5.2. Implementation
There are four ways to integrate NIS with DNS, each of which is
described in more detail in the following subsections.
5.2.1. Run NIS without DNS on client and server
This is the default for many systems, including Solaris. In this
approach, the name services switch file,
nsswitch.conf, is set up so that
nis and files are the only
directory services listed in the hosts entry of
the nsswitch.conf file. The NIS server is
configured (by default) to not use DNS to resolve hostnames not found
in the hosts map.
5.2.2. Run NIS on client, enable DNS on NIS server
Use the NIS maps first, then go to DNS for
hostnames
that aren't managed by NIS. This is done using a special flag
in the NIS hosts map.
NIS is forced to query DNS for hostnames not found in the hosts map
if the map is built with the "Inter-Domain" key. The
NIS-then-DNS algorithm is embedded in the implementation of
ypserv. This means that individual NIS clients
don't need to know about the DNS; only the NIS servers will be
calling DNS for non-local hostnames.
In the NIS
Makefile, add the
-b flag to the
makedbm
script for the
hosts.byname and
hosts.byaddr maps, which will cause the
YP_INTERDOMAIN key to be added to the
hosts maps. In Solaris, this is done by changing
the following lines in
/var/yp/Makefile from:
#B=-b
B=
to:
B=-b
#B=
If a hostname is not found in the NIS map, the
YP_INTERDOMAIN key
instructs NIS to look up the name with
the domain name server. Instead of immediately returning an error
indicating that the hostname key was not found,
ypserv asks the DNS server to look up the
hostname. If DNS cannot find the name, then
ypserv returns an error to the client. However,
if the DNS server locates the hostname, it returns the IP address
information to
ypserv, and
ypserv returns it to the client. Integration of
NIS and DNS is completely invisible to the client in terms of calling
interfaces: all of the work is done by
ypserv on
the NIS server.
NIS servers locate DNS servers through the
resolver interface, which relies on information
in the
/etc/resolv.conf configuration file. The
resolver configuration file should point to at least two DNS servers
to provide redundancy in case one DNS server becomes unavailable:
nameserver 130.1.52.28
nameserver 130.1.1.15
The
nameserver keyword is used to identify the
IP address of a DNS server. The servers are listed by IP address,
since hostnames are dependent on the very mechanism being configured
by this file. Set up a
resolv.conf file on every
NIS server.
5.2.3. Run DNS on NIS clients and servers
In this approach, NIS clients and servers ignore NIS
for hostnames and use only DNS.
Given that DNS is a full-service hostname management system, some
network managers choose to eliminate the NIS hosts map file and use
pure DNS service for hostnames and IP addresses. On some systems, a
new version of
gethostent( ) is
required
that skips the NIS query and directly calls
the DNS
resolver routines
for hostname lookups. Check with your
vendor for instructions on how to do this. In Solaris, the name
services switch can be used to set the hosts lookups to just DNS. If
you disable NIS hostname management and use DNS alone, you'll
need to set up a
resolv.conf file on
every host in the network, so that they can find
DNS servers.
The main argument for using DNS only is that it consolidates hostname
management under one distributed service, instead of having it split
across two services. The drawbacks to this approach are that each
host is then dependent upon both an NIS and a DNS server for normal
operation (if NIS is running), and a reliable DNS server or
sufficient resolver information is required to make each small
network self-supporting. Widespread use of DNS to replace NIS host
maps suffers from the same server availability problems that NIS does
-- the entire network is dependent upon reliable
and well-behaved
servers.
5.2.4. Run NIS on client, enable DNS on NIS client
In this approach, the name services switch file,
nsswitch.conf, is
set up so that both
nis and
dns appear in the
hosts entry of the
nsswitch.conf file. The host maps should not
have the "Inter-Domain" key enabled since all that will
do is
result in
hostname resolutions via DNS occurring twice: once in the NIS client
and once in the NIS server.
 |  |  |
| 5. Living with Multiple Directory Servers |  | 5.3. Fully qualified and unqualified hostnames |
