It seems that up to 2 weeks ago, my DNS worked fine until
my service provider (oar.net) changed a few ip addresses.
I thought I had made the appropriate changes in ALL DNS
configuration files, but missed one. That was only ONE of the
problems.
My original posting in part:
I need help with DNS. My ping (ftp telnet, etc.) command seems to
have problems contacting hosts.
My nslookup allows me to resolve any host I choose, but then if I
try ping'ing them, it just says
> ping attmail.att.com
> ping: unknown host attmail.att.com
The result was to fix the forwarders line in my /etc/named.boot
file, strip an old nameserver from my /etc/resolv.conf file,
AND ALSO re-run ypinit -m on my internet machine and master YP
server.
Don't know what got out of hand, but it sure was confused.
Stupid is,Stupid does
As you can see I received MANY responses. All of which allowed me
to piece together the puzzle.
My motto, if it aint broke, dont fix it.
-Dave Weitzel
weitzel@burke.com
Burke Marketing Research Inc.
Cincinnati, Oh, 45202
---------------------------------------------------------------------
Thanks to :
Gregory.A.Parmer@acenet.auburn.edu
sf@ced.berkeley.edu (XueShan Feng)
Aydin Edguer <edguer@MorningStar.Com>
Brian Solie <solie_bryan@jpmorgan.com>
dlw@lincnet.syntex.com (Dean Waters)
pamela@Legato.COM (Pamela Pledger)
tkevans@fallst.es.dupont.com (Tim Evans)
Matt Reed <reed@cs.swarthmore.edu>
steve@cegelecproj.co.uk (Steve_Kilbane)
perryh@pluto.rain.com (Perry Hutchison)
owens@xylan.com (Mark Owens)
pallas@oclc.org (George Pallas)
jing.zhang@ic.ac.uk (Jing Zhang)
sunm@erm.oz.au (Brett Newton-Palmer(Sun Admin)
Juergen.Rothenanger@RRZE.Uni-Erlangen.DE (Juergen Rothenanger)
veronica@solution.maths.unsw.edu.au (Veronica Paul)
yves@suntech.abcomp.be (Yves Hardy)
russ@prin.ebasco.com (Russ Bebb)
rao@hobbes.crc.com (Randy Olsson)
lipscomb@vision1.engr.utk.edu
johann@excel.nwscc.sea06.navy.mil (Jeff Johann)
pablo@muaddib.itas.uh.edu (Mohammed Moin Uddin)
dlw@lincnet.syntex.com (Dean Waters)
---------------------------------------------------------------------
Long answers
---------------------------------------------------------------------
sf@ced.berkeley.edu (XueShan Feng) suggested
I uncomment the B= in my Makefile for NIS. This was set
appropriate.
Make file should have the following line uncommented :
B=-b
-----------------------------------------------------------------------------
Aydin Edguer <edguer@MorningStar.Com> Forwarded me this :
3. NIS, NIS+, DNS, and NFS
-----------------------------------------------------------------------------
Subject: 3.1) How do I set up NIS/YP to use DNS?
Under SunOS 4.1.x, there is a "#B=" at the top of /var/yp/Makefile,
uncomment and change this to "B=-b" and setup NIS in the usual
fashion. Under 4.0.x, edit the Makefile or apply the following
"diff":
*** Makefile.orig Wed Jan 10 13:22:11 1990
--- Makefile Wed Jan 10 13:22:01 1990
***************
*** 63 ****
! | $(MAKEDBM) - $(YPDBDIR)/$(DOM)/hosts.byname; \
--- 63 ----
! | $(MAKEDBM) -b - $(YPDBDIR)/$(DOM)/hosts.byname; \
***************
*** 66 ****
! | $(MAKEDBM) - $(YPDBDIR)/$(DOM)/hosts.byaddr; \
--- 66 ----
! | $(MAKEDBM) -b - $(YPDBDIR)/$(DOM)/hosts.byaddr; \
-----------------------------------------------------------------------------
Subject: 3.2) How do I use DNS instead of NIS for hostname resolution?
