Subject: Setting up a SPARCstation network on the Internet. I read the file Setting-up-a-Sparc.txt. This is good for the basics but lacks a lot of the more up-to-date info needed in order to get a complex system going. I run this on a SPARCstation 2, with a local net of a further SPARCstation 1+, and a dozen or so PCs, which are used as X servers over a local Ethernet. I also use NIS locally, and cross-mount NFS disks on the two SPARCs, as well as NFS to the PCs. Thus, a lot of complex local traffic, and a local net which I don't want advertised to the Internet when I'm connected! We use SunOS 4.1.2. If you have a unix box, cut the following out and pipe through "nroff -e -ms | more", if not, ignore the nroff macros! Please feel free to correct, embellish or ignore, and excuse my awful nroff formatting, I don't have much experience with it. regards, Phil. MEJ Electronics Ltd. phil@mejsun.demon.co.uk ---------------------8<-------------------------8<-------------------- .nr LL 18c .pl 29.7c .nr PO 2c .ND .TL Connecting a SPARC network to Demon Internet Services .AU Philip D.P. Brown .AI MEJ Electronics Ltd. .AB This short note gives some hints to someone wishing to connect a local network to demon. .AE .NH Caveat .PP Please Note: No responsibility or liability is implied in any of this document. .NH Introduction .PP I am a much beleaguered System Administrator, my background is really hardware not software, so please excuse the quality of any code I have included. .NH Getting Started .PP To get a first link set up please see the file Setting-up-a-Sparc.txt. Once this is done you have ftp access on the Internet and the world is your oyster! .NH Software you will need .DS B +5 dp-2.3 - Dialup-PPP version 2.3 gated-2.1 - Gated version 2.1 .DE .NH How to get it .PP To get this software contact src.doc.ic.ac.uk, which is an ftp site, ie an on-line database which stores available shareware. When logging in to an ftp site use the login "ftp", then use your Internet address (text) as the password. .NH Dialup-PPP .PP I use Dialup-PPP version 2.3. The version at gate isn't yet up-to-date so get a suitable source from src.doc.ic.ac.uk and down-load it. The file you need is called "dp-2.3.tar.Z" and is at present kept in /pub/computing/comms/tcpip/ppp-2.2-beta . Uncompress it and extract the files from the tar format source. This is a reasonably good piece of code, and it has a number of distinct advantages over the basic ppp software: .DS B +5 a) - Being Dial-up it connects to demon 'on-demand'. b) - It has 'loadable' streams modules, ie no kernel rebuild! c) - It supports multiple interfaces and 'rotaries'. d) - All configuration info is stored in central files. .DE .PP I built dp pretty much 'out-of the-box'. .NH Dialup-PPP configuration .PP This is quite easy. My files are as follows: /etc/dp/conf .DS B +5 # # PPP Interfaces # IF=dp0 SYS=gate MODEMS=microlin PHONE=0813434848 LOGIN_SCRIPT=gate-login LOGIN_ARGS=mejsun,xxxxxxx LOGIN=ppp TRACE=gate ACCESS=internet # # Modems # MODEM=microlin DEV=cua0 BAUD=19200 DIAL_SCRIPT=microlin-dial .DE .PP Adjust the above for your local modem needs, and relevant login id and password. /etc/dp/dp-if .DS B +5 # dp0 mejsun-dp0 gate-dp0 .DE .PP The above is neat. It means that your interface numbers are set up in /etc/hosts, as follows: /etc/hosts .DS B +5 # # Sun Host Database # # If the NIS is running, this file is only consulted when booting # 127.0.0.1 localhost # # mej network - local, don't advertise # 89.1.2.0 ibmpc0 89.1.2.1 ibmpc1 89.1.2.2 ibmpc2 89.1.2.3 ibmpc3 89.1.2.4 ibmpc4 89.1.2.5 ibmpc5 89.1.2.6 mejsun sun1 loghost mailhost dumphost 