blog'o thnet

To content | To menu | To search

Tag - network

Entries feed - Comments feed

Wednesday 25 February 2009

Problem Querying ru. Name Servers

By Julien Gabel on Wednesday 25 February 2009, 19:21 - General

In a previous position, I encounter a rather strange problem I would like to share here. It has to do with DNS resolution. From the internal network of a company it was not possible to get the IP address of the www.banks2ifrs.ru. host name.

We determined that the name servers which manage the banks2ifrs.ru. domain are ns3.nic.ru. and ns4.nic.ru.. In the same time, we saw that for the fbk.ru. domain name, the managing name servers are ns3.nic.ru. and gw.fbk.ru.. Interestingly, it was possible to resolve www.fbk.ru. using gw.fbk.ru., but not from ns3.nic.ru.. More, we noted that the reverse resolution for the name servers ns3.nic.ru. and ns4.nic.ru. are not correct, translated to ns3.ripn.net. and ns4.ripn.net., respectively. So, it is worth to mention that nothing was wrong when querying the name server gw.fbk.ru..

# host -t a ns3.nic.ru.
ns3.nic.ru has address 194.85.61.20
# host -t a ns4.nic.ru.
ns4.nic.ru has address 194.226.96.8
# host -t ptr 194.85.61.20
20.61.85.194.in-addr.arpa domain name pointer ns3.ripn.net.
# host -t ptr 194.226.96.8
8.96.226.194.in-addr.arpa domain name pointer ns4.ripn.net.

The error from the DNS query seems to be related to an incomplete answer from the server (the truncated flag was set to 1 in the network trace) when the query is made over UDP. In this case, an automatic fallback over TCP must be used, certainly prohibited from the company's network security policy. This may say that the answer is larger than 512 bytes long, too. So, we tried to advertise different sizes of the UDP message buffer, but without being confident that this message went through network devices properly. Nonetheless it would seem curious to get an answer larger that 120 bytes long.

Last, we can note that the complexity of the network layout (DMZ, firewalls, NAT, etc.) may badly interact and hamper DNS queries, at least in certain circumstances.

After more investigation from the network team, they decided to permit TCP DNS queries. And it worked. It worked letting the internal DNS servers doing their job themselves...

# dig +trace -t a www.banks2ifrs.ru.
; <<>> DiG 9.3.4-P1 <<>> +trace www.banks2ifrs.ru.
;; global options:  printcmd
.                       449798  IN   NS   L.ROOT-SERVERS.NET.
.                       449798  IN   NS   M.ROOT-SERVERS.NET.
.                       449798  IN   NS   A.ROOT-SERVERS.NET.
.                       449798  IN   NS   B.ROOT-SERVERS.NET.
.                       449798  IN   NS   C.ROOT-SERVERS.NET.
.                       449798  IN   NS   D.ROOT-SERVERS.NET.
.                       449798  IN   NS   E.ROOT-SERVERS.NET.
.                       449798  IN   NS   F.ROOT-SERVERS.NET.
.                       449798  IN   NS   G.ROOT-SERVERS.NET.
.                       449798  IN   NS   H.ROOT-SERVERS.NET.
.                       449798  IN   NS   I.ROOT-SERVERS.NET.
.                       449798  IN   NS   J.ROOT-SERVERS.NET.
.                       449798  IN   NS   K.ROOT-SERVERS.NET.
;; Received 512 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms

ru.                   172800  IN   NS   ns.ripn.net.
ru.                   172800  IN   NS   ns2.nic.fr.
ru.                   172800  IN   NS   ns2.ripn.net.
ru.                   172800  IN   NS   ns5.msk-ix.net.
ru.                   172800  IN   NS   ns9.ripn.net.
ru.                   172800  IN   NS   sunic.sunet.se.
;; Received 297 bytes from 199.7.83.42#53(L.ROOT-SERVERS.NET) in 125 ms

banks2ifrs.ru.   345600  IN   NS   ns4.nic.ru.
banks2ifrs.ru.   345600  IN   NS   ns3.nic.ru.
;; Received 107 bytes from 194.85.105.17#53(ns.ripn.net) in 66 ms

www.banks2ifrs.ru.   86400   IN   A     83.222.6.194
banks2ifrs.ru.            86400   IN   NS   ns4.nic.ru.
banks2ifrs.ru.            86400   IN   NS   ns3.nic.ru.
;; Received 91 bytes from 194.226.96.8#53(ns4.nic.ru) in 65 ms

