Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mira.net.au!news.vbc.net!news.cais.net!chi-news.cic.net!newsfeed.internetmci.com!howland.reston.ans.net!sol.ctr.columbia.edu!startide.ctr.columbia.edu!wpaul
From: wpaul@ctr.columbia.edu (Bill Paul)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: NIS services accross subnets
Date: 28 Mar 1996 15:15:39 GMT
Organization: Columbia University Center for Telecommunications Research
Lines: 65
Message-ID: <4jeaer$j6u@sol.ctr.columbia.edu>
References: <4jcgkq$t68@walter.acs.nmu.edu>
NNTP-Posting-Host: startide.ctr.columbia.edu
X-Newsreader: TIN [version 1.2 PL2]
Daring to challenge the will of the almighty Leviam00se,
John Marra (jmarra@walter.acs.nmu.edu) had the courage to say:
: I was wondering if there is NIS (yp) software available for freebsd that
: will allow for a NIS master to be on a different subnet. The yp software
: that comes with the 2.1.0 distribution only allows for masters and
: servers to be on the same subnet. Any help would be appreciated.
This is not true. (I'm not sure how you arrived at this conclusion but
I wish you'd share it with us.) FreeBSD already has all the software
you need to set up a multi-network NIS domain. You don't need anything
else.
First of all, whether an NIS client can locate a server via broadcast
depends somewhat on your network configuration; if your router forwards
broadcasts between the subnets in question, then there's no problem.
If it doesn't you could kludge it by using ypset to force ypbind to
talk to a given server regardless of what subnet it's on.
Second, this is what NIS slave servers are for. Let's say you have two
subnets, and one of them (subnet A) has an NIS master server on it. Now
you want to have client on subnet B use NIS services. Fine: set up a
slave server on subnet B, add its hostname to the ypservers map on
the NIS master server on subnet A and edit the master's /var/yp/Makefile
so that the YPPUSH=True line is no longer commented out.
Now, whenever you rebuild the maps on the NIS master, a copy will be
yppush'ed to the NIS slave server on subnet B. This transfer does not
involve broadcasts: the NIS master knows the hostname (and, assuming
you have hostname resolution set up correctly, the IP address) of
the remote server and can contact it directly, regardless of what subnet
it's on (as long as it has a route to it, of course -- of the subnets
aren't able to talk to each other than you have bigger problems :).
Once this is all set up and running, clients on subnet B will be
able to bind automagically to the slave server on subnet B, while
clients on subnet A will bind to the master server on subnet A.
Note that if you want to run yppasswdd, you should only do it on
the master server on subnet A; you never need more than one instance
of yppasswdd running for a given domain (the clients will be able
to figure out who the master is and contact it directly, again not
requiring any broadcasts).
To finish things up, you may want to set up a cron job on the master
server that periodically runs /var/yp/Makefile so that any changes that
may have been made to the maps that were not distributed to the
slave server (possibly because of a network failure or something) can
be propagated. This is a precaution to keep the servers in sync.
If for some reason you've tried this and just can't get to work,
explain what the problem is (and provide details -- remember: we
can't see your machine from where we're sitting). NIS master and slave
servers, FreeBSD or otherwise, should have no trouble communicating
across subnets. Mine do it all the time.
-Bill
--
=============================================================================
-Bill Paul (212) 854-6020 | System Manager, Master of Unix-Fu
Work: wpaul@ctr.columbia.edu | Center for Telecommunications Research
Home: wpaul@skynet.ctr.columbia.edu | Columbia University, New York City
=============================================================================
"If you are in trouble, go the CTR. Ask for Bill. He will help you."
=============================================================================