89.1.2.7 ibmpc7 89.1.2.8 ibmpc8 89.1.2.9 ibmpc9 89.1.2.10 ibmpc10 89.1.2.11 sun2 89.1.2.12 ibmpc12 # # gateway to Internet # 158.152.1.65 gate gate-dp0 158.152.8.148 mejsun-gate mejsun sun1 mejsun-dp0 .DE .PP You will have to adapt the above to your local needs wrt IP addresses and hostnames. .PP The following is a bit odd. I used a standard dial script for the microlin-dial file (wb-dial), but the login file didn't work. The reason is a bug in SCO which requires a delay between the login prompt and the login id being returned. /usr/dp/script/gate-login .DS B +5 ## ## Login to a Unix machine as username $1 with password $2. { alternate recv "ogin:" 10 alternate log "Sending return to get first login prompt" xmit "\\r" recv "ogin:" 5 alternate log "Sending return to get first login prompt" xmit "\\r" recv "ogin:" 5 alternate log "Sending break to get first login prompt" xmit "\\#\\r" recv "ogin:" 5 alternate log "Sending break to get first login prompt" xmit "\\#" recv "ogin:" 5 alternate log "Sending break to get first login prompt" xmit "\\#\\r" recv "ogin:" 5 } ## dummy look for word twice to fake a delay ## this sequence is used below wherever the id is required { alternate recv "word:" 3 alternate mark xmit "$1\\r" } { alternate recv "assword:" 35 alternate log "Sending break to get second login prompt" xmit "\\#" { alternate recv "ogin:" 10 alternate log "Sending break to get second login prompt" xmit "\\#" recv "ogin:" 10 } { alternate recv "word:" 3 alternate mark xmit "$1\\r" } { alternate recv "assword:" 20 alternate log "Sending break to get third login prompt" xmit "\\#" { alternate recv "ogin:" 10 alternate log "Sending break to get third login prompt" xmit "\\#" recv "ogin:" 10 } { alternate recv "word:" 3 alternate mark xmit "$1\\r" } recv "assword:" 10 } } mark xmit "$2\\r" { alternate recv "otocol:" 20 xmit "rfc1172\\r" recv "HELLO" 60 go alternate replay recv "ogin: " 5 alternate log "Sending break to get login prompt after failed login" xmit "\\#" recv "ogin:" 15 } { alternate recv "word:" 3 alternate mark xmit "$1\\r" } { alternate recv "assword:" 10 alternate log "Sending break to get second login prompt after failed login" xmit "\\#" { alternate recv "ogin:" 10 alternate log "Sending break to get second login prompt after failed login" xmit "\\#" recv "ogin:" 10 } { alternate recv "word:" 3 alternate mark xmit "$1\\r" } recv "assword:" 10 } mark xmit "$2\\r" recv "otocol:" 20 xmit "rfc1172\\r" recv "HELLO" 60 go .DE .PP The loadable module scripts take care of ifconfig stuff, so all that needs to be done is add the startup command to your rc.local file as given in the documentation: .DS B +5 if [ -f /usr/dp/modules/startdp ] ; then /usr/dp/modules/startdp echo "Starting Dialup PPP Daemon" fi .DE .PP I put this just before the 'ifconfig -a' command which is there just to list all the available interfaces. .PP Almost ready to go but.... .NH Gated .PP There is a catch to all the above. SunOS uses a network router called in.routed, and a routeing protocol called RIP. This all works OK with the above except that RIP packets are sent to all known interfaces by the router every 30 seconds. Again this is OK, except that with Dialup- PPP that means a call to demon every 30 seconds... .PP Therefore, if you want a router, and I do, you have to use something else, ie gated. .NH Getting gated .PP This is also available from src.doc.ic.ac.uk, in, at present, the file "gated-2.1.tar.Z" in /pub/computing/comms/gated. .NH Using gated .PP I used it straight "out-of-the-box". There is some good documentation, although there is one area of complexity I fell over, the