netbsd-users: Re: NetBSD 4.0_RC5 : can't ypbind to NIS server ?

Subject: Re: NetBSD 4.0_RC5 : can't ypbind to NIS server ?
To: Gilbert Fernandes <fernandes@math.univ-paris13.fr>
From: Hauke Fath <hf@spg.tu-darmstadt.de>
List: netbsd-users
Date: 12/13/2007 13:46:23

At 11:04 Uhr +0000 13.12.2007, Gilbert Fernandes wrote:
>>  1. did you check this _on the YP server_? (That is, does it get the
>>  requests you're sending?)
>
>Yes. I have a tcpdump on the NetBSD (shows a request goes out in UDP
>to YP server on port 111 which is sunrpc)
>
>YP server also has a tcpdump which does see my packet/request going in.
>
>NOW.. The YP Server tcpdump shows NO answer goes out.
>
>So we think the NetBSD ypbind is sending something not understood
>by the YP server (openbsd on the same machine same hardware with
>the same config did bind)

I have just tried binding a netbsd-3 client to a Debian 3.1 server - 
worked flawless, even via a pf equipped router. So I'd say there is 
no general YP interoperability issue between NetBSD clients and Linux 
OSes.

>>  3. does the YP server show any messages about the incident?
>
>No error message. My request goes in, nothing goes out.

Either the redhat YP server has insufficient logging capabilities (or 
settings), or it never gets the client's request, because...

>>  4. what about filtering on the YP server?
>
>There is no filtering anywhere inside the network I am.
>No firewall on me or YP server, no filtering on either side.

Linux NIS has its own access control on top of everything else - 
Debian 3 has /etc/ypserv.securenets, RedHat may have it under a 
different name and place, as usual. Please make sure that your client 
is admitted there.

At 11:27 Uhr +0000 13.12.2007, Gilbert Fernandes wrote:
>>  2. look at ypserv's debug information (on NetBSD, run ypserv as "ypserv -l";
>>     it's output would be logged with LOG_DAEMON / 
>>LOG_ERR,LOG_WARNING,LOG_INFO
>
>i can't restart the ypserv. too many users right now using it.

Make sure redhat's syslog logs ypserv's requests with DEBUG priority. 
Apart from that, you should be able to restart ypserv any time 
without much disruption.

	hauke

-- 
      The ASCII Ribbon Campaign                    Hauke Fath
()     No HTML/RTF in email            Institut für Nachrichtentechnik
/\     No Word docs in email                     TU Darmstadt
      Respect for open standards              Ruf +49-6151-16-3281