 Questions
and Answers
Amy Rich
Q We have a bunch of Sun machines
that we install via Jumpstart. When a new version of Solaris comes
out, we download the ISO images and build a new Jumpstart image
from them. Since new versions only come out four times a year, it
isn't too painful to do this by hand. Lately, though, we've been
exploring Solaris 10 via Solaris Express as well as keeping up with
the latest production releases. It's become annoying to install
each set of disk images by hand now that we do it so frequently.
I was wondering whether someone had already written a script to
accomplish this before we attempted to (re)invent the wheel.
A Because I regularly build Jumpstart
servers for various clients, I came up with a script some time back
that does everything but download the ISO images for you (see Listing
1). The script is under a BSD-style license, so feel free to modify
and distribute it as described.
Q We have a newly installed HP/UX
11.00 machine on our network. After a few minutes of uptime, it
suddenly falls off the network. If the machine is rebooted, it gets
another few minutes of connectivity. As far as I can tell, the configuration
is fine and there's nothing running from cron or at
that would kill the connection. I realize that this question is
thin on details, but I'm really at a loss here.
A Without some debugging details
(output from netstat, ndd, ps, tcpdump, etc.) it's difficult to
make an accurate diagnosis. My first guess would be that your HP
machine is performing Dead Gateway Detection and cannot ping the
gateway. Perhaps you've turned off ICMP for security reasons? Dead
Gateway Detection relies on section 4.3.3.6 of RFC1918, which states:
4.3.3.6 Echo Request/Reply
A router MUST implement an ICMP Echo server function that receives
Echo Requests sent to the router, and sends corresponding Echo Replies.
A router MUST be prepared to receive, reassemble and echo an ICMP
Echo Request datagram at least as the maximum of 576 and the MTUs
of all the connected networks.
The Echo server function MAY choose not to respond to ICMP echo
requests addressed to IP broadcast or IP multicast addresses.
A router SHOULD have a configuration option that, if enabled,
causes the router to silently ignore all ICMP echo requests; if
provided, this option MUST default to allowing responses.
Looking at tcpdump output will verify whether this is the issue
or not. You'll see the HP trying to send ICMP packets to the gateway
about every three minutes. If it receives no response, the HP assumes
that the route is dead and disables it. To work around this, use
ndd to disable Dead Gateway Detection:
ndd -set /dev/ip ip_ire_gw_probe 0
To make this change persist through a reboot, modify /etc/rc.config.d/nddconf
as follows:
TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_ire_gw_probe
NDD_VALUE[0]=0
This information is available from the HP technical knowledge base
at:
http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062684449 Q I have an AIX machine
that has no tape device. I want to create a backup image for disaster
recovery purposes, but I'm not really sure how to go about it. Can
I still use mksysb or do I need to use something like Sysback
or Storix?
A As long as you have a tape or
writable CD/DVD drive on another machine, you can create a mksysb
image on disk and then move it to the desired media. You can NFS
mount a partition from a central server or transfer the mksysb
file to another machine after the fact. The command to create the
image would be:
mksysb -e -i -X /path/to/mksysb-image-name
If you're keeping a number of images in a centralized location, such
as a NIM master, I suggest including the hostname and date as part
of the filename. Sysback or Storix would also be viable alternatives
to mksysb.
Q I just upgraded all of my ports
using:
portupgrade -a -b
When I check the port versions of everything that's now installed
using:
portversion -v
it claims that the version I have installed is newer than the
port version. This makes no sense, because I can't have upgraded to
a version that's newer than what's available via the ports collection.
I'm wondering whether I corrupted something when I did the upgrade.
A After you do a cvsup to update
the ports collection, be sure to run:
portsdb -Uu
The portupgrade utility relies on the file /usr/ports/INDEX being
up to date. Since this file is only rebuilt on the cvsup servers every
month or so, the version numbers of individual ports can appear out
of date. Running portsdb -uU rebuilds the INDEX so that it
contains the current information culled from the actual ports. The
same effect can be achieved by doing:
cd /usr/ports
make index
Amy Rich, president of the Boston-based Oceanwave Consulting,
Inc. (http://www.oceanwave.com), has been a UNIX systems
administrator for more than 10 years. She received a BSCS at Worcester
Polytechnic Institute, and can be reached at: qna@oceanwave.com. | 
