Solaris 2.5 NSKIT DNS/NIS problems

Solaris 2.5 NSKIT DNS/NIS problems

Post by Robert Montj » Thu, 30 May 1996 04:00:00



Hi..

We are trying to get a slave NIS server working on SPARC 20 running
Solaris2.5.  Everything works except DNS via NIS. If the host
is in the YP hosts map everything works. If NIS server has
to look up the host via DNS the telnet/netscape/rsh/... just
hangs.

We are using NSKIT 1.2 with the NSKIT jumbo patch. It does
the same thing without the JUMBO patch too.

We have tried running the ypserv with and without the -d
flag.  The "-b" flag is defined in the SunOS4.1.4 masters
NIS Makefile

The lookups work fine when the clients are bound to our
SunOS 4.1.4 machines.  

Here is a snoop of a typical DNS via NIS session:

Note: zeus is the server and bubba is the client

Any suggestions on where to look for the problem would be appreciated.

Thanks

Using device /dev/hme (promiscuous mode)
ETHER:  ----- Ether Header -----
ETHER:  
ETHER:  Packet 1 arrived at 18:37:49.99
ETHER:  Packet size = 122 bytes
ETHER:  Destination = 8:0:20:77:bc:d9, Sun
ETHER:  Source      = 8:0:20:12:23:e3, Sun
ETHER:  Ethertype = 0800 (IP)
ETHER:  
IP:   ----- IP Header -----
IP:  
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 108 bytes
IP:   Identification = 10672
IP:   Flags = 0x0
IP:         .0.. .... = may fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 60 seconds/hops
IP:   Protocol = 17 (UDP)
IP:   Header checksum = 3ee1
IP:   Source address = 129.137.8.202, bubba.ece.uc.edu
IP:   Destination address = 129.137.10.20, zeus.ececs.uc.edu
IP:   No options
IP:  
UDP:  ----- UDP Header -----
UDP:  
UDP:  Source port = 1399
UDP:  Destination port = 978 (Sun RPC)
UDP:  Length = 88
UDP:  Checksum = FC0A
UDP:  
RPC:  ----- SUN RPC Header -----
RPC:  
RPC:  Transaction id = 832974753
RPC:  Type = 0 (Call)
RPC:  RPC version = 2
RPC:  Program = 100004 (NIS), version = 2, procedure = 3
RPC:  Credentials: Flavor = 0 (None), len = 0 bytes
RPC:  Verifier   : Flavor = 0 (None), len = 0 bytes
RPC:  
NIS:  ----- Network Information Service -----
NIS:  
NIS:  Proc = 3 (Return value of a key)
NIS:  Domain = lovelace
NIS:  Map = hosts.byname
NIS:  Key = mit.edu
NIS:  

ETHER:  ----- Ether Header -----
ETHER:  
ETHER:  Packet 2 arrived at 18:37:50.00
ETHER:  Packet size = 94 bytes
ETHER:  Destination = 8:0:20:12:23:e3, Sun
ETHER:  Source      = 8:0:20:77:bc:d9, Sun
ETHER:  Ethertype = 0800 (IP)
ETHER:  
IP:   ----- IP Header -----
IP:  
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 80 bytes
IP:   Identification = 26558
IP:   Flags = 0x4
IP:         .1.. .... = do not fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 255 seconds/hops
IP:   Protocol = 17 (UDP)
IP:   Header checksum = fded
IP:   Source address = 129.137.10.20, zeus.ececs.uc.edu
IP:   Destination address = 129.137.8.202, bubba.ece.uc.edu
IP:   No options
IP:  
UDP:  ----- UDP Header -----
UDP:  
UDP:  Source port = 54977
UDP:  Destination port = 1399 (Sun RPC)
UDP:  Length = 60
UDP:  Checksum = FB15
UDP:  
RPC:  ----- SUN RPC Header -----
RPC:  
RPC:  Transaction id = 832974753
RPC:  Type = 1 (Reply)
RPC:  This is a reply to frame 1
RPC:  Status = 0 (Accepted)
RPC:  Verifier   : Flavor = 0 (None), len = 0 bytes
RPC:  Accept status = 0 (Success)
RPC:  
NIS:  ----- Network Information Service -----
NIS:  
NIS:  Proc = 3 (Return value of a key)
NIS:  Status = 1 (OK)
NIS:  Value = 18.72.2.1 mit.edu

