File: README.NIS

package info (click to toggle)
tcp-wrappers 7.6.q-31
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, sid
  • size: 1,828 kB
  • sloc: ansic: 17,852; makefile: 2,308; sh: 39
file content (207 lines) | stat: -rw-r--r-- 6,680 bytes parent folder | download | duplicates (16) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
 
@(#) README.NIS 1.2 96/02/11 17:24:52

> Problem: I have several [machines] with multiple IP addresses, and
> when they try to connect to a daemon with tcp wrapper, they are often
> rejected.  I assume this is due to the -DPARANOID option, and depends
> on which IP address is returned first from the nameserver for a given
> name.   This behavior seems to be random, may depend on ordering in
> the YP host map?

[Note: the situation described below no longer exists. Presently, my
internet gateway uses the same IP address on all interfaces.  To avoid
confusion I have removed the old name wzv-gw.win.tue.nl from the DNS. I
have kept the discussion below for educational reasons].

NIS was not designed to handle multi-homed hosts.  With NIS, each
address should have its own hostname. For example, wzv-gw is my
gateway. It has two interfaces: one connected to the local ethernet,
the other to a serial link. In the NIS it is registered as:

        131.155.210.23  wzv-gw-ether
        131.155.12.78   wzv-gw-slip

In principle, wzv-gw could be the official name of one of these
interfaces, or it could be an alias for both.

The DNS was designed to handle multi-homed hosts. In the DNS my gateway
is registered in zone win.tue.nl, with one name that has two A records:

        wzv-gw  IN      A       131.155.210.23
                IN      A       131.155.12.78

And of course there are PTR records in zones 210.155.131.in-addr.arpa
and 12.155.131.in-addr.arpa that point to wzv-gw.win.tue.nl.

This setup does not cause any problems. You can test your name service
with the two programs below. This is what they say on a local NIS client
(both client and server running SunOS 4.1.3_U1):

        % gethostbyname wzv-gw
        Hostname:       wzv-gw.win.tue.nl
        Aliases:        
        Addresses:      131.155.210.23 131.155.12.78 

        % gethostbyaddr 131.155.210.23
        Hostname:       wzv-gw-ether
        Aliases:        
        Addresses:      131.155.210.23 

        % gethostbyaddr 131.155.12.78
        Hostname:       wzv-gw-slip
        Aliases:        
        Addresses:      131.155.12.78 

Things seem less confusing when seen by a NIS client in a different
domain (both client and server running SunOS 4.1.3_U1):

        % gethostbyname wzv-gw.win.tue.nl
        Hostname:       wzv-gw.win.tue.nl
        Aliases:        
        Addresses:      131.155.210.23 131.155.12.78 

        % gethostbyaddr 131.155.210.23
        Hostname:       wzv-gw.win.tue.nl
        Aliases:        
        Addresses:      131.155.12.78 131.155.210.23

        % gethostbyaddr 131.155.12.78
        Hostname:       wzv-gw.win.tue.nl
        Aliases:        
        Addresses:      131.155.210.23 131.155.12.78

Alas, Solaris 2.4 still has problems. This is what I get on a Solaris
2.4 NIS client, with a SunOS 4.1.3_U1 NIS server:

	% gethostbyname wzv-gw.win.tue.nl
	Hostname:       wzv-gw.win.tue.nl
	Aliases:        131.155.210.23 wzv-gw.win.tue.nl 
	Addresses:      131.155.12.78 

The tcpd source comes with a workaround for this problem. The
workaround is ugly and is not part of the programs attached below.