gated.conf file. This is kept in /etc by default, and I couldn't seem to get it right. The problem is that you may get error messages out of the initialisation sequence until gated has contacted your default gateway machine (gate at demon in this case). You should ignore these unless they persist. I got useful help from the program authors in the US via email. The documentation for gated includes info on how to contact them. .PP My configuration file looks like this: /etc/gated.conf .DS B +5 # # Config file for gated on mejsun # # tracefile "/var/tmp/gated.trace" replace ; traceoptions internal external route rip update hello icmp kernel ; interface all passive ; # Don't time out my interfaces # # rip on all but serial interfaces # rip supplier { interface dp0 noripout noripin ; } ; # # static routes for PPP links # static { default gateway 158.152.1.65 ; # default interface to gate } ; propagate proto rip { # # propagate all learned via rip # proto rip ; } ; .DE .PP The above should work in most cases. To run, just replace the in.routed command in rc.local with the gated command. .NH Mail .PP As I have a local net, and don't want any of the local addresses or hostnames advertised, I have a rather unusual sendmail.cf file. It is based on the standard file /usr/lib/sendmail.subsidiary.cf, additions and edits are highlighted by comments starting with #> in the following text: /etc/sendmail.cf .nr PO 0 .LD # # SENDMAIL CONFIGURATION FILE FOR mejsun # # local UUCP connections -- not forwarded to mailhost CV # my official hostname #> in short hostname only format Dj$w #aliases for hostname Cw sun1 mejsun mailhost #> MEJ hosts #> build a special class of hosts which are on the local net #> so that local mail gets different headers from Internet mail, #> and local destinations are not advertised to the Internet. #> The list is built from the NIS database, though /etc/hosts would do. #> hosts.mej.awk is a single line file: #> /89.1.2./ {for (i=2;i<=NF;i++) print $i} FO | ypcat hosts | awk -f /etc/hosts.mej.awk #> major relay mailer - is the Internet DMinet #> major relay host DRpost.demon.co.uk CR post.demon.co.uk ################################################# # # General configuration information #> Dm defines outgoing domain name, only used for Internet destinations #> Cm defines valid domain names for incoming mail, ie local net and #> Internet domain names Dmdemon.co.uk Cm mej.co.uk demon.co.uk # Version number of configuration file DVSMI-4.1 ### Standard macros # name used for error messages DnMailer-Daemon # UNIX header format DlFrom $g $d # delimiter (operator) characters Do.:%@!^=/[] #> format of a total name bracketed with <> Dq$?x$x <$g@$w.$m>$|$g$. # SMTP login message De$j Sendmail $v/$V ready at $b ### Options # Remote mode - send through server if mailbox directory is mounted OR # location of alias file OA/etc/aliases # default delivery mode (deliver in background) Odbackground # rebuild the alias file automagically OD # temporary file mode -- 0600 for secure mail, 0644 for permissive OF0600 # default GID Og1 # location of help file OH/usr/lib/sendmail.hf # log level OL9 # default messages to old style Oo # Cc my postmaster on error replies I generate OPPostmaster # queue directory OQ/usr/spool/mqueue # read timeout for SMTP protocols Or15m # status file -- none OS/etc/sendmail.st # queue up everything before starting transmission, for safety Os # return queued mail after this long OT3d # default UID Ou1 ### Message precedences Pfirst-class=0 Pspecial-delivery=100 Pjunk=-100 ### Trusted users T root daemon uucp ### Format of headers #> explicit header "return path" for Internet mail H?P?Return-Path: <$g@$w.