Au 074 Xstud

AIX 5L
Configuring TCP/IP
(Course Code AU07)
Student Exercises
ERC 4.0
Worldwide Certified Material
IBM Learning Services
V1.2.2
cover
Student Exercises
The information contained in this document has not been submitted to any formal IBM test and is distributed on an as is basis without
any warranty either express or implied. The use of this information or the implementation of any of these techniques is a customer
responsibility and depends on the customers ability to evaluate and integrate them into the customers operational environment. While
each item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the same or similar results will
result elsewhere. Customers attempting to adapt these techniques to their own environments do so at their own risk. The original
repository material for this course has been certified as being Year 2000 compliant.
Copyright International Business Machines Corporation 1997, 2001. All rights reserved.
This document may not be reproduced in whole or in part without the prior written permission of IBM.
Note to U.S. Government Users Documentation related to restricted rights Use, duplication or disclosure is subject to restrictions
set forth in GSA ADP Schedule Contract with IBM Corp.
Trademarks
IBM is a registered trademark of International Business Machines Corporation.
The following are trademarks of International Business Machines Corporation in the United
States, or other countries, or both:
Notes is a trademark of Lotus Development Corporation in the United States, or other
countries and or both.
Microsoft, Windows, Windows NT, and the Windows logo is a trademark of Microsoft
Corporation in the United States, other countries and or both.
UNIX is a registered trademark of The Open Group in the United States and other
countries.
Other company, product, and service names may be trademarks or service marks of
others.
AFS AIX AIX 5L
Current DFS IBM
MVS RISC System/6000 RS/6000
SecureWay
December 2001 Edition
Student Exercises
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
Copyright IBM Corp. 1997, 2001 Contents iii
V1.2.2
TOC
Contents
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v
Exercises Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Exercise 1. TCP/IP Concepts - IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Exercise Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Exercise Instructions With Hints. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Exercise 2. Configuring TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Exercise 3. Using TCP/IP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
Exercise 4. Configuring PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Exercise 5. Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10
Exercise 6. Dynamic Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1
Exercise 7. Configuring a Domain Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
Exercise 8. Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
Exercise Instructions with Hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5
Exercise 9. Configuring DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Exercise 10. Configuring NFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
Exercise Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Exercise Instructions With Hints. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8
Student Exercises
iv Configuring TCP/IP Copyright IBM Corp. 1997, 2001
Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-16
Exercise 11. Automounter and NFS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . .11-1
Exercise Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3
Exercise Instructions With Hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
Exercise 12. Configure and Use NIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-1
Exercise Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
Exercise Instructions With Hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-7
Student Exercises
Copyright IBM Corp. 1997, 2001 Trademarks v
V1.2.2
TMK
Trademarks
The reader should recognize that the following terms, which appear in the content of this
training document, are official trademarks of IBM or other companies:
IBM is a registered trademark of International Business Machines Corporation.
The following are trademarks of International Business Machines Corporation in the United
States, or other countries, or both:
Notes is a trademark of Lotus Development Corporation in the United States, or other
countries and or both.
Microsoft, Windows, Windows NT, and the Windows logo is a trademark of Microsoft
Corporation in the United States, other countries and or both.
UNIX is a registered trademark of The Open Group in the United States and other
countries.
Other company, product, and service names may be trademarks or service marks of
others.
AFS AIX AIX 5L
Current DFS IBM
MVS RISC System/6000 RS/6000
SecureWay
Student Exercises
vi Configuring TCP/IP Copyright IBM Corp. 1997, 2001
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercises Description vii
V1.2.2
pref
Exercises Description
Exercise instructions - This section contains what it is you are
accomplish. There are no definitive details on how to perform the
tasks. You are given the opportunity to work through the exercise
given what you learned in the unit presentation.
The objective of the AIX Version 5 Configuring TCP/IP exercises is
to give students the opportunity to understand and successfully
perform the setup, configuration, and administration of an RS/6000
running AIX Version 5 in a TCP/IP network environment.
Several of the exercises depend upon the successful completion of a
preceding exercise or exercises. All exercises except Exercise 1
depend upon the successful completion of Exercise 2. Configuring
TCP/IP. In addition to this:
Exercise 5. Static Routing depends upon the successful
completion of Exercise 4. Configuring PPP
Exercises 8-9 and 11-13 depend upon students configuring the
default route at the end of Exercise 5. Static Routing
Exercise 12. Automounter and NFS depends upon the successful
completion of Exercise 11. Configuring NFS
Exercise Instructions With Hints This section is an exact
duplicate of the Exercise Instructions section except that in addition,
specific details hints are provided to help step you through the
exercise. A combination of using the Instructions section along with
Instructions With Hints section can make for a rewarding combination
providing you with no hints when you don't want them and hints when
you need them.
In this section, multiple ways to accomplish the same task are often
provided. Where this has been done, the various methods are
separated by an -OR- on a separate line. Often these various ways
include commands or the use of SMIT.
When showing the SMIT method to accomplish a task, each line in
bold represents a submenu or selector screen. You will need to press
the Enter key after selecting each item as listed. When you reach the
dialog screen, the field description will be in regular text and the items
you need to fill in will be in bold. Only the items that need to be
changed will be shown, not the entire screen. Once you have reached
the dialog screen portion of SMIT, press Enter ONLY after all indicated
entries have been made.
Student Exercises
viii Configuring TCP/IP Copyright IBM Corp. 1997, 2001
The SMIT steps will be shown for the ASCII version of SMIT. Under
most circumstances these steps match the steps taken if using the
graphics version of SMIT. The exceptions relate to the use of the
function keys. When instructed to press the F3 key back to a particular
menu, when in graphics SMIT, you will instead click the Cancel box at
the bottom of the screen. When instructed to press the F9 key to shell
out, in graphics mode, simply open another window.
Solutions This section provides at least one solution to questions
strategically placed in some exercises. Where applicable the solutions
have been provided at the end of the Exercise Instructions With
Hints section.
Note: These are NOT the solutions to the exercises, as those are
provided in the Exercise Instructions With Hints section.

Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 1. TCP/IP Concepts - IP Addressing 1-1
V1.2.2 BKM2MIF
Uempty
Exercise 1. TCP/IP Concepts - IP Addressing
What This Exercise Is About
This exercise provides students with practice in interpreting IP
addresses.
What You Should Be Able To Do
After completing this exercise, students should be able to:
Take an IP address and its subnet mask and determine what is the
network portion and what is the host portion of the address.
Introduction
In this paper exercise you will be presented with several IP addresses
and their subnet masks. You will be asked to determine what the
network and host addresses are and the class of address. You will
also be asked to design the addressing for a small internetwork that
requires subnetting.
In the hints section there is a binary diagram that may help if you are
having trouble converting decimal to binary and vice versa. You may
wish to try the bc command to aid in this conversion. Also in the hints
section are the answers, so first try to answer the questions on your
own before referring to the hints.
Student Exercises
1-2 Configuring TCP/IP Copyright IBM Corp. 1997, 2001
Exercise Instructions
IP Addresses and Subnet Masks
Given the IP addresses and subnet masks shown below, determine
what is the address class, the network address, and the host address.
1. IP address: 130.35.15.1
subnet mask: 255.255.255.0
Address class:
Network address:
Host address:
2. IP address: 220.10.25.3
subnet mask: default
Address class:
Network address:
Host address:
3. IP address: 9.19.115.89
subnet mask: 255.255.240.0
Address class:
Network address:
Host address:
4. IP address: 192.110.15.65
subnet mask: 255.255.255.192
Address class:
Network address:
Host address:
Internetwork Addressing Design
You have been asked to design a new private internetwork that will
consist of two token-rings connected by a PPP link as shown in the
figure. Although the internetwork will not be connected to the Internet
at present, there is a plan to do so in the future. Thus, you have
obtained a registered class C network address (200.1.2.0) and will use
this for your internetwork.
You do not anticipate that you will need to add more subnetworks
beyond the three described above. However, you will eventually need
to accommodate more hosts than are shown in the figure.
Using this single class C network address, design the addressing for
your internetwork. In particular:
Student Exercises
V1.2.2 BKM2MIF
Uempty
1. What subnet mask will you use in your internetwork?
2. What will be the addresses of three subnetworks?
3. What will be the addresses of the systems shown in the
figure?
A bonus question, if you have extra time.
What will be the broadcast addresses for the three subnetworks?
END OF EXERCISE
Network 200.1.2.0
Student Exercises
128 64 32 16 8 4 2 1
= decimal value
255
Student Exercises
V1.2.2 BKM2MIF
Uempty Exercise Instructions With Hints
IP Addresses and Subnet Masks
Given the IP addresses and subnet masks shown below, determine
what is the address class, the network address, and the host address.
1. IP address: 130.35.15.1
subnet mask: 255.255.255.0
Answer: Class B
network - 130.35.15
host - 1
2. IP address: 220.10.25.3
subnet mask default
Answer: Class C
network - 220.10.25
host - 3
3. IP address: 9.19.115.89
subnet mask: 255.255.240.0
Answer: Class A
network - 9.19.112
host - 3.89
4. IP address: 192.110.15.65
subnet mask: 255.255.255.192
Answer: Class C
network - 192.110.15.64
host - 1.
Internetwork Addressing Design
You have been asked to design a new private internetwork that will
consist of two token-rings connected by a PPP link as shown in the
figure. Although the internetwork will not be connected to the Internet
at present, there is a plan to do so in the future. Thus, you have
obtained a registered class C network address (200.1.2.0) and will use
this for your internetwork.
Student Exercises
You do not anticipate that you will need to add more subnetworks
beyond the three described above. However, you will eventually need
to accommodate more hosts than are shown in the figure.
Using this single class C network address, design the addressing for
your internetwork. In particular:
1. What subnet mask will you use in your internetwork?
2. What will be the addresses of three subnetworks?
3. What will be the addresses of the systems shown in the
figure?
A bonus question, if you have extra time.
What will be the broadcast addresses for the three subnetworks?
END OF EXERCISE
Network 200.1.2.0
Subnet 200.1.2.128
B'cast = 200.1.2.159
Mask = 255.255.255.224 (11111111 11111111 11111111 11100000)
Subnet 200.1.2.64
B'cast = 200.1.2.95
Subnet 200.1.2.32
B'cast = 200.1.2.63
200.1.2.129
200.1.2.130
200.1.2.131
200.1.2.65
200.1.2.66
200.1.2.33
200.1.2.34
200.1.2.35
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 2. Configuring TCP/IP 2-1
V1.2.2 BKM2MIF
Uempty
Exercise 2. Configuring TCP/IP
This exercise provides an opportunity to customize TCP/IP. It takes
you through the steps to customize your machine to participate in a
TCP/IP network.
At the end of this exercise, students should be able to:
Configure TCP/IP on a pSeries machine
Test to verify correct configuration of a pSeries
Use telnet and ftp to communicate with other systems on the
network
Introduction
Gathering The Data - Work with your instructor to determine the data
necessary to configure TCP/IP on your system and to interconnect all
the hosts in the labroom. To assist you in doing this you will need:
1. A worksheet that contains the data you need to configure your
system and your /etc/hosts file.
2. A diagram of the network topology for the labroom.
Network Host Name and IP Address Worksheet - On the following
page is a sample worksheet describing the network shown in the
sample topology diagram that comes after the worksheet. The two
pages that come after the samples provide you with the opportunity to
build your own worksheet and topology diagram for the classroom
where you are working.
Remember that each network adapter needs a separate IP address.
The router contains two network adapters and will require two
separate IP addresses in order to be a part of two networks. Be sure
to set the subnet mask as provided by your instructor. Keep these
pages handy as you will be using them again.
When preparing your own worksheet, leave the column marked
"Router For Host" blank. You will fill this in later. Keep these pages
handy as you will be using them again.
Student Exercises
There should be no more that two students to a system. In many
exercises you will need to work together as a team as is the case in
this exercise. Throughout the exercises, reference to sysx is your
local system and reference to sysy is your partner system.
Student Exercises
V1.2.2 BKM2MIF
Uempty
Network Host Name and IP Address Worksheet
Network Topology Diagram - The diagram on the following page
represents the network listed in this table. The diagram shows the
interrelationship between the networks to assist you in correctly
establishing routing between them in later exercises.
It is suggested that the naming convention and IP address scheme
used in the lecture be used in the exercise as well. Following the same
convention provides a supportive relationship between lecture notes
and exercise. The naming convention is as follows:
Host names for systems are sysx where x is a number.
Use of a Class A address subnet masked to a three-octet network
address. The IP addresses used in lecture are 9.19.98.x and
9.19.99.x where x is the number included in the host name.
Host
Name
IP
Address Subnet Mask
Network
Interface
Token
Ring
Speed
Ethernet
Connect
Router
For
Host
sys5 9.19.98.5 255.255.255.0 en0 bnc sys6e
sys6e 9.19.98.6 255.255.255.0 en0 bnc
sys6 9.19.99.6 255.255.255.0 tr0 16
sys7 9.19.99.7 255.255.255.0 tr0 16 sys6
sys8 9.19.99.8 255.255.255.0 tr0 16 sys6
Student Exercises
Example Network
Topology Diagram
9.19.98.7
sys7
sys4
9.19.98.4
16 Mbps
9.19.99.6
9.19.98.6
sys6e
sys6
sys1
9.19.99.1
Student Exercises
V1.2.2 BKM2MIF
Uempty
Note: Fill in this worksheet with the appropriate information as
supplied by your instructor. Keep it handy as you will be adding to it
and using it regularly as the week progresses.
Host
Name
IP
Address Subnet Mask
Network
Interface
Token
Ring
Speed
Ethernet
Connect
Router
For
Host
Student Exercises
Network Topology Diagram
Use the above blank area to create a network topology diagram of your particular
classroom environment. You should build this diagram as the instructor reviews the
classroom and network layout with you. Be sure to clearly mark which system is the router
(the machine connected to more than one network).
Student Exercises
V1.2.2 BKM2MIF
Uempty Exercise Instructions
Customizing TCP/IP
__ 1. Log in as teamxx where xx is a number from 01-05, and su to root. You must be
the root user to customize TCP/IP. If you don't know it, get the password from the
instructor.
__ 2. All Hosts on the Token-Ring Network ONLY, set the token-ring speed to what
was decided for your network. Check the table provided for this information. If you
are the router you will need to do this for both adapters.
Note: If you are configuring a PCI-based system, the ring speed cannot be
changed in this manner. It is set at the time the ISA adapter is configured and can
only be changed at the hardware level unless the adapter is an auto-sense adapter
with auto-sensing enabled. Therefore, all systems on the Token-Ring network
should use the speed to which the PCI-based systems have been set.
__ 3. Adapters are defined when the system is booted. AIX will assign the name en0 or
et0 to the Ethernet adapter and tr0 to the token-ring adapter. Be sure to select the
correct interface.
All systems configure the appropriate adapter according to the exercise diagram
for your system.
__ 4. ROUTER ONLY. Do this step ONLY if your system is the router. The router must
configure two adapters. Remember that each requires a unique host name and IP
address. Configure the second adapter. If you are using SMIT, use Further
Configuration for the second adapter. After configuring the second adapter, edit
/etc/hosts to add its host name and IP address. Unlike Minimum Configuration,
Further Configuration does not ask for a host name, and does not update
/etc/hosts.
__ 5. ALL SYSTEMS review the /etc/hosts file and see what hosts have already been
defined. Using the lab configuration handout to determine the Internet addresses
for the other hosts, add all the systems in the exercise to the /etc/hosts file.
Testing TCP/IP Configuration On The Network
This section is used to review and check the TCP/IP customization between your
system and various systems on your network.
__ 6. Use the ping command to test connectivity to various systems in the network.
ping by IP address as well as by host name.
__ 7. Run the host command on different host names defined in the network. Use it to
resolve by host name as well as by IP address.
Student Exercises
__ 8. Run the arp command.
__ 9. Run the netstat -i command covered in class to view the network interface
information.
__ 10. Continue to work with the above commands until you understand them. Review
the online documentation to see other parameters you can use.
Using telnet And ftp To Connect to Other Systems
In order to do telnet and ftp, define two user IDs. Change their command line
prompts to be the name of your system. This will help you keep track of whether
you are performing work on your local system or on a remote system.
__ 11. Use SMIT to create two users, tcp1 and tcp2. Make both users members of the
system group. Assign them both a password. Make the password the same as
the user name. For all other options, take the defaults.
__ 12. Edit the .profile files of both tcp1 and tcp2 by adding the PS1 variable to display
the local host name.
__ 13. Log in as both new users to invoke their .profile file and ensure that the PS1
variable was set correctly. When prompted to change their passwords, reissue the
same password. Then, log in as tcp1 and telnet to your partner's system and log
in as tcp2. You will only be able to do this after your partner system has created
the new users. Use the who am i command to verify that you are tcp2. Your login
prompt will verify that you are remotely logged in, as it should default to the $ or
sysy> (where sysy represents your partner system) when you are on the remote
machine and to your host name when you are back on your local system.
__ 14. While remotely logged into your partner, create a short document called tndoc
using your favorite editor. List the contents of tcp2's home directory to verify that
your document is there.
__ 15. Close the connection and verify that you are back on your local system.
__ 16. ftp to your partner's system using tcp2 as the login name. Transfer the file tndoc
from your partner's system to your system renaming it ftpdoc.
__ 17. Change directories on the remote system to /home and verify that you are there.
List the contents of the remote system's /home directory.
__ 18. Now change to any directory on your local system and verify that you are there.
__ 19. End the file transfer session and verify that you are back on your local system.
__ 20. Check to see if ftpdoc is in your home directory, then remove it.
END OF EXERCISE
Student Exercises
V1.2.2 BKM2MIF
Customizing TCP/IP
__ 1. Log in as teamxx where xx is a number 01-05, and su to root. You must be the
root user to customize TCP/IP. If you don't know it, get the password from the
instructor.
Login: teamxx
Password:
$ su
__ 2. All Hosts on the Token-Ring Network ONLY, set the token-ring speed to what
was decided for your network. Check the table provided for this information. If you
are the router you will need to do this for both adapters.
Note: If you are configuring a PCI-based system, the ring speed cannot be
changed in this manner. It is set at the time the ISA adapter is configured and can
only be changed at the hardware level unless the adapter is an auto sense adapter
with auto-sensing enabled. Therefore, all systems on the Token-Ring network
should use the speed to which the PCI-based systems have been set.
# smit
Devices
Communication
Token-Ring Adapter
Adapter
Change/Show Characteristics of a Token-Ring Adapter
On this menu, set the token-ring speed.