NIS:  

ETHER:  ----- Ether Header -----
ETHER:  
ETHER:  Packet 3 arrived at 18:37:50.00
ETHER:  Packet size = 70 bytes
ETHER:  Destination = 8:0:20:77:bc:d9, Sun
ETHER:  Source      = 8:0:20:12:23:e3, Sun
ETHER:  Ethertype = 0800 (IP)
ETHER:  
IP:   ----- IP Header -----
IP:  
IP:   Version = 4
IP:   Header length = 20 bytes
IP:   Type of service = 0x00
IP:         xxx. .... = 0 (precedence)
IP:         ...0 .... = normal delay
IP:         .... 0... = normal throughput
IP:         .... .0.. = normal reliability
IP:   Total length = 56 bytes
IP:   Identification = 10673
IP:   Flags = 0x4
IP:         .1.. .... = do not fragment
IP:         ..0. .... = last fragment
IP:   Fragment offset = 0 bytes
IP:   Time to live = 255 seconds/hops
IP:   Protocol = 1 (ICMP)
IP:   Header checksum = 3c23
IP:   Source address = 129.137.8.202, bubba.ece.uc.edu
IP:   Destination address = 129.137.10.20, zeus.ececs.uc.edu
IP:   No options
IP:  
ICMP:  ----- ICMP Header -----
ICMP:  
ICMP:  Type = 3 (Destination unreachable)
ICMP:  Code = 3 (Bad port)
ICMP:  Checksum = 2088
ICMP:  
ICMP:  [ subject header follows ]
ICMP:  
ICMP:IP:   ----- IP Header -----
ICMP:IP:  
ICMP:IP:   Version = 4
ICMP:IP:   Header length = 20 bytes
ICMP:IP:   Type of service = 0x00
ICMP:IP:         xxx. .... = 0 (precedence)
ICMP:IP:         ...0 .... = normal delay
ICMP:IP:         .... 0... = normal throughput
ICMP:IP:         .... .0.. = normal reliability
ICMP:IP:   Total length = 80 bytes
ICMP:IP:   Identification = 26558
ICMP:IP:   Flags = 0x4
ICMP:IP:         .1.. .... = do not fragment
ICMP:IP:         ..0. .... = last fragment
ICMP:IP:   Fragment offset = 0 bytes
ICMP:IP:   Time to live = 255 seconds/hops
ICMP:IP:   Protocol = 17 (UDP)
ICMP:IP:   Header checksum = fded
ICMP:IP:   Source address = 129.137.10.20, zeus.ececs.uc.edu
ICMP:IP:   Destination address = 129.137.8.202, bubba.ece.uc.edu
ICMP:IP:   No options
ICMP:IP:  
ICMP:UDP:  ----- UDP Header -----
ICMP:UDP:  
ICMP:UDP:  Source port = 54977
ICMP:UDP:  Destination port = 1399
ICMP:UDP:  Length = 60 (Not all data contained in this fragment)
ICMP:UDP:  Checksum = 0000 (no checksum)
ICMP:UDP:  
UDP:  

--
Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


--  One seldom sees a monument to a committee.

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Greg Linda » Sat, 01 Jun 1996 04:00:00




>We are trying to get a slave NIS server working on SPARC 20 running
>Solaris2.5.  Everything works except DNS via NIS.

man nsswitch. Your 2.5 machines shouldn't be using YP to do DNS
lookups. I'm not sure if I've ever bound a 4.1.4 client to a
2.5 master... hm.

-- g

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Robert Montj » Sat, 01 Jun 1996 04:00:00





>>We are trying to get a slave NIS server working on SPARC 20 running
>>Solaris2.5.  Everything works except DNS via NIS.

We have a mixed enviroment of Solaris2.5 machines and SunOS 4.1.x machines.
They Solaris2.5 machines do DNS lookups through DNS . They do not
have the problem. Only the SunOS machines have the problem.

