Nortel Networks 14.2 - page 50

Configuring Remote Access for AN and Passport ARN Routers

2-10 308614-14.20 Rev 00

Restricting TFTP Access to Specified Directories

To restrict TFTP access to a specific directory:

1. Log in to your UNIX workstation as root.

2. Insert the appropriate line in the /etc/inetd.conf file.

The examples in Table 2 -4 restrict access to the /tftpboot directory. You can

substitute any directory you want.

3. Create a symbolic link in the specified directory for every startup file

path name.

For example, to set up symbolic links in the /tftpboot directory:

a. Enter the following command to move to the /tftpboot directory:

cd tftpboot

b. Enter the following commands to create symbolic links :

ln -s . usr

ln -s . tftpboot

Table2-4. Restricting TFTP Access to Specified Directories

Operating

System Sample Line to Insert in /etc/inetd.conf File, or Other Instruction

SunOS tftp dgram udp wait root /usr/etc/in.tftpd in.tftpd -s

/tftpboot

Solaris tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd

-s /tftpboot

HP-UX tftp dgram udp wait root /etc/tftp tftp -s /tftpboot

AIX Use the System Management Interface Tool (SMIT) to configure TFTP.

For instructions, see the IBM guides on TCP/IP daemons and TFTP.

Note: Do not insert a slash (/) in the cd tftpboot command. A symbolic link

cannot contain references to directories above the directory specified in the

tftpd command line.

Contents

Main ii Copyright 1999 Nortel Networks Trademarks Restricted Rights Legend Statement of Conditions Nortel Networks NA Inc. Software License Agreement iv Contents Page Page Page Figures Page Tab le s Page Preface Before You Begin Text Conventions Acronyms Page Hard-Copy Technical Manuals How to Get Help Chapter 1 Understanding Tools and Options Network Configuration and Management Tools Router Startup Procedure Startup Files Startup Options 1-4 Table1-2 . Summary of Startup Opti ons for AN/ANH and ARN Routers The Boot Process Obtaining an IP Address Manually (Netboot or Directed Netboot) Obtaining an IP Address Automatically (EZ-Install) Page Page Page Obtaining the Kernel and Configuration Files Page Page Page Preparing for the Initial Startup Selecting the Initial Startup Option Page Providing a Tailored Configuration File Selecting the Routine Startup Option Recommendations Netboot Directed Netboot Local Boot Steps for Completing Startup Options EZ-Install Netboot Directed Netboot Local Boot Chapter 2 Setting Up a UNIX Boot Server Setting Up a BootP Server Setting Up BootP Sockets Configuring BootPD Page Page Page 2-6 Table2-1. BootPD Tags for a Router Host Name Table2-2. BootPD Tags for a Kernel File Name rel<number> (continued) Page (continued) 2-8 Figure 2-1. Sample bootptab File Setting Up a TFTP Server Setting Up TFTPD Page Setting Up Static Routes to Next-Hop Routers Rebooting Your Workstation Issuing a Hang-Up Signal What to Do Next Page Chapter 3 Configuring Netboot Services with Site Manager Complete the appropriate sections of this chapter for the startup option you are configuring: Preparing Configuration and Image Files Creating Configuration Files Tabl e 3-1 lists the mnemonics used in AN and ANH module names. Table3-1. Configuration Manager Module Names for AN and ANH Table3-2. ARN Base Module Configurations Page Preparing an Image Enabling Netboot or Directed Netboot Page Adding a Netboot or Directed Netboot Interface Configuring a Netboot or Directed Netboot Interface You can use Site Manager to configure a Netboot or Directed Netboot interface. receive a reply from the BootP server will complete the Netboot process. Note: If you configure more than one interface to Netboot, the first interface to Setting Up Routing Paths for Netboot Enabling Router Interfaces Page Creating BootP Relay Agent Forwarding Tables You can use Site Manager to create the BootP relay agent forwarding table. Creating the BootP Client Interface Table You can use Site Manager to create the BootP client interface table. Page Chapter 4 Configuring Netboot Client Services Using Netboot Configuration Commands Setting the Boot Configuration Using the bconfig Command Format Examples of Using the bconfig Command Setting the Netboot Interface Configuration Configuring a Serial Interface for Network Booting 4-6 Table4-2. ifconfig Command Options for a Serial Interface <subnet_mask> <IP_address> <port_no.> Configuring an Ethernet Interface for Network Booting <next_hop_address> <IP_address> <subnet_mask> <interface> Note: The Ethernet interface must be configured with IP to support netboot Configuring an ARN Token Ring Interface for Network Booting Enabling and Disabling Interfaces with the ifconfig Command Examples of Using the ifconfig Command Verifying Your Configuration What to Do Next Page Page 5-2 Enabling and Disabling ANH Repeater Ports You can use Site Manager to enable or disable the ANH repeater ports. Page Page Managing ANH Repeater Ports Testing and Resetting ANH Repeater Ports You can use Site Manager to test and reset ANH repeater ports. Note: The repeater port self-test does not disrupt traffic flow. Resetting a Page Appendix A Site Manager Parameters Netboot and Directed Netboot Parameters Page Netboot Interface Parameters Page Page BootP Relay Agent Interface Parameters BootP Client Interface Address Parameters Repeater Port Group Parameters Page Appendix B Troubleshooting Network Boot Problems Solving Startup Problems Router Fails to Get IP Address Router Fails to Netboot Page Router Fails to Perform Directed Netboot Router Netboots, but Fails to Load Applications Page Page Identifying Remote Connectivity Problems Displaying Messages from the Router Console Displaying Statistics and Error Messages Guidelines for Using Packet Capture Guidelines for Using a LAN Protocol Analyzer Resolving Connectivity Problems Displaying Parameter Settings Page Debugging the BootP Server Troubleshooting Network Boot Problems 3. Compare the bootptab file with the sample bootptab file in Chapter 2 /etc (see Figure2-1 on page 2-8) and correct any inconsistency. 4. If you cannot find an inconsistency, boot the router and view the bootpd Table B-1. BootP Messages Verifying the BootP Server Setup Displaying the BootP Server IP Routes Displaying the Number of Packets Forwarded and Dropped Maintaining the Router Software Upgrading the Software Image Restoring a Local File System Hints and Notes Setup Hints Implementation Notes Appendix C Using the Quick-Start Local Boot Procedure What Is Quick-Start? Using the Worksheets Page C-4 Global Information Worksheet Global Information Worksheet Global Information Worksheet C-6 Global Information Worksheet startup.cfg Router Protocol Worksheets RIP Worksheet (continued) OSPF Worksheet C-8 OSPF Worksheet Wide Area Protocol Worksheets C-10 Nortel Networks Proprietary PPP Worksheet Frame Relay Worksheet PPP Worksheet C-12 PPP Worksheet Configuring PPP Services (continued) Running the Quick-Start Script Page Page Page Index Symbols A B Index-2 C D E F G H I K L M N O P Q R S T U