Solved

ypbind slows the machine ?

Posted on 1997-12-11
9
356 Views
Last Modified: 2010-03-18
When starting ypbind (version 5.0 installed with RedHat 5.0)
machine slows down dramatically.

For example untarring (ypbin-v3.0.tgz) with ypbind running
it takes 3 minutes but without ypbind it takes apx. 0.1
seconds. Also NIS logins and working over NFS is slow.
Root login is as fast as it should be. Everything is
configured like in RedHat 4.2 and it worked fine.

If I start ypbind -debug it gives debug information like
below.

      pinging server <IP>, port 715
      .
      .
      .
      YPBINDPROC_DOMAIN_2: server <IP>, port 715
      pinging server <IP>, port 715
      .
      .
YPBINDPROC_DOMAIN_2 appeared when starting tar.

It might also give error message to /var/log/messages
  Dec  9 20:12:43 <machine> ypbind[291]: <ypserver>: RPC: Timed out
0
Comment
Question by:Mika_Saari
  • 5
  • 4
9 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1587078
Sounds that your NIS-server does not respond.
Check with  ypwhich. If you get a hostname, check if this name matches the IP specified in /etc/zp.conf .
Check also if you can ping this name and/or IP.
0
 

Author Comment

by:Mika_Saari
ID: 1587079
NIS server responds alright (HP machine) and it gives
all yp data to my linux machine right.

yp.conf is configured like
  domain <our domain> server <server name>

Sometimes NIS drops but leaves ypbind (master) and (slave)
running. Now if I kill ypbind (master) (slave) and restart
them, yp works fine (except extremely slow machine) till it drops again (after 30 minutes).

And if NIS is working (ypbind is running) everything is slow.
But if I kill ypbind everything works as they should work
execpt NIS which is switched off (NIS is mandatory).
0
 

Author Comment

by:Mika_Saari
ID: 1587080
I noticed that after adding row
+:*:0:0:::  to /etc/passwd
everything slows down not before.

If I don't add this row to passwd login
won't work.

Even I remove this row from /etc/passwd
NIS drops after (apx. 30 minutes)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1587081
I just have  +  in my linux's /etc/passwd .

If you now tell me that you have HP-UX 9.x running on series 700, I give up.
My HPs have similar problems, except they are NIS clients, not servers. I made several problem requests at HP's support line about very low performance (as you described above) in NIS and/or DNS environment, but they (HP support) did not investigate much time, just told me to upgrade hard-/software :-((

Are there some HP people reading this? Tell your company.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:Mika_Saari
ID: 1587082
Yes it is really HP-UX 9.X in 700 series NIS server.

The problem started when I had to add that row to
/etc/passwd AND

to /etc/nsswitch.conf
passwd: compat
group:  compat

What ever they mean I don't know there wasn't specs
in documents.

In RedHat 4.2 it was OK to have only NIs enabled
and nsswitch.conf had rows

passwd:  nis files
group:   nis files

But not anymore ? I think everythink should be OK
if I can get rid of that row in /etc/passwd.
But if I get rid of it any NIS users can not log in.

And if I change nsswitch.conf to be like in 4.2
(with out that compat) I can not login even I am
using root account (No body can not log in if
I change "compat" to "nis files")

If ahoffmann you know how can I get rid of that
row in /etc/passwd while using still NIS accounts.
I think it's ok.

I can later check that HP-UX 10.X NIs server.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 200 total points
ID: 1587083
On your NIS server (HP-UX):
I assume that you have configured ypmake using passwd and group from /etc . If so, you don't need those + lines in passwd and group, they are wrong there.

More detailed: the files served by NIS must not contain these lines.
I've to look at nsswitch.conf, where did you have it? on client or server? I just can remember it having on SunOS.

How is your hostname resolution? by hosts or by DNS or by NIS too?
0
 

Author Comment

by:Mika_Saari
ID: 1587084
Hi again.

Yes in fact I do not need them in /etc/passwd BUT
NIS users can not log in If line is not in the /etc/passwd.
(In redhat 4.2 I didn't need lines in passwd and group)

--------------------------------------------------------

In old machine I had nsswitch.conf in my client
it looked like

passwd:  nis files
group:   nis files

--------------------------------------------------------

NOW in Redhat linux it looks like (also in linux client)

passwd:  compat
group:   compat

Why so I don't know.

--------------------------------------------------------

If in new RedHat linux is configured like
passwd: nis files
group:  nis files

then login is impossible for everybody (root also). And
I don't know why ?

---------------------------------------------------------

I have DNS in other HP 9.X 700 Series (Which I am using from linux client) .Also some entries in /etc/hosts (Like loopback and own name, dns and nis server name).


0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 1587085
Some miss-understanding here ..

/etc/passwd on the clients have the + line
/etc/passwd on the server might have the + line depending on:
  the host is NIS client to itself **AND** /etc/passwd is not the  file served by NIS
/var/yp/passwd (or whereever it is) must not have the + line
same applies to /etc/group.

I don't have RedHat, but AFAIK  /etc/nsswitch.conf has nothing to do with the kernel, but with the ypbind distribution.
I only know this file from SunOS and HP-UX, but have not seen it on Linux. Could you please verify your Linux man pages about ypbind (or however it's called).

About DNS and NIS.
Take care that NIS domains are different from DNS domains (you know, I'm shure:).
Also keep in mind that it is a good idea to specify NIS server with IP not with hostname (you just gave a variable example of you yp.conf). I'm not shure about if all the problems/conflicts arrising with such a configuration are solved on Linux (my knowlege/experience dates back to SunOS, HP-UX 8.x). But Linux has  /etc/host.conf  where you can define the searching order for hostname resolution. In doubt, use IP for NIS server specification on the client, this is savest.

Some things to test ..
ypwhich  - does it return soon the NIS server's name?
ypcat passwd  - does return soon, or is there also a delay_
0
 

Author Comment

by:Mika_Saari
ID: 1587086
Oh sorry my english is not as good as I would like to have.
I understood your last comment a little bit wrong. I
hope I understood it now.

In mu NIS server (HP) dowsn't use NIS or it is not it's
own nis. The files are straight in /etc/passwd and in
/etc/group. And yes I execute ypmake to get the
yp information being shown in the network.

Yes it looks like and acts like nsswitch.conf is nothing
to do with kernel only with ypbind.

I changed the server in yp.conf to be introduced using
IP not the name. (Still jams)

ypwhich returns the name very quicly.
ypcat passwd returns the data also very quicly.

Do you know what tha compat means in nsswitch.conf?
Should it be something else (files nis doesn't work)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now