Вы находитесь на странице: 1из 499

Installing and Administering Internet Services

HP 9000 Networking

Edition 8

Administering Internet Services HP 9000 Networking Edition 8 Manufacturing Part Number: B2355-90685 E1200 U.S.A. ©

Manufacturing Part Number: B2355-90685

E1200

U.S.A.

© Copyright 2000, Hewlett-Packard Company.

Legal Notices

The information in this document is subject to change without notice.

Hewlett-Packard makes no warranty of any kind with regard to this manual, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Hewlett-Packard shall not be held liable for errors contained herein or direct, indirect, special, incidental or consequential damages in connection with the furnishing, performance, or use of this material.

Warranty. A copy of the specific warranty terms applicable to your Hewlett-Packard product and replacement parts can be obtained from your local Sales and Service Office.

Restricted Rights Legend. Use, duplication or disclosure by the U.S.

Government is subject to restrictions as set forth in subparagraph (c) (1)

(ii) of the Rights in Technical Data and Computer Software clause at

DFARS 252.227-7013 for DOD agencies, and subparagraphs (c) (1) and

(c) (2) of the Commercial Computer Software Restricted Rights clause at

FAR 52.227-19 for other agencies.

HEWLETT-PACKARD COMPANY 3000 Hanover Street Palo Alto, California 94304 U.S.A.

Use of this manual and flexible disk(s) or tape cartridge(s) supplied for this pack is restricted to this product only. Additional copies of the programs may be made for security and back-up purposes only. Resale of the programs in their present form or with alterations, is expressly prohibited.

Copyright Notices. ©copyright 1983-2000 Hewlett-Packard Company, all rights reserved.

Reproduction, adaptation, or translation of this document without prior written permission is prohibited, except as allowed under the copyright laws.

©copyright 1979, 1980, 1983, 1985-93 Regents of the University of California

This software is based in part on the Fourth Berkeley Software Distribution under license from the Regents of the University of

California.

©copyright 1980, 1984, 1986 Novell, Inc. ©copyright 1986-1992 Sun Microsystems, Inc. ©copyright 1985-86, 1988 Massachusetts Institute of Technology. ©copyright 1989-93 The Open Software Foundation, Inc. ©copyright 1986 Digital Equipment Corporation. ©copyright 1990 Motorola, Inc. ©copyright 1990, 1991, 1992 Cornell University ©copyright 1989-1991 The University of Maryland ©copyright 1988 Carnegie Mellon University

Trademark Notices UNIX is a registered trademark of The Open Group.

X Window System is a trademark of the Massachusetts Institute of Technology.

MS-DOS and Microsoft are U.S. registered trademarks of Microsoft Corporation.

OSF/Motif is a trademark of the Open Software Foundation, Inc. in the U.S. and other countries.

Contents

1. Product Overview

The Internet Services

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.21

Military Standards and Request for Comment Documents

 

.25

2. Installing and Configuring Internet Services

 

Installing the Internet Services Software

.29

Configuring the Name Service Switch

.30

. Troubleshooting the Name Service Switch

Default Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.32

.32

Configuring Internet Addresses

.34

To Choose

a Name

Service .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.34

To Edit the /etc/hosts File

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.35

. To Change a Host’s IP Address

To

.

Configure

Routes .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.36

.37

Configuring the Internet Daemon, inetd

.39

To Edit the /etc/inetd.conf

.39

To Edit the /var/adm/inetd.sec File

.40

Configuring Logging for the Internet Services

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.42

. To Maintain System Log Files

To Configure syslogd

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.42

.43

To Configure inetd Connection Logging

.43

To Configure ftpd Session Logging

.44

Configuring

ftp.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.45

Configuring Anonymous ftp Access

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.46

. To Create the Anonymous ftp Directory

To Add User ftp to /etc/passwd

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.46

.46

Configuring ftp with /etc/ftpd/ftpaccess

.50

Enabling/Disabling the ftpaccess

.50

Contents

Configuring Logging for

ftp

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

51

. Logging ftp File Transfers

Logging

ftp Sessions .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

51

51

Installing sendmail

.

.

.

.

.

.

.

.

.

.

.

.

.

. Installing sendmail on a Standalone System

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

53

53

Installing sendmail on a Mail

 

54

Installing sendmail on a Mail Client

55

Verifying Your sendmail

57

Troubleshooting sendmail

 

60

Keeping the Aliases Database Up to

60

Verifying Address Resolution and Aliasing

60

Verifying Message Delivery

61

Contacting the sendmail Daemon to Verify

62

Setting Your Domain Name

63

Attempting to Start Multiple sendmail

63

Configuring and Reading the sendmail Log

64

Printing and Reading the Mail

67

3.

