Mark Brown wrote:
On Thu, Sep 22, 2005 at 02:49:10PM +0200, Bas van der Vlies wrote:
It is still an bug and maybe it is correlated with the other one. Or can
nis not handle two interfaces with broadcast mode?
Could you please describe your entire current configuration, including
the ypserv.conf and ypserv.securenets from the server and the
ypbind.conf from the client? Feel free to send them by private e-mail
if you are concerned about having the entire configuration appear in the
bug log.
Oke we have an cluster of 275 nodes and all nodes has two internal
networks:
eth0 - system administration network
ib0 - infiniband network for MPI-programs
I have serveral NIS-servers and it is dynamic, we can add or remove
servers. That is why i want the broadcast option.
The eth0 (192.168.16.0) is allowed to connect to the NIS-servers and ib0
( 10.0.168.0 ) not.
The hostname of the machine is the ib-interface.
After reading your mail i have now configured both ypserv files: (see
attachments)
- ypserv.conf
- ypserv.securenets
To be honest, you're probably better off explicitly configuring the
server or servers to use on the clients than trying to use the broadcast
option. This is especially true given that you're running on stable and
something like this is unlikely to be addressed in the stable release
(though of course if we can work out what's going on it will be looked
at for the next release).
I will consider it. As the remark about Debian stable we usually
backport programs from testing/unstable to Sarge if it fixes errors or
improves functionality.
Regards
PS) I have run in ypserv in debug mode zie bug Bug#329382
--
--
********************************************************************
* *
* Bas van der Vlies e-mail: [EMAIL PROTECTED] *
* SARA - Academic Computing Services phone: +31 20 592 8012 *
* Kruislaan 415 fax: +31 20 6683167 *
* 1098 SJ Amsterdam *
* *
********************************************************************
#
# ypserv.conf In this file you can set certain options for the NIS server,
# and you can deny or restrict access to certain maps based
# on the originating host.
#
# See ypserv.conf(5) for a description of the syntax.
#
# The following, when uncommented, will give you shadow like passwords.
# Note that it will not work if you have slave NIS servers in your
# network that do not run the same server as you.
# Host : Domain : Map : Security
#
# * : * : passwd.byname : port/mangle
# * : * : passwd.byuid : port/mangle
# This is the default - restrict access to the shadow password file,
# allow access to all others.
* : * : shadow.byname : port
* : * : passwd.adjunct.byname : port
# Default access is allow everybody on each interface
#* : * : * : none
# New SARA syntax from Debian NIS maintainer, BvdV thanks
#
127.0.0.1 : * : * : none
192.168.16.0/255.255.252.0 : * : * : none
#10.0.16.0/255.255.252.0 : * : * : none
# This an bug in ypbind localhost, so list all ypservers
#
#10.0.17.130 : * : * : none
145.100.29.212 : * : * : none
145.100.29.214 : * : * : none
# Deny the rest
#
* : * : * : deny
#
# securenets This file defines the access rights to your NIS server
# for NIS clients (and slave servers - ypxfrd uses this
# file too). This file contains netmask/network pairs.
# A clients IP address needs to match with at least one
# of those.
#
# One can use the word "host" instead of a netmask of
# 255.255.255.255. Only IP addresses are allowed in this
# file, not hostnames.
#
# USE ypserv.conf this file does NOT work for US BvdV 22/Sep/2005
#
# Always allow access for localhost
255.0.0.0 127.0.0.0
# And the eth0 network
#
255.255.252.0 192.168.16.0