Quote:

>man nsswitch. Your 2.5 machines shouldn't be using YP to do DNS
>lookups. I'm not sure if I've ever bound a 4.1.4 client to a
>2.5 master... hm.

This should work and does except for DNS via NIS lookups.

Quote:

>-- g

--
Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


--  One seldom sees a monument to a committee.
 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Stempien Brian » Sat, 01 Jun 1996 04:00:00


[deleted]

Quote:>We have tried running the ypserv with and without the -d
>flag.  The "-b" flag is defined in the SunOS4.1.4 masters
>NIS Makefile

The Makefile on the Slave servers may also need the -b option set. Also
make sure the slave servers have DNS setup in the nsswitch.conf file. I.e.
each slave must be able to talk DNS to be able to resolve the name (No
mattter who the slave is bound to)

Quote:>The lookups work fine when the clients are bound to our
>SunOS 4.1.4 machines.  

[deleted]

>--
>Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


>--  One seldom sees a monument to a committee.

--
Brian M. Stempien             Whirlpool Corp. St. Joseph Technology Center.
All views are my own and do not reflect my company's in any way.

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Vartan Narini » Sat, 01 Jun 1996 04:00:00



>We are trying to get a slave NIS server working on SPARC 20 running
>Solaris2.5.  Everything works except DNS via NIS. If the host
>is in the YP hosts map everything works. If NIS server has
>to look up the host via DNS the telnet/netscape/rsh/... just
>hangs.

Does your slave server have a valid /etc/resolv.conf?

It's ypserv which goes to DNS if the host is not in the NIS map.
Therefore you need to have an /etc/resolv.conf on every machine which
runs a NIS slave server.

(It's a good idea to have an /etc/resolv.conf even on machines which
are not NIS servers, as it allows /usr/sbin/nslookup to work.)

I use the same configuration here and it works fine.

Quote:>The lookups work fine when the clients are bound to our
>SunOS 4.1.4 machines.  

I'll bet that the 4.1.4 machine has a valid /etc/resolv.conf.

--
Vartan

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Robert Montj » Sun, 02 Jun 1996 04:00:00





>[deleted]

>>We have tried running the ypserv with and without the -d
>>flag.  The "-b" flag is defined in the SunOS4.1.4 masters
>>NIS Makefile

>The Makefile on the Slave servers may also need the -b option set. Also
>make sure the slave servers have DNS setup in the nsswitch.conf file. I.e.
>each slave must be able to talk DNS to be able to resolve the name (No
>mattter who the slave is bound to)

Slaves do not have make files. All changes are pushed to the slaves
from the master. The nsswitch.conf is setup properly.

Oh well, I guess I may actually have to use are Sun software support.

Thanks

>>The lookups work fine when the clients are bound to our
>>SunOS 4.1.4 machines.  

>[deleted]

>>--
>>Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


>>--  One seldom sees a monument to a committee.

>--
>Brian M. Stempien             Whirlpool Corp. St. Joseph Technology Center.
>All views are my own and do not reflect my company's in any way.


--
Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


--  One seldom sees a monument to a committee.
 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Robert Montj » Mon, 03 Jun 1996 04:00:00





>>We are trying to get a slave NIS server working on SPARC 20 running
>>Solaris2.5.  Everything works except DNS via NIS. If the host
>>is in the YP hosts map everything works. If NIS server has
>>to look up the host via DNS the telnet/netscape/rsh/... just
>>hangs.

>Does your slave server have a valid /etc/resolv.conf?

Yes. We have an valid /etc/resolv.conf on all Solaris machines
and even the SunOS machines. nslookup and host work fine.

The snoop trace shows that one of the machines is complaining about
one of the ports being unreachable.

Quote:

>It's ypserv which goes to DNS if the host is not in the NIS map.
>Therefore you need to have an /etc/resolv.conf on every machine which
>runs a NIS slave server.

I know....

Quote:

>(It's a good idea to have an /etc/resolv.conf even on machines which
>are not NIS servers, as it allows /usr/sbin/nslookup to work.)

We do.

Quote:

>I use the same configuration here and it works fine.

Can you do an rpcinfo on the Solaris2.5 macine and grep
for ypserv?  