... and it worked when querying directly the name servers responsible for the wanted domain:

# dig @ns4.nic.ru. -t a www.banks2ifrs.ru.
; <<>> DiG 9.3.4-P1 <<>> @ns4.nic.ru. -t a www.banks2ifrs.ru.
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1530
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;www.banks2ifrs.ru.             IN   A

;; ANSWER SECTION:
www.banks2ifrs.ru.      86400   IN   A   83.222.6.194

;; AUTHORITY SECTION:
banks2ifrs.ru.          86400   IN   NS   ns4.nic.ru.
banks2ifrs.ru.          86400   IN   NS   ns3.nic.ru.

;; Query time: 65 msec
;; SERVER: 194.226.96.8#53(194.226.96.8)
;; WHEN: Tue Apr 15 21:05:12 2008
;; MSG SIZE  rcvd: 91

Note: The size of the answer is 91 bytes long, so nothing wrong from this side.

I think we will never know what was going wrong here, even if the heart of the problem seems related specifically only to the two same name servers.

one comment

Monday 5 January 2009

Quick Reference Guides For Network Technologies

By Julien Gabel on Monday 5 January 2009, 08:06 - General

I am always looking for some good IT cheat sheets, and for a lots of thing. Here is one of my favorite web site around network technologies. Interestingly, this site propose some regularly updated quick reference guides for the network, and are classified under the following categories (at the time of this writing):

  • Protocols
  • Applications
  • Reference
  • Syntax
  • Technologies
  • Miscellaneous

You can find them all at the Cheat Sheets Library section.

As the author wrote on his blog, if you notice an error or would like to see a new cheat sheet on a specific topic, don't hesitate and drop him a line.

no comment

Tuesday 13 March 2007

Adding a Specific Logical Interface with the Solaris 10

By Julien Gabel on Tuesday 13 March 2007, 19:21 - Solaris

Under Solaris 10, there is no /etc/init.d/inetsvc network script anymore. You must use the new SMF to manage your network services, even special initialization ones. In order to plumb and up a new logical interface, you can now use the service instance named svc:/network/physical:default.

Here is quick example on how to use it:

# ifconfig -au4
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
nge0: flags=201004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4,CoS> mtu 1500 index 2
        inet 192.168.1.101 netmask ffffff00 broadcast 192.168.1.255
        ether 0:e0:81:58:88:ae 
# 
# cat /etc/hostname.nge0:1
192.168.1.50
# 
# svcadm restart network/physical
#
# ifconfig -au4
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
nge0: flags=201004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4,CoS> mtu 1500 index 2
        inet 192.168.1.101 netmask ffffff00 broadcast 192.168.1.255
        ether 0:e0:81:58:88:ae 
nge0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
        inet 192.168.1.50 netmask ffffff00 broadcast 192.168.1.255
# 
# ifconfig nge0:1 down unplumb
#
# ifconfig -a4
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
nge0: flags=201004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4,CoS> mtu 1500 index 2
        inet 192.168.1.101 netmask ffffff00 broadcast 192.168.1.255
        ether 0:e0:81:58:88:ae

no comment

Friday 23 February 2007

EtherChannel and NIB on IBM AIX

By Julien Gabel on Friday 23 February 2007, 20:45 - AIX

Recently, while adding availability features to some of our AIX DLPARs (Dynamic Logical PARtitions), i went through this very interesting (and well written) reading which explain why and how to use, deploy and configure properly some of the very nice network features on the AIX operating system: EtherChannel and Network Interface Backup. In short, EtherChannel represent a network port aggregation technology that allow multiple Ethernet adapters to create a single pseudo-Ethernet device. In its second form, known as Network Interface Backup, it protects against network-SPOF by providing failure detection and failover mechanism.

no comment

Wednesday 31 August 2005

Use the NIS and NFS Infrastructure on Red Hat Advanced Server 2.1

By Julien Gabel on Wednesday 31 August 2005, 22:20 - GNU/Linux

Here are the steps to be able to use the current NIS and NFS infrastructure from a Linux server.

