I'm having problems with two servers. Both machines are NIS server and both have two network interfaces. The problem is: from time to time, the ypbind client (which is set to broadcast for a server) finds ypserv on the 2nd network interface on the machine itself . Only, the private ip range on the 2nd network card is not listed in /var/yp/securenets, so ypserv is not responding on that interface. Thus the server is no longer functioning as a NIS client, and it requires root to log in at the console to restart ypbind to get things to work again. Now for one of the servers, I made a workaround by adding the 10.0.0.0 range to securenets. That was possible since that network is secure, it is a gigabit link to another server with tapeunit to make backups of the main server. After that adjustment, no more NIS glitches. Unfortunately, the 2nd network interface on the other server is connected to a wireless accesspoint (with iptables and NAT configured to connect laptops to the internet). Obviously, I don't want to add the wireless network to the securenets file and serve NIS maps to the wireless clients. Iptables doesn't catch this I think, since the connection comes from localhost. Does anyone know a better solution? Can ypbind be instructed to listen only on a specific IP address or only on eth0? Or can ypserv be instructed not to answer to broadcasts on networks that are not in securenets? David Jansen