Our ypserv on our Solaris machine has one of its 4 ports
living in the 32K plus range. The other 3 are all below
1024.

Quote:

>>The lookups work fine when the clients are bound to our
>>SunOS 4.1.4 machines.  

>I'll bet that the 4.1.4 machine has a valid /etc/resolv.conf.

It does and the Solaris2.5 machine has an identical one :)

Quote:

>--
>Vartan

I think I have already tried all the obvious things short
of trying a different host and/or doing a complete re-install
of the OS I see nothing else that I can do...

Thanks

--
Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


--  One seldom sees a monument to a committee.

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Vartan Narini » Mon, 03 Jun 1996 04:00:00



>Can you do an rpcinfo on the Solaris2.5 macine and grep
>for ypserv?  

Sure:

   program version netid     address             service    owner
    100004    2    udp       0.0.0.0.2.236       ypserv     superuser
    100004    1    udp       0.0.0.0.2.236       ypserv     superuser
    100004    1    tcp       0.0.0.0.2.237       ypserv     superuser
    100004    2    tcp       0.0.0.0.128.4       ypserv     superuser
    100004    2    ticotsord \000\000\020;       ypserv     superuser
    100004    2    ticots    \000\000\020>       ypserv     superuser

--
Vartan

 
 
 

Solaris 2.5 NSKIT DNS/NIS problems

Post by Robert Montj » Wed, 05 Jun 1996 04:00:00


Hi..

Just wanted to let everyone that it turned out to be a bug in the
SunOS 4.1.4 libc. I replaced it with libc Jumbo patch and it went
away. Why it only started happening when using NSKIT
and a Solaris2.5 server and not the SunOS 4.1.4 server I do not know.

Thanks



>>Can you do an rpcinfo on the Solaris2.5 macine and grep
>>for ypserv?  

>Sure:

>   program version netid     address             service    owner
>    100004    2    udp       0.0.0.0.2.236       ypserv     superuser
>    100004    1    udp       0.0.0.0.2.236       ypserv     superuser
>    100004    1    tcp       0.0.0.0.2.237       ypserv     superuser
>    100004    2    tcp       0.0.0.0.128.4       ypserv     superuser
>    100004    2    ticotsord \000\000\020;       ypserv     superuser
>    100004    2    ticots    \000\000\020>       ypserv     superuser

>--
>Vartan

--
Rob Montjoy - Systems Engineer  - University of Cincinnati - DEPT OF ECECS


--  One seldom sees a monument to a committee.
 
 
 

1. Solaris 2.3 NIS+ Upgrade to Solaris 2.5 NIS+ Question!

Has anyone experienced the upgrade process from a Sparc 5 running NIS+,
2.3 to 2.5? The machine in question is the Master Root Server, and the
slave replica is already running 2.5 NIS+.

We're trying to figure out how to upgrade the master to 2.5 and not lose
any of our NIS+ table information, etc.  I'm new to Solaris; have a sub-
stantial amount of experience and formal HP training with the Series 700
HP-UX 8.07/9.01/9.05/10.x operating systems.  Had some exposure to the
old, regular NIS (classroom environment only), but don't know too much
about NIS+ at this point.

I was wondering if anyone knew of a web site or document or FAQ that I
might be able to access to download as a guideline to follow when trying
to tackle this upgrade problem?

Any help would be appreciated!!!



Thanks Alot!!

2. re : : Restoring a mksysb

3. NSkit for Solaris x85 2.5

4. Can't use SCSI aha152x as a laodbale module, HELP.

5. NSkit 1.2 on Solaris 2.5

6. Solaris x86 Price?

7. Secure NFS under Solaris 2.5/2.5.1 without NIS/NIS+ ?

8. IrDA support for Linux?

9. Solaris 2.3 w/NIS+ Upgrade to 2.5 w/ NIS+ (Master Server)?

10. NIS+ (Solaris 2.5) / NIS Emulation for AIX 3.2.5

11. Solaris 2.5 NIS+ server + Solaris 8 Client?

12. Problem with xdm and NIS+ under Solaris 2.5

13. DNS problem on Solaris 2.5