Solved

AIX 5.1 FTP stopped working!  Waiting for welcome message

Posted on 2011-03-14
17
941 Views
Last Modified: 2013-11-17
Today randomly can not access FTP.  I can telnet to server fine, but not FTP.  
I tried stopping and starting the ftp subserver, but no luck.

If I telnet to AIX, then FTP to itself, it works fine.  But when I FTP from windows, I never get the welcome message.


Only thing different today, is that our domain/exchange server, is down due to the fact we are migrating from SBS 2003 to SBS 2008.

I dont understand at all, how this could effect FTP from windows computers to the AIX, but it is the only different thing going on right now.

Any ideas?
0
Comment
Question by:Xetroximyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
17 Comments
 

Author Comment

by:Xetroximyn
ID: 35134490
FYI -- I tried to FTP from command line from our redhat box, and it will NOT work.

The AIX has two network interfaces.
192.168.1.7  (basically everything goes through here)
192.1.1.7  (This is a different small network, just used for the AIX, and our dialer to communicate)

If I telnet to the dialer on the 192.1.1 network, and try to ftp to the AIX at 192.1.1.7, then it works.

I am stumped.

Any ideas?
0
 

Author Comment

by:Xetroximyn
ID: 35134504
correction -- when I FTP from the redhat box to 192.168.1.7 is DOES work.  It just took a LONG time (45-75 seconds) for the welcome message to come up, and for it to prompt me for user and password.    
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 35136054
Hi,

it seems that your inactive Domain Server would normally act as a Name Server for your domain, and that ftpd is not able to look up the DNS name of the client machine (or has to wait for the timeout).

Verify this by (temporarily) adding the hostname of the Windows client to /etc/hosts on AIX.
Please check beforehand that AIX's /etc/netsvc.conf contains "local" in the "hosts=" entry (best at the first position, before bind).

wmp

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:Xetroximyn
ID: 35138095
Thanks!

so confused though.....  I didnt think FTP used DNS at all.  FTP servers look up the name of the client?  Is that standard or an AIX thing?

And dont understand why it would work from redhat, but not from windows.

Anyway -- the domain server (old one) is up right now.  Apparently there were problems with the migration, so it will be finished later.   At which point, I will need FTP to work on the AIX.

Since it is working now, I cant do the troubleshooting with the hosts file.  (and come time, I cant easily put info in the hosts file for all the people who need FTP access)

How would I change the AIX dns settings?  Like so it uses our sonicwall instead of domain server for DNS or something like that?

0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 35138191
DNS is configured in /etc/resolv.conf

Here is a detailed explanation:

http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.files/doc/aixfiles/resolv.conf.htm

Basically it's the entry:

nameserver xxx.xxx.xxx.xxx

which you must customize.

wmp
0
 

Author Comment

by:Xetroximyn
ID: 35138311
Thanks!  So if I change resolv.conf, so I have to restart something for it to take effect, or is it immediate?  

And if I have to restart something like inetd, would that interfere with telnet sessions in progress?

0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 35138335
It's immediate!

The resolver routines check /etc/resov.conf at each call, they don't store anything.

And even if you had to refresh (not restart) inetd, running sessions would not be affected.

0
 

Author Comment

by:Xetroximyn
ID: 35138406
awesome -- thanks!

And just to confirm -- telnet does not use any DNS does it?  (just making sure, since I thought FTP did not use any DNS)

I just want to make sure any changes I make to DNS to troubleshoot FTP, I wont end up potentially locking my self out of telnet too!
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 35138761
The fact that telnet works is probably due to the "-c" flag of telnetd being used.

Check with lssrc -ls inetd on AIX.

If you see "telnetd -c" at the end of the "telnet" line you're actually suppressing reverse lookups, which I assume.

But if you configure a working name server in /etc/resolv.conf you can't do anything wrong, can you?

Further, you can always check by opening a second telnet session after making changes, leaving the first session running.
This way you could revert the changes using the first session should the second one fail to initialize.

By the way, ftpd also has the "-c" flag. To suppress reverse lookups once and for all you could add the "-c" flag to the appropriate line in /etc/inetd.conf:

ftp   stream  tcp6  nowait  root  /usr/sbin/ftpd    ftpd -c

Issue "refresh -s inetd" and you're done.

(OK, the above assumes that you're using IBM's own ftpd and not a third party product).

wmp
0
 

Author Comment

by:Xetroximyn
ID: 35138885
Sweet!  Ill just use the -c flag!  thanks!  

Just curious -- what is the point of reverse name lookups anyway?

0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35139096
Please check with "man ftpd" beforehand!

I just reread your Q and noticed that it's AIX 5.1 (really?)

Im actually not quite sure if the ftpd of AIX 5.1 already had the "-c" flag!

Reverse lookup is used to put the hostname instead of the IP address into the log and to make sure that the client comes from a well-known host and isn't using some spoofed IP.

wmp
0
 

Author Comment

by:Xetroximyn
ID: 35139370
Yep - no -c flag.... just has
/usr/sbin/ftpd [ -d ] [ -f ] [ -ff ] [ -k ] [ -l ] [ -t TimeOut ] [ -T MaxTimeOut ] [ -s ] [ -u OctalVal ]

So there is no way I can prevent it from doing the reverse lookups huh?

I guess I will try pointing it at the router and see how it goes.  

p.s. yep -- your eyes do not deveive you.  5.1 -- really....  We didn't every upgrade because of software that only ran on 5.1 and we would have to pay something ridiculous for new version.

Funny though -- we pay all this extra money to IBM for support, and they suck at supporting 5.1, because nobody remembers it.

Anyway -- IBM will no longer offer ANY support for AIX 5.1 after the end of this month.   So we will be migrating soon!   I cant wait!





0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35139411
>>  I cant wait! <<

Me neither! If you need assistance in migrating - let me know!

wmp
0
 

Author Comment

by:Xetroximyn
ID: 35139509
strange.  

the -c flag actually does work!  I guess the ftpd I have is more updated than the man documentation.

I changed resolv to point to sonicwall -- which did not work.  but then with it not working, I put the -c flag back in, and it started working right away!  

But just to fix it for both ways I also tried pointing the resolv.conf to the redhat server, and that works fine.  

Thanks for all your help!

0
 

Author Comment

by:Xetroximyn
ID: 35139618
Just saw you last post -- thanks!  I will surely be talking to you if there are problems migrating....  

Though I am more used to redhat myself - in a way I am almost sad we are migrating to redhat instead of current AIX.  You have got to be the single most helpful, and knowledgeable SME I have ever had the pleasure of getting help from in ANY forum.  You have saved me so many times while I have been working with this ancient AIX 5.1 box over the last year and a half. You are more helpful than IBM's support!

Since you seem to be such an AIX expert, I am guessing I wont see you as much, when my questions begin to be about redhat/general linux questions.  

Anyway -- THANKS for ALL your help, not just in this thread, but all my AIX threads.  You are awesome!

0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35139710
Good luck to you and thanks for the nice compliments!

I'm not quite unfamiliar with Linux, mabe wel'll meet again!

All the best and always have fun!

Norbert (the wmp)





0
 

Author Closing Comment

by:Xetroximyn
ID: 35141911
Thanks!
0

Featured Post

Learn by Doing. Anytime. Anywhere.

Do you like to learn by doing?
Our labs and exercises give you the chance to do just that: Learn by performing actions on real environments.

Hands-on, scenario-based labs give you experience on real environments provided by us so you don't have to worry about breaking anything.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question