Re: HACMP 5.3 relies over /etc/hosts files!?
- From: Alexandre Sato <alexandre.sato@xxxxxxxxxxxxxx>
- Date: Thu, 30 Mar 2006 18:29:12 -0300
Marlon,
Just think about:
Which is most probable: /etc/hosts file damaged or DNS communication
failure?
The reason why is recommended to have all IP addresses defined @
/etc/hosts file over all cluster nodes is because in any given moment when
you lost DNS services (through network), you (and so the cluster) become
unable to resolve the many IP addresses.
My recommendation for /etc/netsvc.conf:
hosts=local,bind
This configuration should force name resolution through /etc/hosts first ,
and then DNS.
MARLON BORBA <MBORBA@xxxxxxxxxxx>
Sent by: IBM AIX Discussion List <aix-l@xxxxxxxxxxxxx>
30/03/2006 18:03
Please respond to IBM AIX Discussion List
To: aix-l@xxxxxxxxxxxxx
cc:
Subject: HACMP 5.3 relies over /etc/hosts files!?
Dear AIX gurus,
Reading the "HACMP Cookbook" [1] I've found a surprising statement:
"It is good practise to have all the above IP addresses defined in
/etc/hosts file and this file the same on all nodes in the cluster. There
is certainly no requirement to use fully qualified names. While HACMP is
processing network changes, the NSORDER variable is set to local (i.e.,
pointing to /etc/hosts), however it is also good practice to set this in
/etc/netsvc.conf."
Does it mean that in a HACMP cluster one should not use DNS-resolvable
names? What if for some reason the /etc/hosts is damaged or compromised?
[1] http://www.redbooks.ibm.com/redbooks/pdfs/sg246769.pdf
Abraços,
Marlon Borba, CISSP.
--
Se você acha que a criptografia pode resolver
todos os seus problemas de segurança,
então você não conhece os seus problemas
e nem a criptografia.
(Bruce Schneier)
--
---------------------------------------------------------------------------
This message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorised use or dissemination of this message in whole or in part is strictly prohibited. Please note that e-mails are susceptible to change. ABN AMRO Bank N.V, which has its seat at Amsterdam, the Netherlands, and is registered in the Commercial Register under number 33002587, including its group companies, shall not be liable for the improper or incomplete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that the integrity of this communication has been maintained nor that this communication is free of viruses, interceptions or interference.
---------------------------------------------------------------------------
- References:
- HACMP 5.3 relies over /etc/hosts files!?
- From: MARLON BORBA
- HACMP 5.3 relies over /etc/hosts files!?
- Prev by Date: HACMP 5.3 relies over /etc/hosts files!?
- Next by Date: Re: HACMP 5.3 relies over /etc/hosts files!?
- Previous by thread: HACMP 5.3 relies over /etc/hosts files!?
- Next by thread: Re: HACMP 5.3 relies over /etc/hosts files!?
- Index(es):
Relevant Pages
|
|