Note: Press <enter> here to execute the command and then F10 to exit. If you are
the router you will need to do this again for the other adapter.
__ 3. Adapters are defined when the system is booted. AIX will assign the name en0 or
et0 to the Ethernet adapter and tr0 to the token-ring adapter. Be sure to select the
correct interface.
All systems configure the appropriate adapter according to the exercise diagram
for your system.
The characteristics of the adapter card will now be configured using SMIT. Use
SMIT and go to the Minimum Configuration & Startup menu and add the
appropriate information.
# smit
Communications Applications and Services
TCP/IP
Minimum Configuration & Startup
Select appropriate available Network Interface
Student Exercises
*HOSTNAME [host name]
*Internet ADDRESS (dotted decimal) [your IP address]
Network MASK (dotted decimal) [your subnet mask]
START Now no
__ 4. ROUTER ONLY. Do this step ONLY if your system is the router. The router must
configure two adapters. Remember that each requires a unique host name and IP
address. Configure the second adapter. If you are using SMIT, use Further
Configuration for the second adapter. After configuring the second adapter, edit
/etc/hosts to add its host name and IP address. Unlike Minimum Configuration,
Further Configuration does not ask for a host name, and does not update
/etc/hosts.
F3 to the TCP/IP menu and select:
Further Configuration
Network Interfaces
Network Interface Selection
Change/Show characteristics of a Network Interface
Select appropriate interface
INTERNET ADDRESS (dotted decimal) [your 2nd IP address]
Network MASK (hexadecimal or dotted decimal) [your subnet mask]
Current state up
F3 back to the Further Configuration menu
Name Resolution
Hosts Table (/etc/hosts)
Add a Host
*INTERNET ADDRESS (dotted decimal) [2nd interface IP address]
*HOST NAME [2nd interface host name]
__ 5. ALL SYSTEMS review the /etc/hosts file and see what hosts have already been
defined. Using the lab configuration handout to determine the Internet addresses
for the other hosts, add all the systems in the exercise to the /etc/hosts file.
F3 to the TCP/IP menu and select:
Configuration
Name Resolution
Hosts Table (/etc/hosts)
List All Hosts
Now use SMIT and go to the Add a Host menu and define all the systems in the
labroom. This means defining all the host names and internet addresses for the
networks. Remember that SMIT is only editing the /etc/hosts file for you. If you
prefer, you can edit the /etc/hosts file directly.
F3 back to the Hosts Table menu
Add a Host
Student Exercises
V1.2.2 BKM2MIF
Uempty
*INTERNET ADDRESS (dotted decimal)[address of other host
*HOST NAME[host name of other host]
After adding a host, you can use the F3 key to back up a screen and continue
adding the rest of the hosts.
F10 to exit SMIT
Testing TCP/IP Configuration On The Network
This section is used to review and check the customization between your system
and various systems on your network.
__ 6. Use the ping command to test connectivity to various systems in your network.
ping by IP address as well as by host name.
# ping sysx -- (where sysx is a system on your physical network).
# ping a.b.c.d -- (where a.b.c.d is an IP address of a system on your physical
network).
__ 7. Run the host command on different host names defined in the network. Use it to
resolve by host name as well as by IP address.
# host sysx -- (sysx is a system on the network).
# host a.b.c.d -- (a.b.c.d is an IP address of a system on the network.
__ 8. Run the arp command.
# arp sysx
__ 9. Run the netstat -i command covered in class to view the network interface
information.
# netstat -i -- displays the status of the adapters on the system.
__ 10. Continue to work with the above commands until you understand them. Review the
online documentation to see other parameters you can use.
Using telnet and ftp to Connect to Other Systems
In order to do telnet and ftp, define two user IDs. Change their command line
prompts to be the name of your system. This will help you keep track of whether
you are performing work on a local or on a remote system.
__ 11. Use SMIT to create two users, tcp1 and tcp2. Make both users members of the
system group. Assign them both a password. Make the password the same as
the user name. For all other options take the defaults.
#smit
Security & Users
Users
Add a User
* User NAME[tcp1
Student Exercises
Primary GROUP[system]
Group SET[system]
Do this again for tcp2.
F3 back to the Users menu.
Change a User's Password
User NAME[tcp1]
Changing password for tcp1
tcp1's New Password: tcp1
Enter the new password again:tcp1
Do the same for tcp2
__ 12. Edit the .profile files of both tcp1 and tcp2 by adding the PS1 variable to display
the local host name.
F10 to exit SMIT
# vi /home/tcp1/.profile
PS1="$(hostname)>" (Do NOT substitute hostname with your export
PS1 symbolic host name. You will actually type
the command hostname in the parenthesis.)
#vi /home/tcp2/.profile
PS1="$(hostname)>"
export PS1
__ 13. Log in as both new users to invoke their .profile file and ensure that the PS1
variable was set correctly. When prompted to change their passwords, reissue the
same password. Then, login as tcp1 and telnet to your partner's system and login
as tcp2. You will only be able to do this after your partner system has created the
new users. Use the who am i command to verify that you are tcp2. Your login
prompt will verify that you are remotely logged in, as it should default to the $ or
sysy> (where sysy represents your partner system) when you are on the remote
machine and to your host name when you are back on your local system.
Login: tcp1
Password:
sysx> tn sysy
Login: tcp2
Password:
sysy> who am I
sysy> hostname
While remotely logged into your partner, create a short document called tndoc using your
favorite editor. List the contents of tcp2's home directory to verify that your document is
there.
sysy> vi tndoc
Student Exercises
V1.2.2 BKM2MIF
Uempty
sysy> ls
sysy> <ctrl-T>
tn> close
sysx> hostname
__ 15. ftp to your partner's system using tcp2 as the login name. Transfer the file tndoc
from your partner's system to your system, renaming it ftpdoc.
sysx> ftp sysy
Name (sysy:tcp1): tcp2
Password: tcp2
ftp > get tndoc ftpdoc
__ 16. Change directories on the remote system to /home and verify that you are there.
List the contents of the remote system's /home directory.
ftp > cd /home
ftp > pwd
ftp> ls
__ 17. Now change to any directory on your local system and verify that you are there.
ftp > Icd /tmp
ftp > !pwd
__ 18. End the file transfer session and verify that you are back on your local system.
ftp > quit
sysx> hostname
__ 19. Check to see if ftpdoc is in your home directory, then remove it.
sysx> pwd
sysx> ls ftpdoc
sysx> rm ftpdoc
END OF EXERCISE
Student Exercises
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 3. Using TCP/IP Commands 3-1
V1.2.2 BKM2MIF
Uempty
Exercise 3. Using TCP/IP Commands
This exercise gives students the opportunity to execute some of the
Arpanet and Berkeley commands discussed in the unit. You will use
these commands throughout the exercises during the rest of the week.
Execute a remote login using telnet and rlogin
Perform remote command execution using rexec and rsh
Transfer files using ftp and rcp
Create scripts for unattended file transfer
Introduction
Select a system to be your partner system. In this exercise you will be
setting up the files necessary to do automatic login for ftp, rexec, rsh,
and rlogin as well as do automatic file transfers with ftp. This exercise
assumes you created users tcp1 and tcp2 in the previous exercise. If
you did not then go back to Exercise 2., Configuring TCP/IP, the first
step of the Using telnet And ftp To Connect To Other Systems
section and create these users. Then proceed with this exercise. This
exercise is designed so you can work independently if you wish.
Student Exercises
A Look at Available TCP/IP Services
The following steps will allow you to look at the services and daemons that are
available on your host in order to perform the remote command.
__ 1. Log in as root and ensure that the inetd daemon is running. If it is not, start it.
__ 2. List the contents of the /etc/inetd.conf file and look at the daemons available to
handle network commands.
__ 3. List the contents of the /etc/services file and look at the networking services
available.
Using TCP/IP Commands
To perform TCP/IP commands, you will need to use the two users you defined in
the previous exercise. If you did not do this previously, go back to the previous
exercise and create tcp1 and tcp2 following the instructions listed there.
__ 4. Log in as tcp1 and telnet to your partner system and log in as tcp2. Use the who
am I command to verify that you are tcp2. Your login prompt will verify that you are
remotely logged in, as it should default to the $ or sysy> prompt when you are on
the remote machine and to your host name when you are back on your local
system.
__ 5. While remotely logged into your partner system, make sure the document you
created in the previous exercise tndoc is there. If it is not, create it using your
favorite editor. List the contents of tcp2's home directory to verify that your
document is there.
__ 7. Issue the remote execution command to get the date from your partner system.
When you are prompted to log in, use tcp2.
__ 8. Create a .netrc in your local home directory to automatically log you in when you
execute the rexec command from the step above. Create it using vi, or copy and
edit the sample file /usr/samples/tcpip/netrc. Remember, the file must have a
blank line <CR> as the last line. The permissions must also be set as read/write for
owner only.
__ 9. Re-issue the remote execution command to get the date from your partner system.
__ 10. Add a macdef init entry to your .netrc file to transfer tndoc from the remote
system to your system, renaming it to ftpdoc. Change directory to the remote
system's /home directory. Display the current working directory, and quit the
Student Exercises
V1.2.2 BKM2MIF
Uempty
remote file transfer session. Run ftp and verify that all the commands executed
automatically and the file was transferred.
__ 11. Remotely log in as tcp2 using rlogin to your partner system. Verify that you are
remotely logged in and create a $HOME/.rhosts file on your partner system so you
are not prompted for a login the next time you issue the command. Log out from
the remote system.
__ 12. Remotely log back in using rlogin. You should not be prompted for a login or a
password. If it did not work, correct the .rhosts file on the remote system and try
again. Once you are successful, log out.
__ 13. Once again remotely log in to your partner system, this time as root, and create a
/etc/hosts.equiv file giving tcp1 from your system (sysx) automatic login
capability. su using the "-" option to tcp1 and create a file called rcpdoc. Type a
few lines. You will use this file later. Save the file and log out from this remote
session.
__ 14. As tcp1, use the rsh command to list all processes running on the remote system.
Were you prompted for a login and a password? ______________________ Why,
or why not? ___________________________________________________
__ 15. Log off your system and log in as tcp2. Then try the rsh command again. What
happened now? _________________________________________
Why? __________________________________
__ 16. Log off and log in again as tcp1. Use the rcp command to copy the remote file
rcpdoc, renaming it to myrcpdoc on your system. Display the content of
myrcpdoc to verify it transferred correctly.
__ 17. Continue to work with the above commands until you understand them. Try the
commands on other machines for comparison. Review the online documentation to
see parameters you can use.
__ 18. Try using some of the other commands covered in the unit as time permits.
END OF EXERCISE
Student Exercises
Exercise Instructions With Hints
A Look at Available TCP/IP Services
The following steps will allow you to look at the services and daemons that are
available on your host in order to perform the remote command.
__ 1. Log in as root and ensure that the inetd daemon is running. If it is not, start it.
# lssrc -s inetd
If it is not running, issue the following command: otherwise, skip to the next
instruction.
# startsrc -s inetd
__ 2. List the contents of the /etc/inetd.conf file and look at the daemons available to
handle network commands.
# pg /etc/inetd.conf
__ 3. List the contents of the /etc/services file and look at the networking services
available.
# pg /etc/services
Using TCP/IP Commands
To perform TCP/IP commands, you will need to use the two users you defined in the
previous exercise. If you did not do this previously, go back to the previous exercise and
create tcp1 and tcp2 following the instructions listed there.
__ 4. Log in as tcp1 and telnet to your partner system and log in as tcp2. Use the who
am I command to verify that you are tcp2. Your login prompt will verify that you are
remotely logged in, as it should default to the $ or sysy> prompt when you are on
the remote machine and to your host name when you are back on your local
system.
login: :hp2.tcp1:ehp2.
Password:
sysx> tn sysy
Login: tcp2
Password:
sysx> who am I
sysx> hostname
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 5. While remotely logged into your partner system, make sure the document you
created in the previous exercise tndoc is there. If it is not, create it using your
favorite editor. List the contents of tcp2's home directory to verify that your
document is there.
If tndoc is not there then create it. If it is there, proceed with the next
instruction.
sysy> vi tndoc
sysy> ls -l
sysy> <ctrl-T>
tn> close
sysx> hostname
__ 7. Issue the remote execution command to get the date from your partner system.
When you are prompted to log in, use tcp2.
sysx> rexec sysy date
Name (sysy:tcp1):tcp2
Password:
__ 8. Create a .netrc in your local home directory to automatically log you in when you
execute the rexec command from the step above. Create it using vi, or copy and
edit the sample file /usr/samples/tcpip/netrc. Remember, the file must have a
blank line <CR> as the last line. The permissions must also be set as read/write for
owner only.
sysx> vi .netrc
machine sysy
login tcp2
password <key in password>
<CR>
sysx> chmod 600 .netrc
__ 9. Re-issue the remote execution command to get the date from your partner system.
sysx> rexec sysy date
__ 10. Add a macdef init entry to your .netrc file to transfer tndoc from the remote
system to your system, renaming it to ftpdoc. Change directory to the remote
system's /home directory. Display the current working directory, and quit the
remote file transfer session. Run ftp and verify that all the commands executed
automatically and the file was transferred.
sysx> vi .netrc
machine sysy
login tcp2
Student Exercises
password <put in tcp2's password>
macdef init
get tndoc ftpdoc
cd /home
pwd
quit <CR>
sysy> ftp sysy
__ 11. Remotely log in as tcp2 using rlogin to your partner system. Verify that you are
remotely logged in and create a $HOME/.rhosts file on your partner system so you
are not prompted for a login the next time you issue the command. Log out from
the remote system.
sysx> rlogin sysy -l tcp2
tcp2's Password:
sysy> hostname
sysy> vi .rhosts
host username (where host is your local host
(sysx), and username is tcp1)
sysy> logout
__ 12. Remotely log back in using rlogin. You should not be prompted for a login or a
password. If it did not work, correct the .rhosts file on the remote system and try
again. Once you are successful, log out.
sysx> rlogin sysy -l tcp2
sysy> logout
__ 13. Once again remotely log in to your partner system, this time as root, and create a
/etc/hosts.equiv file giving tcp1 from your system (sysx) automatic login
capability. su using the "-" option to tcp1 and create a file called rcpdoc. Type a
few lines. You will use this file later. Save the file and log out from this remote
session.
sysx> tn sysy
Login: root
root's password: ibmaix
sysy> vi /etc/hosts.equiv
host username (where host is the name of your
local host (sysx) and username is tcp1)
sysy> su - tcp1
sysy> vi rcpdoc
sysy> exit (to return to the login user)
sysy> logout
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 14. As tcp1, use the rsh command to list all processes running on the remote system.
Were you prompted for a login and a password? ______________________ Why,
or why not? ___________________________________________________
sysx> rsh sysy ps -ef
__ 15. Log off your system and log in as tcp2. Then try the rsh command again. What
happened now? _________________________________________
Why? __________________________________
sysx> logout
Login: tcp2
Password: tcp2
sysx> rsh sysy ps -ef
__ 16. Log off and log in again as tcp1. Use the rcp command to copy the remote file
rcpdoc, renaming it to myrcpdoc on your system. Display the content of
myrcpdoc to verify it transferred correctly.
sysx> logout
Login: tcp1
password: tcp1
sysx> rcp sysy:rcpdoc myrcpdoc
sysx> cat myrcpdoc
__ 17. Continue to work with the above commands until you understand them. Try the
commands on other machines for comparison. Review the online documentation to
see parameters you can use.
__ 18. Try using some of the other commands covered in the unit as time permits.
END OF EXERCISE
Student Exercises
Solutions
Following are the solutions to those instructions that include questions:
14. Use the rsh command to list all processes running on the remote system. Were you
prompted for a login and a password? ______________________ Why, or why not?
___________________________________________________
15. Log off your system and log in as tcp2. Then try the rsh command again. What
happened now? ______________________________
Why? _________________________________ Answer: You should not have been
prompted for a login and password the first time because you should be authorized to
use rsh based on the entry in the /etc/hosts.equiv file created in previous steps. The
second attempt to use rsh this time as tcp2 should result in the error message:
Permission denied.
This occurs because there are no entries for tcp2 user in the etc/hosts.equiv or tcp2's
.rhosts file.
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 4. Configuring PPP 4-1
V1.2.2 BKM2MIF
Uempty
Exercise 4. Configuring PPP
This exercise gives students the opportunity to configure a PPP
connection between your system and your partner's system. It takes
you through the steps to establish the calling and called systems.
After completing this exercise, you should be able to:
Configure a calling system (client)
Configure a called system (server)
Write a chat script
Establish PPP connection
Introduction
It will be necessary to work in pairs of teams to establish the PPP
connection. One of the teams will be the client, the calling system, and
the other will be the server, the called system.
See your instructor to determine which systems have PPP
connections and their corresponding port numbers. Use the IP
addresses beginning with 192.168.p.x for your PPP interfaces, where
x is your host name number and p is your PPP connection (network
number). Network name and IP Address worksheet on the following
page is a sample worksheet describing the network shown following
the worksheet.
Student Exercises
AU073X03
Host Name IP Address Subnet Mask Network
Interfaced
PPP1
PPP2
PPP3
PPP4
PPP5
PPP6
Example Network
Topology Diagram
PPP Network
192.168.1.1 192.168.1.2
192.168.2.3
192.168.3.5
192.168.2.4
192.168.3.6
333 333
333
333
333
333
Student Exercises
V1.2.2 BKM2MIF
In this exercise, you will establish a PPP connection between the two systems.
Configuring a PPP client system (calling)
The following steps are for the client system only.
__ 1. Log in as root. Create a new user, ppptest, which you will use for connecting to the
server. Make this user a member of the group uucp and set a password for it.
__ 2. Enable the system log. The PPP subsystem and the pppdial command will write
information there that is extremely useful for debugging. Create a TTY device for
serial port on your system. Use a speed of 9600 bps and none/8/1 for parity/data
bits/stop bits. Disable login.
__ 3. After your partner team has completed step number 9, but before step number 11,
you can verify the physical connection by using (ate) Async Terminal Emulation.
Try logging in!
__ 4. Log in as ppptest and create a chat script called chatfile to log into your partner
system.
__ 5. Create a shell script called connect-script that will invoke pppattachd, using
pppdial with the chat script.
__ 6. Log in as root. Using SMIT, perform the PPP configuration for your system as a
client/caller. First perform the Link Control Configuration.
