MultiNet V5.4 Install & Admin Guide Table of Contents
Preface
Contents of this Guide
Typographical Conventions
Obtaining Technical Support
Before Contacting Technical Support
Sending Electronic Mail
Calling Technical Support
Contacting Technical Support by Fax
Obtaining Online Help
MultiNet Frequently Asked Questions List
Accessing the MultiNet Public Mailing List
Process Software World Wide Web Server
Obtaining Software Patches Over the Internet
Documentation Comments
Installing and Upgrading MultiNet for OpenVMS
Step 1: Gather Information for the Installation
Step 2: Read the Release Notes
Step 3: Check OpenVMS and Versions
Step 4: Use the Correct Media
Step 5: Back up Your System Disk
Step 6: Reserve Sufficient Disk Space
Step 7: Log on as SYSTEM
Step 8: Ask Other Users to Log Off
Step 9: Update System Parameters
Step 10: Check the Location of the DCLTABLES.EXE File
Step 11: Review the MultiNet Directory Layout
Step 12: Load the PAK (Product Authorization Key)
Step 13: Run VMSINSTAL
Step 14: Establish an Initial Configuration
Step 15: Configure the IP Transport Over the Standard Network Interface
Step 16: Start the New Version of MultiNet
Step 17: Modify the System Startup Command Procedure
Step 18: Configure Services
Step 19: Add and Update User Exits
Step 20: Install MultiNet Commands in the DCLTABLES.EXE File
Step 21: Set Up the Online Documentation
Example Procedures
Installing a License PAK
Printing the Consolidated Release Notes
Sample Installation Dialog
Files That May be Added to Your System Disk
Removing MultiNet for OpenVMS
MultiNet Documentation and Online Help
The MultiNet Documentation Set
MultiNet Online Help
Introduction to MultiNet and TCP/IP Concepts
What is MultiNet?
TCP/IP Concepts
Basic TCP/IP Protocols
Dynamic Configuration Protocols
Routing
DNS (Domain Name System) and Host Tables
ARP (Address Resolution Protocol)
Neighbor Discovery
SNMP (Simple Network Management Protocol)
Devices, Protocols, and MultiNet Internals
Devices Supported by MultiNet
Protocols Supported by MultiNet
Understanding MultiNet Internals
Getting Additional Information
RFCs (Requests for Comment)
Other Documentation
Configuration Overview
Configuration Tasks
Configuration Utilities Overview
Starting MultiNet
Modifying Configuration Files
Modifying the Current Configuration
Host Tables and DNS
Methods of Associating IP Addresses and Host Names
Using the Domain Name System (DNS)
Enabling a Caching-Only Name Server
Zone
Options
Logging
Resource Record Sorting
Incremental Zone Transfer
DNS Zone Information Files
DNS Load Balancing
DNS Security
Multicast Name Resolution
Establishing IP Connectivity
About IP Connectivity
Network Interface Configuration Overview
Supported Network Interface Devices
Viewing Interface Configuration
Adding Network Interfaces
Adding Network Interfaces with NET-CONFIG
Modifying Network Interfaces
Deleting Network Interfaces
Using Packet Filtering for Security
Cautions When Creating Packet Filters
Packet Filter File
Configuring Transport over Serial Lines with SLIP and PPP
Configuring MultiNet Services
Introducing Service Configuration
Using SERVER-CONFIG to Configure Services
Using MENU-CONFIG to Configure Services
Adding Your Own Services
Disabling, Enabling, and Deleting Services
Restricting Access to Servers
Auditing Access to Servers
Detecting Intruders
Using UCX-Compatible Services under MultiNet
Associating Command Procedures with Services
Setting Keepalive Timers
Configuring TFTP (Trivial File Transfer Protocol)
Controlling RSHELL and REXEC Process Deletion
Configuring Network Routing
Routing Methods Overview
Configuring Static IP Routes
Using GateD
GateD Configuration File
GateD Route Selection
Starting and Stopping GateD
Configuring GATED
GateD Configuration Statements
Directives
traceoptions
options
interfaces
Interface Clause
Define Clause
Definition Statements
Route Filtering
rip
Interface Clause
hello
icmp
redirect
routerdiscovery server
routerdiscovery client
egp
bgp
ospf
static
import
aggregate
generate
Sample GateD Configurations
RTSOLD
Usage:
Network Time Protocol (NTP)
Converting from earlier versions of NTP
Overview of NTP
Programs and Files
Program Files
Configuration Files
Other Files
Configuration
