Sunday, September 5, 2010

TCP/IP Daemons

Daemons (also known as servers) are processes that run continuously in the background and perform functions required by other processes. Transmission Control Protocol/Internet Protocol (TCP/IP) provides daemons for implementing certain functions in the operating system. These daemons are background processes and thus run without interrupting other processes (unless that is part of the daemon's function).
Daemons are invoked by commands at the system management level, by other daemons, or by shell scripts. You can also control daemons with the inetd daemon, the rc.tcpip shell script, and the System Resource Controller (SRC).

Subsystems and Subservers

A subsystem is a daemon, or server, that is controlled by the SRC. A subserver is a daemon that is controlled by a subsystem. (Daemon commands and daemon names are usually denoted by a d at the end of the name.) The categories of subsystem and subserver are mutually exclusive. That is, daemons are not listed as both a subsystem and as a subserver. The only TCP/IP subsystem that controls other daemons is the inetd daemon. Thus, all TCP/IP subservers are also inetd subservers.
TCP/IP daemons controlled by the SRC are the following:
Subsystems
gated Provides gateway routing functions and supports the Routing Information Protocol (RIP), the Routing Information Protocol Next Generation (RIPng), Exterior Gateway Protocol (EGP), the Border Gateway Protocol (BGP) and BGP4+, the Defense Communications Network Local-Network Protocol (HELLO), Open Shortest Path First (OSPF), Intermediate System to Intermediate System (IS-IS), and Internet Control Message Protocol (ICMP and ICMPv6)/Router Discovery routing protocols. In addition, the gated daemon supports the Simple Network Management Protocol (SNMP). The gated daemon is one of two routing daemons available for routing to network addresses and is the preferred routing daemon. The gated daemon is preferred over the routed daemon because the gated daemon supports more gateway protocols.
inetd Invokes and schedules other daemons when requests for the daemons' services are received. This daemon can also start other daemons. The inetd daemon is also known as the super daemon.
iptrace Provides interface-level packet-tracing function for Internet protocols.
named Provides the naming function for the Domain Name Server Protocol (DOMAIN).
routed Manages the network routing tables and supports the Routing Information Protocol (RIP). The gated daemon is preferred over the routed daemon because the gated daemon supports more gateway protocols.
rwhod Sends broadcasts to all other hosts every three minutes and stores information about logged-in users and network status. Use the rwhod daemon with extreme care, as it can steal significant amounts of a machine's resources.
timed Provides the timeserver function.
Note: Both the routed and gated daemons are listed as TCP/IP subsystems. Do not run the startsrc -g tcpip command, which initiates both of these routing daemons, along with all the other TCP/IP subsystems. Running both daemons simultaneously on one machine can produce unpredictable results.
TCP/IP daemons controlled by the inetd subsystem are the following:
inetd Subservers
comsat Notifies users of incoming mail.
fingerd Provides a status report on all logged-in users and network status at the specified remote host. This daemon uses the Finger protocol.
ftpd Provides the file transfer function for a client process using the File Transfer Protocol (FTP).
rexecd Provides the foreign host server function for the rexec command.
rlogind Provides the remote login facility function for the rlogin command.
rshd Provides the remote command execution server function for the rcp and rsh commands.
talkd Provides the conversation function for the talk command.
syslogd Reads and logs system messages. This daemon is in the RAS group of subsystems.
telnetd Provides the server function for the TELNET protocol.
tftpd Provides the server function for the Trivial File Transfer Protocol (TFTP).
uucpd Handles communications between the Basic Network Utilities (BNU) and TCP/IP.

System Resource Control (SRC)

Among other functions, SRC allows you to start daemons, stop them, and trace their activity. In addition, SRC provides the ability to group daemons into subsystems and subservers.
System Resource Control is a tool designed to aid the person who manages your system in controlling daemons. SRC allows control beyond the flags and parameters available with each daemon command.
Refer to the System Resource Controller Overview in AIX Version 4.3 System Management Concepts: Operating System and Devices for more information concerning the System Resource Controller.

SRC Commands

SRC commands can affect one daemon, a group of daemons, or a daemon and those daemons it controls (subsystem with subservers). In addition, some TCP/IP daemons do not respond to all SRC commands. The following is a list of SRC commands that can be used to control TCP/IP daemons and their exceptions.



