xref: /freebsd/contrib/tcp_wrappers/README.NIS (revision ebacd8013fe5f7fdf9f6a5b286f6680dd2891036)
1@(#) README.NIS 1.2 96/02/11 17:24:52
2
3> Problem: I have several [machines] with multiple IP addresses, and
4> when they try to connect to a daemon with tcp wrapper, they are often
5> rejected.  I assume this is due to the -DPARANOID option, and depends
6> on which IP address is returned first from the nameserver for a given
7> name.   This behavior seems to be random, may depend on ordering in
8> the YP host map?
9
10[Note: the situation described below no longer exists. Presently, my
11internet gateway uses the same IP address on all interfaces.  To avoid
12confusion I have removed the old name wzv-gw.win.tue.nl from the DNS. I
13have kept the discussion below for educational reasons].
14
15NIS was not designed to handle multi-homed hosts.  With NIS, each
16address should have its own hostname. For example, wzv-gw is my
17gateway. It has two interfaces: one connected to the local ethernet,
18the other to a serial link. In the NIS it is registered as:
19
20        131.155.210.23  wzv-gw-ether
21        131.155.12.78   wzv-gw-slip
22
23In principle, wzv-gw could be the official name of one of these
24interfaces, or it could be an alias for both.
25
26The DNS was designed to handle multi-homed hosts. In the DNS my gateway
27is registered in zone win.tue.nl, with one name that has two A records:
28
29        wzv-gw  IN      A       131.155.210.23
30                IN      A       131.155.12.78
31
32And of course there are PTR records in zones 210.155.131.in-addr.arpa
33and 12.155.131.in-addr.arpa that point to wzv-gw.win.tue.nl.
34
35This setup does not cause any problems. You can test your name service
36with the two programs below. This is what they say on a local NIS client
37(both client and server running SunOS 4.1.3_U1):
38
39        % gethostbyname wzv-gw
40        Hostname:       wzv-gw.win.tue.nl
41        Aliases:
42        Addresses:      131.155.210.23 131.155.12.78
43
44        % gethostbyaddr 131.155.210.23
45        Hostname:       wzv-gw-ether
46        Aliases:
47        Addresses:      131.155.210.23
48
49        % gethostbyaddr 131.155.12.78
50        Hostname:       wzv-gw-slip
51        Aliases:
52        Addresses:      131.155.12.78
53
54Things seem less confusing when seen by a NIS client in a different
55domain (both client and server running SunOS 4.1.3_U1):
56
57        % gethostbyname wzv-gw.win.tue.nl
58        Hostname:       wzv-gw.win.tue.nl
59        Aliases:
60        Addresses:      131.155.210.23 131.155.12.78
61
62        % gethostbyaddr 131.155.210.23
63        Hostname:       wzv-gw.win.tue.nl
64        Aliases:
65        Addresses:      131.155.12.78 131.155.210.23
66
67        % gethostbyaddr 131.155.12.78
68        Hostname:       wzv-gw.win.tue.nl
69        Aliases:
70        Addresses:      131.155.210.23 131.155.12.78
71
72Alas, Solaris 2.4 still has problems. This is what I get on a Solaris
732.4 NIS client, with a SunOS 4.1.3_U1 NIS server:
74
75	% gethostbyname wzv-gw.win.tue.nl
76	Hostname:       wzv-gw.win.tue.nl
77	Aliases:        131.155.210.23 wzv-gw.win.tue.nl
78	Addresses:      131.155.12.78
79
80The tcpd source comes with a workaround for this problem. The
81workaround is ugly and is not part of the programs attached below.
82
83
84#! /bin/sh
85# This is a shell archive.  Remove anything before this line, then unpack
86# it by saving it into a file and typing "sh file".  To overwrite existing
87# files, type "sh file -c".  You can also feed this as standard input via
88# unshar, or by typing "sh <file", e.g..  If this archive is complete, you
89# will see the following message at the end:
90#		"End of shell archive."