Configuring and Administering the BIND Name Service

 

Overview of the BIND Name Service

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

73

Benefits of Using BIND

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

73

The

DNS

Name

Space.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

74

. How BIND Resolves Host Names

How BIND Works

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

76

78

Creating and Registering a New Domain

81

Configuring the Name Service Switch

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

83

Choosing Name Servers for Your Domain

. To Choose the Type of Name Server to Run

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

84

84

To Choose Which Servers Will Be Master Servers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

85

Contents

Configuring a Primary Master Name

.86

To Create the Data Files for a Primary Master Server

.86

To Set the Default Domain Name

.88

The BIND Configuration File

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.88

options Statement

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.94

Migrating /etc/named.boot to /etc/named.conf

.106

The Primary Master Server’s Boot

.106

The Primary Master Server’s Cache File

.107

The

db.127.0.0

File .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.109

The Primary Master Server’s db.domain Files

To Add a Host to the Domain Data Files

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.111

The Primary Master Server’s db.net Files

.114

.116

To Delete a Host from the Domain Data Files

.117

Configuring a Secondary Master Name Server

 

.118

Creating Secondary Server Data Files via hosts_to_named

.118

To Create the Secondary Master Server’s Data Files Manually

.119

To Set the Default Domain Name

.120

Configuring a Caching-Only Name

.121

Configuring the Resolver to Query a Remote Name Server

.123

Configuring the Resolver to Set Timeout Values

. Configuring Timeout Values using Environment Variables

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.125

.125

Configuring Timeout Values using the Configuration File

.126

Configuring Timeout Values using Sample Program With Timeout Values

.126

.127

Starting the Name Server Daemon

.128

Verifying the Name Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.128

Updating Network-Related Files To Update /etc/hosts.equiv and

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.130

.130

To Update /var/adm/inetd.sec and $HOME/.netrc

.130

Contents

To Update /etc/hosts

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

130

Delegating a Subdomain

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

131

Configuring a Root Name

132

Configuring BIND in

134

The Logging

System.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

135

Troubleshooting the BIND Name Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

136

Troubleshooting Tools and Techniques

 

136

Problem

Symptoms .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

138

Name

Server

Problems .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

140

Understanding Name Server Debugging Output

 

145

Name

Server

Statistics .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

148

4.

Installing and Administering sendmail

 

Deciding Whether to Install sendmail

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

156

Installing sendmail

.

.

.

.

.

.

.

.

.

.

.

.

. Installing sendmail on a Standalone System

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

157

157

Installing sendmail on a Mail

 

158

Installing sendmail on a Mail Client

159

Verifying Your sendmail

161

Creating sendmail Aliases

164

Adding sendmail Aliases to the Alias Database

 

164

. Managing sendmail Aliases with NIS or NIS+

Verifying Your sendmail Aliases

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

168

168

Rewriting the “From” Line on Outgoing Mail

 

169

Forwarding Your Own Mail with a .forward File

170

How sendmail Works

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

171

Message Structure

How sendmail Collects

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

171

172

Contents

How sendmail Routes Messages

 

.172

Default Client-Server Operation

.178

How sendmail Handles Errors

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.180

Sendmail and the LDAP Protocol

 

.183

Enabling Address Lookups Using LDAP

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.183

Modifying the Default sendmail Configuration File

 

.185

The sendmail Configuration

.185

Restarting

sendmail .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.186

Forwarding Non-Domain Mail to a Gateway

 

.186

Configuration Options

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.186

Migrating the sendmail Configuration File

 

.188

Security

.

. Turning Off Standard Security

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.190

.190

Configuring sendmail to Reject Unsolicited Mail

.

.

.

.

.

.

.

.

.

.

.

.194

Enabling “Anti-Spamming” Capability

 

.194

Accepting and Rejecting Mail From Particular Senders

 

.194

Preventing Unauthorized Mail Relay Usage

.195

. Sendmail Anti-Spamming

Sendmail

Validation .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.197

.197

Enabling Sendmail Anti-Spamming Security

 

.198

Using the Access Database to Allow or Reject Mail Messages

 

.198

Relaying Capability

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.200

Validating

Senders .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.201

Header Checking

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.203

Turning off Virtual

.206

Troubleshooting

 

.207

Keeping the Aliases Database Up to Date

.207

Verifying Address Resolution and

.208

Verifying Message Delivery

.208

Contents

 

Contacting the sendmail Daemon to Verify

 

209

Setting Your Domain Name

210

Attempting to Start Multiple sendmail

210

Configuring and Reading the sendmail Log

211

Printing and Reading the Mail

214

5.

Configuring TFTP and BOOTP Servers

 

Chapter Overview

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

219

How BOOTP Works

.

.

.

.

.

.

.

.

.

.

.