NTP Network Design
NTP.CONF
Timezone Configuration and Hardware Clock Overview
Timezone Support
Loadable Timezone Rules
Access Control Commands
Authentication Using a Keys File
NTP Utilities
NTPDATE
NTPTRACE
NTPDC
NTPQ
Command Line Format
NTP Management
Master Server
Netcontrol
Monitoring
Troubleshooting Tips
Troubleshooting Using NTPQ
Configuration Example
Converting to the NTP.CONF File
Configuring Electronic Mail
Modifying the MultiNet SMTP Configuration File
Pipelining and Extended SMTP
Delivering Mail to Specific Folders
Using the Mail Delivery Mechanisms
Rejecting Mail Messages
SMTP Statistics and Accounting
Network Service Monitoring
Mail Monitoring
Session Accounting
Configuring Session Accounting
Configuration File
File Format
Displaying the Contents of the Logging File
Configuring SMTP for Accounting
Configuring Mail Parameters
SMTP Configuration Using Logicals
SMTP SYMBIONT LOGICAL
MIME processing
Mail Outbound Sanity Checking
Configuring the SMTP Server for Inbound Mail
Configuring the SMTP Server to Limit System/Vendor Information
Configuring the SMTP Symbiont and Mail Queues for Outbound Mail
IMAP Server
Post Office Protocol (POP) Versions 2 and 3
Configuring SMTP Service for ALL-IN-1 Users
Configuring the SMTP-DECnet Mail Gateway
Printer Configuration
Configuring the LPD/LPR Server
Configuring Print Queues
Configuring an LPD Protocol Queue
Logical Names Provided for Controlling LPD Print Processing
Configuring a STREAM Protocol Queue
LPD and Stream Symbiont User Exit Support
Using the NTYSMB Symbiont for Remote, TCP-Connected Printers
Troubleshooting the Print Queue
Internet Printing Protocol (IPP)
IPP Protocol Background
Configuration
Print Command Options
Allowable Values
Using Logicals to Define Queue Configurations
Submitting Jobs to IPP Symbiont Print Queues
MULTINET IPP SHOW Command
RMT Server and Client Configuration
Configuring the Remote Magnetic Tape Server
About the RMT Client
Using RMTALLOC
Using RMTALLOC Qualifiers
Configuring and Managing FTP
Configuring the FTP Client
Managing an FTP Server
Password Lifetime Warnings
Configuring the FTP server for TLS (FTPS)
Network Service Monitoring
Session Accounting
Configuration File
File Format
Enabling the Accounting Logger
Displaying the Contents of the Logging File
Accounting File Record Format
FTP and IPv6
DHCP Client
Introduction
General Description
Setting DHCP Client Parameters
Setting Up the DHCP Client
Disabling the DHCP Client
DHCP Client Functions and Logicals
DHCP Client Configuration
Protocol Timing
Lease Requirements and Requests
Option Modifiers
Lease Declarations
Other Declarations
Example
Troubleshooting the DHCP Client
Configuring the Font Server
Understanding the Font Server
The Font Server Configuration File
Specifying Font Servers
Supported Font Types
Enabling the Font Server
Getting Information About the Font Server
Controlling the MultiNet Font Server
Defining Font Catalogues
Adding Fonts to the Font Server
Configuring Remote Systems with RARP, BOOTP, and DHCP Server
Choosing a Network Configuration Server
RARP (Reverse Address Resolution Protocol)
BOOTP (Bootstrap Protocol)
DHCP (Dynamic Host Configuration Protocol)
Using RARP
Using BOOTP
Using DHCP
Checking the DHCP Configuration
Reloading the DHCP Configuration
DHCP Conversion Tool
Introducing the Configuration File
Client Classing
Conditional Behavior
DNS Dynamic Updates Within DHCP
Host Name Generation
Configuration File Declarations and Parameters
Expressions
DHCP Options
DHCP Lease Format
Registering Clients While the DHCP Server is Running
Examples:
DHCP Safe-failover Introduction
Configuring DHCP Safe-failover
Boot File for DHCP Safe-failover
State File for DHCP Safe-failover
DHCP Safe-failover Configuration File Statements
DHCP Safe-failover Lease File Statements
Transitioning to DHCP Safe-failover Partner Down State
Setting DHCP Parameters
Viewing DHCP Information
Address Lease States in DHCP Dump Files
Managing the XDM Server
Understanding X Display Management
Accessing the XDM Server
XDM Administrative Tasks
Enabling and Starting the XDM Server
Modifying the XDM Server Configuration
Controlling the XDM Server
Controlling Access to the XDM Server
Managing X11R3 Displays
