How to Configure the Root Server for an IP Address Change
The assumptions here are:- Your NIS+ root domain is called "root.dom".
- The root server is called "master" and has an address of 1.2.3.4.
- You want to change the IP address of the root server to 4.3.2.1.
- You have one replica called "replica", with an address of 1.2.3.5
- You want to change the IP address of the replica to 4.3.2.2
Follow these steps:
1. For all the NIS+ servers, add entries for their new IP addresses.
The following commands add the master's and replica's new IP addresses.
nistbladm -a addr=4.3.2.1 name='"master"' cname='"master"' hosts.org_dir
nistbladm -a addr=4.3.2.2 name='"replica"' cname='"replica"' hosts.org_dir
2. Use nisupdkeys to update the IP addresses in the directory objects with
these commands: (You must have nisplus first for the hosts line in /etc/nsswitch.conf)
/usr/lib/nis/nisupdkeys -a groups_dir.root.dom.
/usr/lib/nis/nisupdkeys -a org_dir.root.dom.
/usr/lib/nis/nisupdkeys -a root.dom.
Note: You will need to do this for any other directory object hosted on the machine.
3. Start up a second logical interface on each NIS+ server with the
new IP address.
On the master, run this command:
ifconfig le0:1 4.3.2.1 netmask + broadcast + -trailers up
On the replica, run this command:
ifconfig le0:1 4.3.2.2 netmask + broadcast + -trailers up
4. Push the new directory objects to all the replica servers with
this command:
/usr/lib/nis/nisping root.dom.
/usr/lib/nis/nisping groups_dir.root.dom.
/usr/lib/nis/nisping org_dir.root.dom.
5. Wait for the time-to-live of all the directory objects to expire.
This is REALLY important. Do not skip this step. Typically the
time-to-live is 12 hours, so wait for 12 hours. You can check
time-to-live with the command:
niscat -o root.dom. groups_dir.root.dom. org_dir.root.dom.
You can change the time-to-live on the directory objects to speed
the process up. To change the time-to-live of an object to 1 hour
use the command nischttl.
nischttl 1h root.dom.
nischttl 1h groups_dir.root.dom.
nischttl 1h org_dir.root.dom.
If you are going to adjust the time-to-live for the object you will need to
wait for 12 hours to propagate the new time-to-live.
6. To keep a completely transparent service, set up one ormore
systems to act as a gateway between the two logical networks.
To do this on one system, follow these steps:
7. For each client, follow these steps:
a. Edit the hosts.org_dir table entry to reflect the new IP address.
b. Edit the /etc/hosts file.
c. Reboot the client.
8. Remove the old IP address entries for the NIS+ root servers from
the hosts map, so that only the new IP entries remain by following
these steps:
a. Update the IP addresses in the directory objects with these
commands:
/usr/lib/nis/nisupdkeys -a groups_dir.root.dom.
/usr/lib/nis/nisupdkeys -a org_dir.root.dom.
/usr/lib/nis/nispupkeys -a root.dom.
b. Propagate the changes to all replicas with these commands:
/usr/lib/nis/nisping groups_dir.root.dom.
/usr/lib/nis/nisping org_dir.root.dom.
/usr/lib/nis/nisping root.dom.
c. Wait for the time-to-live to expire (usually 12 hours) so that
the old server IP address information is cleared from client
caches.
9. Once all the clients are done, follow these steps:
a. ifconfig the old (logical) interfaces on the NIS+ servers down
by
running, for example:
ifconfig le0 down.
b. Remove the old entries from the host table.
c. Edit the /etc/hosts files.
d. On the system on which you started the in.routed, turn it
off again and reset ip_forwarding to its old value.
| Home | FAQ |
XML Feeds