__ 7. Start the PPP subsystem on your system.
__ 8. Once the server setup is complete, log in as ppptest. Invoke your shell script to
start pppattachd and establish the PPP connection to the partner system. Invoke
the script in the background (you may need to specify a full path name for your
script, depending which directory you placed it in).
Configuring a PPP server system (called)
The following steps are for the server system only.
__ 9. Log in as root. Create the call-in TTY device for serial port on your system. Use
settings compatible with the call-out device created on the client.
__ 10. Enable the system log. The PPP subsystem will write information here that is
useful for debugging.
__ 11. Create a new user account the PPP client can log into. Call the user ppp. The
user does not need any special privileges.
__ 12. Log in as ppp. Create a .profile in the home directory of user ppp that will invoke
pppattachd in server mode.
server/called system. First perform the Link Control Configuration.
Student Exercises
__ 14. Now create the IP interface for communication with the client. The server side of
the link should have address 192.168.p.x and the client 192.168.p.y (where p is the
PPP network number and x is the host name number and y is your partner's host
name number.
__ 16. Use the ifconfig command to look at your PPP interface.
__ 17. Tell the client team they may now try connecting with PPP.
Verifying the PPP connection
The following steps are for both client and server systems.
__ 18. Define both PPP interface addresses in /etc/hosts
__ 19. Use ping to test the connection. If you are having problems, look in the
/var/adm/syslog on both systems for debugging information.
__ 20. Use the ifconfig command to look at your PPP interfaces now that the connection
is established.
END OF EXERCISE
Student Exercises
V1.2.2 BKM2MIF
Server exercise instructions start at number 9 instruction.
In this exercise, you will establish a PPP connection between the two systems.
Configuring a PPP client system (calling)
The following steps are for the client system only.
__ 1. Log in as root. Create a new user, ppptest, which you will use for connecting to the
server. Make this user a member of the group uucp and set a password for it.
# mkuser ppptest
# chuser groups=uucp ppptest
# passwd ppptest
__ 2. Enable the system log. The PPP subsystem and the pppdial command will write
information there that is extremely useful for debugging.
# vi /etc/syslog.conf
Go to bottom of file (Shift G).
Add a new line at end as follows:
*.debug /var/adm/syslog
(Note: There must be a tab after 'debug'.)
# cd /var/adm
# > syslog
# refresh -s syslogd
Create TTY for serial port device on your system. Use a speed of 9600 bps and
none/8/1 for parity/data bits/stop bits. Disable login.
# smit mktty
Add a TTY
tty rs232 Asynchronous Terminal
sa0 Available 01-C0 Asynchronous Serial Port 1
PORT number s1
Enable LOGIN disable
BAUD rate 9600
PARITY none
BITS per character 8
Number of STOP BITS 1
FLOW CONTROL to be used rts
__ 3. After your partner team has completed step number 9, but before step number 11,
you can verify the physical connections by using (ate) Async Terminal Emulation.
Try logging in!
Student Exercises
# ate (execute program)
a (to go to alter menu)
r 9600 (to change line speed)
ctrl-r (to return to connect menu)
c (to make connection)
tty0 (as "phone number" to connect to)
login: root (login as root)
root's password: (password)
# hostname (identify remote host)
# logout (exit remote system)
> q (quit ate)
# hostname (identify local host)
__ 4. Log in as ppptest and create a chat script called chatfile to log into your partner
system.
ctrl -d
login: ppptest
vi chatfile
Example chat script (change "trivial" to password used for user ppp on server):
ogin:
ppp
ssword:
trivial
__ 5. Create a shell script called connect-script that will invoke pppattachd, using
pppdial with the chat script.
Example shell script to invoke pppattachd on client/caller:
exec /usr/sbin/pppattachd client tty1 connect "/usr/sbin/pppdial -v -f chatfile"
ctrl -d to exit login screen
client/caller. First perform the Link Control Configuration.
ctrl -d
login: root
# $smit addlcp
PPP subsystem name clientx
Student Exercises
V1.2.2 BKM2MIF
Uempty
max server connections 0
max client connections 1
max demand connections 0
max ip interfaces 1
max async hdlc attachments 1
F10 - back to system prompt
#smit startppp
F10 - to exit smit
ctrl -d to exit login screen
__ 8. Once the server setup is complete, log on as ppptest. Invoke your shell script to
start pppattachd and establish the PPP connection to the partner system. Invoke
the script in the background (you may need to specify a full path name for your
script, depending which directory you placed it in).
login: ppptest
$ chmod 755 connect-script
$ connect-script&
Configuring a PPP server system (called)
The following steps are for the server system only.
__ 9. Log in as root. Create the call-in TTY device for serial port on your system. Use
settings compatible with the call-out device created on the client.
# smit mktty
Add a TTY
tty rs232 Asynchronous Terminal
sa1 Available 01-D0-s2 Asynchronous Serial Port 2
PORT number s2
Enable LOGIN enable
BAUD rate 9600
PARITY none
BITS per character 8
Number of STOP BITS 1
FLOW CONTROL to be used rts
F10 - to exit smit
__ 10. Enable the system log. The PPP subsystem will write information here that is
useful for debugging.
# vi /etc/syslog.conf
Student Exercises
Go to bottom of file (Shift G).
Add a new line at end as follows:
*.debug /var/adm/syslog
(Note: There must be a tab after 'debug'.)
# cd /var/adm
# > syslog
# refresh -s syslogd
__ 11. Create a new user account the PPP client can log into. Call the user ppp. The
user does not need any special privileges.
# mkuser ppp
# passwd ppp
# chuser groups=uucp ppp
__ 12. Log in as ppp. Create a .profile in the home directory of user ppp that will invoke
pppattachd in server mode.
ctrl -d
login: ppp
$vi /home/ppp/.profile
Example .profile:
exec /usr/sbin/pppattachd server 2> /dev/null
(If there is already a profile, replace it with the one shown above)
ctrl -d - to exit login screen
server/called system. First perform the Link Control Configuration.
ctrl -d
login: root
# smit addlcp
PPP subsystem name serverx
max server connections 1
max client connections 0
max demand connections 0
max ip interfaces 1
max async hdlc attachments 1
F3 - to return to system prompt
__ 14. Now create the IP interface for communication with the client. The server side of
the link should have address 192.168.p.x and the client 192.168.p.y (where p is the
PPP network number and x is the hostname number and y is your partner's host
name number).
Student Exercises
V1.2.2 BKM2MIF
Uempty
smit addpppserver
address 192.168.p.x
Starting Remote IP address 192.168.p.y
Number of addresses 1
F3 - to return to system prompt
smit startppp
F10 - to exit smit
__ 16. Use the ifconfig command to look at your PPP interface.
# ifconfig pp0
__ 17. Tell the client team they may now try connecting with PPP.
Verifying the PPP connection
The following steps are for both client and server systems.
__ 18. Define both PPP interface addresses in /etc/hosts (where p is the PPP network
name and x is your host name number and y is your partner's host name number).
192.168.p.x pppx
192.168.p.y pppy
__ 19. Use ping to test the connection. If you are having problems, look in the
/var/adm/syslog on both systems for debugging information.
__ 20. Use the ifconfig command to look at your PPP interfaces now that the connection
is established.
# ifconfig pp0
Student Exercises
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 5. Static Routing 5-1
V1.2.2 BKM2MIF
Uempty
Exercise 5. Static Routing
This exercise gives students the opportunity to configure routing
between their systems and the remote network. Students will examine
their routing tables before and after changes have been made as well
as test the routes using TCP/IP commands.
Configure a host route, network route, and default route
Flush the routing table
Configure routing across multiple networks
Introduction
Before starting this exercise, identify the following:
The router for your network this information can be found in the
worksheet from Exercise 2
A partner system from the other network
Use this information to fill in the following chart whereby the alpha
characters represent the IP address of the following:
X - Your IP address
Y - A partner system on the other network
Z - Another system on the other network
R - Router IP address
The examples throughout this exercise will assume that the local
network is 9.19.99 and the remote network is 9.19.98. Substitute your
local and remote network numbers as appropriate.
contains all of the above hosts and IP addresses. If not, add them now.
Explanation Hostname IP address
IP address of my network N/A
Student Exercises
Using a series of commands, you will do the following:
Examine the routing table before configuring any routes
Add routes to the routing table
Re-examine the routing table to view the new entries
Once you have successfully completed the exercise, you will be asked
to flush the routing table and re-enter the default route using SMIT.
Adding routes from the command line only enters them temporarily. If
you restart your system, you will not have any route entries. Using
SMIT, route information is stored in ODM where it is retrieved upon
system restart.
IP address of remote network N/A
Partner system on remote network (Example: 9.19.98.Y)
Other system on remote network (Example: 9.19.98.Z)
Network interface on my machine (Example: 9.19.99.X)
Network router (Example: 9.19.99.R)
Note: This exercise assumes that your /etc/hosts file contains all of the above hosts and
IP addresses. If not, add them now.
Explanation Hostname IP address
Student Exercises
V1.2.2 BKM2MIF
Preparing The Router To Do Routing
__ 1. ROUTER ONLY. Log in as root. In order for your system to provide the routing
facility for the other systems in the classroom, the ipforwarding bit must be turned
on. Using the no command, check to see if it is turned on. If not, turn it on. Then
add the no command to turn it on in the /etc/rc.net file so this change is seen at
each system reboot. You will need to add write permission to the /etc/rc.net file
before doing this. Also, turn off pmtu discovery to avoid cloning of routes.
ALL SYSTEMS EXCEPT THE ROUTER
Configuring Routing
In this section, you will add entries to your routing table so you can reach remote hosts and
networks. You will also clear out these entries and add a default entry.
__ 2. Log in as root. Display your current routing table. What entries are in the table?
Also, turn off pmtu discovery to avoid cloning routes.
_______________________________________________________________
__ 3. Add a host route between you and your partner system on the remote network.
Display the contents of the routing table. Coordinate with your partner so both of
you have added the entry before testing the route. Test the route using ping. Can
you reach any other system on the remote network? _____________________
__ 4. Display the contents of the routing table. Now add a network route to the remote
network. Display the contents of the routing table. Test the route to a system on the
remote network (not your partner system). Again, you will have to coordinate that
they have configured a route to your network.
__ 5. Once again, display the current contents of the routing table. Now, flush the routing
table. Display its contents.
__ 6. Now add a default route to the remote network and display its contents. Test the
route to your partner system and to another system on the network.
Configuring Routing Using SMIT
In this section, you will flush the routing table and reconfigure a default route using SMIT.
The default route information will be stored in ODM. This ensures that routing will be
configured at every system restart.
__ 7. Flush the routing table.
__ 8. Using SMIT, add a default route to the remote network. Display the routing table.
__ 9. Test the route using ping.
Student Exercises
Creating A Route That Crosses A PPP Connection On Another Network
Using what you have learned about routing, all systems EXCEPT the router will add ONE
route statement to their routing table that will do the following:
Goes to a host on the other network, crosses that host's PPP connection to get
to its PPP partner.
The router will add a route statement to its route table that will help you get to your final
destination.
Below is a visualization of what you are to do. You are on your system on your network.
You must go through the router on your network. Using the PPP connection on a host
connected to the other network, go across the PPP link to its PPP partner making that your
final destination.
Netmasks on all IP addresses are 255.255.255.0.
ALL SYSTEMS EXCEPT THE ROUTER, do steps 10-13. If you are the router, skip to the
last step.
__ 10. Checklist of things to do before beginning:
Select a host on the other network whose PPP connection you want to use.
Host _______________________
Check with that host to be sure their PPP connection with their PPP partner is
functioning. If not, find another partner, or help them fix it.
Record the host's IP address. HOST ADDRESS ___________________
Record the PPP IP address of the host's PPP PARTNER. PPP PARTNER
________________
Give the above information to the router and keep a copy for yourself.
__ 11. Add ONE route to your routing table that will get packets from your host to your
final destination. Remember, the router will also be adding a statement to help
make this happen. Also, make sure the destination system has a route back to
your network and the system you are using as the router to the PPP network has
ipforwarding turned on.
__ 12. Be sure the router added your entry, then check it out. Use ping -R
<IP_address_of_final_destination>. The -R option allows you to trace the exact
route. Did it work? If not, check the following: (1) check that the router has
completed the route entry for your system and that it is correct; (2) check your
route entry; (3) check to see if your PPP partner's route table includes an entry to
your network. Try it again.
__ 13. Try ping -R <host_name_of_final_destination>. What happened?
_________________ How can you fix it so you can use ping with either the IP
address or the host name of the final destination? _____________________
__ 14. ROUTER ONLY. As the router, you must provide ONE route statement per team
that is trying to get to the other side using the information that is given to you by
that team. The exception is, if more than one team on one side of the network is
Student Exercises
V1.2.2 BKM2MIF
Uempty
trying to get to the same PPP connection, one route will work for those teams for
that connection.
All Systems
__ 15. Turn on pmtu discovery and ping your partner and another system on the other
network. Display the route table to see cloned routes.
END OF EXERCISE
Student Exercises
Preparing The Router To Do Routing
__ 1. ROUTER ONLY. Log in as root. In order for your system to provide the routing
facility for the other systems in the classroom, the ipforwarding bit must be turned
on. Using the no command, check to see if it is turned on. If not, turn it on. Then
add the no command to turn it on in the /etc/rc.net file so this change is seen at
each system reboot. You will need to add write permission to the /etc/rc.net file
before doing this. Also, turn off pmtu discovery to avoid cloning of routes.
# no -a | grep ipforwarding If ipforwarding=0, then turn on ipforwarding
# no -o ipforwarding=1
# chmod 754 /etc/rc.net
# vi /etc/rc.net add no -o ipforwarding=1 to the end of the file
# no -o udp_pmtu_discover=0
# no -o tcp_pmtu_discover=0
ALL SYSTEMS EXCEPT THE ROUTER
Configuring Routing
In this section, you will add entries to your routing table so you can reach remote hosts and
networks. You will also clear out these entries and add a default entry.
__ 2. Log in as root. Display your current routing table. What entries are in the table?
Also, turn off pmtu discovery to avoid cloning routes.
____________________________________________________________
____________________________________________________________
____________________________________________________________
# netstat -rn
__ 3. Add a host route between you and your partner system on the remote network.
Display the contents of the routing table. Coordinate with your partner so both of
you have added the entry before testing the route. Test the route using ping. Can
you reach any other system on the remote network?
# netstat -rn
# route add 9.19.98.Y 9.19.99.R (This is an example only. Use the correct
address for your system and network)
# netstat -rn
Student Exercises
V1.2.2 BKM2MIF
Uempty
# ping 9.19.98.Y (Substitute the appropriate network address for your situation.)
# ping 9.19.98.Z
__ 4. Display the contents of the routing table. Now add a network route to the remote
network. Display the contents of the routing table. Test the route to a system on the
remote network (not your partner system). Again, you will have to coordinate that
they have configured a route to your network.
# netstat -rn
# route add -net 9.19.98 9.19.99.R (Substitute the appropriate address for your
situation.)
# netstat -rn
# ping 9.19.98.Y (Substitute the appropriate address for your situation.)
# ping 9.19.98.Z
__ 5. Once again, display the current contents of the routing table. Now, flush the routing
table. Display its contents.
# netstat -rn
# route -f
# netstat -rn
__ 6. Now add a default route to the remote network and display its contents. Test the
route to your partner system and to another system on the network.
# route add default 9.19.99.R (substitute the appropriate address)
# netstat -rn
# ping 9.19.98.Y (substitute the appropriate address)
# ping 9.19.98.Z
Configuring Routing Using SMIT
In this section, you will flush the routing table and reconfigure a default route using SMIT.
The default route information will be stored in ODM. This ensures that routing will be
configured at every system restart.
__ 7. Flush the routing table.
# smit fshrttbl
Flush Routing Table in the Current Running System yes
Flush IPV4 Routes in the Configuration Database yes
Flush IPV6 Routes in the Configuration Database no
__ 8. Using SMIT, add a default route to the remote network. Display the routing table.
# smit
TCP/IP
Static Routes
Student Exercises
Add a Static Route
DESTINATION Type net
* DESTINATION Address [0]
(dotted decimal or symbolic name)
* Default GATEWAY Address [9.19.99.R]
* METRIC (number of hops to [1]
(destination gateway)
* Network MASK (hexidecimal or dotted decimal) [255.255.255.0]
# netstat-rn
__ 9. Test the route using ping.
# ping sysy
Creating a Route That Crosses a PPP Connection On Another Network
Using what you have learned about routing, all systems EXCEPT the router will add ONE
route statement to their routing table that will do the following:
Goes to a host on the other network, crosses that host's PPP connection to get
to its PPP partner.
The router will add a route statement to its route table that will help you get to you
final destination.
Below is a visualization of what you are to do. You are on your system on your
network. You must go through the router on your network. Using the PPP
connection on a host connected to the other network, go across the PPP link to its
PPP partner making that your final destination.
Netmasks on all IP addresses are 255.255.255.0.
ALL SYSTEMS EXCEPT THE ROUTER, do Steps 10-13. If you are the router,
skip to the last step.
__ 10. Checklist of things to do before beginning:
Select a host on the other network whose PPP connection you want to use.
Host _______________________
Check with that host to be sure their PPP connection with their PPP partner is
functioning. If not, find another partner, or help them fix it.
Record the host's IP address. HOST ADDRESS ___________________
Record the PPP IP address of the host's PPP PARTNER. PARTNER
________________
Give the above information to the router and keep a copy for yourself.
__ 11. Add ONE route to your routing table that will get packets from your host to your
final destination. Remember, the router will also be adding a statement to help
make this happen. Also, make sure the destination system has a route back to
your network and the system you are using as the router to the PPP network has
ipforwarding turned on.
Student Exercises
V1.2.2 BKM2MIF
Uempty
# route add 192.168.p.z 9.19.99.2 (substitute the appropriate address for your
situation)
# tn sysy (in our example)
# netstat -rn
# no -a | grep ipforwarding
If ipforwarding is not turned on:
# ctrl -d
__ 12. Be sure the router added your entry, then check it out. Use ping -R
<IP_address_of_final_destination>. The -R option allows you to trace the exact
route. Did it work? If not, check the following: (1) check that the router has
completed the route entry for your system and that it is correct; (2) check your
route entry; (3) check to see if your PPP partner's route table includes an entry to
your network. Try it again.
# netstat - rn
# ping -R 192.168.p.z (substitute the appropriate address for your situation)
__ 13. Try ping -R <host_name_of_final_destination> What happened?
______________ How can you fix it so you can use ping with either the IP
address or the host name of the final destination? _________________________
# ping -R pppz
__ 14. ROUTER ONLY. As the router, you must provide ONE route statement per team
that is trying to get to the other side using the information that is given to you by
that team. The exception is, if more than one team on one side of the network is
trying to get to the same PPP connection, one route will work for those teams for
that connection.
