Setting up NIS questions?
David Robillard
david.robillard at gmail.com
Tue May 23 07:17:41 PDT 2006
> I have 2 NICS in the master node of a small cluster.
> bge0 is connected to the outside world with a FQDN
> and registered DNS IP address. bge1 is connected to
> a 192.168.0.x internal network. I'm trying to configure
> NIS for the internal network, but ypinit is grabbing the
> FQDN. I've read the Handbook and ypinit manual page
> without too much enlightment. :(
>
> What I'm after is
>
> 192.168.0.10 NIS master server
> 192.168.0.11 NIS slave server
> 192.168.0.[12-15] NIS clients
>
> Anyone have a pointer to a method to achieve my goals.
I would _strongly_ suggest that you run you firewall from another
machine instead of using you NIS master for this. This really is
Security 101 :)
Check out OpenBSD with pf for this purpose or use a Cisco PIX (you can
find several on eBay).
But if you don't want/can do this, why don't you setup a jail for you
NIS master? You can bind the jail to the RFC 1918 IP address range.
Therefore, starting up ypbind inside the jail would only see the
192.168.0/24 network and bind to it. See jail(8), jls(8) and jexec(8).
You might also want to check mount_nullfs(8) to help you with the
jail's ports tree. If you need help with the jail setup, feel free to
email me off the list.
David
--
David Robillard
UNIX systems administrator
CISSP
Sun Certified Security Administrator
Sun Certified Systems Administrator
Montreal: +1 514 966 0122
More information about the freebsd-questions
mailing list