$m> #> don't advertise local net, therefore no "received from" section # HReceived: $?sfrom $s $.by $j.$m ($v/$V) # id $i; $b H?D?Resent-Date: $a H?D?Date: $a H?F?Resent-From: $q H?F?From: $q H?x?Full-Name: $x HSubject: #> explicit header "message ids" for Internet mail H?M?Resent-Message-Id: <$t.$i@$w.$m> H?M?Message-Id: <$t.$i@$w.$m> HErrors-To: #> special MEJ headers for local mail H?J?Return-Path-local: <$g> H?J?From-local: $g H?J?Resent-From-local: $g H?J?Resent-Message-Id-local: <$t.$i@$j> H?J?Message-Id-local: <$t.$i@$j> ########################### ### Rewriting rules ### ########################### # Sender Field Pre-rewriting S1 # None needed. # Recipient Field Pre-rewriting S2 # None needed. # Name Canonicalization # Internal format of names within the rewriting rules is: # anything<@host.domain.domain...>anything # We try to get every kind of name into this format, except for local # names, which have no host part. The reason for the "<>" stuff is # that the relevant host name could be on the front of the name (for # source routing), or on the back (normal form). We enclose the one that # we want to route on in the <>'s to make it easy to find. # S3 # handle "from:<>" special case R$*<>$* $@@ turn into magic token # basic textual canonicalization R$*<$+>$* $2 basic RFC822 parsing # make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later R@$+,$+:$+ @$1:$2:$3 change all "," to ":" R@$+:$+ $@$>6<@$1>:$2 src route canonical R$+:$*;@$+ $@$1:$2;@$3 list syntax R$+@$+ $:$1<@$2> focus on domain R$+<$+@$+> $1$2<@$3> move gaze right R$+<@$+> $@$>6$1<@$2> already canonical # convert old-style names to domain-based names # All old-style names parse from left to right, without precedence. R$-!$+ $@$>6$2<@$1.uucp> uucphost!user R$-.$+!$+ $@$>6$3<@$1.$2> host.domain!user R$+%$+ $@$>3$1@$2 user%host # Final Output Post-rewriting S4 R$+<@$+.uucp> $2!$1 u@h.uucp => h!u R$+ $: $>9 $1 Clean up addr R$*<$+>$* $1$2$3 defocus # Clean up an name for passing to a mailer # (but leave it focused) S9 R$=w!@ $@$w!$n R@ $@$n handle <> error addr R$*<$*LOCAL>$* $1<$2$m>$3 change local info R<@$+>$*:$+:$+ <@$1>$2,$3:$4 canonical ####################### # Rewriting rules # special local conversions S6 R$*<@$*$=m>$* $1<@$2LOCAL>$4 convert local domain # Local and Program Mailer specification #> add J option to define MEJ headers, and delete F,M and P Mlocal, P=/bin/mail, F=rlsDJmn, S=10, R=20, A=mail -d $u Mprog, P=/bin/sh, F=lsDJeu, S=10, R=20, A=sh -c $u S10 # None needed. S20 # None needed. ############################################################ ##### ##### Ethernet Mailer specification ##### ##### Messages processed by this configuration are assumed to remain ##### in the same domain. This really has nothing particular to do ##### with Ethernet - the name is historical. #> add J option to define MEJ headers, and delete F and M #> don't add hostname, we don't care Mether, P=[TCP], F=msDJuCX, S=21, R=21, A=TCP $h S21 # None needed. ########################################################## # General code to convert back to old style UUCP names S5 R$+<@LOCAL> $@ $w!$1 name@LOCAL => sun!name R$+<@$-.LOCAL> $@ $2!$1 u@h.LOCAL => h!u R$+<@$+.uucp> $@ $2!$1 u@h.uucp => h!u R$+<@$*> $@ $2!$1 u@h => h!u # Route-addrs do not work here. Punt til uucp-mail comes up with something. R<@$+>$* $@ @$1$2 just defocus and punt R$*<$*>$* $@ $1$2$3 Defocus strange stuff # UUCP Mailer specification Muucp, P=/usr/bin/uux, F=msDFMhuU, S=13, R=23, A=uux - -r -a$f $h!rmail ($u) # Convert uucp sender (From) field S13 R$+ $:$>5$1 convert to old style R$=w!