startsrc Starts all TCP/IP subsystems and inetd subservers. The startsrc command works for all TCP/IP subsystems and inetd subservers.
stopsrc Stops all TCP/IP subsystems and inetd subservers. This command is also called the stop normal. The stop normal command allows subsystems to process all outstanding work and terminate gracefully. For inetd subservers, all pending connections are allowed to start and all existing connections are allowed to complete. The stop normal command works for all TCP/IP subsystems and inetd subservers.
stopsrc -f Stops all TCP/IP subsystems and inetd subservers. This command is also called the stop force. The stop force command immediately terminates all subsystems. For inetd subservers, all pending connections and existing connections are terminated immediately.
refresh Refreshes the following subsystems and subservers: the inetd, syslogd, named, dhcpsd, and gated subsystems.
lssrc Provides short status for subsystems, which is the state of the specified subsystem (active or inoperative). Also provides short status for inetd subservers. The short status for inetd subservers includes: subserver name, state, subserver description, command name, and the arguments with which it was invoked.
lssrc -l Provides the short status plus additional information (long status) for the following subsystems:
gated
State of debug or trace, routing protocols activated, routing tables, signals accepted and their function.
inetd
State of debug, list of active subservers and their short status; signals accepted and their function.
named
State of debug, named.conf file information.
dhcpsd
State of debug, all controlled IP addresses and their current state.
routed
State of debug and trace, state of supplying routing information, routing tables.
syslogd
syslogd configuration information.
The lssrc -l command also provides long status for inetd subservers. The long status includes short status information and active connection information. Some subservers will provide additional information. The additional information by subserver includes:
ftpd
State of debug and logging
telnetd
Type of terminal emulating
rlogind
State of debug
fingerd
State of debug and logging
The rwhod and timed subservers do not provide long status.
traceson Turns on socket-level debugging. Use the trpt command to format the output. The timed and iptraced subsystems do not support the traceson command.
tracesoff Turns off socket-level debugging. Use the trpt command to format the output. The timed and iptraced subsystems do not support the tracesoff command.
For examples of how to use these commands, see the articles on the individual commands. For more information on the System Resource Controller, refer to System Resource Controller Overview in AIX Version 4.3 System Management Concepts: Operating System and Devices.

Configuring the inetd Daemon

To configure the inetd daemon:
  1. Specify which subservers it will invoke by adding an inetd subserver.
  2. Specify what its restart characteristics are by changing restart characteristics of the inetd daemon.
Configuring the inetd Daemon Tasks
Web-based System Manager: wsm network fast path
(Network application)

-OR-
Task SMIT Fast Path Command or File
Starting the inetd Daemon smit mkinetd startsrc -s inetd
Changing Restart Characteristics of the inetd Daemon smit chinetd or
smit lsinetd

Stopping the inetd Daemon smit rminetd stopsrc -s inetd
Listing All inetd Subservers smit inetdconf
Adding an inetd Subserver1 smit mkinetdconf edit /etc/inetd.conf then run refresh -s inetd or kill -1 inetdPID2
Change/Show Characteristics of an inetd Subserver smit inetdconf edit /etc/inetd.conf then run refresh -s inetd or kill -1 inetdPID2
Removing an inetd Subserver smit rminetd edit /etc/inetd.conf then run refresh -s inetd or kill -1 inetdPID2
Notes:
  1. Adding an inetd subserver configures the inetd daemon so that it will invoke the subserver when it is needed.
  2. Both refresh and kill commands inform the inetd daemon of changes to its configuration file.

Client Network Services

Client Network Services (accessible using the Web-based System Manager fast path, wsm network, or the SMIT fast path, smit clientnet) refers to the TCP/IP protocols available for use by an AIX system. Each protocol (or service) is known by the port number it uses on the network, hence the term well-known port. As a convenience to programmers, the port numbers can be referred to by names as well as numbers. For example, the TCP/IP mail protocol uses port 25 and is known by the name smtp. If a protocol is listed (uncommented) in the /etc/services file, then a host can use that protocol.
By default, all the TCP/IP protocols are defined in the /etc/services file. So, you do not have to do any configuration of this file. However, suppose you wrote your own client/server programs. You may want to add your service to the /etc/services file, and reserve a specific port number and name for your service. If you do decide to add your service to /etc/services, note that port numbers 0 through 1024 are reserved for system use.
Client Network Services Tasks
Web-based System Manager: wsm network fast path
(Network application)

-OR-
Task SMIT Fast Path Command or File
Listing All Services smit lsservices view /etc/services
Adding a Service smit mkservices edit /etc/services
Change/Show Characteristics of a Service smit chservices edit /etc/services
Removing a Service smit rmservices edit /etc/services

Server Network Services

Server Network Services includes controlling remote access, starting or stopping TCP/IP, and managing the pty device driver, as shown in the following table.
The pty device driver is installed automatically with the system. By default, it is configured to support 16 BSD-style symbolic links, and it is available for use by the system at boot time.
Server Network Services Tasks
Web-based System Manager: wsm network fast path
(Network application)

-OR-
Task SMIT Fast Path Command or File
Controlling Remote Access See "Remote Command Execution Access" and
"Restricted File Transfer Program Users".
Start, Restart, or Stop TCP/IP Subsystems smit otherserv See "System Resource Control".
Change/Show Characteristics of the pty Device Driver smit chgpty chdev -l pty0 -P -a num=X
where X ranges from 0 to 64
Make the pty Device Driver Unavailable for Use smit pty then select
Remove the PTY; Keep Definition

Make the pty Device Driver Available for Use smit pty then select
Configure the Defined PTY

Generate an Error Report smit errpt
Trace the pty smit trace

No comments:

Post a Comment