NIS

Be sure to resolve the NIS servers (slave and/or master) for the int domain name:

# egrep "nasty|bigup" /etc/hosts
192.168.4.74           nasty
192.168.4.23           bigup

Configure the NIS client:

# cat << EOF >> /etc/yp.conf
domain int server nasty
domain int server nasty
EOF
# grep NIS /etc/sysconfig/authconfig /etc/sysconfig/network
/etc/sysconfig/authconfig:USENIS=yes
/etc/sysconfig/network:NISDOMAIN=int

NFS

The NFS part is relatively simple since the autofs maps is looked up in the NIS maps (already managed by the corresponding boot script's service).

So, it is just needed to modify the automountd service to add some arguments that must be passed to the program. This is a necessary step to be able to automount the correct remote path using our customized autofs server. Here is how to do so.

Check the configuration of the run-level informations for the autofs service:

# chkconfig --list autofs
autofs          0:off   1:off   2:off   3:on    4:on    5:on    6:off

Modify the initial service configuration and reload it:

# diff -u /etc/init.d/autofs.orig /etc/init.d/autofs
--- /etc/init.d/autofs.orig     Thu Aug 25 13:12:38 2005
+++ /etc/init.d/autofs  Thu Aug 25 17:25:47 2005
@@ -67,7 +67,10 @@
 # We can add local options here
 # e.g. localoptions='rsize=8192,wsize=8192'
 #
-localoptions=''
+localoptions="-DOSNAME=`uname -s` \
+              -DCPU=x86 \
+              -DNATISA=32 \
+              -DOSREL=`uname -r | awk -F\. '{print $1\".\"$2}'`"
 
 # Daemon options
 # e.g. --timeout 60
# service autofs restart

Verify if all is ok:

# service autofs status
Configured Mount Points:
------------------------
/usr/sbin/automount /Soft yp auto.soft -ro,hard,bg,intr -DOSNAME=Linux        -DCPU=x86        -DNATISA=32        -DOSREL=2.4
/usr/sbin/automount /NTFS yp auto.nt  -DOSNAME=Linux        -DCPU=x86        -DNATISA=32        -DOSREL=2.4
/usr/sbin/automount /Home yp auto.home -rw,hard,bg,intr -DOSNAME=Linux        -DCPU=x86        -DNATISA=32        -DOSREL=2.4
/usr/sbin/automount /Apps yp auto.apps -ro,hard,bg,intr -DOSNAME=Linux        -DCPU=x86        -DNATISA=32        -DOSREL=2.4
/usr/sbin/automount /- yp auto.direct  -DOSNAME=Linux        -DCPU=x86        -DNATISA=32        -DOSREL=2.4

Active Mount Points:
--------------------
/usr/sbin/automount /Soft yp auto.soft -ro,hard,bg,intr -DOSNAME=Linux -DCPU=x86 -DNATISA=32 -DOSREL=2.4
/usr/sbin/automount /NTFS yp auto.nt -DOSNAME=Linux -DCPU=x86 -DNATISA=32 -DOSREL=2.4
/usr/sbin/automount /Home yp auto.home -rw,hard,bg,intr -DOSNAME=Linux -DCPU=x86 -DNATISA=32 -DOSREL=2.4
/usr/sbin/automount /Apps yp auto.apps -ro,hard,bg,intr -DOSNAME=Linux -DCPU=x86 -DNATISA=32 -DOSREL=2.4
/usr/sbin/automount /- yp auto.direct -DOSNAME=Linux -DCPU=x86 -DNATISA=32 -DOSREL=2.4

no comment

Monday 29 August 2005

How to Set Up the NFS Server, for the Use of the Automounter Capability

By Julien Gabel on Monday 29 August 2005, 22:26 - Solaris

  1. soul is the hostname of the master NIS server for a given domain
  2. kitchen is the hostname of the slave NIS server for a given domain
  3. bento is the hostname of the NFS server
  4. nfs is an alias (CNAME) for the NFS server

NFS configuration, logged on bento

Just add the wanted share in the export list on server bento. On Sun Solaris, it is done as follow:

# cat << EOF >> /etc/dfs/dfstab
share -F nfs -o rw -d "Applications repository, NFS shared" /export/bento/apps
EOF

The file system /export/bento/apps must already be available.