$+ $2 strip local name R$+ $:$w!$1 stick on real host name # Convert uucp recipient (To, Cc) fields S23 R$+ $:$>5$1 convert to old style ############################################## #> gate Internet mailer #> as many Internet mail hosts bounce messages > 100k, bounce #> them locally to save time Minet, P=[TCP], F=mnDFMpuLX, S=22, R=21, A=TCP $h, M=100000 #> The following is a ruleset to handle the local MEJ network #> and build the correct Internet sending hostname S22 R$*<@LOCAL>$* $:$1 R$+<@$-.LOCAL>$* $1 $3 if local domain strip R$+<@$+.$*>$* $@<$1@$2.$3>$4 already ok R$+<@$+>$* $@<$1@$2.$m>$3 tack on our domain R$- $@<$1@$j.$m> tack on our host.domain ##### RULESET ZERO PREAMBLE # Ruleset 30 just calls rulesets 3 then 0. S30 R$* $: $>3 $1 First canonicalize R$* $@ $>0 $1 Then rerun ruleset 0 S0 # On entry, the address has been canonicalized and focused by ruleset 3. # Handle special cases..... R@ $#local $:$n handle <> form # Earlier releases special-cased the [x.y.z.a] format, but SunOS 4.1 or later # should handle these properly on input. # now delete redundant local info R$*<$*$=w.LOCAL>$* $1<$2>$4 thishost.LOCAL R$*<@LOCAL>$* $1<@$m>$2 host == domain gateway R$*<$*$=w.uucp>$* $1<$2>$4 thishost.uucp R$*<$*$=w>$* $1<$2>$4 thishost # arrange for local names to be fully qualified #> and append MEJ to local destinations R$*<@$%y>$* $1<@$2.LOCAL>$3 user@etherhost R$*<@$=O.LOCAL>$* $1<@$2.MEJ>$3 user@etherhost.MEJ # For numeric spec, you can't pass spec on to receiver, since old rcvr's # were not smart enough to know that [x.y.z.a] is their own name. R<@[$+]>:$* $:$>9 <@[$1]>:$2 Clean it up, then... R<@[$+]>:$* $#ether $@[$1] $:$2 numeric internet spec R<@[$+]>,$* $#ether $@[$1] $:$2 numeric internet spec R$*<@[$+]> $#ether $@[$2] $:$1 numeric internet spec R$*<$*.>$* $1<$2>$3 drop trailing dot R<@>:$* $@$>30$1 retry after route strip R$*<@> $@$>30$1 strip null trash & retry ################################################ ### Machine dependent part of ruleset zero ### ################################################ # resolve names we can handle locally R<@$=V.uucp>:$+ $:$>9 $1 First clean up, then... R<@$=V.uucp>:$+ $#uucp $@$1 $:$2 @host.uucp:... R$+<@$=V.uucp> $#uucp $@$2 $:$1 user@host.uucp # optimize names of known ethernet hosts #> and send local messages via local mailer R$*<@$%y.MEJ>$* $#ether $@$2 $:$1<@$2>$3 user@host.MEJ #> send local Internet messages via Internet mailer R$*<@$%y.LOCAL>$* $#inet $@$2 $:$1<@$2>$3 user@host.remote # other non-local names will be kicked upstairs R$+ $:$>9 $1 Clean up, keep <> #> send Internet stuff to the Internet R$*<@$+>$* $#inet $@$R $:$1<@$2>$3 user@some.where R$*@$* $#$M $@$R $:$1<@$2> strangeness with @ # Local names with % are really not local! R$+%$+ $@$>30$1@$2 turn % => @, retry # everything else is a local name R$+ $#local $:$1 local names .DE .nr PO 2c .PP WARNING! I haven't done anything about uucp, so that part may well not work. I don't use uucp, once on the Internet why would you? .NH ADDENDA .PP I am now using Morning Star PPP, seems good and... I get support! Demon don't like dp - but I don't have any real evidence for their bias - I suspect that they may have had a bad experience on a non-Sun based machine. .PP I am also a registered domain "mej-uk.com", which incurred some setup problems, but my local net is now legal. If you are a registered domain you can get your gateway machine to accept mail directed at user@domain (no machine name) with the following change to sendmail.cf: .DS B +5 R$*<@LOCAL>$* $1<@$m>$2 host == domain gateway changes to : R$*<@LOCAL>$* $1<@$w>$2 host == domain gateway .DE