91# Contents:  gethostbyaddr.c gethostbyname.c
92# Wrapped by wietse@wzv on Sun Jan  8 17:08:48 1995
93PATH=/bin:/usr/bin:/usr/ucb ; export PATH
94if test -f gethostbyaddr.c -a "${1}" != "-c" ; then
95  echo shar: Will not over-write existing file \"gethostbyaddr.c\"
96else
97echo shar: Extracting \"gethostbyaddr.c\" \(1073 characters\)
98sed "s/^X//" >gethostbyaddr.c <<'END_OF_gethostbyaddr.c'
99X /*
100X  * gethostbyaddr tester. compile with:
101X  *
102X  * cc -o gethostbyaddr gethostbyaddr.c (SunOS 4.x)
103X  *
104X  * cc -o gethostbyaddr gethostbyaddr.c -lnsl (SunOS 5.x)
105X  *
106X  * run as: gethostbyaddr address
107X  *
108X  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
109X  */
110X
111X#include <sys/types.h>
112X#include <sys/socket.h>
113X#include <netinet/in.h>
114X#include <arpa/inet.h>
115X#include <netdb.h>
116X#include <stdio.h>
117X
118Xmain(argc, argv)
119Xint     argc;
120Xchar  **argv;
121X{
122X    struct hostent *hp;
123X    long    addr;
124X
125X    if (argc != 2) {
126X	fprintf(stderr, "usage: %s i.p.addres\n", argv[0]);
127X	exit(1);
128X    }
129X    addr = inet_addr(argv[1]);
130X    if (hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET)) {
131X	printf("Hostname:\t%s\n", hp->h_name);
132X	printf("Aliases:\t");
133X	while (hp->h_aliases[0])
134X	    printf("%s ", *hp->h_aliases++);
135X	printf("\n");
136X	printf("Addresses:\t");
137X	while (hp->h_addr_list[0])
138X	    printf("%s ", inet_ntoa(*(struct in_addr *) * hp->h_addr_list++));
139X	printf("\n");
140X	exit(0);
141X    }
142X    fprintf(stderr, "host %s not found\n", argv[1]);
143X    exit(1);
144X}
145END_OF_gethostbyaddr.c
146if test 1073 -ne `wc -c <gethostbyaddr.c`; then
147    echo shar: \"gethostbyaddr.c\" unpacked with wrong size!
148fi
149# end of overwriting check
150fi
151if test -f gethostbyname.c -a "${1}" != "-c" ; then
152  echo shar: Will not over-write existing file \"gethostbyname.c\"
153else
154echo shar: Extracting \"gethostbyname.c\" \(999 characters\)
155sed "s/^X//" >gethostbyname.c <<'END_OF_gethostbyname.c'
156X /*
157X  * gethostbyname tester. compile with:
158X  *
159X  * cc -o gethostbyname gethostbyname.c (SunOS 4.x)
160X  *
161X  * cc -o gethostbyname gethostbyname.c -lnsl (SunOS 5.x)
162X  *
163X  * run as: gethostbyname hostname
164X  *
165X  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
166X  */
167X#include <sys/types.h>
168X#include <sys/socket.h>
169X#include <netinet/in.h>
170X#include <arpa/inet.h>
171X#include <netdb.h>
172X#include <stdio.h>
173X
174Xmain(argc, argv)
175Xint     argc;
176Xchar  **argv;
177X{
178X    struct hostent *hp;
179X
180X    if (argc != 2) {
181X	fprintf(stderr, "usage: %s hostname\n", argv[0]);
182X	exit(1);
183X    }
184X    if (hp = gethostbyname(argv[1])) {
185X	printf("Hostname:\t%s\n", hp->h_name);
186X	printf("Aliases:\t");
187X	while (hp->h_aliases[0])
188X	    printf("%s ", *hp->h_aliases++);
189X	printf("\n");
190X	printf("Addresses:\t");
191X	while (hp->h_addr_list[0])
192X	    printf("%s ", inet_ntoa(*(struct in_addr *) * hp->h_addr_list++));
193X	printf("\n");
194X	exit(0);
195X    } else {
196X	fprintf(stderr, "host %s not found\n", argv[1]);
197X	exit(1);
198X    }
199X}
200END_OF_gethostbyname.c
201if test 999 -ne `wc -c <gethostbyname.c`; then
202    echo shar: \"gethostbyname.c\" unpacked with wrong size!
203fi
204# end of overwriting check
205fi
206echo shar: End of shell archive.
207exit 0
208