Summary and question!: NIS server serving 2 nets?

Systems Administrator (sysadmin@astrosun.tn.cornell.edu)
Thu, 13 Mar 1997 11:35:55 -0500

Hello and thanks for all of the responses!

I have the answer I want,however, I forgot to add that My NIS server si
running SunOS 4.1.3 and the machines on the second net are running
Solaris 2.5.

The answer is to have a slave NIS server on the second net. The new
question is: Would it be eaiser to have the NIS slave running the same
OS as the NIS master (SunOS 4.1.3) or does it matter? A special thanks
to john@starinc.com (John Malick) who added that I would need Suns NIS
kit (message included below). I'm looking for the easiest solution.

Thanks again to everyone!

My original question:
Hello,

I have a situation where I have a main physical network
(xxx.xxx.001.000) with a NIS server serving all clients. There is a
smaller 2nd physical net (xxx.xxx.002.000) with several machines
attached. I need to have some sort of NIS master on the wnd net so that
users can log in on those machines. I seem to remember once I tried to
access a NIS server that was on another net during an install (by
mistake) and it didn't work. Is it possible for my NIS server on net 1
to server the clients on net 2? I don't expect any NFS activify between
the 2 nets.
---------------------------
john@starinc.com (John Malick)

If the two nets are physically connected and you have a router
going between the two, then you can do exactly what you want
including NFS.

NFS will route between nets provided you have a route for
them to traverse.

NIS on different nets works like this:

Since ypbind cannot travel through routers, you will need
a master server somewhere, ie. on you're first net. Then
you will need to have a slave server for that domain on the
other net. The slave server backs up the NIS databases from
the master server and since its on the other net with those
few systems, they will ypbind to it instead of the master
server. In reality, you should have a NIS slave server
on each network in-case the master server goes down.

Setting up a slave server is no big deal. Let me know
if you want some directions for doing so.

Again, remember, for all this to work you need to have
the two physical networks connected via a router. This
router can be one of your Sun's with two NIC cards.

+++
Solaris 2.5 has the ability in running with the older
NIS client mode. Solaris, without Sun's NISkit, cannot
run as a NIS server, just a NIS client. Therefore, if
you need your Solaris 2.5 system to server as NIS
slave server, you need Sun's Naming Services
Transition Kit v. 1.2. If you have ever received Sun's
server media kit, it comes with this CD. If not, you
can ask around for someone who has purchases the
server media kit, not the desktop media kit, and ask
to borrow the Server Supplement 1.1 CD which has the
NISkit v.1.2 on it. It has the answerbook on the CD
also which describes how to set up a slave server.
-----------------------------
Charles Gagnon <charles@Grafnetix.COM>
To my knowledge, NIS doesn't support any kind of hierachical
configuration.
It's one of the many new features added in NIS+.

If you're using NIS+, you could use the NIS+ server from one domain as
the
root-master server and create a root;non-master server for the other
domain
that would also be a client of the first one.

If it's only for host name resolution, I recommend you use a DNS, is a
fairly
straight foward setup and it can be setup across multiple networks.
-----------------------------
"Andrew Moffat" <amof@SubaruSparcDev.subaru1.com>
he problem is that by default NIS clients use a broadcast to query
for NIS servers. Since broadcasts are limited to the local subnet, they
only get a response if there is an NIS server on their local subnet.

Ways I have gotten around this in the past (there may be others...);

1. Make the gateway host an NIS slave. This obviously won't work if its
just a router or something which cant act as a slave server. Since
some
of the hosts on your main net will probably bind to it, it should be
something that is reasonable stable (ie. will stay up).

2. Change the yp client startup in rc.local so that you;

a. add the route to your NIS server (using IP addresses, or you may
get stuck with name resolution).

b. run 'ypbind -ypset' (if you're really worried about security you
may not want to do this - but I was never that paranoid).

c. do a ypset IP-addr-of-NIS-server

3. I think you can also make one of the clients inside the small subnet
an NIS slave, since I don't think the NIS updates use broadcasts...
I'm not sure about this cause its a while ago and we never used it.
---------------------------------
David Fetrow <fetrow@biostat.washington.edu>
No problem. A slave server on the 2nd network does the job
nicely. The only gotcha is setting it up in the first place.
Transferring the data files via tar is one way.
-----------------------------------
Matthew Stier" <mstier@hotmail.com>
As long as we are talking about SunOS 5.x (Solaris 2.x) systems, the
answer is
yes.

Simply add an entry for the NIS server into the clients /etc/hosts file,
and
then create an /var/yp/binding/`domainname`/ypservers file listing the
hostname, then reboot.

The ypservers file can actually list multiple NIS servers. (One per
line.)
However, it can only have hostname, not IP addresses. (And thus the need
for
the entry in /etc/hosts.
-------------------------------------

-- 
***************************************************************
                        Systems Administrator
                       -----------------------
                       Space Sciences Building 
Vic Germani              Cornell University
(607)-255-3434           402 Space Sciences 
                   sysadmin@astrosun.tn.cornell.edu
***************************************************************