The "normal" behavior of a hostname lookup under NIS is to consult the
NIS hosts map and then DNS (if configured). You can change this so all
hostname lookups go directly to DNS. The SunOS shared library mechanism
allows you change the behavior of any command that is dynamically linked
to the shared library. In SunOS 4.1 and greater releases, there is an
optional package called "shlib custom" that contains a kit for
rebuilding shared libraries. You can select this in suninstall or load
it later. It will put the files in /usr/lib/shlib.etc. Note that
machines that come with pre-installed SunOS don't include this. It
contains both a "normal" and System V version of libc and some tools to
build shared libraries. The Sun-supplied README file gives some help,
but doesn't detail how to change the hostname lookup functions. The
complete procedure for this is spelled out in "bindon41.shar", which is
available for anonymous ftp from "ra.mcs.anl.gov" in "/pub" - it goes
one step further and replaces the Sun resolver routines with BIND 4.8.3
(or later) versions. Note that you can still use NIS for other things in
environment, such as passwd, group info, etc - the NIS hosts map is just
ignored. There are several important statically linked binaries that
will break if you replace the Sun routines. "/etc/mount" is probably
where you will first notice that it doesn't know about any host that is
not present in /etc/hosts. The same goes for "rcp". My solution was to
recompile mount and rcp with the new resolver routines, but you need
source code to do this. Sun apparently will give you a dynamically-
linked version of mount if you have software maintenance. You can
compile your own version of rcp from the Berkeley 4.3 source that is
available on various ftp site. Otherwise, you might just have to have
all hosts (and aliases) in /etc/hosts that you want to mount or use
Internet addresses (yuck). Another "feature" of a DNS-only environment
is that hostnames will sometimes be returned all in uppercase and these
will not match the lower-case entries you typically have in
/etc/exports, /etc/bootparams, etc. There are some patches to BIND 4.8.3
called "resolv+" that allow you to specify hostname lookups to
/etc/hosts only, DNS only or both.
bind 4.8.3 is on ucbarpa.berkeley.edu (128.32.130.11) in /4.3. resolv+ is
on osl.csc.ncsu.edu (152.1.58.11) in pub/SUNOS/resolv+-2.1.tar.Z
---------------------------------------------------------------------
From: Brian Solie <solie_bryan@jpmorgan.com>
ping uses gethostbyname() in the shared libc.a. Nslookup has the resolver`
routines builtin to the binary. This is why you are seeing the different
behaviors. To get DNS working for ping, you need to either rebind the
libc with the new resolver routines or turn on NIS. NIS will do DNS
lookups if the B=-b line is uncommented in the makefile.
---------------------------------------------------------------------
From: perryh@pluto.rain.com (Perry Hutchison) writes :
If you're trying to use DNS without NIS, you need to rebuild libc with
code which will consult DNS when a hostname is not found in /etc/hosts.
It sounds as if this may not have been done, or maybe there's a problem
with /etc/resolv.conf (or whatever the proper pathname might be -- I've
never had occasion to set this up.)
---------------------------------------------------------------------
sunm@erm.oz.au (Brett Newton-Palmer(Sun Admin)) writes :
you need what I need - The "resolver" version of the shared "libc"
libraries, that use DNS rather than "/etc/hosts" in their calls.
I'm posting a summary today, but the easiest thing is to read
the Sun Managers FAQ ...
cheers,
Brett
>From the FAQ:
1) How to get DNS working when not running NIS ?
Note: Solaris2.x users should see question 64..
The "normal" behavior of a hostname lookup under NIS is to
consult the NIS hosts map and then DNS (if configured). If
you are not running NIS the system will only look in
the /etc/hosts file.
You have two options to correct this situation:
A) Re-build shared libraries by installing the
shlib custom option and one of the many
"bind" resolver library packages available
for SunOS. You can only do this if you are
running SunOS version 4.1 or greater.
If you want to do it under 4.0.3 you
need to get the patches available from
ftp.uu.net in /systems/sun/sun-fixes. The files
you will need are as follows:
1) lib.msg
2) libc_pic.a.sun3 or libc_pic.a.sun4
3) libc_resolv.so.sun3 or libc_resolv.so.sun4
There should be a README in the same directory
explaining what these files are.
B) Run NIS with the "hosts" maps only.
Option A is the "hardest" to implement. It requires
that you change all the shared libcs on the all
machines that you want name resolving on. Also, it
"breaks" several statically linked commands such as
mount and rcp. You can get these via anonymous
ftp to thor.ece.uc.edu. Get the file
/pub/sun-faq/rcp-mount.dynamic.tar.Z
Complete directions for installing DNS without
NIS can be found in the bindon4.1.shar file or
the resolv+ tar file.
Here is a list of the software one can use to modify your
shared libraries to use DNS without NIS.
bind 4.8.3 is on gatekeeper.dec.com in the file
/pub/UCB/bind.4.8.3.tar.Z
bind 4.9 is on gatekeeper.dec.com in the directory
/pub/BSD/bind/4.9
resolv+ is on ftp.uu.net in the file
/networking/ip/dns/resolv+2.1.tar.Z
Note: that you can still use NIS for other things in environment,
such as passwd, and group maps.
