zones-discuss@opensolaris.org
[Top] [All Lists]

Re: [zones-discuss] netmask warning, misconfiguration

Subject: Re: [zones-discuss] netmask warning, misconfiguration
From: "Jordan Brown (Sun)"
Date: Fri, 30 Nov 2007 10:38:05 -0800
David.Comay@xxxxxxx wrote:
> What does the "netmasks" entry in /etc/nsswitch.conf say?  A common
> issue is that a user changes their local /etc/netmasks file but their
> the switch says to use something like "nis".

Bingo!  Thanks!

>> (I also tried 172.20.0.0 on the theory that maybe it wanted me to set 
>> the netmask for the entire Class B, but no dice.)
> 
> Actually, that's exactly what you should be using in your local
> /etc/netmasks entry.

I'm not sure, but reading netmasks(4) I don't think so.  Note that it 
has an example entry:
128.32.27.16 255.255.255.240
and says that the system uses the longest prefix found.

OTOH, I don't immediately understand how the example can work.  It says 
that 128.32.*.* (except for the exclusions) gets a 24-bit netmask, but I 
don't see how that can be unambiguously determined.  The example *seems* 
to want to explicitly specify a 28-bit netmask for several ranges and a 
24-bit netmask for the rest, but how can it distinguish between 
requesting that 128.32.*.* is all 24-bit and requesting that 128.32.0.* 
is all 24-bit?  (For that matter, why isn't it specifying that 
128.001?????.*.* is 24-bit?)

> Although I do suggest that specifying the prefix
> length (such as /24) via zonecfg(1M) is the best solution.

Point-specifying a global value seems like the wrong answer. 
Normalization says that you should specify the global value in one 
place, not replicated across many.  (Less abstractly, that you should 
specify the netmask in one place, not individually for each address that 
uses it.)
_______________________________________________
zones-discuss mailing list
zones-discuss@xxxxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>