mbr@flash.bellcore.com (Mark Rosenstein) (12/29/90)
A novice (me) writes:
Does someone have a sufficient set of tests that one can run from
Unix, to see if installing system software from a file on a remote
system will work. For instance: it seems one needs tftp access
to the directory. So I munged in inetd.conf, and then from the machine
I was going to do the installation on, from unix, I could tftp one
of the files in the directory. I haven't figured out how to test
if bootp is working correctly from Unix. I don't know if other
condtions must be true for this to work, but I know that the
monitor's little message "No server for {the machine with the files}"
is not helping me debug this problem. I have tried n variations
on the
machine name/internet address/with-a-following-slash/without-a-following-slash
etc.
other possibly confounding info:
The machine with the files is a 340 which I put the installation and
maintance files on using distcp, the machine I want to install stuff
on are 4D/25s. I tried using the tape drive on the 340 instead of
the files (adding /dev/tape and /dev/nrtape to inetd.conf) and got
the same message.
Any help, especially hints on how to systematically debug this would
make my New Year. I feel like Jacob Marley dragging the bleepin'
tape drive from machine to machine. The reason I'd like to do this
from Unix is that this problem could be something trivial or subtle
and the monitor is just not the place.
Thanks.
Mark Rosensteinvjs@rhyolite.wpd.sgi.com (Vernon Schryver) (12/31/90)
"No server" messages mean no server answered the client. Common causes are:
-wrong IP address in NVRAM (use `printenv` etc in the PROM, to ensure
the target machine knows its address even without a disk. Yes, you
could use /etc/ethers, bootparam, and the rest, but this is easier.)
-gateway not forwarding bootp/RFC-951 requests (check messages in
SYSLOG on the gateways, maybe turn on some debugging on bootp in
inetd.conf. If you have non-IRIS gateways, see if they forward
bootp. CISCO had a bug & by now should have new firmware.)
I never remember, but don't think tftp/inetd.conf permission switches/problems
give that message. It might be handy to open tftp wide open.
NOTE: Tftp is a small security hole even if opened all of the way, compared
to the holes created by human acts (sometimes unintentionally) on
almost all machines. The worst tftp can do is get to a file anyone on
the target machine can get. It's no worse than an open guest account.
(Any other access by tftp would be a newly discovered bug.) We have to
ship tftp maximally safe to protect customers who care.
Essentially all software inside SGI is installed from disk copies of the
tapes. There are hundreds of us who are supposed to install each of the
many dozens of builds of each release. The median engineer probably
installs at least 3 times/month. If you have any lab machines to play
with, you can easily install all of IRIX more than a hundred times/year,
year in and year out. IRIX TCP/IP has gotten reasonably fast partly just
to support this fun activity.
Vernon Schryver, vjs@sgi.com