HPlogo

Installing and Administering Internet Services: HP 9000 Networking
» 

Technical documentation

Complete book in PDF

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
   
 

HP Part Number: B2355-90685

Edition: Edition 8

Published: E1200

© Copyright 2000, Hewlett-Packard Company. .

Table of Contents

1 Product Overview
The Internet Services
Military Standards and Request for Comment Documents
2 Installing and Configuring Internet Services
Installing the Internet Services Software
Configuring the Name Service Switch
Default Configuration
Troubleshooting the Name Service Switch
Configuring Internet Addresses
To Choose a Name Service
To Edit the /etc/hosts File
To Configure Routes
To Change a Host's IP Address
Configuring the Internet Daemon, inetd
To Edit the /etc/inetd.conf File
To Edit the /var/adm/inetd.sec File
Configuring Logging for the Internet Services
To Configure syslogd
To Maintain System Log Files
To Configure inetd Connection Logging
To Configure ftpd Session Logging
Configuring ftp
Configuring Anonymous ftp Access
To Add User ftp to /etc/passwd
To Create the Anonymous ftp Directory
Configuring ftp with /etc/ftpd/ftpaccess
Enabling/Disabling the ftpaccess File
Configuring Logging for ftp
Logging ftp Sessions
Logging ftp File Transfers
Installing sendmail
Installing sendmail on a Standalone System
Installing sendmail on a Mail Server
Installing sendmail on a Mail Client
Verifying Your sendmail Installation
Troubleshooting sendmail
Keeping the Aliases Database Up to Date
Verifying Address Resolution and Aliasing
Verifying Message Delivery
Contacting the sendmail Daemon to Verify Connectivity
Setting Your Domain Name
Attempting to Start Multiple sendmail Daemons
Configuring and Reading the sendmail Log
Printing and Reading the Mail Queue
3 Configuring and Administering the BIND Name Service
Overview of the BIND Name Service
Benefits of Using BIND
The DNS Name Space
How BIND Works
How BIND Resolves Host Names
Creating and Registering a New Domain
Configuring the Name Service Switch
Choosing Name Servers for Your Domain
To Choose the Type of Name Server to Run
To Choose Which Servers Will Be Master Servers
Configuring a Primary Master Name Server
To Create the Data Files for a Primary Master Server
To Set the Default Domain Name
The BIND Configuration File
options Statement
Migrating /etc/named.boot to /etc/named.conf
The Primary Master Server's Boot File
The Primary Master Server's Cache File
The db.127.0.0 File
The Primary Master Server's db.domain Files
The Primary Master Server's db.net Files
To Add a Host to the Domain Data Files
To Delete a Host from the Domain Data Files
Configuring a Secondary Master Name Server
Creating Secondary Server Data Files via hosts_to_named
To Create the Secondary Master Server's Data Files Manually
To Set the Default Domain Name
Configuring a Caching-Only Name Server
Configuring the Resolver to Query a Remote Name Server
Configuring the Resolver to Set Timeout Values
Configuring Timeout Values using Environment Variables
Configuring Timeout Values using the Configuration File
Configuring Timeout Values using APIs
Sample Program With Timeout Values
Starting the Name Server Daemon
Verifying the Name Server
Updating Network-Related Files
To Update /etc/hosts.equiv and $HOME/.rhosts
To Update /var/adm/inetd.sec and $HOME/.netrc
To Update /etc/hosts
Delegating a Subdomain
Configuring a Root Name Server
Configuring BIND in SAM
The Logging System
Troubleshooting the BIND Name Server
Troubleshooting Tools and Techniques
Problem Symptoms
Name Server Problems
Understanding Name Server Debugging Output
Name Server Statistics
4 Installing and Administering sendmail
Deciding Whether to Install sendmail
Installing sendmail
Installing sendmail on a Standalone System
Installing sendmail on a Mail Server
Installing sendmail on a Mail Client
Verifying Your sendmail Installation
Creating sendmail Aliases
Adding sendmail Aliases to the Alias Database
Verifying Your sendmail Aliases
Managing sendmail Aliases with NIS or NIS+
Rewriting the "From" Line on Outgoing Mail
Forwarding Your Own Mail with a .forward File
How sendmail Works
Message Structure
How sendmail Collects Messages
How sendmail Routes Messages
Default Client-Server Operation
How sendmail Handles Errors
Sendmail and the LDAP Protocol
Enabling Address Lookups Using LDAP
Modifying the Default sendmail Configuration File
The sendmail Configuration File
Restarting sendmail
Forwarding Non-Domain Mail to a Gateway
Configuration Options
Migrating the sendmail Configuration File
Security
Turning Off Standard Security Checks
Configuring sendmail to Reject Unsolicited Mail
Enabling "Anti-Spamming" Capability
Accepting and Rejecting Mail From Particular Senders
Preventing Unauthorized Mail Relay Usage
Sendmail Validation
Sendmail Anti-Spamming Security
Enabling Sendmail Anti-Spamming Security Features
Using the Access Database to Allow or Reject Mail Messages
Relaying Capability
Validating Senders
Header Checking
Turning off Virtual Interfaces
Troubleshooting sendmail
Keeping the Aliases Database Up to Date
Verifying Address Resolution and Aliasing
Verifying Message Delivery
Contacting the sendmail Daemon to Verify Connectivity
Setting Your Domain Name
Attempting to Start Multiple sendmail Daemons
Configuring and Reading the sendmail Log
Printing and Reading the Mail Queue
5 Configuring TFTP and BOOTP Servers
Chapter Overview
How BOOTP Works
Address Determination and Bootfile Selection
