[cfgeeks] ipnodes

Liston Bias bias at pobox.com
Tue Mar 13 12:35:58 EST 2007 

Thanks for the info...

Is there any issues with just linking /etc/hosts to /etc/inet/ipnodes?

Changing /etc/nsswitch.conf ipnodes to files only sure sped things up so 
I'm not looking to put back and not sure about the learning curve (habit) 
of editing /etc/inet/ipnodes vs. /etc/hosts moving forward.

It seems that you would only need hosts or ipnodes going to DNS (not 
both).  I'm confused why both unless there is some protocla to ipnodes 
that legacy dns may not support/resolve????

Cheers,
Liston

On Tue, 13 Mar 2007, Kevin P. Inscoe wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Liston Bias wrote:
>> Does anyone use ipnodes in /etc/nsswitch.conf on solaris?
>
> You have to (or I should say your are supposed to). It was added for
> ipv6 portability. /etc/hosts (in Solaris and HP) only supports ipv4
> style addresses. So think of it as the new /etc/hosts.
>
>> I know to rename anything in /etc/inet/ipnodes when host ip changes, but
>> just use host for everything else.
>
> Actually that's not what Sun intends you to do. /etc/hosts can be left
> empty except for the 127.0.0.1 for legacy applications. It used to be
> true that early Solaris 10 (< 06/06 IIRC) was broken and only supported
> (in practice) ipv4 addresses in /etc/hosts and only ipv6 addresses in
> ipnodes but that has been patched away and fixed in the latest releases.
>
>> I recently upgrade to Sol 10 11/06 form prior Sol 10, I noticed they
>> added dns to search past for ipnotes in /etc/nsswitch.conf.
>
> That was a bug fixed it should have done that all along.
>
>> This seems to have caused extra delay for host-based authentication
>> where there is no DNS entry for source server.  I reverted back to files
>> only and it seems fine, but wonder if anyone using dns for ipnodes?
>
> It is trying to reverse the address. You can fix this by A) adding
> reverse to your subnet in DNS or B) put them ones that matter in ipnodes
>
> See this:
>
> http://www.brandonhutchinson.com/Solaris_10_ipnodes_caveat.html
>
> (so you are hitting dns twice)
>
> and
>
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-102442-1
>
> Also make sure ipnodes knows who you are:
>
> # getent ipnodes dns
>

More information about the cfgeeks mailing list