I have an ONTAP SIM 7.3 running on VMware ESX 4.1. It serves data to other guests on the SIM via CIFS and NFS, but does not do username mapping properly.
In other words: within the same VMware ESX Host, network communications is working.
Except DNS.
I can't figure out why. When I run pktt, no DNS packets are sent at all, even with the DNS cache disabled, or with the DNS cache enabled and flushed.
I am *NOT* a NetApp admin, and very well may have missed a setting. Therefore, I'm dumping everything I can find to be relevant to my configuration. 192.168.0.* (excepting .250 and .254) are virtual devices on the same ESX Host and same ESX VSwitch. no networking hardware is involved at all.
Desired goal: setting up a NetApp OnTap 7.x device to do configuration based on RFC2307 and NetApp document TR-3458.
netapp1*> version
NetApp Release 7.3.1: Thu Jan 8 00:10:49 PST 2009
netapp1*> rdfile /etc/nsswitch.conf
#Generated by FilerView - Mon Jan 03 14:27:49 CST 2011
hosts: files dns nis
passwd: files ldap nis
shadow: files ldap ldap
group: files ldap nis
netgroup: files ldap files
netapp1*> rdfile /etc/resolv.conf
#Generated by FilerView - Mon Jan 03 14:27:49 CST 2011
nameserver 192.168.0.4
nameserver 192.168.0.5
search totalnetsolutions.net
netapp1*> ping 192.168.0.4
192.168.0.4 is alive
netapp1*> ping 192.168.0.5
192.168.0.5 is alive
netapp1*> dns info
DNS is enabled
DNS caching is enabled
0 cache hits
3 cache misses
0 cache entries
0 expired entries
0 cache replacements
IP Address State Last Polled Avg RTT Calls Errs
-------------------------------------------------------------------------------------------------------------
192.168.0.4 NO INFO 0 0 0
192.168.0.5 NO INFO 0 0 0
Default domain: totalnetsolutions.net
Search domains: totalnetsolutions.net
netapp1*> options dns
dns.cache.enable on
dns.domainname totalnetsolutions.net
dns.enable on
dns.update.enable on
dns.update.ttl 24h
netapp1*> dns flush
DNS cache flushed.
netapp1*> ping tns02.totalnetsolutions.net
ping: unknown host: tns02.totalnetsolutions.net
netapp1*> dns info
DNS is enabled
DNS caching is enabled
0 cache hits
3 cache misses
0 cache entries
0 expired entries
0 cache replacements
IP Address State Last Polled Avg RTT Calls Errs
-------------------------------------------------------------------------------------------------------------
192.168.0.4 NO INFO 0 0 0
192.168.0.5 NO INFO 0 0 0
Default domain: totalnetsolutions.net
Search domains: totalnetsolutions.net
netapp1*> cifs domaininfo
Tue Jan 4 01:16:55 CST [auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Starting AD LDAP server address discovery for TOTALNETSOLUTIONS.NET.
Tue Jan 4 01:17:02 CST [auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Found no AD LDAP server addresses using DNS site query (home).
Tue Jan 4 01:17:10 CST [auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- Found no AD LDAP server addresses using generic DNS query.
NetBios Domain: TNS
Windows 2000 Domain Name: totalnetsolutions.net
Type: Windows 2000
Filer AD Site: home
Not currently connected to any DCs
Preferred Addresses:
None
Favored Addresses:
None
Other Addresses:
192.168.0.5 TNS03 PDCBROKEN
192.168.0.4 TNS02 BDCBROKEN
Not currently connected to any AD LDAP server
Preferred Addresses:
None
Favored Addresses:
None
Other Addresses:
None
netapp1*> Tue Jan 4 01:17:10 CST [auth.ldap.trace.LDAPConnection.statusMsg:info]: AUTH: TraceLDAPServer- AD LDAP server address discovery for TOTALNETSOLUTIONS.NET complete. 0 unique addresses found.