File Transfer
Booting RMP Clients
Configuring the TFTP Server
Procedure for Configuring tftpd
Verify Your tftpd Installation
Configuring the BOOTP Server
Procedure for Configuring bootpd
Verify Your bootpd Installation
Adding Client or Relay Information
Collecting Client Information
Collecting Relay Information
Understanding Boot File Configurations
Parameter Tags and Descriptions
Examples of Adding BOOTP Clients
Command Options for Using TFTP
Troubleshooting BOOTP and TFTP Servers
Helpful Configuration Changes
Common bootpd Problems
Common tftpd Problems
Error Logging
6 Dynamic Host Configuration Protocol (DHCP)
Overview
Benefits of Using DHCP
DHCP Components and Concepts
DHCP Servers
DHCP Clients
DHCP Leases
DHCP Transactions: Basic Operation
Dynamic Updates
Dynamic DNS Server Update Pre-Requisites
Configuring the DHCP Server to Perform Dynamic Updates
Configuration Overview
DHCP Device and Pool Group Configuration
DHCP Individual Device Configuration
DHCP Configuration through BOOTP Relay Agent
Configuring PING Timeouts
Configuring DHCP
Setting Up the Broadcast Address
Preparing to Configure a DHCP Server
Configuring a DHCP Server to Distribute IP Addresses to Groups of Devices
Configuring a DHCP Server to Distribute IP Addresses to Individual Devices
Configuring a DHCP Server to Distribute IP Addresses through a BOOTP Relay Agent
Enabling DHCP on a System Not Initially Configured with DHCP
bootptab and dhcptab Files
Configuring DHCP to Deny Address Allocation to Specific Clients
Monitoring and Troubleshooting DHCP Operations
Troubleshooting Techniques
DHCP Troubleshooting Tools
Callbacks
7 Configuring the Network Time Protocol (NTP)
Getting Started with NTP
Equipment Needed for NTP
Choosing the Source of Time
Location of Time Source
Back-up Time Servers
Configuring Your Primary NTP Server
Advanced NTP Topics
Stratum Levels and Time Server Hierarchy
Planning a Multiple-Server NTP Configuration
Configuring NTP using the Configuration File
Starting and Stopping xntpd
Using ntpq to Query Systems Running xntpd
Troubleshooting ntp
To Find Out if xntpd is Running
NTP Associations
Query with Debug Option
Error Messages
Common Problems
Reporting Problems
8 Configuring gated
Overview
Advantages
When to Use gated
Protocols
Configuration Overview
How to Configure gated
Converting the Configuration File from 3.0 to 3.5
Configuring the RIP Protocol
Configuration Options
Simple RIP Configuration
RIP Protocol Statement
Controlling RIP Traffic
Large RIP Configuration Example
Configuring the OSPF Protocol
Planning Your OSPF Configuration
Enabling OSPF
Defining Areas
Defining Backbones
Authentication
Cost
AS External Routes (AS Boundary Routers Only)
Sample OSPF Configuration
Accessing the OSPF MIB
Configuring the Router Discovery Protocol (RDP)
The RDP Server
The RDP Client
Customizing Routes
Specifying a Default Router
Installing Static Routes
Setting Interface States
Specifying Tracing Options
Specifying Route Preference
Importing and Exporting Routes
import Statements
export Statements
Examples of import and export Statements
Starting gated
To Find Out if gated is Running
Troubleshooting gated
Troubleshooting Tools and Techniques
Common Problems
9 Configuring mrouted
Overview of Multicasting
DVMRP
IP Multicast Addresses
Multicast Groups
Configuring mrouted
Configuration File Commands
Starting mrouted
Verifying mrouted Operation
Displaying mrouted Routing Tables
Multicast Routing Support Tools
mrinfo
map-mbone
netstat
Sources for Additional Information
RFC documents
Other Documents
10  Using rdist
Overview
Setting Up remsh
Authentication for remsh and rexec Services
Creating the Distfile
Variable Definitions
File Distribution Commands
Changed Files List Commands
Starting rdist
Example Output on the Master Host
Authentication for remsh and rexec Sercvices
Troubleshooting rdist
11 Secure Internet Services
Overview of the Secure Internet Services
Overview of the Secure Environment and the Kerberos V5 Protocol
Components of the Secure Environment
A Simplified Description of the Kerberos V5 Protocol
Related Terms and Concepts
Secure Environment Configurations
Configuration and Kerberos Version Interoperability Requirements
File Requirements
KDC Requirements
Security Client Requirements
System Requirements for the Secure Internet Services
Configuring the Secure Internet Services
The KDC
Security Clients
Migrating Version 5 Beta 4 Files to Version 5 Release 1.0
Enabling the Secure Internet Services Mechanism
Disabling the Secure Internet Services Mechanism
Checking the Current Authentication Mechanism
Verifying the Secure Internet Services
Secure Environment Checklist
Verifying Usage of Secure Internet Services
Using the Secure Internet Services
Overview of the User's Session
Bypassing and Enforcing Kerberos Authentication
Other Comments on Using the Secure Internet Services
Troubleshooting the Secure Internet Services
The Verification Checklist
Security-related Error Messages
Common Problems
Sources for Additional Information
Additional HP Documentation
Relevant Man Pages
Related RFCs
12 Troubleshooting Internet Services
Chapter Overview
Characterizing the Problem
Diagnostic Tools Summary
Diagnosing Repeater and Gateway Problems
Flowchart Format
Troubleshooting the Internet Services
Error Messages
Services Checklist
Flowchart 1. Checking for a Server
Flowchart 2. Security for telnet and ftp
Flowchart 3. Security for Berkeley Services
Reporting Problems to Your Hewlett-Packard Support Contact
Index