Option B is the "easiest" of the two to implement. It
just requires you to run NIS and change the "all"
line /var/yp/Makefile to "all: hosts". Also,
it does not require any change to the shared libraries.
It does not "break" anything. You can install
operating system patches that require updating
the shared libraries without having to remake the
shared libraries.
---------------------------------------------------------------------
yves@suntech.abcomp.be (Yves Hardy) writes :
Hi Dave,
Regarding your problem, I encountered the same problem a year ago with
SunOS 4.1.1. To solve your problem, follow the procedure below and if you can
upgrade the version of your Operating System to 4.1.3_U1
MAKING A LIBC.SO for DNS without NIS
This is a procedure that can be used to add name resolver
routines into shared libc library in SunOS_4.1.
Load "SHLIB_CUSTOM" either from SunInstall or from
add_services.
Be sure to first have the file /etc/resolv.conf
properly configured. This can be tested first with
/usr/etc/nslookup
1. Become super user:
% su (if necessary)
2. Make a temporary directory:
% cd /usr/lib/shlib.etc
% mkdir tmp
3. Change to the "tmp" directory just made, extract the pic .o from
libc_pic.a and rm the file __.SYMDEF. The reason needed to do two
"mv" commands is because "ar" truncated filenames over 16 characters.
% cd tmp
% ar x ../libc_pic.a
% rm __.SYMDEF
% mv rpc_dtablesize. rpc_dtablesize.o
% mv rpc_commondata. rpc_commondata.o
% ar x /usr/lib/libresolv.a
The libresolv.a (apparently) contains object modules that are
position independant, so they can be added to the libc_pic modules
without fear.
4. Remove the old routine to do the hostname/addr resolution:
% rm gethostent.o
5. Remove the libresolv module that contains `strncasecmp' (which is now
in the main C library, so it is redundant):
% rm strcasecmp.o
6. % cd ..
7. Copy lorder-sparc to lorder-sparc.orig Edit the file lorder-sparc
and remove the reference to `gethostent.o' and add the references
to the resolver library routines by applying this patch:
remove : gethostent.o
add : gethostnamadr.o
sethostent.o
res_query.o
res_mkquery.o
res_send.o
res_debug.o
res_comp.o
res_init.o
% diff -rc2 lorder-sparc.orig lorder-sparc
*** lorder-sparc.orig Thu Feb 8 05:27:46 1990
--- lorder-sparc Mon Apr 9 12:58:59 1990
***************
*** 150,154 ****
getwd.o
getnetgrent.o
! gethostent.o << REMOVE
ypxdr.o
ttyname.o
--- 150,161 ----
getwd.o
getnetgrent.o
! gethostnamadr.o << ADD
! sethostent.o << ADD
! res_query.o << ADD
! res_mkquery.o << ADD
! res_send.o << ADD
! res_debug.o << ADD
! res_comp.o << ADD
! res_init.o << ADD
ypxdr.o
ttyname.o
8. % make libc.so
9. Should have some libc.so.x.y.z built in the current directory. Test
this library before installing it. Do so by setting the environment
LD_LIBRARY_PATH to the current directory, for example:
% setenv LD_LIBRARY_PATH `pwd`
% your_favorite_test_cmd (ie. ping, ftp, telnet)
Once satisfied that the new library worked, proceed with installing
it with the following commands:
% cp libc.so.x.y.z /usr/lib
% ldconfig
% unsetenv LD_LIBRARY_PATH
10. Now running with the new library. Verify this by doing a trace
command of "date":
% trace date
The output should state that the new library is being used.
Your problem will be solved by this procedure.
---------------------------------------------------------------------
johann@excel.nwscc.sea06.navy.mil (Jeff Johann) writes :
I have had a similar problem with our system using NIS. We have multiple
servers and some do not resolve correctly. The NIS server is supposed to
check nis and then dns to do name lookup. Our HP's are not configured
correctly and they do not consult dns. But nslookup consults dns directly
and does work. If your using NIS try useing ypwhich to find your bound
server. You can manually change servers by killing ypbind and restarting
as "ypbind -ypsetme" and use "ypset <host>" to change the binding.
---------------------------------------------------------------------
pablo@muaddib.itas.uh.edu (Mohammed Moin Uddin)
dlw@lincnet.syntex.com (Dean Waters)
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:06 CDT