# route add 192.168.p.z 9.19.98.3 (substitute the appropriate address for your
situation)
All Systems
__ 15. Turn on pmtu discovery and ping your partner and another system on the other
network. Display the route table to see cloned routes.
# no -o udp_pmtu_discover=1
# no -o tcp_pmtu_discover =1
# ping sysy
# ping sysz
# netstat -rn
END OF EXERCISE
Student Exercises
Solutions
Following are the solutions for those instructions that include questions.
2. Display your current routing table. What entries are in the table?
____________________________________________________
Answer: The ones that were created when the network interface was configured. The
implicit routes.
3. Add a host route between you and your partner system on the remote network. Display
the contents of the routing table. Coordinate with your partner so both of you have added
the entry before testing the route. Test the route using ping. Can you reach any other
system on the remote network? ____________________________________
Answer: No, because the route you added points only to the specific host, not to the
network.
13. Try ping -R <host_name_of_final_destination>. What happened?
___________________________ How can you fix it so you can use ping with either the IP
address or the host name of the final destination?
_____________________________________________
Answer: Make sure the host name for the destination PPP interface is in your /etc/hosts
file.
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 6. Dynamic Routing 6-1
V1.2.2 BKM2MIF
Uempty
Exercise 6. Dynamic Routing
This exercise provides students the opportunity to work with the
simplest of the dynamic routing daemons, routed.
Set up dynamic routing using RIP in a simple network environment
Start and stop the routed daemon
Introduction
In this exercise the gateway system (router) will have separate
instructions from all other hosts. The exercise instructions indicate
what instructions apply to the gateway, what instructions apply to other
hosts, and what instructions apply to all systems. Be sure to do only
those instructions that relate to your system. You must complete all
steps in this exercise before continuing to the next exercise.
Student Exercises
__ 1. ALL SYSTEMS: Check to see if routed or gated is currently running. If they are,
stop them.
__ 2. ALL SYSTEMS: Flush the routing table. Use SMIT to do this. Check to be sure only
the implicit routes remain.
__ 3. GATEWAY ONLY: Check to see if ipforwarding is turned on. If it is not, turn it on.
__ 4. GATEWAY ONLY: Start routed in active mode.
__ 5. ALL HOSTS OTHER THAN THE GATEWAY: Start routed in passive mode.
__ 6. ALL HOSTS OTHER THAN THE GATEWAY: Check the routing tables to see if the
other network shows up.
__ 7. ALL SYSTEMS: Test the connection to systems on other networks using ping and
then try to telnet to another system on the other network. Display the route table.
__ 8. ALL SYSTEMS: Once the test has been successful, stop routed on all systems and
verify that it has stopped.
__ 9. ALL SYSTEMS: Flush the routing tables and create a default route to the other
network through SMIT.
END OF EXERCISE
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 6. Dynamic Routing 6-3
V1.2.2 BKM2MIF
__ 1. ALL SYSTEMS: Check to see if routed or gated is currently running. If they are,
stop them.
# lssrc -s routed
# lssrc -s gated
(if either one is running, stop them)
# stopsrc -s routed
-OR-
# stopsrc -s gated
__ 2. ALL SYSTEMS: Flush the routing table. Use SMIT to do this. Check to be sure only
the implicit routes remain.
# $smit
TCP/IP
Static Routes
Flush Routing Table
Flush Routing Table in the Current Running Systemyes
Flush IPV4 Routes in the Configuration Data Baseyes
# $netstat -rn
__ 3. GATEWAY ONLY: Check to see if ipforwarding is turned on. If it is not, turn it on.
# no -a | grep ipforwarding
If ipforwarding=0, turn it on.
__ 4. GATEWAY ONLY: Start routed in active mode.
# startsrc -s routed -a "-s"
__ 5. ALL HOSTS OTHER THAN THE GATEWAY: Start routed in passive mode.
# startsrc -s routed -a "-q"
__ 6. ALL HOSTS OTHER THAN THE GATEWAY: Check the routing tables to see if the
other network shows up.
# netstat -rn
__ 7. ALL SYSTEMS: Test the connection to systems on other networks using ping and
then try to telnet to another system on the other network. Display the route table.
# ping sysy (where sysy is the name of a system on the other
network)
Student Exercises
# telnet sysy
# netstat -rn
__ 8. ALL SYSTEMS: Once the test has been successful, stop routed on all systems and
verify that it has stopped.
# stopsrc -s routed
# lssrc -s routed
__ 9. ALL SYSTEMS: Flush the routing tables and create a default route to the other
network through SMIT.
# $route -f
# $smit
TCP/IP
Static Routes
Add a Static Route
Destination TYPE net
* $DESTINATION Address [0]
* $Default GATEWAY Address [router address]
METRIC (number of hops to[1]
destination gateway)
Network MASK [255.255.255.0]
(hexadecimal or dotted decimal)
END OF EXERCISE
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 7. Configuring a Domain Network 7-1
V1.2.2 BKM2MIF
Uempty
Exercise 7. Configuring a Domain Network
This exercise provides the opportunity to create a domain network.
The domain will have a primary name server, a secondary name
server, and clients.
Convert a TCP/IP flat network into a TCP/IP domain network
Set up a primary name server
Set up a secondary name server
Set up a client to use the name servers
Test to verify correct customization using ping, host, and nslookup
Create a dump of the active named database
Introduction
In this exercise, different systems will be performing different
functions. You should carefully read the items below and make sure
you know which parts you will be doing and which parts you need to
coordinate with others.
1. Everyone will change their host name.
2. One system will be a primary name server.
3. One system will be a secondary name server. .
4. All other systems will be a client to the name server.
5. Everyone will test the domain environment.
6. The primary and secondary name servers will dump the active
named database.
7. Everyone will deactivate DNS.
You will configure your system as part of a TCP/IP domain network.
Follow the naming convention used in the unit to provide a supportive
relationship between unit and exercise. The domain name used in the
unit was dc.ibm.com.
Student Exercises
If you are unsure of the labroom configuration as it is configured for
TCP/IP, check with your instructor. Get together as a domain team
and decide which systems will be the:
Primary Name Server
Secondary Name Server
All other systems will be DNS clients.
Fill in the chart below with the information for your domain. The
possible roles are primary name server, secondary name server, and
client.
You will not be setting up a cache file during this exercise.
Role
IP
Address
Domain
Name
Host
Name
primary
secondary
client
client
client
client
client
client
client
client
client
client
Student Exercises
V1.2.2 BKM2MIF
To give everyone the experience of configuring a primary name server, everyone EXCEPT
the designated secondary name server will do the following section, Setting Up A Primary
Name Server. At the end of this section, those systems designated as clients will skip to
the section Setting Up A Client.
Setting Up A Primary Name Server
Everyone except the secondary name server should complete this section. The
secondary name server should skip to the next section, Setting Up A Secondary
Name Server.
__ 1. Log in as root. Change your hostname to a fully qualified host name.
__ 2. Create the /etc/named.boot file. Use the /etc directory to store the database file.
__ 3. Copy the /etc/hosts file to create a backup. Then edit your /etc/hosts file to
contain the loopback entry and all the hosts in the domain.
__ 4. Run the two IBM-provided awk scripts on your /etc/hosts file. Be sure to run the
addrs.awk script twice, once for each network. Edit the name zone file as
required. Be sure to substitute the file names you provided in your
/etc/named.boot file.
__ 5. Edit the two IP zone files to delete just the network octets of the IP address
(example .98.19.9). Just the host octet should remain. Also, delete all line entries
for hosts that are not applicable to the network the IP zone file represents. The
network octets of the network address will be appended as needed by the primary
in-addr.arpa entry in the /etc/named.boot file. Edit the SOA record if necessary.
Repeat for the second network.
__ 6. Create the local IP zone file.
__ 7. All designated clients should SKIP to the section Setting Up A Client. The
remaining instructions start the name server. Only the designated primary name
server will complete instructions 8, 9 and 10.
__ 8. Permanently change the host name to the fully qualified domain name.
__ 9. Create a /etc/resolv.conf file.
__ 10. Start the named daemon.
Setting Up A Secondary Name Server
Only the secondary name server completes this section.
__ 11. Log in as root and create the /etc/named.boot file. Use the /etc directory to store
the database files.
Student Exercises
__ 13. Copy the /etc/hosts file to create a backup. Then edit your /etc/hosts file, deleting
all hosts except the localhost and your system.
__ 14. Change the host name to the fully qualified domain name.
__ 16. Start the named daemon. Then verify the files were sent from the primary name
server.
Setting Up A Client
All systems EXCEPT the name servers complete this section.
__ 17. Copy the /etc/hosts file to create a backup. Then edit the /etc/hosts file,
commenting out all entries except the line with localhost and your system. This is
not a necessary step, but it will show that you are using the name server
exclusively.
__ 19. Create the /etc/resolv.conf file and enter the primary and secondary name servers
for your domain. Remember to add the domain entry. Verify the /etc/resolv.conf
file contains your domain name and name servers.
Testing The Domain Network
All systems complete this section.
__ 20. Use the ping command and ping your loopback, your system, another IP address
in the domain, and another system in the domain.
__ 21. Use the host command and resolve the hostname of a host in the domain, the
hostname "localhost," another IP address of a host in the domain, and your
hostname.
__ 22. Execute a noninteractive query using nslookup for all options available for your
domain.
__ 23. Execute a noninteractive query on any host in the domain.
__ 24. Execute an interactive query of the following:
a. The nameserver
b. An IP address in your domain
c. List information available for your domain
d. List all records of the specified type "any" for your domain
e. Edit nslookup
__ 25. Turn on nslookup debug and execute a query of the nameserver. Turn off debug
and exit nslookup.
Student Exercises
V1.2.2 BKM2MIF
Uempty
Dumping The Active named Database
Only the primary and secondary name server complete this section.
__ 26. Identify the process id (pid) of the named daemon.
__ 27. Use the kill command to dump the named database.
__ 28. Look at the dump file /var/tmp/named_dump.db.
Deactivating DNS
All Systems complete this section.
__ 29. Check to see if the named daemon is running. If it is, stop it using SMIT. It should
only be running on the name servers.
__ 30. Remove the /etc/resolv.conf file, rename your /etc/hosts backup file to
/etc/hosts, and change the host name back to a flat network name.
END OF EXERCISE
Student Exercises
To give everyone the experience of configuring a primary name server, everyone EXCEPT
the designated secondary name server will do the following section, Setting Up A Primary
Name Server. At the end of this section, those systems designated as clients will skip to
the section Setting Up A Client.
Setting Up A Primary Name Server
Everyone except the secondary name server should complete this section. The
secondary name server should skip to the next section, Setting Up A Secondary
Name Server.
__ 1. Log in as root. Change your hostname to a fully qualified host name.
# hostname sysx.dc.ibm.com
where x is your system number.
__ 2. Create the /etc/named.boot file. Use the /etc directory to store the database file.
# vi /etc/named.boot
directory /etc
primary dc.ibm.com named.dc
primary 98.19.9.in-addr.arpa named.revip98
primary 99.19.9.in-addr.arpa named.revip99
primary 0.0.127.in-addr.arpa named.local
__ 3. Copy the /etc/hosts file to create a backup. Then edit your /etc/hosts file to
contain the loopback line and all the hosts in the domain.
# cp /etc/hosts /etc/hosts.bak
# vi /etc/hosts
__ 4. Run the two IBM-provided awk scripts on your /etc/hosts file. Be sure to run the
addrs.awk script twice, once for each network. Edit the name zone file as
required. Be sure to substitute the file names you provided in your
/etc/named.boot file.
# /usr/samples/tcpip/hosts.awk /etc/hosts > /etc/named.dc
# /usr/samples/tcpip/addrs.awk /etc/hosts > /etc/named.revip98
# /usr/samples/tcpip/addrs.awk /etc/hosts > /etc/named.revip99
# vi /etc/named.dc
Check the primary name server and system administrator fully qualified name in
the SOA record and the name server short name to the NS record.
__ 5. Edit the two IP zone files to delete just the network octets of the IP address
(example .98.19.9). Just the host octet should remain. Also, delete all line entries
for hosts that are not applicable to the network the IP zone file represents. The
network octets of the network address will be appended as needed by the primary
Student Exercises
V1.2.2 BKM2MIF
Uempty
in-addr.arpa entry in the /etc/named.boot file. Edit the SOA record if necessary.
Repeat for the second network.
Change the example below to include the information as it relates to your
environment.
# vi /etc/named.revip98
Replace root with system administrator's user name.
Delete the network address leaving the host address in each line of the file in
the in the file as shown in the example below:
1 IN PTR sys1.dc.ibm.com.
2 IN PTR sys2.dc.ibm.com.
8.99.19.9 IN PTR sys8.dc.ibm.com. (Delete this line since this file
represents a host on the 9.19.99 network.)
Repeat for the /etc/named.revip99 zone file.
# vi /etc/named.local
; Replace sysx with your host name
@ IN SOA sysx.dc.ibm.com. team01.sysx.dc.ibm.com. (
1.1 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum
TTL
IN NS sysx.dc.ibm.com.
1 IN PTR localhost.
__ 7. All designated clients should SKIP to the section Setting Up A Client. The
remaining two instructions start the name server. Only the designated primary
name server will complete instructions 8 and 9.
__ 8. Permanently change the host name to the fully qualified domain name.
# smit hostname
Set the Hostname
*HOSTNAME (symbolic name of your machine) [fully qualified name]
Student Exercises
vi /etc/resolv.conf
example of resolv.conf
nameserver 0.0.0.0
domain dc.ibm.com
nameserver (ip address of secondary)
__ 10. Start the named daemon.
# smit
TCP/IP
Server Network Services
Other Available Services
named Subsystem
Start using the named Subsystem
BOTH
Setting Up A Secondary Name Server
Only the secondary name server completes this section.
__ 11. Log in as root and create the /etc/named.boot file. Use the /etc directory to store
the database files.
This example is for a domain name dc.ibm.com with a primary name server as
9.19.98.4. Change as appropriate for your domain.
# vi /etc/named.boot
directory /etc
secondary dc.ibm.com 9.19.98.4 named.dc.bak
secondary 98.19.9.in-addr.arpa 9.19.98.4 named.revip98.bak
secondary 99.19.9.in-addr.arpa 9.19.98.4 named.revip99.bak
primary 0.0.127.in-addr.arpa named.local
# vi /etc/named.local
@ IN NS sysy.dc.ibm.com. (y is the secondary name server)
1 IN PTR localhost.dc.ibm.com.
__ 13. Copy the /etc/hosts file to create a backup. Then edit your /etc/hosts file, deleting
all hosts except the localhost and your system.
# vi /etc/hosts
Student Exercises
V1.2.2 BKM2MIF
Uempty
# smit hostname
Set the Hostname
vi /etc/resolv.conf
example of resolv.conf
nameserver 0.0.0.0
domain dc.ibm.com
nameserver (ip address of Primary)
__ 16. Start the named daemon. Then verify the files were sent from the primary name
server.
# smit
TCP/IP
Server Network Services
Other Available Services
named Subsystem
Start using the named Subsystem
BOTH
# ls named.dc.bak named.revip98.bak named.revip99.bak
Setting Up A Client
All systems EXCEPT the name servers complete this section.
__ 17. Copy the /etc/hosts file to create a backup. Then edit the /etc/hosts file
commenting out all entries except the line with localhost and your system. This is
not a necessary step, but it will show that you are using the name server
exclusively.
# vi /etc/hosts
# smit hostname
Set the Hostname
Student Exercises
__ 19. Create the /etc/resolv.conf file and enter the primary and secondary name servers
for your domain. Remember to add the domain entry. Verify that the
/etc/resolv.conf file contains your domain name and name servers.
# smit
TCP/IP
Name Resolution
Domain Nameserver (/etc/resolv.conf)
Start Using the Nameserver
Create a New /etc/resolv.conf File
Nameserver INTERNET ADDRESS (dotted decimal) [primary]
DOMAIN [domain]
Add the secondary name server to the file. F3 back to the Domain Name
Server menu.
Add a Name Server
*Name Server INTERNET ADDRESS [add secondary IP]
F10 to exit SMIT
# cat /etc/resolv.conf
Testing The Domain Network
All systems complete this section.
__ 20. Use the ping command and ping your loopback, your system, another IP address
in the domain, and another system in the domain.
# ping loopback
# ping sysx
# ping sysy
__ 21. Use the host command and resolve the hostname of a host in the domain, the
hostname "localhost," another IP address of a host in the domain, and your
hostname.
# host sysy
# host localhost
# host 9.19.98.y (or 9.19.99.y)
__ 22. Execute a noninteractive query using nslookup for all options available for your
domain.
Student Exercises
V1.2.2 BKM2MIF
Uempty
# nslookup -querytype=ANY dc.ibm.com
__ 23. Execute a noninteractive query on any host in the domain.
# nslookup sysz (where z is any host in the domain)
__ 24. Execute an interactive query of the following:
a. The nameserver
b. An IP address in your domain
c. List information available for your domain
d. List all records of the specified type "any" for your domain
e. Exit nslookup
# nslookup
Default Server: sysx
Address: 9.19.98.x (if you are the name server, this will be 0.0.0.0)
> sysz (where z is the number of the nameserver)
> 9.19.98.6 (or any IP address on your network)
> ls dc.ibm.com
> ls -t any dc.ibm.com
> exit
__ 25. Turn on nslookup debug and execute a query of the nameserver. Turn off debug
and exit nslookup.
# nslookup
> set d2
> sysz (where z is the number of the nameserver
> set nodebug
> exit
Dumping the Active named Database
Only the primary and secondary name server complete this section.
__ 26. Identify the process id (pid) of the named daemon.
# ps -ef | grep named
__ 27. Use the kill command to dump the named database.
# kill -2 <pid of named>
__ 28. Look at the dump file /var/tmp/named_dump.db.
# pg /var/tmp/named_dump.db
Deactivating DNS
All Systems complete this section.
Student Exercises
__ 29. Check to see if the named daemon is running. If it is, stop it using SMIT. It should
only be running on the name servers.
# lssrc -s named
If named is running
# smit named
Stop Using the named Subsystem BOTH
F10
__ 30. Remove the /etc/resolv.conf file, rename your /etc/hosts backup file to
/etc/hosts, and change the host name back to a flat network name.