Start the nfsd service (and associated daemons: mountd, statd and lockd) if necessary:

# /etc/init.d/nfs.server start

Or simply export the new share:

# shareall

NIS configuration, logged on soul

Because all of the automounted NFS clients (in particular Solaris, AIX and GNU/Linux) know how to use automount maps shared via the NIS protocol, the centralized auto_apps (SYSV style) map resides on the master NIS server, soul.

Since this is a new map to add, there is a little more to do here.

Create the map in the DIR (in NIS parlance) directory:

# touch /etc/ivyp/auto_apps
# ci -i /etc/ivyp/auto_apps
/*
 * Description message: "Automounter map for the applications repository,
 * NFS shared.".
 */
# co -l /etc/yp/auto_apps
# cat << EOF > /etc/ivyp/auto_apps
* -rw,hard,bg,intr nfs:/export/bento/apps/${OSNAME}/${CPU}/${NATISA}/${OSREL}/?
EOF
# ci -u /etc/ivyp/auto_apps

The RCS commands may (and must) be used through the ivv.sh wrapper script.

Teach the customized NIS infrastructure (based on GNU tools, not the native ones) about the new map:

# diff -u /var/yp/GNUmakefile.2005-08-25 /var/yp/GNUmakefile
--- /var/yp/GNUmakefile.2005-08-25      Thu Aug 25 13:18:31 2005
+++ /var/yp/GNUmakefile Thu Aug 25 14:30:04 2005
@@ -76,6 +76,7 @@
 AUTONT=auto_nt
 AUTOALT=auto_alt
 AUTODIRECT=auto_direct
+AUTOAPPS=auto_apps
 else
 AUTOMASTER=auto.master
 AUTOHOME=auto.home
@@ -83,6 +84,7 @@
 AUTONT=auto.nt
 AUTOALT=auto.alt
 AUTODIRECT=auto.direct
+AUTOAPPS=auto.apps
 endif
 GNUGREP=/usr/local/bin/ggrep
 MALIASES=$(YPDBDIR)/$(DOM)/mail.aliases
@@ -96,7 +98,7 @@
 
 all:: passwd group hosts ethers networks rpc services protocols \
        netgroup bootparams aliases publickey netid netmasks c2secure \
-       timezone auto.master auto.home auto.soft auto.nt auto.alt auto.direct \
+       timezone auto.master auto.home auto.soft auto.nt auto.alt auto.apps auto.direct \
        printcap dmmo printers.conf virtualip
 
 diams: dmmo_applis dmmo_sites dmmo_users ypservers
@@ -424,6 +426,22 @@
                echo "couldn't find $(DIR)/auto.alt"; \
        fi
 
+auto.apps.time:  $(DIR)/$(AUTOAPPS)
+       -@if [ -f $(DIR)/$(AUTOAPPS) ]; then \
+               sed -e "/^#/d" -e s/#.*$$// $(DIR)/$(AUTOAPPS) \
+               | $(MAKEDBM) - $(YPDBDIR)/$(DOM)/auto.apps; \
+               touch auto.apps.time; \
+               echo "updated auto.apps"; \
+               if [ ! $(NOPUSH) ]; then \
+                       $(YPPUSH) auto.apps; \
+                       echo "pushed auto.apps"; \
+               else \
+               : ; \
+               fi \
+       else \
+               echo "couldn't find $(DIR)/auto.apps"; \
+       fi
+
 printcap.time: $(DIR)/ypprintcap
        -@if [ -f $(DIR)/yp$(@:.time=) ]; then \
                sed < $(DIR)/yp$(@:.time=) \
@@ -686,6 +704,7 @@
 auto.soft: auto.soft.time
 auto.nt: auto.nt.time
 auto.alt: auto.alt.time
+auto.apps: auto.apps.time
 auto.direct: auto.direct.time
 printcap: printcap.time
 printers.conf: printers.conf.time
@@ -710,6 +729,7 @@
 $(DIR)/$(AUTOSOFT):
 $(DIR)/$(AUTONT):
 $(DIR)/$(AUTOALT):
+$(DIR)/$(AUTOAPPS):
 $(DIR)/$(AUTODIRECT):
 $(DIR)/ypprintcap:
 $(DIR)/printers.conf:

At this stage, the new map must be first manually transferred on the slave NIS server.