netapp1*> options ldap
ldap.ADdomain totalnetsolutions.net
ldap.base dc=totalnetsolutions,dc=net
ldap.base.group dc=totalnetsolutions,dc=net
ldap.base.netgroup
ldap.base.passwd dc=totalnetsolutions,dc=net
ldap.enable on
ldap.minimum_bind_level anonymous
ldap.name cn=netapp,ou=Service accounts,ou=sbsusers,ou=users,ou=MyBusiness,dc=totalnetsolutions,dc=net
ldap.nssmap.attribute.gecos gecos
ldap.nssmap.attribute.gidNumber gidNumber
ldap.nssmap.attribute.groupname cn
ldap.nssmap.attribute.homeDirectory homeDirectory
ldap.nssmap.attribute.loginShell loginShell
ldap.nssmap.attribute.memberNisNetgroup memberNisNetgroup
ldap.nssmap.attribute.memberUid memberUid
ldap.nssmap.attribute.netgroupname cn
ldap.nssmap.attribute.nisNetgroupTriple nisNetgroupTriple
ldap.nssmap.attribute.uid samAccountName
ldap.nssmap.attribute.uidNumber uidNumber
ldap.nssmap.attribute.userPassword userPassword
ldap.nssmap.objectClass.nisNetgroup nisNetgroup
ldap.nssmap.objectClass.posixAccount User
ldap.nssmap.objectClass.posixGroup Group
ldap.passwd ******
ldap.port 389
ldap.servers 192.168.0.4 192.168.0.5
ldap.servers.preferred
ldap.ssl.enable off
ldap.timeout 20
ldap.usermap.attribute.unixaccount unixaccount
ldap.usermap.attribute.windowsaccount windowsaccount
ldap.usermap.base
ldap.usermap.enable off
netapp1*> netdiag
Performing physical layer diagnostics.....OK
Performing network layer diagnostics.....OK
OK
Performing transport layer diagnostics.....OK
netapp1*> netstat
Active TCP connections
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
netapp1.2049 192.168.0.26.994 49640 0 67160 0 ESTABLISHED
localhost.23 localhost.1023 8192 0 8192 0 ESTABLISHED
localhost.1023 localhost.23 8192 1 8192 0 ESTABLISHED
netapp1.22 192.168.0.21.38275 64128 0 8760 0 ESTABLISHED
::.22 ::.* 0 0 0 0 LISTEN
::.10568 ::.* 0 0 0 0 LISTEN
::.10569 ::.* 0 0 0 0 LISTEN
::.10567 ::.* 0 0 0 0 LISTEN
::.23 ::.* 0 0 0 0 LISTEN
Active UDP sockets
Local Address Remote Address Send-Q Recv-Q
::.161 ::.* 0 0
netapp1*> ifconfig -a
ns0: flags=848043<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.34 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::250:56ff:fe0b:5a59 prefixlen 64 scopeid 0x1 autoconf
ether 00:50:56:0b:5a:59 (auto-100tx-fd-up)
ns1: flags=8042<BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:50:56:0c:5a:59 (auto-unknown-cfg_down)
lo: flags=1948049<UP,LOOPBACK,RUNNING,MULTICAST,TCPCKSUM> mtu 9188
inet 127.0.0.1 netmask 0xff000000 broadcast 127.0.0.1
inet6 fe80::1 prefixlen 64 scopeid 0x3 autoconf
inet6 ::1 prefixlen 128
netapp1*> ifstat -a
-- interface ns0 (10 hours, 19 minutes, 27 seconds) --
RECEIVE
Frames/second: 8 | Bytes/second: 593 | Errors/minute: 0
Discards/minute: 0 | Total frames: 17826 | Total bytes: 1616k
Total errors: 0 | Total discards: 0 | Multi/broadcast: 13914
No buffers: 0 | Non-primary u/c: 0 | Tag drop: 0
Vlan tag drop: 0 | Vlan untag drop: 0 | Read errors: 0
TRANSMIT
Frames/second: 4 | Bytes/second: 359 | Errors/minute: 0