Configuring MultiNet SNMP Services
Understanding SNMP
Configuring MultiNet SNMP Services
Private MIB Application Program Interface
Configuring SNMP Subagents (except AgentX)
SNMP Multiplexing Peers
SNMP Agent Extensibility (AgentX) Peers
Configuration File
Sending SNMP Traps from MultiNet
Disabling Traps
Generating Traps
SNMP Log File
Start, Shutdown, or Reload the SNMP Configuration Without Rebooting
Performing SNMP Functions with MultiNet
Configuring MultiNet Kerberos Authentication Service
Understanding Kerberos
Hardware Requirements
Configuring Kerberos
KERBEROS DATABASE EDIT Prompts
Testing Your Configuration
Copying the Database to Other Hosts
Administering Kerberos
Configuring Secondary KDCs
Determining How a User Has Logged In
X11-Gateway Configuration
Concepts
Allowing an IP Client Access to a DECnet Server
Allowing a DECnet Client Access to an IP Server
X11-Gateway Security
X11-Gateway Debugging
Configuring DECnet-over-IP Circuits
Using the Configuration Tools
Examples of Connecting Two Systems
DECnet Encapsulation Over Unreliable Networks
Using MULTINET SET /DECNET
Configuring the MultiNet NFSV2 Server
Understanding the MultiNet NFS Server
Servers and Clients
NFS Server Configuration Overview
Enabling the MultiNet NFS Server
Creating OpenVMS User Accounts for Client Users
Invoking the NFS Configuration Utility (NFS-CONFIG) and Displaying Configuration Information
Creating UID/GID Mappings
Exporting File Systems
Reloading the MultiNet NFS Server Configuration and Restarting the Server
Shutting Down the NFS Server
Testing the System Configuration
Configuring Clients
Restricting Access to a Mount Point
Configuring PC-NFSD Remote Printing Service
Booting Diskless Hosts Using NFS
Modifying NFS Server Mount Point Options
Modifying NFS Server Global Parameters
NFS Mode of Operation
NFS Server Memory Considerations
Process Memory
Directory and File Cache Parameters
Timezone Parameters
Special Debugging Parameters
NFS Troubleshooting Tips
Configuring the MultiNet NFS V3 Server
Introduction
Server Security & Initial Configuration
Mounting Client Directories
File Formats
Reading Files
Writing Files
Implementation
Restrictions
NFS Protocol Procedures
Troubleshooting
Using the NFS Client
Understanding the NFS Client
Servers and Clients
NFS Client Setup Overview
Creating UID/GID Mappings
Mounting and Dismounting File Systems
Reloading the NFS Client
Mounting File Systems During MultiNet Startup
Creating ACPs (Ancillary Control Processes) for NFS Mounts
NFS Clients Using BACKUP
Advanced NFS Client Mount Options
Configuring the Secure Shell (SSH) v1 Server
SSH1 and SSH2 Differences
Restrictions:
Understanding the MultiNet Secure Shell Server
Servers and Clients
Security
Configuring SSHD Master for SSH1
OPTIONS
Configuration File
Starting the SSH Server for the First Time
Configuring the SSH1 Server on a VMScluster with a Common System Disk
Changing SSH1 Configuration File After Enabling SSH1
Connection and Login Process
AUTHORIZED_KEYS File Format
SSH_KNOWN_HOSTS File Format
SSH Logicals
Configuring the Secure Shell (SSH) Server v2
SSH1 and SSH2 Differences
Restrictions:
Understanding the MultiNet Secure Shell Server
Servers and Clients
Expired Password Handling
Break-In and Intrusion Detection
Configuring SSHD Master
SSH2 Configuration File
Starting the SSH Server for the First Time
Configuring the SSH2 Server on a VMScluster with a Common System Disk
Changing SSH2 Configuration File After Enabling SSH2
Connection and Login Process
SSH2 AUTHORIZATION File Format
SSH2 Logicals
SSH daemon Files
Configuring IPSEC and SETKEY
About the IP Security (IPSEC) Protocol
Security Associations and Security Policies
IPSEC Configuration File
The SETKEY Program
IPSEC Configuration File Examples
Conformance to Standards and Interoperability
Racoon Internet Key Exchange Daemon
Restrictions
Intrusion Prevention System (IPS)
Configuring IPS
Using MultiNet for an OpenVMS Cluster Interconnect
Appendix A
Server Configuration Parameters
SERVER-CONFIG Service Parameters
Services Provided with MultiNet
Default Server Values
Appendix B
DNSSEC
DNSSEC
Generating Keys
Signing the Zone
Configuring Servers
DNSSEC, DYNAMIC ZONES, AND AUTOMATIC SIGNING
Dynamic Trust Anchor Management