Create the corresponding map files (*.dir and *.pag ) only, using:

# cd /etc/ivyp
# gmake -C /var/yp NOPUSH="YES"

Log in on the slave server (a Sun system), for example kitchen :

# /usr/lib/netsvc/yp/ypxfr -h soul auto.apps
# ls -l /var/yp/`domainname`/auto.apps.*
-rw-r--r--   1 root     root           0 Aug 25 18:10 /var/yp/`domainname`/auto.apps.dir
-rw-r--r--   1 root     root        1024 Aug 25 18:10 /var/yp/`domainname`/auto.apps.pag

Note: You can know which hostname is(are) currently set up as slave server(s) using:

# cd /var/yp/`domainname`
# makedbm -u ypservers
YP_LAST_MODIFIED 1072719185
YP_MASTER_NAME soul
kitchen
timal

Then, on the master server, really push the map this time:

# cd /etc/ivyp
# gmake -C /var/yp

Now, the new mount point and sub-tree must be ready and available to all your properly configured clients, as found in the following online documents:

  1. Use the NIS and NFS Infrastructure on AIX 5L
  2. Use the NIS and NFS Infrastructure on Red Hat Advanced Server 2.1

no comment

Thursday 18 August 2005

Update the Notebook to FreeBSD 6.0-BETA2

By Julien Gabel on Thursday 18 August 2005, 23:31 - BSD Unix

I decided to take advantage of this three days week-end (at least in France) to upgrade the Notebook to FreeBSD 6.0-BETA2 and follow the RELENG_6 branch testing the upcoming FreeBSD release.

In fact, i hope this one may help me in two areas... more precisely: fix a very annoying bug resulting in a USB interrupt storm and help on the wifi side, based on the work done to incorporate the wpa_supplicant code from ports(7).

The installation went smooth and well, although there is no package yet (it is a beta release, not a release candidate) and all third party need to be compile from sources. So, i installed the minimum required. In the same time, update (one more time) the installation notes, notably regarding the DHCP part (this branch switched from the ISC DHCP client v3.x to the OpenBSD DHCP client which was based on ISC DHCP v2.x). The biggest problem was to figure how to set it up in order to be able to update its DNS records obtained from the DHCP server. The solution is very simple: don't let the client do this setting (as in RELENG_5 with ISC DHCP) but do it on the server side level. It has the other advantage not to care how to do this on multiple heterogeneous clients (UNIX, Unix-like, Windows, etc.).

On the other side, there is one problem though. Because this release needs testing, the default kernel comes with debugging options enable (INVARIANTS and WITNESS(4) in particular) which have the side effect of slowing down the machine, really. These options help debugging and lightning some problems that may appeared in the development process. One of this is called a LOR and i encountered two of them. They are already known to the developers, but we don't know yet the real impact of these: harmless or not. Here is the thread about this on current@.

Go testing. I will try to reproduce the panic i encountered before to know the code path where this happens.

no comment

Monday 15 August 2005

Upgrade the 3366-ENT ADSL Gateway

By Julien Gabel on Monday 15 August 2005, 23:31 - thnet

Decided to upgrade the Cayman 3366-ENT ADSL Gateway from Netopia, currently hosting the public link for the Thilelli.NET Project. All went smooth and well. The gateway is now at the latest firmware level available (8.5.0 at the time of this writing).

At the same time, try to avoid some recurrent problem on the link (seems ok but doesn't let real traffic to pass through it) helped by the 24-Hour Scheduled Connection procedure. Waiting to see if it really works for our site... thanks to our ISP for providing a nice administration and status page.

no comment

Wednesday 29 June 2005

Static Route Management for Hosts in the Demilitarized Zone (DMZ)

By Julien Gabel on Wednesday 29 June 2005, 11:39 - Solaris

Based on existing procedures, here is a new tool which aim is to help adding centralized managed static routes for all servers hosted in the demilitarized zone. As for the Password Management for Hosts in the Demilitarized Zone (DMZ), this script is managed using the cvs(1) concurrent management system.

