SUMMARY: DNS instead of NIS

From: Patrick O'Callaghan (poc@usb.ve)
Date: Tue Feb 02 1993 - 20:41:41 CST


My original message:

        As is well known, one can substitute certain shared library routines
        in order to bypass NIS completely when looking up hostnames, and rely
        instead on DNS. This keeps sysadmins sane since they only have to keep
        one set of tables up to date. I have two questions about this:

        1) Does it work with Solaris 2.1? We are about to install 10
        SPARCclassics on our existing SS[12], IPC and SLC network, all
        currently running 4.1.2 and with no intention of changing over
        immediately.

        2) Is this really necessary anyway? Why can't I just disable the hosts
        map in my NIS master server, either by commenting it out of the "make"
        or by using a null table? I am of course using the infamous "-b" flag.
        Does NIS+ make a difference? I'd like to find out before I try this :-)

Well, I got lots of replies. The essence of the situation is that
Solaris 2 has it all sorted out already. Hal Stern puts it thus:

        the library rebuild is not necessary with solaris 2.1. instead,
        there's a name switch that allows you to set policy and choose
        a service seach path. the file /etc/nsswitch.conf contains the
        policies for each file. you can set it up to use local files,
        then NIS[+], then DNS, or DNS only, or local only, etc.

This seems to be similar to a feature already present in Ultrix.
Regarding my second question, Hal had this to say:

        it is necessary under solaris 1.1 (4.1.3) to rebuild the libc
        library because the *existence* of the hosts map doesn't matter.
        it's the gethostbyname() [and friends] routine that controls
        how host name resolution is done -- it *wants* to look for the
        hosts NIS map if NIS is running. just removing the NIS hosts map
        doesn't help -- gethostbyname() still ignores the local file as
        long as NIS is enabled.

However, other people said "yes, you can do this". I repeat that I am
using "-b" in order to check with DNS if NIS fails, not to check with
the /etc/hosts file. If I don't use "-b", of course all bets are off.
This is usefull because our nameserver (and NIS master) will not be
switched over to Solaris 2 for some time.

Thanks to all who replied:

From: drl@vuse.vanderbilt.edu
From: stern@sunne.East.Sun.COM (Hal Stern - NE Area Systems Engineer)
From: Mike Raffety <miker@il.us.swissbank.com>
From: sliu@fi.gs.com (Steve Liu)
From: randy@aslan.nlm.nih.gov (Rand S. Huntzinger)
From: Christian Lawrence <cal@soac.bellcore.com>
From: drl@vuse.vanderbilt.edu
From: Postmaster <Piete.Brooks@cl.cam.ac.uk>
From: aldrich@sunrise.Stanford.EDU (Jeff Aldrich)
From: Jim Lick <jim@pi-chan.ucsb.edu>
From: Tasuki Hirata <sukes@eng.umd.edu>

Patrick O'Callaghan Internet: poc@usb.ve
Departamento de Computacion NICNAME: PO22
Universidad Simon Bolivar Tel: +058 (2) 963 3022 ext 3320
Apartado de Correos 89000 FAX: +058 (2) 93 71 28
Caracas, Venezuela "There is no Net but the Internet"



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:26 CDT