# rm /etc/resolv.conf
# mv /etc/hosts.bak /etc/hosts
# smit hostname
Set the Hostname
*HOSTNAME (symbolic name of your machine) [flat name]
END OF EXERCISE
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 8. Troubleshooting 8-1
V1.2.2 BKM2MIF
Uempty
Exercise 8. Troubleshooting
This exercise introduces students to a variety of commands in AIX that
will help you in documenting your network and debugging
network-related problems.
Display the network configuration of a system and its associated
network software
Show the amount of network traffic and errors that occur in a
system
Perform some rudimentary tests of the network's performance
Capture network traffic for analysis
Introduction
For all steps of this exercise, you will work independently. Be aware
that sometimes your actions may affect the results you see. If you see
abnormal network activity, ask others what they are doing and what
they observe.
In the first part of the exercise you will be asked to log in as either tcp1
or tcp2. If there are two people sharing a system, decide who will be
tcp1 and who will be tcp2. You can execute all the commands as a
regular user until you work with iptrace. At that time you will be asked
to su to root.
Student Exercises
Documenting Your Configuration
__ 1. Log in as tcpx where x is either a 1 or 2. If you are working with another individual
on the same machine, agree on who will be tcp1 and who will be tcp2. Identify what
network cards are in your machine and their location.
__ 2. Display the current settings for those cards
__ 3. List the vital product data for your network cards.
__ 4. Show the state of the interfaces that are associated with your adapter cards.
__ 5. Identify the IP addresses and settings associated with the network interfaces. Also,
display the attributes associated with the network interfaces.
__ 6. Display network option settings for your system.
Network Activity And Errors
__ 7. Use the netstat command with its various options to look at the following:
requests for mbufs denied (network memory usage)
S/W Transmit Queue Overflow (device driver statistics)
Idrops and Odrops (Input and Output packets dropped)
__ 8. Monitor one of the interfaces while transferring a file. To make the transfer last long
enough to monitor, create a shell script called sysxloop (where x is the number of
your system). sysxloop should perform an automatic ftp to your partner
system,sysy; redirect the output from the ftp operation to /dev/null; do it eight
times; and when finished, echo the message "File transfers complete" as follows :
for i in 1 2 3 4 5 6 7 8
do
ftp sysy > /dev/null
done
echo 'File transfers complete '
Then, update the .netrc file for tcpx (where x is the user number you are using) to
include a machine statement and macdef init similar to the one below :
machine sysy login tcpx password tcpx
macdef init
put /unix tmpfile
ls
quit
If there already is a macdef init statement in the .netrc file, remove it and replace
it with the one shown above.
Change permissions on the sysxloop script to make it executable and run it in the
background. Once the command line prompt returns, immediately begin to
Student Exercises
V1.2.2 BKM2MIF
Uempty
monitor the network interface every two seconds. Stop the monitoring process
when the message "File transfers complete" is displayed on the screen.
Testing Performance With ping
__ 9. Note the response time of several devices on your network. First, test the response
time of devices on the network by observing the output of the ping command. In
order to ping multiple devices, create a shell script named sysxping (where x is the
number of your system) using the following "for loop." Make the shell script
executable.
for i in sysx sysy pppz
do
ping -c 5 $i
done
where sysx is a system on your network, sysy is a system on the other network
and pppz is across a PPP connection.
The ping command calculates the average response time. This average is more
accurate when many pings are performed.
List the average response times for the devices sampled. When the output from
the last ping has completed, do a <ctrl -c> to get the prompt back.
Device Time
__________________ __________________
__________________ __________________
__________________ __________________
__________________ __________________
__ 10. Now, run the same test but use a larger packet to see the difference in response
time. Use a packet size of 1400 versus the default of 64.
Monitoring Network Traffic with iptrace
__ 11. Use the iptrace facility to see how address resolution protocol (ARP) works. You
must be root to run iptrace
Pick a system on your local network that does not have any active connections to
your system. Remove its entry from the arp table. Then begin to trace all traffic
between sysy (where y is a system on your local network) and your system.
__ 12. ping sysy to invoke arp. Stop the iptrace daemon and generate the report.
Student Exercises
__ 13. Browse the report and examine the formatted packets. Notice the packet
numbers. Identify which interface it used and if the packet was transmitted or
received. Then identify which hosts are communicating. Check out the type of
packet. The ARP, IP, and ICMP prefixes make this fairly easy to spot. Search in
the trace to find:
a.The arp broadcast that has a destination adapter address of "ff.ff.ff.ff".
b.The arp response from sysy to your system that contained the adapter
address.
c.The three echo request/response pairs from the ping command.
__ 14. Trace the traffic from a telnet session. Begin the iptrace daemon as root and limit
the collection of the data to tcp and port 23 activity between your system and sysy
in both directions. Suppress any arp packets. telnet to sysy and list the contents
of /usr/bin. Close the telnet session. This sample session will involve over 100
packets.
__ 15. Stop the trace and format the trace report. Then browse the file. You will notice
that these packets will have IP and TCP headers. The IP will have the source and
destination addresses and names while TCP will have the ports. Look also for the
data being passed. Look for the following items:
a.The packet where your terminal type is exchanged.
b.The packet that contains the login herald.
c.The number of keystrokes included in each packet.
d.The password you typed in.
e.The number of packets exchanged before a shell prompt was presented from
the remote system.
f.The size of the largest packet. (Look for the ip_len field to find this.)
g.The packet that shows the end of the tcp session. (The FIN flag.)
END OF EXERCISE
Student Exercises
V1.2.2 BKM2MIF
Uempty Exercise Instructions with Hints
Documenting Your Configuration
__ 1. Log in as tcpx where x is either 1 or 2. If you are working with another individual
on the same machine agree on who will be tcp1 and who will be tcp2. Identify
what network cards are in your machine and their location.
$ lsdev -Cc adapter
__ 2. Display the current settings for those cards.
$ lsattr -E -l ent0 (for Ethernet card)
$ lsattr -E -l tok0 (for Token-Ring card)
__ 3. List the vital product data for your network cards.
$ lscfg -l ent0 -v (for Ethernet card)
$ lscfg -l tok0 -v (for Token-Ring card)
__ 4. Show the state of the interfaces that are associated with your adapter cards.
$ lsdev -C -c if
__ 5. Identify the IP address and settings associated with the network interfaces. Also,
display the attributes associated with the network interfaces.
$ netstat -in
$ ifconfig en0 (for Ethernet interface)
$ ifconfig tr0 (for Token-Ring interface)
$ lsattr -l en0 -E (for Ethernet interface)
$ lsattr -l tr0 -E (for Token-Ring interface)
__ 6. Display network option settings for your system.
$ no -a | pg
Network Activity and Errors
__ 7. Use the netstat command with its various options to look at the following:
requests for mbufs denied (network memory usage)
S/W Transmit Queue Overflow (device driver statistics)
Idrops and Odrops (Input and Output packets dropped)
$ netstat -m
$ netstat -v
$ netstat -D
__ 8. Monitor one of the interfaces while transferring a file. To make the transfer last
long enough to monitor, create a shell script called sysxloop (where x is the
Student Exercises
number of your system). sysxloop should perform an automatic ftp to your partner
system, sysy; redirect the output from the ftp operation to /dev/null; do it eight
times; and when finished, echo the message "File transfers complete" as follows :
for i in 1 2 3 4 5 6 7 8
do
ftp sysy > /dev/null
done
echo 'File transfers complete '
Then, update the .netrc file for tcpx (where x is the user number you are using) to
include a machine statement and macdef init similar to the one below:
machine sysy login tcpx password tcpx
macdef init
put /unix tmpfile
ls
quit
If there already is a macdef init statement in the .netrc file, remove it and replace
it with the one shown above.
Change permissions on the sysxloop script to make it executable and run it in the
background. Once the command line prompt returns, immediately begin to
monitor the network interface every two seconds. Stop the monitoring process
when the message "File transfers complete" is displayed on the screen.
$ vi sysxloop (type in the script as shown above)
$ vi .netrc (make the necessary changes as described above)
$ chmod 744 sysxloop
$ sysxloop &
$ netstat -I en0 2 (use the interface for your system)
$ <ctrl-c> (when the message "File transfers complete" appears)
Testing Performance with ping
__ 9. Note the response time of several devices on your network. First, test the response
time of devices on the network by observing the output of the ping command. In
order to ping multiple devices, create a shell script named sysxping (where x is
the number of your system) using the following "for loop". Make the shell script
executable.
for i in sysx sysy pppz
do
ping -c 5 $i
done
Student Exercises
V1.2.2 BKM2MIF
Uempty
where sysx is a system on your network, sysy is a system on the other network,
and pppz is across a PPP connection.
The ping command calculates the average response time. This average is more
accurate when many pings are performed.
List the average response times for the devices sampled. When the output from
the last ping has completed, do a <ctrl-c> to get the prompt back.
Device Time
__________________ __________________
__________________ __________________
__________________ __________________
__________________ __________________
$ vi sysxping
$ chmod 744 sysxping
$ sysxping &
$ <ctrl-c> when ping has completed
__ 10. Now, run the same test but use a larger packet to see the differences in response
time. Use a packet size of 1400 versus the default of 64.
$ vi sysxping
for i in sysx sysy sysz
do
ping -c 5 $ i 1400
done
$ sysxping &
Monitoring Network Traffic with iptrace
__ 11. Use the iptrace facility to see how address resolution protocol (ARP) works. You
must be root to run iptrace.
Pick a system on your local network that does not have any active connections to
your system. Remove its entry from the arp table. Then begin to trace all traffic
between sysy (where y is a system on your local network) and your system.
$ su
Student Exercises
# arp -a (To see what, if any, entries there are.)
# arp -d sysy (Delete the sysy entry if it exists.)
# startsrc -s iptrace -a "-b -d sysy -s yoursys /tmp/trace1"
__ 12. ping sysy to invoke arp. Stop the iptrace daemon and generate the report.
# ping -c 3 sysy
# stopsrc -s iptrace
# ipreport -n -s /tmp/trace1 > /tmp/report1
__ 13. Browse the report and examine the formatted packets. Notice the packet
numbers. Identify which interface it used and if the packet was transmitted or
received. Then identify which hosts are communicating. Check out the type of
packet. The ARP, IP, and ICMP prefixes make this fairly easy to spot. Search in
the trace to find:
a. The arp broadcast that has a destination adapter address of "ff.ff.ff.ff"
b. The arp response from sysy to your system that contained the adapter address.
c. The three echo request/response pairs from the ping command.
# view /tmp/report1
(Below is sample output from the above trace activity.)
Packet Number 1
ETH: ==== (42 bytes transmitted on interface en0)==== 12:02:58.569357184
ETH: [10:00:5a:bd:8c:0e -> ff:ff:f f:ff:ff:ff] type 80 6 (ARP)
ARP: hardware address format = 1 (ethernet)
ARP: protocol address format = 800 (IP)
ARP: address lengths; hardware = 6, protocol = 4
ARP: arp operation = 1 (request)
ARP: source addresses: hw [10:00:5a:bd:8c:0e]
ARP: protocol [9.19.111.2]
ARP: target addresses: hw [00:00:00:00:00:00 ]
Packet Number 2
ETH: ====(60 bytes received on interface en0 )==== 12:02:58:571053952
ETH: [02:60:8c:2f:ef:4c -> 10:00:5a:bd:8c:0e&rbrk . type 806 (ar
ARP: hardware address format = 1 (ethernet)
ARP: protocol address format = 800 (IP)
ARP: address lengths; hardware=6, protocol = 4
ARP: arp operation = 2 (reply)
ARP: source addresses:hw [02:60:8c:2f:ef:4c]
ARP: target addresses: [10:00:5a:bd: 8c:0e]
Student Exercises
V1.2.2 BKM2MIF
Uempty
Packet Number 3
ETH: ====(98 bytes transmitted on interface en0 ) ==== 12:02:58:571123072
ETH: [10:00:5a:bd:8c:0e -> 02:60:8 c:2f:ef:4c] type 800 (IP)
IP: <SRC = 9.19.111.2 >
IP: <DST = 9.19.111.1 >
IP: ip_v=4, ip_hl=20, ip tos=0, ip_len=84, ip_id=55698, ip_off=0
IP: ip_ttl=255, ip_sum=flec, ip_p=1 (ICMP)
ICMP: icmp_type=8 (ECHO_REQUEST) icmp_id=9848 icmp_seq=0
Packet Number 4
ETH: ====( 98 bytes received on interface en0 )==== 12:02:58.572181120
ETH: [02:60:8c:2f:ef:4c -> 10:00:5a:bd:8c:0e] type 800 (IP)
IP: <SRC = 9.19.111.1 >
IP: <DST = 9.19.111.2 >
IP: ip_v=4, ip_hl=20, ip_tos=0, ip_len=84, ip_id=28240, ip_off=0
IP: ip_ttl=255, ip_sum=5d2f, ip_p=1 (ICMP)
ICMP: icmp_type-0 (ECHO_REPLY) icmp_id=9848 icmp_seq=0
Student Exercises
__ 14. Trace the traffic from a telnet session. Begin the iptrace daemon as root and limit
the collection of the data to tcp and port 23 activity between your system and sysy
in both directions. Suppress any arp packets. telnet to sysy and list the contents
of /usr/bin. Close the telnet session. This sample session will involve over 100
packets.
# iptrace -a -b -s yoursys -d sysy -P tcp -p 23 /tmp/trace2
(where -a says to ignore the arp packets; -s specifies the source host; -d
specifies the destination host; -P specifies the protocol; -p specifies the port;
and -b says to do it in both directions)
# telnet sysy
# ls /usr/bin
# exit
__ 15. Stop the trace and format the trace report. Then browse the file. You will notice
that these packets will have IP and TCP headers. The IP will have the source and
destination addresses and names while TCP will have the ports. Look also for the
data being passed. Look for the following items:
a.The packet where your terminal type is exchanged.
b.The packet that contains the login herald.
c.The number of keystrokes included in each packet.
d.The password you typed in.
e.The number of packets exchanged before a shell prompt was presented from
the remote system.
f.The size of the largest packet. (Look for the ip_len field to find this.)
g.The packet that shows the end of the tcp session. (The FIN flag.)
# ps -ef | grep iptrace
# kill <pid_of_iptrace>
# ipreport -n -s /tmp/trace2 > /tmp/report2
# view /tmp/report2
END OF EXERCISE
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 9. Configuring DHCP 9-1
V1.2.2 BKM2MIF
Uempty
Exercise 9. Configuring DHCP
This exercise gives the students the opportunity to configure DHCP. It
describes the steps to implement basic DHCP server and client
functions.
What You Should Be Able to Do
At the end of this exercise, you should be able to:
Configure an DHCP Server
Configure an DHCP Client
Verify the DHCP implementation
Introduction
In this exercise different systems will be performing different functions
when implementing DHCP server and client functions. The Gateway
system will remain configured as before, static. Systems designated
as DHCP servers are provided separate directions than all other
systems, which will be configured as client.
Two servers should be configured with one on network 98 and the
other on network 99. Use network address 9.19.98 (mask
255.255.255.0) with hosts' addresses starting at 9.19.98.21 and
network address 9.19.99 (mask 255.255.255.0) with hosts' addresses
starting at 9.19.99.41 for each physical network.
DHCP servers will provide clients with IP address, subnet mask, and
default gateway to other systems. Domain name and name server
address may be configured if using DNS.
Known Hardware/Software Problems
When using NIM to install lab exercise machines in classrooms, the
bootp daemon would be used for booting on port 67 which will not
allow dhcpsd daemon to start (they used the same port). To work
around problem, deconfigure bootps in the inetd.conf file and refresh
inetd. Sometimes bootps might be running and you have to kill bootps
process.
Student Exercises
Server Setup
Setting up the DHCP server - servers only, not Gateway
__ 1. Configure your system as a DHCP server. It should provide the IP address, subnet
mask and default gateway to other systems (the clients). Set up the server to
provide the clients with mask and gateway the clients are currently using. In
addition, the server should provide the clients with IP addresses in the range being
used in the classroom. Be sure clients are given addresses appropriate for their
subnet. The addresses should be given to the clients with a very long lease (for
example, one year).
Use the server configuration file /etc/dhcpsd.cnf as an example.
__ 2. Start the DHCP server dhcpsd daemon. Verify DHCP server daemon is running.
Client Setup
Setting up the DHCP client - clients only, not Gateway
__ 3. De-configure the client's IP Interface. To do this, remove the interface (for example,
tr0, en0) from the system using SMIT.
__ 4. Configure your system as a DHCP client. It should obtain its IP address, subnet
mask and default gateway from the server. Use the client configuration file
/etc/dhcpcd.ini as an example.
__ 5. Start the DHCP client (dhcpcd) daemon. Verify the DHCP client daemon is
running.
Testing the DHCP environment
All systems complete this section
__ 6. Check if the configuration was performed correctly using ifconfig and netstat
commands. Check if you can now ping other systems in the clas. Why, or why
not?
__ 7. Check if you are running a flat or domain network for name resolution.
__ 8. Confirm DNS server is running if using, otherwise update /etc/hosts file.
__ 9. Check if you can now ping other systems in the classroom (get name/address from
your partner) - Why, or why not?
De-configuring DHCP
De-configuring servers - servers only, not Gateway
__ 10. Stop dhcpsd daemon on server (for now and the next system restart)
De-configuring clients - clients only, not Gateway
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 11. Stop dhcpcd daemon on client (for now and the next system restart).
__ 12. Bring down and detach the interface.
__ 13. Re-configure the IP stack. Add default route.
__ 14. Confirm configuration.
END OF LAB
Student Exercises
Server Setup
Setting up the DHCP server - servers only, not Gateway
__ 1. Configure your system as a DHCP server. It should provide the IP address, subnet
mask and default gateway to other systems (the clients). Set up the server to
provide the clients with mask and gateway the clients are currently using. In
addition, the server should provide the clients with IP addresses in the range being
used in the classroom. Be sure clients are given addresses appropriate for their
subnet. The addresses should be given to the clients with a very long lease (for
example, one year).
Use the server configuration file /etc/dhcpsd.cnf as an example.
