AIX 5.1 FTP stopped working! Waiting for welcome message

Today randomly can not access FTP.  I can telnet to server fine, but not FTP.  
I tried stopping and starting the ftp subserver, but no luck.

If I telnet to AIX, then FTP to itself, it works fine.  But when I FTP from windows, I never get the welcome message.


Only thing different today, is that our domain/exchange server, is down due to the fact we are migrating from SBS 2003 to SBS 2008.

I dont understand at all, how this could effect FTP from windows computers to the AIX, but it is the only different thing going on right now.

Any ideas?
XetroximynAsked:
Who is Participating?
 
woolmilkporcConnect With a Mentor Commented:
The fact that telnet works is probably due to the "-c" flag of telnetd being used.

Check with lssrc -ls inetd on AIX.

If you see "telnetd -c" at the end of the "telnet" line you're actually suppressing reverse lookups, which I assume.

But if you configure a working name server in /etc/resolv.conf you can't do anything wrong, can you?

Further, you can always check by opening a second telnet session after making changes, leaving the first session running.
This way you could revert the changes using the first session should the second one fail to initialize.

By the way, ftpd also has the "-c" flag. To suppress reverse lookups once and for all you could add the "-c" flag to the appropriate line in /etc/inetd.conf:

ftp   stream  tcp6  nowait  root  /usr/sbin/ftpd    ftpd -c

Issue "refresh -s inetd" and you're done.

(OK, the above assumes that you're using IBM's own ftpd and not a third party product).

wmp
0
 
XetroximynAuthor Commented:
FYI -- I tried to FTP from command line from our redhat box, and it will NOT work.

The AIX has two network interfaces.
192.168.1.7  (basically everything goes through here)
192.1.1.7  (This is a different small network, just used for the AIX, and our dialer to communicate)

If I telnet to the dialer on the 192.1.1 network, and try to ftp to the AIX at 192.1.1.7, then it works.

I am stumped.

Any ideas?
0
 
XetroximynAuthor Commented:
correction -- when I FTP from the redhat box to 192.168.1.7 is DOES work.  It just took a LONG time (45-75 seconds) for the welcome message to come up, and for it to prompt me for user and password.    
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
woolmilkporcConnect With a Mentor Commented:
Hi,

it seems that your inactive Domain Server would normally act as a Name Server for your domain, and that ftpd is not able to look up the DNS name of the client machine (or has to wait for the timeout).

Verify this by (temporarily) adding the hostname of the Windows client to /etc/hosts on AIX.
Please check beforehand that AIX's /etc/netsvc.conf contains "local" in the "hosts=" entry (best at the first position, before bind).

wmp

0
 
XetroximynAuthor Commented:
Thanks!

so confused though.....  I didnt think FTP used DNS at all.  FTP servers look up the name of the client?  Is that standard or an AIX thing?

And dont understand why it would work from redhat, but not from windows.

Anyway -- the domain server (old one) is up right now.  Apparently there were problems with the migration, so it will be finished later.   At which point, I will need FTP to work on the AIX.

Since it is working now, I cant do the troubleshooting with the hosts file.  (and come time, I cant easily put info in the hosts file for all the people who need FTP access)

How would I change the AIX dns settings?  Like so it uses our sonicwall instead of domain server for DNS or something like that?

0
 
woolmilkporcConnect With a Mentor Commented:
DNS is configured in /etc/resolv.conf

Here is a detailed explanation:

http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.files/doc/aixfiles/resolv.conf.htm

Basically it's the entry:

nameserver xxx.xxx.xxx.xxx

which you must customize.

wmp
0
 
XetroximynAuthor Commented:
Thanks!  So if I change resolv.conf, so I have to restart something for it to take effect, or is it immediate?  

And if I have to restart something like inetd, would that interfere with telnet sessions in progress?

0
 
woolmilkporcConnect With a Mentor Commented:
It's immediate!

The resolver routines check /etc/resov.conf at each call, they don't store anything.

And even if you had to refresh (not restart) inetd, running sessions would not be affected.

0
 
XetroximynAuthor Commented:
awesome -- thanks!

And just to confirm -- telnet does not use any DNS does it?  (just making sure, since I thought FTP did not use any DNS)

I just want to make sure any changes I make to DNS to troubleshoot FTP, I wont end up potentially locking my self out of telnet too!
0
 
XetroximynAuthor Commented:
Sweet!  Ill just use the -c flag!  thanks!  

Just curious -- what is the point of reverse name lookups anyway?

0
 
woolmilkporcCommented:
Please check with "man ftpd" beforehand!

I just reread your Q and noticed that it's AIX 5.1 (really?)

Im actually not quite sure if the ftpd of AIX 5.1 already had the "-c" flag!

Reverse lookup is used to put the hostname instead of the IP address into the log and to make sure that the client comes from a well-known host and isn't using some spoofed IP.

wmp
0
 
XetroximynAuthor Commented:
Yep - no -c flag.... just has
/usr/sbin/ftpd [ -d ] [ -f ] [ -ff ] [ -k ] [ -l ] [ -t TimeOut ] [ -T MaxTimeOut ] [ -s ] [ -u OctalVal ]

So there is no way I can prevent it from doing the reverse lookups huh?

I guess I will try pointing it at the router and see how it goes.  

p.s. yep -- your eyes do not deveive you.  5.1 -- really....  We didn't every upgrade because of software that only ran on 5.1 and we would have to pay something ridiculous for new version.

Funny though -- we pay all this extra money to IBM for support, and they suck at supporting 5.1, because nobody remembers it.

Anyway -- IBM will no longer offer ANY support for AIX 5.1 after the end of this month.   So we will be migrating soon!   I cant wait!





0
 
woolmilkporcCommented:
>>  I cant wait! <<

Me neither! If you need assistance in migrating - let me know!

wmp
0
 
XetroximynAuthor Commented:
strange.  

the -c flag actually does work!  I guess the ftpd I have is more updated than the man documentation.

I changed resolv to point to sonicwall -- which did not work.  but then with it not working, I put the -c flag back in, and it started working right away!  

But just to fix it for both ways I also tried pointing the resolv.conf to the redhat server, and that works fine.  

Thanks for all your help!

0
 
XetroximynAuthor Commented:
Just saw you last post -- thanks!  I will surely be talking to you if there are problems migrating....  

Though I am more used to redhat myself - in a way I am almost sad we are migrating to redhat instead of current AIX.  You have got to be the single most helpful, and knowledgeable SME I have ever had the pleasure of getting help from in ANY forum.  You have saved me so many times while I have been working with this ancient AIX 5.1 box over the last year and a half. You are more helpful than IBM's support!

Since you seem to be such an AIX expert, I am guessing I wont see you as much, when my questions begin to be about redhat/general linux questions.  

Anyway -- THANKS for ALL your help, not just in this thread, but all my AIX threads.  You are awesome!

0
 
woolmilkporcCommented:
Good luck to you and thanks for the nice compliments!

I'm not quite unfamiliar with Linux, mabe wel'll meet again!

All the best and always have fun!

Norbert (the wmp)





0
 
XetroximynAuthor Commented:
Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.