[Info-vax] duplicated DNS domain name (was: Re: stupid network tricks)
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Mon Mar 9 09:55:35 EDT 2015
On 2015-03-09 13:27:13 +0000, <lists at openmailbox.org> said:
> Sorry for the delay. I couldn't get to this machine until now.
As an alternative to Info-VAX, consider visiting
http://www.eternal-september.org and get a free account, and use that
with a news reader for your preferred platform. That will allow you to
access comp.os.vms directly.
>
>>> My SHOW NET display seems to indicate a problem with the TCP/IP node
>>> name on my system.
>
> $ SHOW NET
>
> Product: DECNET Node: MYNODE Address(es): 1.1
> Product: TCP/IP Node: MYNODE.EXAMPLE.COM.example.com
> Address(es): aa.bb.cc.dd
Again, that's usually a not-FQDN entry somewhere in the configuration.
Is the aa.bb.cc.dd address private or public? (Technically,
aa.bb.cc.dd is a real, public, valid IPv4 IP address, but I'm guessing
you're not comfiguring OpenVMS at what's more commonly known as
170.187.204.221.)
>> What are your settings for the BIND resolver:
>>
>> TCPIP> sho name
>
> TCPIP> sho name
>
> BIND Resolver Parameters
>
> Local domain: example.com
>
> System
>
> State: Started, disabled
> Transport: UDP
> Domain:
> Retry: Not defined
> Timeout: Not defined
> Servers: No values defined
> Path: No values defined
>
> Process
>
> State: Disabled
>
> Transport:
> Domain:
> Retry:
> Servers:
> Path:
That's not an expected configuration. Looks like the baseline
configuration was skipped, or maybe — and I don't recommend using DHCP
— DHCP went sideways somewhere. You shuld see the domain and the
servers listed. Newer operating systems can tend to adapt better to
the network, or to configuration details. With VMS, you get to tell it
more of the details, and DHCP isn't something that various folks have
had the best outcome with. That means performing at least the entire
core network configuration sequence in TCPIP$CONFIG tool, if that's not
already been completed. (I'd expect this is an issue, if not the issue
— I'd expect to see a domain listed in the above.)
If you have not already done so, minimally complete option 1 and the
core configuration, and it's generally better to use the A option and
get most of the stuff you'll immediately need sort-of working:
$ @sys$manager:tcpip$config
Checking TCP/IP Services for OpenVMS configuration database files.
...
HP TCP/IP Services for OpenVMS Configuration Menu
Configuration options:
1 - Core environment
2 - Client components
3 - Server components
4 - Optional components
5 - Shutdown HP TCP/IP Services for OpenVMS
6 - Startup HP TCP/IP Services for OpenVMS
7 - Run tests
A - Configure options 1 - 4
[E] - Exit configuration procedure
Enter configuration option:
>> TCPIP> sho config name
>
> %TCPIP-E-CONFIGERROR, error processing configuration request
> -TCPIP-E-NAMERROR, error processing name service request
> -RMS-E-RNF, record not found
The baseline configuration with TCP/IP Services should have created a resolver.
Re-invoke the core services configuration sequence within the
TCPIP$CONFIG tool.
>
>> SHOW HOST /LOCAL will show any locally-added host names.
>
> $ SHOW HOST /LOCAL
>
> %DCL-W-IVKEYW, unrecognized keyword - check validity and spelling
TCPIP> SHOW HOST /LOCAL
>> If you don't have local DNS (BIND server or otherwise), then the BIND
>> resolver configuration — above — might be the source of the error.
>
> There should be no BIND services.
Arguably, there should be DNS servers, but then OpenVMS is much more
willing to run insecurely than other servers, and unfortunately less
likely to notice the usual sorts of attacks. Your call.
It's also possible that the emulator is getting in the way. The
virtual (emulated) networking implementation has been a longstanding
source of weird problems with OpenVMS, and the documentation associated
with various of the emulators has had large gaps, or wasn't entirely
current for the version of the emulator in use.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list