[Info-vax] duplicated DNS domain name (was: Re: stupid network tricks)
BillPedersen
pedersen at ccsscorp.com
Mon Mar 9 12:23:36 EDT 2015
On Monday, March 9, 2015 at 12:00:06 PM UTC-4, li... at openmailbox.org wrote:
> Hi,
>
> On Mon, 9 Mar 2015 09:55:35 -0400
> Stephen Hoffman via Info-vax <info-vax at rbnsn.com> wrote:
>
> > On 2015-03-09 13:27:13 +0000, <lists at openmailbox.org> said:
> >
> > > Sorry for the delay. I couldn't get to this machine until now.
> >
> > As an alternative to Info-VAX, consider visiting
> > http://www.eternal-september.org and get a free account, and use that
> > with a news reader for your preferred platform. That will allow you to
> > access comp.os.vms directly.
>
> I prefer mailing lists and anyway I meant I couldn't get to the box where
> SIMH is running.
>
> >
> > >
> > >>> My SHOW NET display seems to indicate a problem with the TCP/IP node
> > >>> name on my system.
> > >
> > > $ SHOW NET
> > >
> > > Product: DECNET Node: MYNODE Address(es): 1.1
> > > Product: TCP/IP Node: MYNODE.EXAMPLE.COM.example.com
> > > Address(es): aa.bb.cc.dd
> >
> > Again, that's usually a not-FQDN entry somewhere in the configuration.
>
> I'll try reentering it with a trailing .
>
> Ok, shutdown/restarted TCP/IP...that did nothing. No change in SHOW NET
> output.
>
> > Is the aa.bb.cc.dd address private or public? (Technically,
> > aa.bb.cc.dd is a real, public, valid IPv4 IP address, but I'm guessing
> > you're not comfiguring OpenVMS at what's more commonly known as
> > 170.187.204.221.)
>
> The address is a private address on my lan.
>
> >
> >
> > >> What are your settings for the BIND resolver:
> > >>
> > >> TCPIP> sho name
> > >
> > > TCPIP> sho name
> > >
> > > BIND Resolver Parameters
> > >
> > > Local domain: example.com
> > >
> > > System
> > >
> > > State: Started, disabled
> > > Transport: UDP
> > > Domain:
> > > Retry: Not defined
> > > Timeout: Not defined
> > > Servers: No values defined
> > > Path: No values defined
> > >
> > > Process
> > >
> > > State: Disabled
> > >
> > > Transport:
> > > Domain:
> > > Retry:
> > > Servers:
> > > Path:
> >
> > That's not an expected configuration. Looks like the baseline
> > configuration was skipped, or maybe -- and I don't recommend using DHCP
> > -- DHCP went sideways somewhere.
>
> I'm using DHCP because that's what I do with all the boxes on my LAN. It's
> easier to keep track of things by their MAC and assign them an orderly
> address on my lan. Going to direct config instead doesn't fix the problem.
>
> > You shuld see the domain and the servers listed. Newer operating systems
> > can tend to adapt better to the network, or to configuration details.
> > With VMS, you get to tell it more of the details, and DHCP isn't
> > something that various folks have had the best outcome with. That means
> > performing at least the entire core network configuration sequence in
> > TCPIP$CONFIG tool, if that's not already been completed. (I'd expect
> > this is an issue, if not the issue -- I'd expect to see a domain listed in
> > the above.)
>
> I did go through TCPIP$CONFIG several times. I don't know if I did it
> correctly since I was following a tutorial I found on the net.
>
> > If you have not already done so, minimally complete option 1 and the
> > core configuration, and it's generally better to use the A option and
> > get most of the stuff you'll immediately need sort-of working:
>
> I have several times already so another time won't hurt. I just did and
> nothing changed in SHOW NET output.
>
> >
> > $ @sys$manager:tcpip$config
> >
> > Checking TCP/IP Services for OpenVMS configuration database files.
> >
> > ...