# cp /etc/dhcpsd.cnf /etc/dhcpsd.cnf.bak
# vi /etc/dhcpsd.cnf
Example of /etc/dhcpsd.cnf for network 98 servers
logItem SYSERR
logItem OBJERR
logItem PROTERR
logItem WARNING
logItem INFO
numLogFiles 6
logFileSize 100
logFileName /usr/tmp/dhcpserver.log
leaseTimeDefault 1 year
lease Expire Interval 1 day
network 9.0.0.0 24
subnet 9.19.98.0 9.19.98.21-9.19.98.40
{
option 1 255.255.255.0 #subnet mask
option 3 9.19.98.r # default router
option 6 9.19.98.1 # name server (optional)
option 15 dc.ibm.com #domain name(optional)
}
Network 99 servers file /etc/dhcpsd.cnf
network 9.0.0.0 24
subnet 9.19.99.0 9.19 99.41-9.19.99.59
{
option 1 255.255.255.0 # subnet mask
option 3 9.19.99.r # default router
Student Exercises
V1.2.2 BKM2MIF
Uempty
option 6 9.19.99.6 # name server (optional)
option 15 dc.ibm.com # domain name(optional)
}
__ 2. Start the DHCP server dhcpsd daemon. Verify DHCP server daemon is running.
# startsrc -s dhcpsd
<or>
# smit dhcpsd
# ps -ef | grep dhcp
Client Setup
Setting up the DHCP client - clients only, not Gateway
__ 3. De-configure the client's IP Interface. To do this, remove the interface (for example,
tr0, en0) from the system using SMIT.
# ifconfig en0 detach
# smit tcpip
Further configuration
Network Interfaces
Network Interface Selection
Remove a Network Interface
__ 4. Configure your system as a DHCP client. It should obtain its IP address, subnet
mask and default gateway from the server. Use the client configuration file
/etc/dhcpcd.ini as an example.
# cp /etc/dhcpcd.ini /etc/dhcpcd.ini.bak
# vi /etc/dhcpcd.ini
Example of /etc/dhcpcd.ini
logItem SYSERR
logItem OBJERR
logItem PROTERR
logItem WARNING
numLogFiles 4
logFileSize 100
logFileName /usr/tmp/dhcpclient.log
interface en0
Note: This configuration file assumes the interface to be configured with DHCP
is en0.
__ 5. Start the DHCP client (dhcpcd) daemon. Verify the DHCP client daemon is
running.
Student Exercises
# startsrc -s dhcpcd
<or>
# smit usedhcp
# ps -ef | grep dhcp
<or>
lssrc -g tcpip
Testing the DHCP Environment
All systems complete this section
__ 6. Check if the configuration was performed correctly using ifconfig and netstat
commands. Check if you can now ping other systems in the class. Why, or why
not?
# ifconfig en0
Substitute appropriate interface name. You should see the correct IP
address and subnet mask in the output.
# netstat -rn
You should see the default route provided by the server.
# ping sysy
__ 7. Check if you are running a flat or domain network for name resolution.
# more /etc/resolv.conf
__ 8. Confirm DNS server is running if using, otherwise update the /etc/hosts file.
# ps -ef | grep named
If using DNS, update A and PTR records, along with any alias as CNAME
entries.
# vi /etc/named.dc (increase serial number)
# vi /etc/named.revip9x (increase serial number)
# refresh -s named
<or>
# vi /etc/hosts file
__ 9. Check if you can now ping other systems in the classroom (get name/address from
your partner) - Why, or why not?
# ping sysy
De-configuring DHCP
De-configuring servers - servers only, not Gateway
__ 10. Stop dhcpsd daemon on server (for now and the next system restart)
# smit dhcpsd
Student Exercises
V1.2.2 BKM2MIF
Uempty
- Stop using the dhcpsd subsystem
- BOTH
De-configuring clients - clients only, not Gateway
__ 11. Stop dhcpcd daemon on client (for now and the next system restart).
# smit dhcpcd
- Stop using the dhcpcd subsystem
- BOTH
__ 12. Bring down and detach the interface.
# ifconfig en0 detach
__ 13. Re-configure the IP stack. Add default route.
# smit tcpip
- Further configuration
- Network Interfaces
- Network Interface Selection
- Add a Network Interface
(Choose from Available Network Interfaces)
* INTERNET ADDRESS (dotted decimal) []

Network MASK (hexadecimal or dotted decimal) []
Note: substitute your old IP address and MASK (for example, 9.19.99.x with
mask 255.255.255.0.
# smit tcpip
- Further Configuration
- Static Routes
- Add a Static Route
Destination TYPE net
* DESTINATION Address [ ]
* GATEWAY Address [ ]
* METRIC (number of hops to destination gateway [1]
Network MASK (hexadecimal or dotted decimal)
Note: Substitute correct input for your situation
(for example, destination address=0, Gateway=9.19.98.r, and
mask=255.255.255.0).
__ 14. Confirm configuration.
# ifconfig -a
# netstat -rn
Student Exercises
# ping <partner system> (using name or IP address)
Note: If you cannot ping by name or IP address, fix problem before continuing
as next exercise will not work without tcp/ip and name resolution working
correctly.
END OF LAB
Student Exercises
V1.2.2 BKM2MIF
Uempty Solutions
Following are the solutions to those instructions that include questions:
6. Check if configuration was performed correctly using ifconfig and netstat. Check if you
can now ping other systems in the class. Why, or why not?
Answer: You should not be able to ping old IP addresses except the addresses of
Gateway and DHCP servers that did not change their static definitions. You would have to
identify newly assigned IP addresses from DHCP server of partner system before using the
ping command to discover MAC address. Also, default GATEWAY definitions on clients
and IPFORWARDING=1 specified on Gateway has to be configured correctly. Name
resolution would be last to verify which could be a concern when using DHCP.
9. Check if you can now ping other systems in the class. Why, or why not?
Answer: You should be able to ping your partner's system. If you cannot ping your
partner's system, check using the bottom up troubleshooting approach to identify failing
component. If you continue to have problems, contact your instructor for assistance.
Student Exercises
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 10. Configuring NFS 10-1
V1.2.2 BKM2MIF
Uempty
Exercise 10. Configuring NFS
This exercise familiarizes students with NFS startup files, the NFS
SMIT interface, the mount command for obtaining access to remote
file systems and for listing the mounts currently in effect on your
system, and setting up predefined mounts.
Identify NFS startup files
Configure a workstation as an NFS Client and an NFS Server
Perform an NFS manual and predefined mount
Display the mount table
Configure a CacheFS
Introduction
For the rest of the exercises, you will work as teams. Select a system
ON YOUR NETWORK to be your team partner. You must coordinate
with your partner team throughout this exercise since you will be
depending on each other to complete each setup in the exercise in
order to perform the client/server remote mounts.
Select one team to be the NFS server and the other the NFS client. By
the end of the exercise, each system will be configured as both. In the
chart below, fill in the host name of the NFS server and the host name
of the NFS client:
NFS
Server
NFS
Client
Student Exercises
Common Student Problems
The following are some error messages that students may run into and
possible solutions for these problems:
Message example 1:
# mount /home/mntpt
mount: ... /home/mntpt is not a known file system
This error occurs when the /etc/filesystems file does not contain a
stanza for the specified directory. If this occurs, either have the student
add the file system through SMIT or by editing the /etc/filesystems
file, or the mount can be completed by providing all the information
with the mount command.
Message example 2:
# mount sys10:/home/team2/sys2dir /home/mntpt
mount: ... sys10 not in hosts database
mount: ... giving up on:
sys10:/home/team2/sys2dir
A route to the remote host is not available
This message indicates that the specified host is not in the /etc/hosts
file. Check the spelling and syntax in the mount command. If it is
correct, check the entry in the /etc/hosts file.
Message example 3:
NFS server sys10 not responding still trying
Either the server or the network is down or the server's nfsd daemon
is dead or hung. Stop and restart all NFS daemons using the SRC
commands.
Message example 4:
mount: ... server sys10 not responding: RPC: ... Program not
registered.
mount: retrying
Either the portmap daemon is dead, the rpc.mountd daemon is dead
or the rpc.mountd daemon got started before the portmap daemon
was started. Stop the portmap and inetd daemons as well as the nfs
daemons on the server and then restart them in the following order:
Student Exercises
V1.2.2 BKM2MIF
Uempty
portmap, inetd, nfs daemons
Message example 5:
mount: ... access denied for sys10:/home/team2/sys2dir
mount: ... giving up on:
sys10:/home/team2/sys2dir
The file access permissions do not allow the specified action.
This message indicates some sort of authentication failure on the
server. It could be:
The client system is not in the server's export list
The client system's name as resolved by the /etc/hosts file does
not match what is in the server's export list
The file the client is requesting is not in the server's export list or is
spelled incorrectly. If everything matches, check for trailing spaces
on the name in the exports list.
If students didn't copy their /etc/hosts file in the DNS exercise and
then restore that file back, or failed to include all systems in their
network in this file, they will have permission problems when they try to
run the mount command. Also, if they don't do the chmod on filex
correctly when it is created on the server, they could have permission
problems.
Students are asked to create several user IDs. Failure of students to
do all these as instructed could cause a UID problem when listing out
the filex created on the server. As long as the chmod on filex was
performed properly, they should be able to proceed with the rest of the
exercise. The only thing that could happen with a UID mismatch on
this exercise is cause some confusion as to where the owner name
came from. Use ls -ln to get the UID and then show them the UID from
the /etc/passwd file.
The biod, rpc.statd, rpc.lockd and portmap are already configured
and running without doing any NFS configuration. This may confuse
students at first.
Student Exercises
The first section will be done on BOTH partner systems. When you get to the section
Setting Up The NFS Server the NFS client will observe the NFS server setup. In the
section Setting Up The NFS Client the NFS server will observe the NFS client setup. In
the last sections both systems can work independently.
Preparing for NFS
Both systems should do the following steps:
__ 1. Log in as root.
__ 2. Add a user named teamx where x is the number of your system. Make this user a
member of the system group. Set the initial password for teamx to be password.
Setting Up the NFS Server
__ 3. Be sure your partner team is available to observe you setting up your system as an
NFS server. Log in as teamx where x is the number of your system. Change your
password to match the teamx login.
__ 4. Create a directory in your $HOME directory named sysxdir, where x is the number
of your system, and change its permissions so all users have full access to it.
__ 5. Create a file in the sysxdir directory named filex where x is the number of your
system. Key in a few lines ensuring that one of the lines contains the name of your
system. Change file permissions so owner and group have read/write permissions
and others have read-only permission. Log out.
__ 6. Log in as root and create the /etc/exports file and export the sysxdir directory so
your client partner has access to it and permission to mount it. In the parameters, x
refers to your system number and y refers to your partner system number. If you
used SMIT to create the /etc/exports file what NFS daemons did SMIT start
automatically upon execution of this menu item?
_______________________________
__ 7. Start the rest of NFS on your system if it hasn't been started already. If it has, skip
to the next instruction. If you are not using SMIT before starting NFS make sure the
portmap daemon is active.
__ 8. If you were using SMIT exit SMIT and display the NFS daemons that have been
started.
__ 9. Log off and move to your partner system and observe them setting up their system
as an NFS Client.
Setting Up the NFS Client
__ 10. Ensure that your partner team is there to observe you setting up your system as an
NFS client. Log in as root. Change to the /home directory and create a mount
Student Exercises
V1.2.2 BKM2MIF
Uempty
point directory named mntpt and change the permissions so everyone has full
access.
__ 11. Configure NFS on your system.
__ 12. If you are using SMIT, exit SMIT and display the NFS daemons that have been
started. Log off. Which daemons are not active?_________________
Why?______________________
__ 13. Log in as teamx where x is the number of your system. Change your password to
match the teamx login.
__ 14. Execute a manual mount to mount your partner server's /home/teamy/sysydir
directory to your mount point directory where y is your partner system. Do not use
SMIT for this step. Execute this command from the command line.
__ 15. Execute the mount command to see that the NFS mount was successful.
__ 16. Change to your mount point directory. List the files that are available using ls -l.
Edit the file named filey (where y is the number of your server partner) adding your
name to the file. Save and exit the file and log out.
__ 17. Log in as root. Change to the mount point directory /home/mntpt. List the
contents of the directory. Record the permissions of filey _________________.
Edit filey adding root's name to the file. Save the file. Could you? _______ What
message did you get? _________________________________ Why?
______________________________________
__ 18. On the server, log in as root and give the root user on the client permission to
access the file as root. Once the server has completed this step, return to the
client and continue with the next step.
__ 19. On the client as user root, unmount, re-mount, and change to the mount point
directory /home/mntpt. List the contents of the directory. Edit filey adding root's
name to the file. Save the file. Could you? _______ Why?
_________________________
__ 20. As a client, you had read/write access to the server's exported directory. Have the
server give your system read-only access and read/write access to sysz, where z
is any other NFS client system on the network. Once the server is done, go back to
the client system. Log in as teamx. Edit filey and delete your name from the file.
Save and exit the file. Could you? ________ Log out. What was the message you
got? __________________________________
__ 21. The client will need read/write access to the /home/teamx/sysxdir directory for
the next exercise. On the server, give read/write access back to your client partner
system. When the server is done, the client should continue to the next step to test
it.
__ 22. On the client, change to the /home/mntpt directory. Edit filey and delete your
name from the file. Save and exit the file.
Student Exercises
Configuring Your System As a Client and Server
Note: For this section you do not need to work with your partner team. Return to
your system and perform the step below.
__ 23. If you were the server, go back to your system and perform the steps for the client.
If you were the client, go back to your system and perform the steps for the server.
Executing a Preconfigured Mount - NFS Client Function
In the previous section you invoked a manual mount using the local mount point
/home/mntpt. You will now be configuring a preconfigured mount that will be executed
automatically each time the system restarts. This will be done by adding the /home/mntpt
stanza to the /etc/filesystems file. There are no server steps to be performed since the
server's directory /home/teamx/sysxdir was previously exported.
__ 24. If you aren't already, log in as root. Ensure that all remote mounts are unmounted.
__ 25. Add a stanza to the /etc/filesystems file to support a preconfigured mount based
on the manual mount from the previous section. The mount should take place in
the background as a hard mount with the interrupt option. Have it be mounted
automatically at system startup. References to y refer to your partner system. This
can be done through SMIT. Check to be sure the /home/mntpt stanza was added
to /etc/filesystems.
__ 26. Since you selected the option to mount now and add an entry to the
/etc/filesystems file, SMIT should have automatically added the entry to
/etc/filesystems and performed the mount. Display the mount table to ensure that
the mount took place. Change directory into /home/mntpt and display the file filey
mounted from your partner server.
__ 27. Unmount the preconfigured mount. Check the mount table to ensure it was
unmounted. Did you get an error message? _______ If so, what was it?
______________________________________ What do you need to do to
unmount the file system? ____________________. Fix the problems, unmount the
file system, and check to be sure it was unmounted.
Setting Up a Cached File System - NFS Client Function
In this section, you will invoke a manual mount command that will mount the remote file
system to a local cached file system. You will create a Journaled File system dedicated to
store the local cache.
__ 28. Use SMIT to create a Journaled File system to act as the local cache. Use the
mount command to mount the /cachefs file system.
__ 29. Create an empty cache structure to be used as the cache. This is created using the
cfsadmin command. The argument is the name of the cache directory object you
want to create. This object should not exist.
__ 30. List the statistics of newly created cache.
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 31. Mount the remote file system /home/teamx/sysxdir from the NFS server sysx as a
cached file system. Display the mount table. List filex contents.
__ 32. Unmount the remote file system.
END OF EXERCISE
Student Exercises
The first section will be done on BOTH partner systems. When you get to the section
Setting Up The NFS Server the NFS client will observe the NFS server setup. In the
section Setting Up The NFS Client the NFS server will observe the NFS client setup. In
the last sections both systems can work independently.
Preparing for NFS
Both systems should do the following steps:
__ 1. Log in as root.
Login: root
Password:
__ 2. Add a user named teamx where x is the number of your system. Make this user a
member of the system group. Set the initial password for teamx to be password.
Login: root
# smit
Security & Users
Users
Add a User
*User Name [teamx]
Primary GROUP [system]
F3 back to the Users menu
Change a User's Password
User NAME [teamx]
Make the new password "password"
Setting Up the NFS Server
__ 3. Be sure your partner team is available to observe you setting up your system as an
NFS server. Log in as teamx where x is the number of your system. Change your
password to match the teamx login.
Login: teamx
Password: password
You are required to change your password.
Please choose a new one.
teamx's New password: teamx
Enter the new password again: teamx
__ 4. Create a directory in your $HOME directory named sysxdir, where x is the number
of your system, and change its permissions so all users have full access to it.
$ mkdir sysxdir
$ chmod 777 sysxdir
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 5. Create a file in the sysxdir directory named filex where x is the number of your
system. Key in a few lines ensuring that one of the lines contains the name of your
system. Change file permissions so owner and group have read/write permissions
and others have read-only permission. Log out.
$ cd sysxdir
$ vi filex
$ chmod 664 filex
$ logout
__ 6. Log in as root and create the /etc/exports file and export the sysxdir directory so
refers to your system number and y refers to your partner system number. If you
used SMIT to create the /etc/exports file what NFS daemons did SMIT start
automatically upon execution of this menu item?__________________________
# smit
NFS
Network File System (NFS)
Add a Directory to Exports List
* PATHNAME of directory to export [/home/teamx/sysxdir]
HOSTS & NETGROUPS allowed client access [sysy]
* EXPORT directory now, system restart of bothboth
__ 7. Start the rest of NFS on your system if it hasn't been started already. If it has, skip
to the next instruction. If you are not using SMIT before starting NFS make sure the
portmap daemon is active.
# mknfs
__ 8. If you were using SMIT exit SMIT and display the NFS daemons that have been
started.
F10 to exit SMIT
# lssrc -g nfs
__ 9. Log off and move to your partner system and observe them setting up their system
as an NFS Client.
# logout
Student Exercises
Setting Up the NFS Client
__ 10. Ensure that your partner team is there to observe you setting up your system as an
NFS client. Log in as root. Change to the /home directory and create a mount
point directory named mntpt and change the permissions so everyone has full
access.
Login: root
Password:
# cd /home
# mkdir mntpt
# chmod 777 mntpt
__ 11. Configure NFS on your system.
# smit
NFS
Configure NFS on This System
Start NFS
* START NFS now, on system restart or both both
__ 12. If you are using SMIT, exit SMIT and display the NFS daemons that have been
started. Log off. Which daemons are not active?_________________
Why?______________________
F10 to exit SMIT
# lssrc -g nfs
# logout
__ 13. Log in as teamx where x is the number of your system. Change your password to
match the teamx login.
Login: teamx
Password: password
teamx's New password: teamx
Enter the new password again: teamx
__ 14. Execute a manual mount to mount your partner server's /home/teamy/sysydir
directory to your mount point directory where y is your partner system. Do not use
SMIT for this step. Execute this command from the command line.
