[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 20020430: DNS etc/hosts alias

After talking w/Mike and Tom we find that the use of an alias
is fine, but dependant upon system configuration on both the feed and the
source. Preference can be indicated to search files before DNS (i.e.
etc/hosts) or vice versa. If you have to "hardwire" thr names in etc/hosts
you may as well make the change in ldmd.conf. The solution in this case
was to place the "actual" name for the allow, not the alias. We suspect
that given the proper config and priority an alias could be used in the
allow, but have not tested this hypothesis..

-Jeff
____________________________                  _____________________
Jeff Weber                                    address@hidden
Unidata Support                               PH:303-497-8676 
NWS-COMET Case Study Library                  FX:303-497-8690
University Corp for Atmospheric Research      3300 Mitchell Ln
http://www.unidata.ucar.edu/staff/jweber      Boulder,Co 80307-3000
________________________________________      ______________________

On Tue, 30 Apr 2002, David Knight wrote:

> > The upstream LDM only gets the IP address from the net when a request comes 
> > in.
> > When it reverse maps it to a name, only the primary name is returned 
> > by the DNS lookup routines, unless they explicitly look for aliases. 
> > I don't think LDM checks the aliases, only the primary name.   So 
> > downstream hosts can request service via the alias, but upstream 
> > sites must explicitly allow the primary name.
> > 
> > I changed ldm to cypress on flood and squall.
> 
> Thanks. That should get us going again.
> 
> I wonder if perhaps our DNS is not set up properly
> to allow reverse lookups to return both cypress
> and ldm (.atmos.albany.edu) as valid names for
> the IP#. Something we'll have to look into since
> I'm no DNS expert...
> 
> I take it you were seeing connect requests from cypress
> that were being denied in your logs?
> 
> anyway, thanks again,
> David
> > 
> > 
> > 
> > At 8:10 PM +0000 4/30/2002, Kevin R. Tyle wrote:
> > >Hi Jeff,
> > >
> > >Strange, even our local machines do not work right.  I.e.
> > >I have an ALLOW for "ldm" in redwood.atmos.albany.edu's
> > >ldmd.conf.  But if I try to connect from cypress.atmos.albany.edu,
> > >aliased to "ldm", I get
> > >   Apr 30 20:06:03 redwood rpc.ldmd[5755]: Denying connection from cypress
> > >in the log.
> > >
> > >Only if "cypress" is explicitly ALLOWed does it work.
> > >
> > >As far as I can tell the DNS has propagated pretty much through
> > >the 'net (it was done yesterday).
> > >
> > >Anything we're missing here?
> > >
> > -- 
> > | David Wojtowicz, Sr. Research Programmer
> > | Department of Atmospheric Sciences Computer Services
> > | University of Illinois at Urbana-Champaign
> > | email: address@hidden  phone: (217)333-8390
> 
>