ypbind broadcast fails with timeout, ypserv not listening

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 6.2
  • libtirpc-0.2.1-5.el6

Issue

  • ypbind broadcast fails with timeout after upgrading to Red Hat Enterprise Linux 6.2

Resolution

  • Downgrade to the Red Hat Enterprise Linux 6.1 libtirpc-0.2.1-3.el6.x86_64 version
# yum downgrade libtirpc-0.2.1-3.el6 
Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager
Updating certificate-based repositories.
Setting up Downgrade Process
Resolving Dependencies
--> Running transaction check
---> Package libtirpc.x86_64 0:0.2.1-3.el6 will be a downgrade
---> Package libtirpc.x86_64 0:0.2.1-5.el6 will be erased
--> Finished Dependency Resolution
...

Root Cause

  • This appears to be a regression that was introduced in Red Hat Enterprise Linux 6.2
  • The workaround patch in Bug 829475 ypserv not responding to ypbind broadcast on Fedora 17 fixes all problems with (rpcbind-mediated) RPC broadcasts.
* Sat Jun 02 2012 Philippe Troin <phil@fifi.org> - 0.2.2-2.1.0.0.1
- Fix broadcast RPC forwarding.

diff -up libtirpc-0.2.2/src/svc_dg.c.debug libtirpc-0.2.2/src/svc_dg.c
--- libtirpc-0.2.2/src/svc_dg.c.debug   2012-04-24 15:49:35.445384482 +0200
+++ libtirpc-0.2.2/src/svc_dg.c 2012-04-24 15:50:47.474326672 +0200
@@ -245,8 +245,8 @@ svc_dg_reply(xprt, msg)
        xdr_results = msg->acpted_rply.ar_results.proc;
        xdr_location = msg->acpted_rply.ar_results.where;

-       msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
-       msg->acpted_rply.ar_results.where = NULL;
+       //msg->acpted_rply.ar_results.proc = (xdrproc_t)xdr_void;
+       //msg->acpted_rply.ar_results.where = NULL;
    } else
        has_args = FALSE;

@@ -254,7 +254,7 @@ svc_dg_reply(xprt, msg)
    XDR_SETPOS(xdrs, 0);
    msg->rm_xid = su->su_xid;
    if (xdr_replymsg(xdrs, msg) &&
-       (!has_args || (xprt->xp_auth &&
+       (1 || !has_args || (xprt->xp_auth &&
         SVCAUTH_WRAP(xprt->xp_auth, xdrs, xdr_results, xdr_location)))) {
        struct msghdr *msg = &su->su_msghdr;
        struct iovec iov;

Diagnostic Steps

  • Our systems use NIS for authentication
/etc/ypserv.conf is  unmodified 
/etc/yp.conf:

# Functional:
# domain nec-labs.com server 138.15.180.13
#
# Non-functional:
domain nec-labs.com broadcast

/var/yp/securenets:
host 127.0.0.1
255.255.0.0     138.15.0.0
255.255.255.0   172.25.79.0

/etc/sysconfig/network:
NETWORKING=yes
HOSTNAME=ns2
GATEWAY=138.15.180.254
NISDOMAIN=nec-labs.com
  • With this setup, ypbind --broadcast fails:
[root@ns2 ~]# cat /etc/yp.conf
# /etc/yp.conf - ypbind configuration file
#
# domain nec-labs.com server 138.15.180.13
domain nec-labs.com broadcast

[root@ns2 ~]# /etc/init.d/ypbind restart
Shutting down NIS service:                                 [  OK  ]
Starting NIS service:                                      [  OK  ]
Binding NIS service: ....                                  [FAILED]
  • Listening on ns1 for broadcasts during restart shows the broadcast, but no answer:
[root@ns1 ~]# tcpdump host 138.15.180.13
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
11:41:51.882102 IP ns2.40228 > 138.15.180.255.sunrpc: UDP, length 136
11:42:00.007341 IP ns2.36309 > 138.15.180.255.sunrpc: UDP, length 136
11:42:04.011449 IP ns2.36309 > 138.15.180.255.sunrpc: UDP, length 136
...
  • Switching to specified host succeeds:
[root@ns2 ~]# cat /etc/yp.conf
# /etc/yp.conf - ypbind configuration file
#
domain nec-labs.com server 138.15.180.13
# domain nec-labs.com broadcast
[root@ns2 ~]# /etc/init.d/ypbind restart
Shutting down NIS service:                                 [  OK  ]
Starting NIS service:                                      [  OK  ]
Binding NIS service: .                                     [  OK  ]
  • Run ypbind in debugging mode on the server and ypwhich on the client
# ypbind -d -broadcast

[nis-client] $ ypwhich
  • Test case has two remote ssh session; both logged in as root.
Session1 (ypbind):
[root@ns2 ~]# ypbind -d -broadcast
23476: add_server() domain: nec-labs.com, broadcast
23476: [Welcome to ypbind-mt, version 1.20.4]

23476: ping interval is 20 seconds

23478: NetworkManager is not running.

23479: do_broadcast() for domain 'nec-labs.com' is called
23476: ypbindproc_domain_2_svc (nec-labs.com)
23479: broadcast: RPC: Timed out.
23479: leave do_broadcast() for domain 'nec-labs.com'
23476: Pinging all active servers.
23476: do_broadcast() for domain 'nec-labs.com' is called
23476: trylock = failed


Session2 (ypwhich):
[root@ns2 ~]# ypwhich
ypwhich: Can't communicate with ypbind
[root@ns2 ~]#

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.