$ mount sysy:/home/teamy/sysydir /home/mntpt
__ 15. Execute the mount command to see that the NFS mount was successful.
Student Exercises
V1.2.2 BKM2MIF
Uempty
$ mount
__ 16. Change to your mount point directory. List the files that are available using ls -l.
Edit the file named filey (where y is the number of your server partner) adding your
name to the file. Save and exit the file and log out.
$ cd /home/mntpt
$ ls -l
$ vi filey
<add your name>
:wq
$ logout
__ 17. Log in as root. Change to the mount point directory /home/mntpt. List the
contents of the directory. Record the permissions of filey _________________.
Edit filey adding root's name to the file. Save the file. Could you? _______ What
message did you get? _________________________________ Why?
______________________________________
Login: root
# cd /home/mntpt
# ls -l
# vi filey
<add root's name and save the file>
Close the file (hint: :q!)
__ 18. On the server, log in as root and give the root user on the client permission to
access the file as root. Once the server has completed this step, return to the
client and continue with the next step.
On the server:
Login: root
# smit
NFS
Network FIle Systems (NFS)
Change/Show Attributes of an Exported Directory
* PATHNAME of exported directed [/home/teamx/sysxdir]
HOSTS allowed root access sysy
__ 19. On the client as user root, unmount, re-mount, and change to the mount point
directory /home/mntpt. List the contents of the directory. Edit filey adding root's
name to the file. Save the file. Could you? _______ Why?
_________________________
# unmount /home/matpt
# mount sysy:/home/teamy/sysydir /home/mntpt
# cd /home/mntpt
Student Exercises
# ls -l
# vi filey
<add root's name and save the file>
__ 20. As a client, you had read/write access to the server's exported directory. Have the
server give your system read-only access and read/write access to sysz, where z
is any other NFS client system on the network. Once the server is done, go back to
the client system. Log in as teamx. Edit filey and delete your name from the file.
Save and exit the file. Could you? ________ Log out. What was the message you
got? __________________________________
On the server:
# F3 back to the Change Attributes of an Exported Directory screen.
* PATHNAME of exported directory /home/teamx/sysxdir
* MODE to export directory read-mostly
HOSTS and NETGROUPS allowed client access sysy,sysz
HOSTNAME list. If exported read-mostly sysz
On the Client:
Login: teamx
$ cd /home/mntpt
$ vi filey
<attempt to delete your name>
$ logout
__ 21. The client will need read/write access to the /home/teamx/sysxdir directory for
the next exercise. On the server, give read/write access back to your client partner
system. When the server is done, the client should continue to the next step to test
it.
On the server:
# F3 back to the Change Attributes of an Exported Directory
* PATHNAME of exported directory /home/teamx/sysxdir
* MODE to export directory read-mostly
HOSTS and NETGROUPS allowed client accesssysy,sysz
HOSTNAME list. If exported read-mostly sysy,sysz
Note: The easiest method is to add sysy to the Hostname list. There are other
ways to do this. Select the method that makes the most sense.
__ 22. On the client, change to the /home/mntpt directory. Edit filey and delete your
name from the file. Save and exit the file.
On the Client:
Login: teamx
$ cd /home/mntpt
Student Exercises
V1.2.2 BKM2MIF
Uempty
$ vi filey
<delete your name>
:wq
Logout
Configuring Your System As a Client and Server
Note: For this section you do not need to work with your partner team. Return to your
system and perform the step below.
__ 23. If you were the server, go back to your system and perform the steps for the client.
If you were the client, go back to your system and perform the steps for the server.
Executing a Preconfigured Mount - NFS Client Function
In the previous section you invoked a manual mount using the local mount point
/home/mntpt. You will now be configuring a preconfigured mount that will be executed
automatically each time the system restarts. This will be done by adding /home/mntpt
stanza to the /etc/filesystems file. There are no server steps to be performed since the
server's directory /home/teamx/sysxdir was previously exported.
__ 24. If you aren't already, log in as root. Ensure that all remote mounts are unmounted.
# mount
If any remote mounts are still mounted issue the following:
# umount allr
__ 25. Add a stanza to the /etc/filesystems file to support a preconfigured mount based
on the manual mount from the previous section. The mount should take place in
the background as a hard mount with the interrupt option. Have it be mounted
automatically at system startup. References to y refer to your partner system. This
can be done through SMIT. Check to be sure the /home/mntpt stanza was added
to /etc/filesystems.
# smit
NFS
Add a File System for Mounting
The options should reflect the following. Take the defaults for the other options.
*PATHNAME of mount point [/home/mntpt]
*PATHNAME of remote directory [/home/teamy/sysydir]
*HOST where remote directory resides [sysy]
*MOUNT now, add entry to /etc/filesystems both
or both
*/etc/filesystems entry will mount the directory yes
on system RESTART
*ATTEMPT mount in foreground or backgroundbackground
Student Exercises
Allow keyboard INTERRUPTS on hard mount? yes
F10 to exit smit
# cat /etc/filesystems
__ 26. Since you selected the option to mount now and add an entry to the
/etc/filesystems file, SMIT should have automatically added the entry to
/etc/filesystems and performed the mount. Display the mount table to ensure that
the mount took place. Change directory into /home/mntpt and display the file filey
mounted from your partner server.
# mount
# cd /home/mntpt
# cat filey
__ 27. Unmount the preconfigured mount. Check the mount table to ensure it was
unmounted. Did you get an error message? _______ If so, what was it?
______________________________________ What do you need to do to
unmount the file system? ____________________. Fix the problem, unmount the
file system, and check to be sure it was unmounted.
# umount /home/mntpt
# mount
# cd
# unmount /home/mntpt
# mount
Setting up a cached file system - NFS Client Function
In this section, you will invoke a manual mount command that will mount the remote file
system to a local cached file system. You will create a Journaled File System dedicated to
store the local cache.
__ 28. Use SMIT to create a Journaled File system to act as the local cache. Use the
mount command to mount the /cachefs file system.
# smit
System Storage Management (Physical + Logical Storage)
File Systems
Add/Change/Show/Delete File System
Journaled File Systems
Add a Journaled File System
Add a Standard Journaled File system
Select Volume Group Name - rootvg
Volume group name rootvg
* SIZE of file system (in 512-bytes blocks) [500]
* MOUNT POINT [/cachefs]
# mount /cachefs
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 29. Create an empty cache structure to be used as the cache. This is created using the
cfsadmin command. The argument is the name of the cache directory object you
want to create. This object should not exist.
# cfsadmin -c /cachefs/cachedir
__ 30. List the statistics of newly created cache.
# cfsadmin -l /cachefs/cachedir
__ 31. Mount the remote file system /home/teamx/sysxdir from the NFS server sysx as a
cached file system. Display the mount table. List filex contents.
# mount -V cachefs -o backfstype=nfs, cachedir=/cachefs/cachedir
sysx:/home/teamx/sysxdir /cachefs
# mount ; df
# cd /cachefs ; pwd
# ls -l
# more filex
__ 32. Unmount the remote file system.
# cd
# unmount /cachefs
END OF EXERCISE
Student Exercises
Solutions
Following are the solutions for those instructions that include questions:
6. Log in as root and create the /etc/exports file and export the sysxdir directory so
refers to your system number and y refers to your partner number. If you used SMIT to
create the /etc/exports file what NFS daemons did SMIT start automatically upon
execution of this menu item?_______________________
Answer: nfsd, rpc.mountd
12. If you are using SMIT, exit SMIT and display the NFS daemons that have been
started. Log off. Which daemons are not active?___________________________
Why?________________________________
Answer: nfsd, rpc.mountd. These were not started because there is no /etc/exports
file to indicate this system is an NFS server.
17. Log in as root. Change to the mount point directory /home/mntpt. List the contents of
the directory. Record the permissions of filey _________________. Edit filey adding
root's name to the file. Save the file. Could you? _______ What message did you get?
_________________________________ Why?
______________________________________
Answer: Permissions were rw-rw-r--. The file can't be edited and the message you
should get is: The file access permissions do not allow the specified action. This is
because the root user is mapped to the nobody user who has the permissions of
"other". "Other" can only read the file, they can't write to it thus root can also only read
the file.
19. On the client as user root, change to the mount point directory /home/mntpt. List the
contents of the directory. Edit filey adding root's name to the file. Save the file. Could
you? _______ Why? _________________________ The message you get is:
Answer: Yes because the server explicitly allowed root from your system to have full
access as a root user.
20. As a client, you had read/write access to the server's exported directory. Have the
server give your system read-only access and read/write access to sysz, where z is
any other NFS client system on the network. Once the server is done, go back to the
client system. Log in as teamx. Edit filey and delete your name from the file. Save
and exit the file. Could you? ________ Log out. What was the message you got?
__________________________________
Answer: You shouldn't have been able to do it. The message you should have gotten
is: The file system has read permission only.
27. Unmount the preconfigured mount. Check the mount table to ensure it was
unmounted. Did you get an error messages? _______ If so, what was it?
______________________________________ What do you need to do to unmount
Student Exercises
V1.2.2 BKM2MIF
Uempty
the file system? ____________________ Fix the problem, unmount the file system,
and check to be sure it was unmounted.
Answer: You should have gotten the following error message:
umount: 16 error while unmounting
sysy:/home/teamy/sysydir -
The requested resource is busy.
You got this message because in the previous instruction you changed to the
/home/mntpt directory and did not get out of it. You need to get out of the
/home/mntpt directory in order to unmount the directory.
Student Exercises
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 11. Automounter and NFS Commands 11-1
V1.2.2 BKM2MIF
Uempty
Exercise 11. Automounter and NFS Commands
This exercise introduces students to the set up and use of
automounter and usage of some common NFS commands.
Execute an automount using both indirect and direct maps
Execute some common NFS commands
Introduction
In this exercise, you will experiment with the automounter function
including both indirect and direct setups.
As in the previous NFS exercise, you will work with your team partner
in order to separate the NFS server steps from the NFS client steps.
Since you set your system up to be both an NFS server and client, it is
not necessary to work together, but it is important that you coordinate
the completion of these exercise steps with your team partner since
you will be remotely mounting each others directories.
Note: You will be performing both client and server steps. The client
steps allow you to use your team partner as a server. The server steps
allow your partner to use you as their server.
Student Exercises
Common Student Problems
Some students have gotten into the habit of using kill -9 whenever
they go to kill a process. If they do that with automount it will no
longer show up in the process table but it still shows with the mount
command. In order to clean everything up, they will have to manually
unmount anything that was mounted using the automounter, including
itself.
Student Exercises
V1.2.2 BKM2MIF
Executing An Automount with Indirect Maps
NFS Server Function - You will export two directories for your client system to use with
automounter. When you are done, tell the client so they can proceed with instruction 3.
__ 1. The following two directories must be created on your system:/sysxbooks and
/sysxarticles, where x is your system number. The /sysxbooks directory must
contain a file named heidi and /sysxarticles directory must contain a file named
news. These directories will be used in this exercise as export directories on the
NFS server. Create the directories and files. Type a few lines in the files that
identify your system. Do this as root.
__ 2. Export the directories so all systems have read/write access. Also, export to
everyone /usr/samples and /usr/lib/assist with read only options.
NFS Client Function
For the next instructions you will function as an NFS client and automount the two
directories that your partner server should have exported for your use.
__ 3. Exit SMIT if you are in it and create a flat file called /etc/auto.pub that will map the
automount of the following subdirectories to your partner server's exported
directories: inventory to /sysybooks and review to /sysyarticles, where the y in
sysy is the number of your partner server.
__ 4. Create mount point and /etc/auto_master. Invoke the automountd daemon so it
listens for a reference to the mount point /publishing.
__ 5. If you are in SMIT, exit SMIT and display the mount table. Display the status of the
automountd.
__ 6. Log off as root and log in as teamx.
__ 7. Issue a command to invoke the automount of the /sysybooks directory from your
partner server. Next list the contents of the mounted directory and look at the
contents of the book heidi. Repeat this step for the /sysarticles directory.
__ 8. Display the mount table and look for the remote mount entries. Log off. Log back in
as root.
Executing An Automount with Direct Maps
__ 9. Create another map file, this time a direct map, and name it /etc/auto.direct. Set
up two entries, one with /home/teamx/samples as the local mount point, with
read-only options and connecting to sysy:/usr/samples (where y represents your
partner system). The other entry should have /home/teamx/install_assist as the
local mount point, with read-only options and connecting to sysz:/usr/lib/assist
(where z represents another system in your network).
__ 10. Execute the automountd command using the map created above.
Student Exercises
__ 11. Display the mount table and look for the direct map.
__ 12. Access each directory by changing to the directory and listing the files in the
directories. Do this as teamx. Display the mount table again and look for the
remote mount entries.
NFS Commands
Now you will observe how some of the NFS commands work. In order for the following
commands to work, inetd must register its NFS programs from the /etc/inetd.conf file with
the portmap daemon. This should have happened when NFS started. These commands
work for your local network only. You will not see the systems on the other network. If you
don't get a lot of output, it may be that the other teams are not as far along as you and have
not registered the NFS programs with the portmap daemon. Most of the commands will
hang while they are polling. Use <ctrl-c> to exit the command.
__ 13. Log in as teamx. Execute the mount command to ensure you have mounted your
partner system's exported directory /home/teamy/sysdir. If not, execute a manual
mount.
__ 14. Display RPC services available on your system and other systems on your
network.
__ 15. Display the list of all exported directories from another system on your local
network using the showmount command. Repeat the command for other systems
on the network. Then display what systems are mounted to which directories on
any system on your network.
__ 16. Identify users logged in on the network hosts.
__ 17. Display the status of hosts on your local network.
__ 18. Unmount all remote mounted autofs.
__ 19. Display mount table.
__ 20. Remount all remote autofs.
END OF EXERCISE
Student Exercises
V1.2.2 BKM2MIF
Executing An Automount with Indirect Maps
NFS Server Function - You will export two directories for your client system to use with
automounter. When you are done, tell the client so they can proceed with instruction 3.
__ 1. The following two directories must be created on your system:/sysxbooks and
/sysxarticles, where x is your system number. The /sysxbooks directory must
contain a file named heidi and /sysxarticles directory must contain a file named
news. These directories will be used in this exercise as export directories in the
NFS server. Create the directories and files. Type a few lines in the files that
identify your system. Do this as root.
# mkdir /sysxbooks
# vi /sysxbooks/heidi
# mkdir /sysxarticles
# vi /sysxarticles/news
__ 2. Export the directories so all systems have read/write access. Also, export to
everyone /usr/samples and /usr/lib/assist with read-only options.
# smit
NFS
Add a Directory to Exports List
*PATHNAME of directory to export /sysxbooks
F3 back to Add a Directory to Exports List
*PATHNAME of directory to export /sysxarticles
*PATHNAME of directory to export /usr/samples
*MODE to export directory read-only
*PATHNAME of directory to export /usr/lib/assist
*MODE to export directory read-only
NFS Client Function For the next step you will function as an NFS client and
automount the two directories that your partner server should have exported for your use.
__ 3. Exit SMIT if you are in it and create a flat file called /etc/auto.pub that will map the
automountd of the following subdirectories to your partner server's exported
directories: inventory to /sysybooks and review to /sysyarticles, where the y in
sysy is the number of your partner server.
Student Exercises
F10 to exit SMIT
# vi /etc/auto.pub
inventory sysy:/sysybooks
review sysy:/sysyarticles
__ 4. Create the mount point and /etc/auto_master. Invoke the automountd daemon
so it listens for a reference to the mount point /publishing.
# smit
NFS
Configure NFS on this System
Start Automounter
# mkdir /publishing
vi /etc/auto_master
# automount -v
__ 5. If you are in SMIT, exit SMIT and display the mount table. Display the status of the
automountd.
F10 to exit SMIT
# mount
#lssrc -g autofs
-or-
#lssrc -s automountd
__ 6. Log off as root and log in as teamx.
logout
Login: teamx
Password: teamx
__ 7. Issue a command to invoke the automountd of the /sysybooks directory from your
partner server. Next list the contents of the mounted directory and look at the
contents of the book heidi. Repeat this step for the /sysarticles directory.
$ cd /publishing/inventory
$ ls -l
$ cat heidi
$ cd /publishing/review
$ ls -l
$ cat news
__ 8. Display the mount table and look for the remote mounted entries. Log off. Log back
in as root.
$ mount
$ <ctrl-d>
Student Exercises
V1.2.2 BKM2MIF
Uempty
Executing An Automount With Direct Maps
__ 9. Create another map file, this time a direct map, and name it /etc/auto.direct. Set
up two entries, one with /home/teamx/samples as the local mount point, with
read-only options and connecting to sysy:/usr/samples (where y represents your
partner system). The other entry should have /home/teamx/install_assist as the
local mount point, with read-only options and connecting to sysz:/usr/lib/assist
(where z represents another system in your network).
F10 to exit SMIT
# vi /etc/auto.direct
/home/teamx/samples -ro sysy:/usr/samples
/home/teamx/install_assist -ro sysz:/usr/lib/assist
__ 10. Execute the automount command using the map created above.
# automount -v
__ 11. Display the mount table and look for the automount daemon for the direct map.
# mount
__ 12. Access each directory by changing to the directory and listing the files in the
directories. Do this as teamx. Display the mount table again and look for the
remote mount entries.
# su teamx
$ cd /home/teamx/samples
$ ls -l
$ cd /home/teamx/install_assist
$ ls -l
$ mount
NFS Commands
Now you will observe how some of the NFS commands work. In order for the following
commands to work, inetd must register its NFS programs from the /etc/inetd.conf file with
the portmap daemon. This should have happened when NFS started. These commands
work for your local network only. You will not see the systems on the other network. If you
don't get a lot of output, it may be that the other teams are not as far along as you and have
not registered the NFS programs with the portmap daemon. Most of the commands will
hang while they are polling. Use <ctrl-c> to exit the command.
__ 13. Log in as teamx. Execute the mount command to ensure you have mounted your
partner system's exported directory /home/teamy/sysydir. If not, execute a
manual mount.
Login: teamx
$ mount
If there is no NFS mount, issue :
$ mount sysy:/home/teamy/sysydir /home/mntpt
Student Exercises
__ 14. Display RPC services available on your system and other systems on your
network.
$ rpcinfo -p | pg
$ rpcinfo -p sysz | pg
__ 15. Display the list of all exported directories from another system on your local
network using the showmount command. Repeat the command for other systems
on the network. Then display what systems are mounted to which directories on
any system on your network.
