The following table and figure describe the spare SSP network configuration.
Table 3–5 Spare SSP Network ConfigurationSubnet | Name | Description |
---|---|---|
Primary | Domain Subnet or dom_subnet | Both SSPs and the domains |
Second | Control Board Subnet 0 or cb0_subnet | Both SSPs and the first control board |
Third | Control Board Subnet 1 or cb1_subnet | Both SSPs and the second control board |
In Figure 3–3, the Built-in port on the main SSP and the spare SSP is le0 for a Sparcstation 5 and hme0 for a Sun Ultra 5 and a Sun Enterprise 250 system.
This procedure provides instructions for configuring your SSP network in one of the three configurations discussed earlier in this chapter.
Log in to the SSP as a user who can assume the root role and assume it.
Do the following steps in the role root at label admin_low
.
Using the Admin Editor action from the System_Admin folder in the Application Manager, create the /etc/hostname.* configuration files.
If you need to view your network controllers, use ifconfig -a.
For example, if you are using a QuadFastEthernetTM (QFE) card, model 1049A, in the two-subnet, three-subnet, or spare SSP network configuration on a Sun Ultra 5, you need the following files:
/etc/hostname.qfe0 — contains the current SSP host name; it configures the primary subnet, dom_subnet.
/etc/hostname.hme0 — contains ssp_hostname-hme0; it configures the second subnet, cb0_subnet.
/etc/hostname.qfe1 — contains ssp_hostname-qfe1; it configures the third subnet, cb1_subnet.
File Name | File Contents |
---|---|
/etc/hostname.qfe0 | xf4-ssp |
/etc/hostname.hme0 | xf4-ssp-hme0 |
/etc/hostname.qfe1 | xfe-ssp-qfe1 |
Set the contents of the defaultrouter file to the IP address of the primary network interface:
ssp# echo primary_network_IP_address > /etc/defaultrouter |
Manually update your name service hosts registry to include the host names and IP addresses of your control board(s) and other hosts, such as domains and the SSP.
This can involve updating the Network Information Service (NIS or NIS+), or the /etc/hosts file, or the Domain Name Service (DNS).
The following example shows the typical modifications for an /etc/hosts file:
# Internet host table 127.0.0.1 localhost 0.0.0.0 tsol_default # Entries for dom_subnet. www.xxx.yyy.zzz domain1_hostname www.xxx.yyy.zzz domain2_hostname ... www.xxx.yyy.zzz domainn_hostnname(n is the number of domains) # # Entries on both ssp's. # NOTE : On the spare SSP, make sure “loghost” # belongs to the spare. # www.xxx.yyy.zzz main_ssp_hostname loghost www.xxx.yyy.zzz spare_ssp_hostname # # The next three entries need to be on cb0_subnet. # www.xxx.yyy.zzz main_ssp_hostname-hme0 www.xxx.yyy.zzz spare_ssp_hostname-hme0 www.xxx.yyy.zzz cb0_hostname # # The next three entries need to be on cb1_subnet. # www.xxx.yyy.zzz main_ssp_hostname-qfe1 www.xxx.yyy.zzz spare_ssp_hostname-qfe1 www.xxx.yyy.zzz cb1_hostname
Here is an example of a main SSP's /etc/hosts file. In this example, the SSP is configured as follows:
xf4 and xf4-b3 are host domains.
xf4-ssp is the main SSP and xf4-ssp1 is the spare SSP.
xf4-cb0 and xf4-cb1 are the host names for the two control boards.
#/etc/hosts # 127.0.0.1 localhost 0.0.0.0 tsol_default #dom_subnet (www.xxx.49.zzz). The 49 subnet # 129.153.49.8 xf4 129.153.49.9 xf4-b3 129.153.49.113 xf4-ssp loghost 129.153.49.114 xf4-ssp1 # #cb0_subnet (www.xxx.151.zzz). The 151 subnet # 129.153.3.113 xf4-ssp-hme0 129.153.3.114 xf4-ssp1-hme0 129.153.3.123 xf4-cb0 # #cb1_subnet (www.xxx.152.zzz). The 152 subnet # 129.153.152.113 xf4-ssp-qfe1 129.153.152.114 xf4-ssp1-qfe1 129.153.152.127 xf4-cb1
The /etc/hosts file is a link to the /etc/inet/hosts file.