> >
> > HP TCP/IP Services for OpenVMS Configuration Menu
> >
> > Configuration options:
> >
> > 1 - Core environment
> > 2 - Client components
> > 3 - Server components
> > 4 - Optional components
> >
> > 5 - Shutdown HP TCP/IP Services for OpenVMS
> > 6 - Startup HP TCP/IP Services for OpenVMS
> > 7 - Run tests
> >
> > A - Configure options 1 - 4
> > [E] - Exit configuration procedure
> >
> > Enter configuration option:
> >
> >
> > >> TCPIP> sho config name
> > >
> > > %TCPIP-E-CONFIGERROR, error processing configuration request
> > > -TCPIP-E-NAMERROR, error processing name service request
> > > -RMS-E-RNF, record not found
> >
> > The baseline configuration with TCP/IP Services should have created a
> > resolver.
> >
> > Re-invoke the core services configuration sequence within the
> > TCPIP$CONFIG tool.
> > >
> > >> SHOW HOST /LOCAL will show any locally-added host names.
> > >
> > > $ SHOW HOST /LOCAL
> > >
> > > %DCL-W-IVKEYW, unrecognized keyword - check validity and spelling
> >
> > TCPIP> SHOW HOST /LOCAL
>
> LOCAL database
>
> Host address Hostname
> 127.0.0.1 LOCALHOST, localhost
> aa.bb.cc.dd MYNODE.EXAMPLE.COM
>
>
> >
> > >> If you don't have local DNS (BIND server or otherwise), then the BIND
> > >> resolver configuration -- above -- might be the source of the error.
> > >
> > > There should be no BIND services.
> >
> > Arguably, there should be DNS servers, but then OpenVMS is much more
> > willing to run insecurely than other servers, and unfortunately less
> > likely to notice the usual sorts of attacks. Your call.
>
> This system is behind a router/firewall. Right now it is not on the air. I
> can port forward if I want to let people telnet in, etc.
>
> I am not sure how things should look on VMS but as far as the other OS I
> have they use /etc/resolv.conf which uses my router as a nameserver.
> Now that I think of it this seems suboptimal. I seem to remember separate
> DNS entries but all it has now is the entry for my router. I will check it
> on another UNIX box later. Should be slow but should not have anything to
> do with this (famous last words).
>
> Where do you set up DNS server addresses in OpenVMS VAX? I can't resolve
> address outside my lan, so at this this much is not setup correctly. I just
> tried adding the router address as the BIND server address and I can now
> resolve external names. But the following spits out errors and warnings
> that were not there previously:
>
> TCPIP> show host *
>
> Host address Hostname
> 127.0.0.1 LOCALHOST, localhost
> aa.bb.cc.dd MYNODE.EXAMPLE.COM
> %TCPIP-E-BIND_NOSERVERS, default servers are not available
> %TCPIP-W-NORECORD, information not found
> -TCPIP-E-BIND_NOSERVERS, default servers are not available
>
> Is this normal when all you have is name resolution but are not serving
> services or did I just break something else by trying this?
>
> > It's also possible that the emulator is getting in the way. The
> > virtual (emulated) networking implementation has been a longstanding
> > source of weird problems with OpenVMS, and the documentation associated
> > with various of the emulators has had large gaps, or wasn't entirely
> > current for the version of the emulator in use.
>
> I really don't know. I was using a bridged network to run SIMH in user mode
> and it works fine. I wondered if that was causing wierd name resolution
> (duplication) because of the bridge so I brought it up again running as
> root and no network bridging and the SHOW NET output is unchanged. So that
> wasn't it.
>
> I believe I tried turning DHCP off before and it didn't change the SHOW NET
> display either. Just tried it now and doesn't help.
>
> Again, the "problem" is not a functional issue, it's just that SHOW NET
> doesn't look reasonable. Otherwise the actual network functionality, given
> the box is not on the air and not in a DMZ, is fine i.e. telnet and ftp in
> and out work.
>
> Thank you.
>
> --
> Please DO NOT COPY ME on mailing list replies. I read the mailing list.
> RSA 4096 fingerprint 7940 3F02 16D3 AFEE F2F8 ACAA 557C 4B36 98E4 4D49
Do you have the log of the last run of the TCPIP$CONFIG? It would be interesting to see what happened there.
How did you specify the host hame when you set up TCPIP? Did you do it as a fully qualified name or as just the host name for the interface did you? This should just be the host name without the domain name.
Bill.
More information about the Info-vax
mailing list