# showmount -e sysy (where y is any system on your network)
# showmount -e sysz (where z is another system on your network)
# showmount -a sysy
__ 16. Identify users logged in on the network hosts.
# rusers
<ctrl-c>
Note: If command does not work, check inetd.conf for ruserd entry.
__ 17. Display the status of hosts on your local network.
# rup
<ctrl-c>
Note: If command does not work, check inetd.conf for vstatd entry.
__ 18. Unmount all remote mounted auto file systems.
# umount allr
__ 19. Display the mount table.
# mount
__ 20. Remount all remote autofs.
# automount -v
END OF EXERCISE
Student Exercises
Copyright IBM Corp. 1997, 2001 Exercise 12. Configure and Use NIS 12-1
V1.2.2 BKM2MIF
Uempty
Exercise 12. Configure and Use NIS
This exercise allows students to configure an NIS master server, an
NIS slave server, an NIS client and utilize the passwd and hosts
data maps.
Configure an NIS master server
Configure an NIS slave server
Configure an NIS client
Edit the /etc/passwd file on the NIS master server and use it as
input to build the passwd data map
Log in from any system within their NIS domain
Introduction
Normally there is only one NIS domain with one NIS master server
running on a network. However, this means that only one team
would derive all the benefit of experiencing setting up the NIS
master server; therefore, you will have teams of three systems with
each NIS server/client team having their own NIS domain.
Remember, within each team, one system will be the NIS master
server, one the NIS slave server, and the other system will be the
NIS client. (The master and slave servers will also be clients.)
For everyone to benefit from this configuration process, users on
the system designated as NIS clients should assist and observe the
users on the NIS master and slave servers. At the appropriate time,
the users on the systems designated as the NIS master and slave
servers will assist and observe the NIS clients customizing their
systems.
You and your partner teams must decide which systems will be the
NIS master and slave servers and which system will be the NIS
client. Your team must also decide on the NIS domain name. Get
creative. Just be sure no other team in lab is using the same NIS
domain name. Fill in the host names and NIS domain name in the
chart below:
Student Exercises
NIS
Master
NIS
Slave
NIS
Client
Domain
Name
Student Exercises
V1.2.2 BKM2MIF
Preparing for NIS
ALL SYSTEMS DO INSTRUCTION 1.
__ 1. As root, copy your /etc/passwd and /etc/hosts file to backup file names
/etc/passwd.bak and /etc/hosts.bak.
Configuring the NIS Master Server
DO THE FOLLOWING INSTRUCTIONS ON THE NIS MASTER SERVER ONLY! All NIS
client users should observe and assist at the NIS master server.
The following steps will customize the /etc/passwd file on the NIS master server, configure
the NIS master server, build the passwd data map on the NIS master server, and
customize the NIS master server to also be an NIS client of itself.
__ 2. Ensure that your partner NIS client team is there to observe you setting up your
system as an NIS master server. Log in as root.
__ 3. At a minimum, the /etc/hosts file must have an entry for each system in your NIS
domain. Check the /etc/hosts file and edit appropriately if necessary.
__ 4. Create two new users, master and client. Make each user a member of the
system group. Assign the password password.
__ 5. Using SMIT to add users automatically creates a home directory and .profile file
for each user. Take a moment to think about where the home directory and
.profile file need to reside for each user. User master physically sits and works at
the NIS master server system. master's home directory and .profile file should
exist in the /home directory on the NIS master server system.
User client physically sits and works at the NIS client system; therefore, client's
home directory and .profile file need to be moved to the NIS client system and
deleted from the NIS master system.
Although SMIT is wonderful and does a lot of work for you behind the scenes,
SMIT creates the home directory and .profile file that aren't needed on this
system.
Verify that TCP/IP is up and running on your network and that you can
communicate with your NIS client partner.
ftp to the NIS client system. Create the /home/client directory. Transfer the
/home/client/.profile file. Once the transfer is complete, end the ftp session.
Remove the client's home directory and .profile file from the master system.
Change to the /home directory and list its contents. Ensure that there is no entry
for user client.
Student Exercises
__ 6. Display the /etc/passwd file to ensure that the two users master and client exist.
__ 7. Set your NIS domain name. (Refer to the chart under Introduction on the first
page of this exercise for the domain names.)
__ 8. Configure the NIS master server to start the appropriate NIS daemons and create
the system default NIS data maps.
__ 9. Ensure that the appropriate NIS master server daemons are running. List the
contents of /var/yp/<your_NIS_domain> to see the list of data maps created
during configuration.
__ 10. List the contents of the passwd data map and check the entries against those in
the input file /etc/passwd.
__ 11. Display the /etc/rc.nfs file and follow the flow of the NIS programs and daemons
that are executed. Verify that your domain name was added to this file and the
appropriate daemons were uncommented.
__ 12. Log off and log back in as master. When prompted to change your password,
make it password once again. You'll change it using the NIS command in the next
instruction.
__ 13. Now that you have successfully logged in for the first time, run the yppasswd
command to assign yourself a new password that will update the passwd data
map automatically with your new password.
__ 14. su to root. The two data maps that require the most updates are the passwd and
hosts data maps. Add a new host name and IP address to /etc/hosts and rebuild
the hosts data map. The new host does NOT have to exist on your network.
NOTE: If you do this step before the slave server has been configured, you will get
a message that the master server could not contact the slave server and could not
push an updated copy of the map to the slave. You should see a message that the
hosts map has been pushed.
Configuring the NIS Client
DO THE FOLLOWING INSTRUCTIONS ON THE NIS CLIENT ONLY! All NIS master and
slave server users should observe and assist.
__ 15. Ensure that your partner NIS server team is there to observe you setting up your
system as an NIS client. Log in as root.
__ 16. Check to see that the /home/client directory and the /home/client/.profile file
were successfully created and transferred via ftp. If not, create them.
__ 17. Check the /etc/passwd file to ensure that the user names master and client do
NOT exist. Remove them if they exist.
__ 18. Verify that TCP/IP is up and running and that you can communicate with your NIS
master server.
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 19. Edit /etc/hosts so it contains only an entry for your system and the local loopback.
__ 20. Set the domain name on your system. (Refer to the chart under Introduction for
your domain name.)
__ 21. Configure the NIS client system to start the appropriate NIS daemons.
__ 22. Verify that you have a bind to the NIS master server. To verify, execute the
ypwhich command twice. The first time will initiate the bind; the second will display
to whom you have a bind. Once the bind is displayed, change the ownership of the
/home/client directory and the /home/client/.profile file to user client.
Remember, the directory and file were created by root on the master server and
ftp'd to the client system. The ftp execution copied over the owner as root rather
than client.
__ 23. Log out and log back in as your NIS login user name.
__ 24. Display the passwd data map from the NIS master server using the ypcat
command. Look for your account. Display your /etc/passwd file. Notice the
escape sequence at the end of the file.
NIS Login
The final test of success will be the ability of the users who reside on the NIS master server
to login at the NIS client system, and the users who reside on the NIS client system to login
at the NIS master server system.
__ 25. Switch systems with your partner team and login to their system using your NIS
login. Display the name of your current directory.
__ 26. telnet to your original system and login. End the telnet session.
Configuring the NIS Slave Server
DO THE FOLLOWING INSTRUCTIONS ON THE NIS SLAVE SERVER ONLY! All of the
other participants in your domain should observe and assist at the NIS slave server.
The following steps will set up the /etc/passwd file for the slave server, configure the NIS
slave server, transfer the NIS master server's maps, and test out the client's ability to
rebind to a new server.
__ 27. Ensure that the other participants in your NIS domain are there to observe you
setting up your system as an NIS slave server. Log in as root.
__ 28. Verify that TCP/IP is up and running on your network and that you can
communicate with your NIS master server.
__ 29. Edit the /etc/passwd file to include only those users you wish to be local users and
add the NIS escape sequence to the end of the file. Edit the /etc/hosts file to
include the loopback entry and an entry for this host.
Student Exercises
page of this exercise for the domain name.)
__ 31. Configure the NIS slave server to start the appropriate NIS daemons and transfer
the default NIS data maps from the NIS master.
__ 32. Ensure that the appropriate NIS slave server daemons are running. List the
__ 34. Working with your partners, bring down the NIS master server with a shutdown -F.
__ 35. Working with your partners, execute ypwhich on the NIS client to display the bind.
__ 36. Reboot the NIS master server.
Removing The NIS Configuration
__ 37. Remove the NIS client configuration first, breaking the ypbind connection to the
master or slave. Then remove the master and slave configurations. Check that all
NIS daemons are inactive on all systems. Copy the backup /etc/hosts.bak and
/etc/passwd.bak files to /etc/hosts and /etc/passwd.
END OF EXERCISE
Student Exercises
V1.2.2 BKM2MIF
Preparing For NIS
ALL SYSTEMS DO INSTRUCTION 1
__ 1. As root, copy your /etc/passwd and /etc/hosts files to backup file names
/etc/passwd.bak and /etc/hosts.bak.
# cp /etc/passwd /etc/passwd.bak
Configuring The NIS Master Server
DO THE FOLLOWING INSTRUCTIONS ON THE MASTER SERVER ONLY! All NIS client
users should observe and assist at the NIS master server.
The following steps will customize the /etc/passwd file on the NIS master server, configure
the NIS master server, build the passwd data map on the NIS master server, and
customize the NIS master server to also be an NIS client of itself.
__ 2. Ensure that your partner NIS client team is there to observe you setting up your
system as an NIS master server. Log in as root.
Login: root
Password: <enter root's password>
__ 3. At a minimum, the /etc/hosts file must have an entry for each system in your NIS
domain. Check the /etc/hosts file and edit appropriately if necessary.
# pg /etc/hosts
# vi /etc/hosts (if necessary)
__ 4. Create two new users, master and client. Make each user a member of the
system group. Assign the password password.
# smit
Security & Users
Users
Add a User
(Fill in all the appropriate information to add master and client)
F3 back and select Change a User's Password and assign the password
password.
__ 5. Using SMIT to add users automatically creates a home directory and .profile file
for each user. Take a moment to think about where the home directory and
.profile file need to reside for each user. User master physically sits and works at
Student Exercises
the NIS master server system. master's home directory and .profile file should
exist in the /home directory on the NIS master server system.
User client physically sits and works at the NIS client system; therefore, client's
home directory and .profile file need to be moved to the NIS client system and
deleted from the NIS master system.
Although SMIT is wonderful and does a lot of work for you behind the scenes,
SMIT creates the home directory and .profile file that aren't needed on this
system.
Verify that TCP/IP is up and running on your network and that you can
communicate with your NIS client partner.
ftp to the NIS client system. Create the /home/client directory. Transfer the
/home/client/.profile file. Once the transfer is complete, end the ftp session.
Remove the client's home directory and .profile file from the master system.
Change to the /home directory and list its contents. Ensure that there is no entry
for user client.
F10 to exit SMIT
# ping <NIS_client_system>
# ftp sysy (where y is the number of the NIS client system)
Connected to sysy
220 sysy FTP server ready
Name (sysy:root): root
331 Password required for root
230 User root logged in
ftp> mkdir /home/client
ftp> put /home/client/.profile
ftp> quit
# rm -r /home/client
# cd /home
# ls -al
__ 6. Display the /etc/passwd file to ensure that the two users master and client exist.
# cat /etc/passwd
Student Exercises
V1.2.2 BKM2MIF
Uempty
# smit
NFS
Network Information Service (NIS)
Change NIS Domain Name of this Host *Domain name of this host
[your_NIS_domain] *CHANGE domain name now, at system both restart or
both
__ 8. Configure the NIS master server to start the appropriate NIS daemons and create
the system default NIS data maps.
F3 back to the Network Information Service (NIS) menu
Configure / Modify NIS
Configure this Host as an NIS Master Server
Hosts that will be slave servers [slave_server_name]
*Start the yppasswdd daemon? yes
Take all the defaults for the rest
__ 9. Ensure that the appropriate NIS master server daemons are running. List the
# lssrc -g yp
# ls -al /var/yp/<your_domainname>
# ypcat -k passwd
# cat /etc/passwd
__ 11. Display the /etc/rc.nfs file and follow the flow of the NIS programs and daemons
that are executed. Verify that your domain name was added to this file and the
appropriate daemons were uncommented.
# pg /etc/rc.nfs
__ 12. Log off and log back in as master. When prompted to change your password,
make it password once again. You'll change it using the NIS command in the next
instruction.
Login: <NIS_username>
Password: password
master's New password: password
Enter the new password again: password
Student Exercises
__ 13. Now that you have successfully logged in for the first time, run the yppasswd
command to assign yourself a new password that will update the passwd data
map automatically with your new password.
$ yppasswd
Changing NIS password for master
Old NIS password: password
master's New password: master
Enter the new password again: master
__ 14. su to root. The two data maps that require the most updates are the passwd and
hosts data maps. Add a new host name and IP address to /etc/hosts and rebuild
the hosts data map. The new host does NOT have to exist on your network.
NOTE: If you do this step before the slave server has been configured, you will get
a message that the master server could not contact the slave server and could not
push a copy of the updated map to the slave. You should see a message that the
hosts map has been pushed.
$ su root
# vi /etc/hosts
<add host name and IP address>
# cd /var/yp
# make hosts
OR
# smit
NFS
Network Information Services (NIS)
Manage NIS Maps
Build/Rebuild Maps for the Master Server
.5
Configuring The NIS Client
DO THE FOLLOWING INSTRUCTIONS ON THE NIS CLIENT ONLY! All NIS master
server users should observe and assist.
__ 15. Ensure that your partner NIS server team is there to observe you setting up your
system as an NIS client. Log in as root.
Login: root
__ 16. Check to see that the /home/client directory and the /home/client/.profile file
were successfully created and transferred via ftp. If not, create them.
Student Exercises
V1.2.2 BKM2MIF
Uempty
# cd /home/client
# ls -al
__ 17. Check the /etc/passwd file to ensure that the user names master and client do
NOT exist. Remove them if they exist.
# pg /etc/passwd
__ 18. Verify that TCP/IP is up and running and that you can communicate with your NIS
master server.
# ping <NIS_server>
__ 19. Edit /etc/hosts so it contains only an entry for your system and the local loopback.
# vi /etc/hosts
__ 20. Set the domain name on your system. (Refer to the chart under Introduction for
your domain name.)
# smit
NFS
both
__ 21. Configure the NIS client system to start the appropriate NIS daemons.
Configure / Modify NIS
Configure This Host as an NIS Client
*START the NIS Client now, at system restart, or both? both
__ 22. Verify that you have a bind to the NIS master server. To verify, execute the
ypwhich command twice. The first time will initiate the bind; the second will display
to whom you have a bind. Once the bind is displayed, change the ownership of the
/home/client directory and the /home/client/.profile file to user client.
Remember, the directory and file were created by root on the master server and
ftp'd to the client system. The ftp execution copied over the owner as root rather
than client.
F10 to exit SMIT
# ypwhich
# ypwhich
# chown -R client /home/client
__ 23. Log out and log back in as your NIS login user name.
Student Exercises
# logout
Login: client
__ 24. Display the passwd data map from the NIS master server using the ypcat
command. Look for your account. Display your /etc/passwd file. Notice the
escape sequence at the end of the file.
$ ypcat -k passwd
$ cat /etc/passwd
NIS Login
The final test of success will be the ability of the users who reside on the NIS
master server to login at the NIS client system, and the users who reside on the
NIS client system to login at the NIS master server system.
__ 25. Switch systems with your partner team and login to their system using your NIS
login. Display the name of your current directory.
$ pwd
__ 26. telnet to your original system and login. End the telnet session.
$ telnet <your_host>
<ctrl-d>
Configuring The NIS Slave Server
DO THE FOLLOWING INSTRUCTIONS ON THE NIS SLAVE SERVER ONLY! All of the
other participants in your domain should observe and assist at the NIS slave server.
The following steps will set up the /etc/passwd file for the slave server, configure the NIS
slave server, transfer the NIS master server's maps, and test out the client's ability to
rebind to a new server.
__ 27. Ensure that the other participants in your NIS domain are there to observe you
setting up your system as an NIS slave server. Log in as root.
Login: root
__ 28. Verify that TCP/IP is up and running on your network and that you can
communicate with your NIS master server.
# ping <NIS_master_server>
Student Exercises
V1.2.2 BKM2MIF
Uempty
__ 29. Edit the /etc/passwd file to include only those users you wish to be local users and
add the NIS escape sequence to the end of the file. Edit the /etc/hosts file to
include the loopback entry and an entry for this host.
# vi /etc/passwd
add: +::0:0:::
# vi /etc/hosts
# smit Communications Applications and Services
NFS
both
__ 31. Configure the NIS slave server to start the appropriate NIS daemons and transfer
the default NIS data maps from the NIS master server.
Configure/Modify NIS
Configure This Host as an NIS Slave Server
Hostname of the master server [master_server_name]
Take all other defaults
__ 32. Ensure that the appropriate NIS slave server daemons are running. List the
# lssrc -g yp
# ls -al /var/yp/<your_domainname>
# ypcat -k passwd
# cat /etc/passwd
__ 34. Working with your partners, bring down the NIS master server with a shutdown -F.
On the NIS master server machine, execute:
# shutdown -F
__ 35. Working with your partners, execute ypwhich on the NIS client to display the bind.
On client:
# ypwhich
__ 36. Reboot the NIS master server.
Power on the system
Student Exercises
Removing The NIS Configuration
__ 37. Log in as root. Remove the NIS client configuration first, breaking the ypbind
connection to the master or slave. Then remove the master and slave
configurations. Check that all NIS daemons are inactive on all systems. Copy the
backup /etc/hosts.bak and /etc/passwd.bak files to /etc/hosts and /etc/passwd.
On the NIS client:
# smit
NFS
Remove NIS Client Configuration from this Host
The NIS Client configuration will be removed now
and for every system restart
# lssrc -g yp
# cp /etc/hosts.bak /etc/hosts
# cp /etc/passwd.bak /etc/passwd
On the NIS master and slave:
# smit Communications Applications and Services
NFS
Remove NIS Server Configuration from this Host
The NIS Server configuration will be removed now
and for every system restart
# lssrc -g yp
# cp /etc/hosts.bak /etc/hosts
# cp /etc/passwd.bak /etc/passwd
END OF EXERCISE
V1.2.2
backpg

Au 074 Xstud

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Au 074 Xstud

Transféré par

Droits d'auteur :

Formats disponibles

AIX 5L

Vous aimerez peut-être aussi