List of Figures

2-1 Directory Structure for Anonymous ftp Account
3-1 Structure of the DNS Name Space
4-1 Flow of Mail Through sendmail
4-2 sendmail Client-Server Operation
5-1 Bootrequest Relay Example
5-2 BOOTP Server for RMP Client
5-3 Example Configuration: HP 700/X Terminal as Client
5-4 Example Configuration: Relay Entry
6-1 DHCP Client and Server Transaction
6-2 DHCP Server and DNS Server running on HP-UX
6-3 Devices Can be Configured as Part of a DHCP Group
6-4 DHCP Devices Can Have Fixed IP Addresses
6-5 Relay Agent Scenario
6-6 Callback Script Example
7-1 Survey of Best Time Servers
7-2 Stratum-1 Time Servers
7-3 Example of Relationships Between Time Servers
7-4 Example Configurations
7-5 Authentication Example
8-1 Example of Simple RIP Configuration
8-2 Example of Large RIP Network
8-3 Areas Defined in an Autonomous System
8-4 Area Border Router Configuration Example
8-5 Network Configuration Example
8-6 Multicast Router Interface Example
8-7 Non-Broadcast Router Interface Example
8-8 Point-to-Point Router Interface Example
8-9 Area Border Router Configuration Example
8-10 Backbone Configuration Example
8-11 Simple Password Authentication
8-12 Cost Configuration Example
8-13 OSPF Sample Configuration
8-14 RDP Server and Clients Example
9-1 Tunnel Made with mrouted Routers
9-2 Class D IP multicast address format
9-3 Multicast Network Example Configuration
10-1 Distributing Files with rdist
11-1 The Secure Environment and the Kerberos V5 Protocol
11-2 Client Interoperability with HP DCE and P/SS Security Servers
11-3 Client Interoperability with Non-HP Kerberos V5 KDCs
12-1 Troubleshooting Networks that Use Repeaters
12-2 Flowchart Symbols
12-3 Flowchart 1. Checking for a Server
12-4 Flowchart 2. Security for telnet and ftp
12-5 Flowchart 3. Security for Berkeley Services

List of Tables

1-1 The Internet Services
2-1 sendmail Logging Levels
2-2 Lines in Queue-Control Files
3-1 Channel Message Categories
3-2 HP-Specific option Statement Options
3-3 Pathname Options
3-4 Boolean Options
3-5 Forwarding Options
3-6 Access Control Options
3-7 Zone Transfer Options
3-8 Resource Limits Options
3-9 Periodic Task Intervals Options
4-1 Things That May Be Included in a Mailing List
4-2 How sendmail Resolves Addresses with Mixed Operators
4-3 option_values for DontBlameSendmail
4-4 Access Database Format
4-5 Access Database Text File Example
4-6 sendmail Logging Levels
4-7 Lines in Queue-Control Files
5-1 Tags for Defining Client Options in bootptab
5-2 Tags for Defining Relay Options in bootptab
5-3 tftp File Transfer Options
6-1 Common Errors Found in Syslog
7-1 Available Time Servers
7-2 Locating Synchronized Time Servers
7-3 Evaluating Time Servers in Eastern United States
7-4 Evaluating Time Sources in Australia
7-5 Output from ntpq for Configuring Silicon Valley Time Server
7-6 Restrict Option Flags
7-7 ntpq Output Showing Known NTP Hosts
7-8 ntpg Output Showing NTP Associations
8-1 Comparison of RIP and OSPF Protocols
8-2 Types of Link State Advertisements
8-3 Protocol-Related Global Trace Options for gated Configuration Files
8-4 Default Preference Values of Routes
8-5 Command Line Options for gated
10-1 Distfile Commands
10-2 rdist Command Line Options
11-1 Secure Internet Services System Requirements
12-1 Diagnostic Tools
12-2 Reference Pages for Error Messages
12-3 Servers Required for Each Service
12-4 Entries Required in /etc/inetd.conf
12-5 Entries Required in /etc/services
   


Chapter 1 Product Overview  
© 2000 Hewlett-Packard Development Company, L.P.