Follow are the three necessary files:

  1. dmz_routes.sh this one is able to get, push and apply new static route(s) remotely
  2. route_admin this script can list and apply new static route(s) locally and is used from rc script at boot time
  3. route_admin.cfg current static routes commented configuration file; used by route_admin

Assuming that the environment variables ${CVSROOT} and ${CVS_RSH} are properly sets, here are little samples of usage:

# cvs checkout -P dmz_route && cd dmz_route
#
# sh ./dmz_route.sh
usage: dmz_route.sh [-hd] [-s servername,...] [-c config_file] [-i init.d_file] {push|add|status}
#
# sh ./dmz_route.sh -s beastie status
* server: beastie
 => state of files:
/data/system/etc/
/data/system/etc/init.d/
/data/system/etc/route_admin.cfg:
     $Id: route_admin.cfg,v 1.10 2005/02/14 14:14:14 root Exp $
/data/system/etc/init.d/route_admin:
     $Id: route_admin,v 1.9 2004/09/14 08:19:29 root Exp $
 => show the routing tables:IRE Table: IPv4
  Destination             Mask           Gateway          Device Mxfrg  Rtt  Ref Flg  Out  In/Fwd
-------------------- --------------- -------------------- ------ ----- ----- --- --- ----- ------
10.126.220.40        255.255.255.255 192.168.138.33               1500*    0   1 UGH    790     0
10.126.220.41        255.255.255.255 192.168.138.33               1500*    0   1 UGH   2862     0
10.126.215.162       255.255.255.255 192.168.138.33               1500*    0   1 UGH     65     0
[...]
#
# sh ./dmz_route.sh -s beastie push
* server: beastie
 => last configuration backuped
 => route_admin.cfg pushed
 => route_admin pushed

Need more help?... See the command line help switch:

# sh ./dmz_route.sh -h

no comment

Saturday 18 June 2005

Use the NIS and NFS Infrastructure on AIX 5L

By Julien Gabel on Saturday 18 June 2005, 11:39 - AIX

Here are the steps to be able to use the current NIS and NFS infrastructure from an AIX server:

# cat /etc/resolv.conf  
domain          dev.example.com
nameserver      10.239.208.24
nameserver      10.251.140.96
search          dev.example.com int.example.com prod.example.com
#
# TERM=vt220 smitty
/*
 * Communications Applications and Services
 *  TCP/IP
 *   Further Configuration
 *    Name Resolution
 *     Hosts Table (/etc/hosts)
 *      Add a Host
 *       INTERNET ADDRESS (dotted decimal)               [10.254.234.22]
 *       HOST NAME                                       [neptune.dev.example.com]
 *       ALIAS(ES) (if any - separated by blank space)   [neptune]
 *       COMMENT (if any - for the host entry)           [NIS server for domain devex]
 *  NFS
 *   Network Information Service (NIS)
 *    Configure / Modify NIS
 *     Change NIS Domain Name of this Host
 *      Domain name of this host                        [devex]
 *     Configure this Host as a NIS Client
 *      NIS server - required if there are              [neptune]
 *   Network File System (NFS)
 *    Configure NFS on This System
 *     Start Automounter
 *      PARAMETERS to be used for the automount daemon  [-n]
 */

Launch the automountd at run-level #2:

# cat << EOF > /etc/rc.d/rc2.d/Sautomountd
#!/usr/bin/env ksh
#################################################################
# name: {K|S}automountd
# purpose: script that will start or stop the automountd service.
#################################################################

case "$1" in
start)
  /usr/sbin/automount -n
  ;;
stop)
  stopsrc -g autofs
  ;;
*)
  echo "Usage: $0 {start|stop}"
  exit 1
esac

exit 0
EOF
# ln /etc/rc.d/rc2.d/Sautomountd /etc/rc.d/rc2.d/Kautomountd
# chmod 754 /etc/rc.d/rc2.d/?automountd

In the same time, modify the automountd service to add some arguments that must be passed to the program. This is a necessary step to be able to automount the correct remote path using our customized autofs server. Here is how to do so:

# chssys -s automountd -a "-DOSNAME=`uname -s` -DCPU=`uname -p` -DNATISA=`bootinfo -K` -DOSREL=`uname -v`.`uname -r`"
# stopsrc -g autofs
# /usr/sbin/automount -n

Very important

To resolve information correctly, it was needed to explicitly specify the ordering of name resolution and hosts setting in /etc/netsvc.conf. This file corresponds to /etc/nsswitch.conf under Solaris, GNU/Linux or the BSDs for hosts name resolution. For example:

# cat << EOF >> /etc/netsvc.conf
hosts = local, nis, bind
EOF

no comment

- page 1 of 2