The SSP and the host domains must be on the same subnet so you can boot domains from the network.
Manually update your name service ethers registry to include the Ethernet addresses for the domain(s), SSP(s), and control board(s).
You need to update a NIS+ table, a NIS map, or the /etc/ethers file. For example:
08:00:20:ac:5b:ba xf4-ssp 08:00:20:b0:64:78 xf4-ssp1 00:00:be:a6:55:88 xf4 00:00:be:a6:6f:89 xf4-b3 00.00.be.01.00.1e xf4-cb0 00.00.be.01.00.57 xf4-cb1
The Ethernet address of the control board(s) is located on the front of each control board.
Update the tnrhdb(4) file to indicate the template for the SSP(s), domain(s), control board(s) and interface(s).
Follow the procedure outlined in Trusted Solaris Installation and Configuration Guide. For example, if the E10000 is configured as follows:
Main SSP |
xf4-ssp (129.153.49.113)Is running the Trusted Solaris 8 operating environment. |
Interfaces |
xf4-ssp-hme0 (129.153.3.113) |
xf4-ssp-qfe1 (129.153.152.113) |
|
Spare SSP |
xf4-ssp1 (129.153.49.114)Is running the Trusted Solaris 8 operating environment. |
Interfaces |
xf4-ssp1-hme0 (129.153.3.114) |
xf4-ssp1-qfe1 (129.153.152.114) |
|
Domain1 |
xf4 (129.153.49.8)Is running the Trusted Solaris 8 operating environment. |
Domain2 |
xf4-b3 (129.153.49.9)Is running the Solaris 8 operating environment. |
Control boards |
xf4-cb0 (129.153.3.123) |
xf4-cb1 (129.153.152.127) |
The tnrhdb entries for SSP xf4–ssp (129.153.49.113) are:
# /etc/security/tsol/tnrhdb # # Assume that templates confidential and tsol are defined in the tnrhtp database. # 127.0.0.1:tsol 0.0.0.0:confidential 129.153.49.113:tsol 129.153.3.113:tsol 129.153.152.113:tsol 129.153.49.114:tsol 129.153.3.114:tsol 129.153.152.114:tsol 129.153.49.8:tsol 129.153.49.9:confidential 129.153.3.123:confidential 129.153.152.127:confidential
If there are other Solaris or Trusted Solaris machines that the SSP needs to communicate with, they also need to be viewed by the SSP using the correct template. This would require additional entries in this /etc/security/tsol/tnrhdb file.
Depending on the site's configuration, you might also need to update tnrhdb files on other Trusted Solaris machines so that they can communicate with the freshly installed SSP using the correct template.
Using the Admin Editor, update the /etc/inet/netmasks file.
If the netmasks file does not contain the netmask for all the network numbers used in the /etc/inet file.
For example, if the /etc/hosts file defines the control boards to be:
10.100.100.100 ctrl_brd_0 10.100.101.100 ctrl_brd_1The /etc/inet/netmasks file would need to have two entries:
10.100.100.0 255.255.255.0 10.100.101.0 255.255.255.0
Using the Admin Editor, update the /etc/default/login file to allow remote login to the root role from any workstation.
Comment out the CONSOLE=/dev/console line in the /etc/default/login file, as in:
#CONSOLE=/dev/console |
Requirements for remote login are discussed in greater detail in “Remote Administration Options” in Trusted Solaris Administrator's Procedures.
Using the Name Service Switch action, edit the /etc/nsswitch.conf file on the main SSP and the spare SSP.
If you are using local configuration files, the lines in the /etc/nsswitch.conf files are similar to the following example:
hosts: files ethers: files netmasks: files bootparams: files tnrhtp: files tnrhdb: files auth_attr: files prof_attr: files
For NIS+, the lines in the file should look like the following:
hosts: files nisplus ethers: files nisplus netmasks: files nisplus bootparams: files nisplus tnrhtp: nisplus files tnrhdb: nisplus files auth_attr: files nisplus prof_attr: files nisplus
For NIS, the lines in the file should look like the following:
hosts: files nis ethers: files nis netmasks: files nis bootparams: files nis tnrhtp: nis files tnrhdb: nis files auth_attr: files nis prof_attr: files nis
The name service information (NIS+ and NIS) is dependent on your network configuration.
Reboot the SSP.