#! /bin/sh
# This is a shell archive.  Remove anything before this line, then unpack
# it by saving it into a file and typing "sh file".  To overwrite existing
# files, type "sh file -c".  You can also feed this as standard input via
# unshar, or by typing "sh <file", e.g..  If this archive is complete, you
# will see the following message at the end:
#		"End of shell archive."
# Contents:  gethostbyaddr.c gethostbyname.c
# Wrapped by wietse@wzv on Sun Jan  8 17:08:48 1995
PATH=/bin:/usr/bin:/usr/ucb ; export PATH
if test -f gethostbyaddr.c -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"gethostbyaddr.c\"
else
echo shar: Extracting \"gethostbyaddr.c\" \(1073 characters\)
sed "s/^X//" >gethostbyaddr.c <<'END_OF_gethostbyaddr.c'
X /*
X  * gethostbyaddr tester. compile with:
X  * 
X  * cc -o gethostbyaddr gethostbyaddr.c (SunOS 4.x)
X  * 
X  * cc -o gethostbyaddr gethostbyaddr.c -lnsl (SunOS 5.x)
X  * 
X  * run as: gethostbyaddr address
X  * 
X  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
X  */
X
X#include <sys/types.h>
X#include <sys/socket.h>
X#include <netinet/in.h>
X#include <arpa/inet.h>
X#include <netdb.h>
X#include <stdio.h>
X
Xmain(argc, argv)
Xint     argc;
Xchar  **argv;
X{
X    struct hostent *hp;
X    long    addr;
X
X    if (argc != 2) {
X	fprintf(stderr, "usage: %s i.p.addres\n", argv[0]);
X	exit(1);
X    }
X    addr = inet_addr(argv[1]);
X    if (hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET)) {
X	printf("Hostname:\t%s\n", hp->h_name);
X	printf("Aliases:\t");
X	while (hp->h_aliases[0])
X	    printf("%s ", *hp->h_aliases++);
X	printf("\n");
X	printf("Addresses:\t");
X	while (hp->h_addr_list[0])
X	    printf("%s ", inet_ntoa(*(struct in_addr *) * hp->h_addr_list++));
X	printf("\n");
X	exit(0);
X    }
X    fprintf(stderr, "host %s not found\n", argv[1]);
X    exit(1);
X}
END_OF_gethostbyaddr.c
if test 1073 -ne `wc -c <gethostbyaddr.c`; then
    echo shar: \"gethostbyaddr.c\" unpacked with wrong size!
fi
# end of overwriting check
fi
if test -f gethostbyname.c -a "${1}" != "-c" ; then 
  echo shar: Will not over-write existing file \"gethostbyname.c\"
else
echo shar: Extracting \"gethostbyname.c\" \(999 characters\)
sed "s/^X//" >gethostbyname.c <<'END_OF_gethostbyname.c'
X /*
X  * gethostbyname tester. compile with:
X  * 
X  * cc -o gethostbyname gethostbyname.c (SunOS 4.x)
X  * 
X  * cc -o gethostbyname gethostbyname.c -lnsl (SunOS 5.x)
X  * 
X  * run as: gethostbyname hostname
X  * 
X  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
X  */
X#include <sys/types.h>
X#include <sys/socket.h>
X#include <netinet/in.h>
X#include <arpa/inet.h>
X#include <netdb.h>
X#include <stdio.h>
X
Xmain(argc, argv)
Xint     argc;
Xchar  **argv;
X{
X    struct hostent *hp;
X
X    if (argc != 2) {
X	fprintf(stderr, "usage: %s hostname\n", argv[0]);
X	exit(1);
X    }
X    if (hp = gethostbyname(argv[1])) {
X	printf("Hostname:\t%s\n", hp->h_name);
X	printf("Aliases:\t");
X	while (hp->h_aliases[0])
X	    printf("%s ", *hp->h_aliases++);
X	printf("\n");
X	printf("Addresses:\t");
X	while (hp->h_addr_list[0])
X	    printf("%s ", inet_ntoa(*(struct in_addr *) * hp->h_addr_list++));
X	printf("\n");
X	exit(0);
X    } else {
X	fprintf(stderr, "host %s not found\n", argv[1]);
X	exit(1);
X    }
X}
END_OF_gethostbyname.c
if test 999 -ne `wc -c <gethostbyname.c`; then
    echo shar: \"gethostbyname.c\" unpacked with wrong size!
fi
# end of overwriting check
fi
echo shar: End of shell archive.
exit 0