SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-16-2008, 08:56 AM
| ||||
| ||||
 NIS+ behind NAT Hi, this is my question: is it possible to use NIS+ if: - NIS+MasterServer is in one network (named NET_A) - NIS+ clients are on another network (named NET_B) - There is a FIREWALL/NAT between NET_A and NET_B ??? NIS+MasterServer has: - REAL_IP - NATTED_IP Clients on NET_B have - REAL_IP - NATTED_IP >From NET_A I send packets to hosts on NET_B using their NATTED_IPs >From NET_B I send packets to hosts on NET_A using their NATTED_IPs The commands used to setup NIS+ are: (on NIS+Master) nisclient -v -d domain_name -c NIS+Client_NATTED_IP (on NIS+Client) nisclient -i -h host_name_NIS+Master -a NATTED_IP_NIS+Master -d domain_name With a packet snoop on NIS+Master and on NIS+Client I can see packets going between two hosts... (because in the first part of communication they use natted IPs) ....but in the second part of communication I can see that NIS+Client sends packets to REAL_IP of NIS+Master!!! The tables on NIS+Master and NIS+Clients are right, Why Does NIS+Client send packets to NIS+Master REAL_IP??? Where does NIS+Client get NIS+Master REAL_IP ??? Is it possible for NIS+ to work beside FIREWALL/NAT??? Please help me, this issue is critical for me.. Thanks in advance,      |
|
01-16-2008, 08:56 AM
| |||
| |||
| Re: NIS+ behind NAT In article <1130340775.513244.272370@g49g2000cwa.googlegroups .com>, "Albert" <sfaerax@gmail.com> writes: > Hi, > this is my question: is it possible to use NIS+ if: .... > NIS+MasterServer has: > - REAL_IP > - NATTED_IP > > Clients on NET_B have > - REAL_IP > - NATTED_IP .... > With a packet snoop on NIS+Master and on NIS+Client I can see packets > going between two hosts... (because in the first part of communication > they use natted IPs) > ...but in the second part of communication I can see that NIS+Client > sends packets to REAL_IP of NIS+Master!!! > > Where does NIS+Client get NIS+Master REAL_IP ??? Try: niscat -o `domainname` and look at the universal addresses - they're probably the real IP address. Could you add the natted IP addresses to the hosts table as addresses for the servers and try something like 'nisupdkeys -a'? I have no idea whether this will work, mind you, but I suspect it's the area to look. -- -Peter Tribble L.I.S., University of Hertfordshire - http://www.herts.ac.uk/ http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ |
|
01-16-2008, 08:56 AM
| |||
| |||
| Re: NIS+ behind NAT Thank you for support, If i try your commands on NIS+Client in NET_B, they don't work: $ niscat -o "domainname" "domainname": Error in accessing NIS+ cold start file... is NIS+ installed?. $ nisupdkeys -a Updating directory object ""domainname"" ... ERROR: Unable to retrieve object. "domainname": Error in accessing NIS+ cold start file... is NIS+ installed?. I can run "niscat -o `domainname`" on NIS+Client on the same network of NIS+Master, and I see the the real IP address: .... Universal addresses (6) [1] - udp, inet, "REAL_IP_NIS+Master".0.111 [2] - tcp, inet, "REAL_IP_NIS+Master".0.111 [3] - -, inet, "REAL_IP_NIS+Master".0.111 [4] - -, loopback, "Hostname_NIS+Master".rpc [5] - -, loopback, "Hostname_NIS+Master".rpc [6] - -, loopback, "Hostname_NIS+Master".rpc ..... Is it possible to insert a row with also information of NATTED_IP_NIS+Master? I have just added entries in /etc/hosts of NIS+Client about natted_ip: Natted_IP_NIS+Master Hostname_NIS+Master Thank you |
|
01-16-2008, 08:56 AM
| ||||
| ||||
| Re: NIS+ behind NAT In article <1130348406.139437.196400@g47g2000cwa.googlegroups .com>, "Albert" <sfaerax@gmail.com> writes: > Thank you for support, > > If i try your commands on NIS+Client in NET_B, they don't work: They won't - you need to run them on the master, or at least on something that's working as a client. > I can run "niscat -o `domainname`" on NIS+Client on the same network > of NIS+Master, and I see the the real IP address: > > ... > Universal addresses (6) > [1] - udp, inet, "REAL_IP_NIS+Master".0.111 > [2] - tcp, inet, "REAL_IP_NIS+Master".0.111 > [3] - -, inet, "REAL_IP_NIS+Master".0.111 > [4] - -, loopback, "Hostname_NIS+Master".rpc > [5] - -, loopback, "Hostname_NIS+Master".rpc > [6] - -, loopback, "Hostname_NIS+Master".rpc > .... > > Is it possible to insert a row with also information of > NATTED_IP_NIS+Master? That was the general idea I was getting at. If you - on the master - add the natted IP address of the master into the hosts table as another IP address for the master, and then run nisupdkeys -s -a -H hostname_of_master then it should add the entries for the natted IP address, and then the machines on the other side should be able to see them. You might have to use nisprefadm to force the use of the correct address (depending on which side the client is). I've never tried doing this in the situation you describe - this is normally used for multihomed hosts, and I've used it for that, but the general principle doesn't seem too different. -- -Peter Tribble L.I.S., University of Hertfordshire - http://www.herts.ac.uk/ http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ |
Linear Mode