Discards/minute: 0 | Total frames: 105k | Total bytes: 32660k
Total errors: 0 | Total discards: 0 | Multi/broadcast: 140
Queue overflows: 0 | No buffers: 0 | Write errors: 0
LINK_INFO
Current state: up | Up to downs: 0 | Speed: 100m
Duplex: full | Flowcontrol: none
-- interface ns1 (10 hours, 19 minutes, 27 seconds) --
RECEIVE
Frames/second: 0 | Bytes/second: 0 | Errors/minute: 0
Discards/minute: 0 | Total frames: 0 | Total bytes: 0
Total errors: 0 | Total discards: 0 | Multi/broadcast: 0
No buffers: 0 | Non-primary u/c: 0 | Tag drop: 0
Vlan tag drop: 0 | Vlan untag drop: 0 | Read errors: 0
TRANSMIT
Frames/second: 0 | Bytes/second: 0 | Errors/minute: 0
Discards/minute: 0 | Total frames: 0 | Total bytes: 0
Total errors: 0 | Total discards: 0 | Multi/broadcast: 0
Queue overflows: 0 | No buffers: 0 | Write errors: 0
LINK_INFO
Current state: cfg_down | Up to downs: 0
-- interface lo (10 hours, 19 minutes, 24 seconds) --
RECEIVE
Packets: 3284 | Bytes: 231k | Errors: 0
Queue full: 0
TRANSMIT
Packets: 3284 | Bytes: 231k | Errors: 0
Collisions: 0
-- interface vh (10 hours, 19 minutes, 24 seconds) --
RECEIVE
Packets: 0 | Bytes: 0 | Errors: 0
Queue full: 0
TRANSMIT
Packets: 0 | Bytes: 0 | Errors: 0
Collisions: 0
netapp1*> uptime
1:22am up 10:20 63 NFS ops, 4 CIFS ops, 23 HTTP ops, 0 FCP ops, 0 iSCSI ops
netapp1*>
So you might think: oh, his DNS is just broken, but wait, from a system that is on the same subnet, and has successful NFS connections to my NetApp....:
rob@sol10-a:~$ ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0: flags=1004843<UP,BROADCAST,RUNNING,MULTICAST,DHCP,IPv4> mtu 1500 index 2
inet 192.168.0.26 netmask ffffff00 broadcast 192.168.0.255
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1
inet6 ::1/128
e1000g0: flags=2004841<UP,RUNNING,MULTICAST,DHCP,IPv6> mtu 1500 index 2
inet6 fe80::250:56ff:feb6:2/10
rob@sol10-a:~$ dig SRV _ldap._tcp.home._sites.totalnetsolutions.net +short @192.168.0.4
0 100 389 tns02.totalnetsolutions.net.
0 100 389 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _ldap._tcp.home._sites.totalnetsolutions.net +short @192.168.0.5
0 100 389 tns02.totalnetsolutions.net.
0 100 389 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _Kerberos._tcp.home._sites.totalnetsolutions.net +short @192.168.0.4
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _Kerberos._tcp.home._sites.totalnetsolutions.net +short @192.168.0.5
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _kerberos._tcp.totalnetsolutions.net +short @192.168.0.4
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _kerberos._tcp.totalnetsolutions.net +short @192.168.0.5
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _kerberos._udp.totalnetsolutions.net +short @192.168.0.5
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
rob@sol10-a:~$ dig SRV _kerberos._udp.totalnetsolutions.net +short @192.168.0.4
0 100 88 tns02.totalnetsolutions.net.
0 100 88 tns03.totalnetsolutions.net.
So, what stupid config piece am I missing?
Thanks in advance.
Rob
@docsmooth
