someone could register your
fake domain name in the future.   :(

That is why I suggested using .test or .invalid as
your toplevel domain. Example:

$ hostname
wb.home.test

I take it you do not use leafnode.  I do, and it will not
run with a .test, or .invalid hostname.

I registered hodgins.homeip.nat at http://www.dyndns.com/
In /etc/hosts I have it set to 127.0.0.1, and I also have
bind installed, and have it defined in
$ grep homeip /var/lib/named/etc/adblock.conf
zone "hodgins.homeip.net" { type master; notify no; file "/etc/db.adblock"; };
which is loaded by ...
/var/lib/named/etc/named.conf:include "/etc/adblock.conf";

The other piece of the configuration is
$ cat /var/lib/named/etc/db.adblock

                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL

*       IN      A       127.0.0.1 ;localhost

That way, leafnode is happy with a real fqdn, and everything
else just works.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Heheheh, ah yes, I remember posting a complaint that leafnode should
have allowed .test on testing setups.

My solution was to modify leafnode configuration with a junk FQDN.  :(

Hmmm, when I get some spare time, I'll have to see if I can use
mouse-potato.com or nomail.afraid.org   :)

Be aware that I've set the mx for nomail.afraid.org to point to
a spamtrap used by the uceprotect.net blocklist.  It gets at
least a few hundred spam messages every day.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Guess I'll play with mouse-potato.com

$ host mail.mouse-potato.com
mail.mouse-potato.com has address 127.0.0.1

Quote:> a spamtrap used by the uceprotect.net blocklist.
>  It gets at
> least a few hundred spam messages every day.

Sounds like you aught to get with
http://news.yahoo.com/s/ap/20101226/ap_on_hi_te/us_anti_spam_crusader