[Nut-upsuser] upsd/upsc, LISTEN and hostname resolution in master/slave

Arnaud Quette arnaud.quette at gmail.com
Wed Mar 29 10:32:33 UTC 2017


2017-03-29 5:49 GMT+02:00 Spike <spike at drba.org>:

> Hi,
>

Hi again Spike ;)

I've been setting up a few Eatons 1500 USB in master/slave mode and run
> into what I'm thinking is a hostname resolution problem.
>
> Basically, to avoid hardcoding ips, I'd love to be able to add a LISTEN on
> the lan's ip which has hostname, let's say, server1.local .
>
> If I set up upsd.conf such as LISTEN server1.local 3493 what I end up with
> is upsd listening on 127.0.0.1 . I'm guessing it gets this value from
> /etc/hosts which overrides server1.local dns resolution.
>

probably /etc/hosts indeed.
however, server1 should resolve to a non local IP@, so that one should work
(need DNS resolution, possibly through DHCP bridging)

So basically if I want it to listen on anything other than localhost I need
> to hardcode an ip in upsd.conf or add a line to /etc/hosts, which is not
> quite convenient if the computer gets its ip from dhcp.
>

no
simply add 1 or more LISTEN lines, with the DNS resolvable names (if DHCP
served)


> What's more, it seems that upsc does the same thing, so if I have a line
> such as:
> MONITOR eaton at server1.local ... that will fail if I specified the
> external ip. However this will succeed from the slave, because there's no
> server1.local in /etc/hosts I'm guessing so the name resolves to the same
> ip in the LISTEN.
>

upsd serves the data to the rest of the world, i.e. all NUT clients,
including upsc / upsrw / upscmd / upsmon
so the LISTEN line(s) impacts all these....


> Is this really the desired behavior? I can certainly work with it, but it
> seems it'd be nice if it could work with dns resolution (at least client
> side, the LISTEN statement I guess it's ok), but maybe I'm missing some
> good reason why this would cause other issues.
>

this is indeed undocumented (will fix it after this mail and a quick
lunch), but that works

LISTEN myhostname.domain1
LISTEN myhostname.domain2

We once had ACL (ACCEPT / REJECT) to refine the job, but that's really a
firewall job ;)

So another approach is to "LISTEN 0.0.0.0" (i.e. everything) and use your
firewall to restrict INPUT interfaces.

Hope it helps,
cheers,
Arno
-- 
Eaton Data Center Automation Solutions - Opensource Leader -
http://42ity.org
NUT (Network UPS Tools) Project Leader - http://www.networkupstools.org
Debian Developer - http://www.debian.org
Free Software Developer - http://arnaud.quette.fr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20170329/6a2eec1a/attachment.html>


More information about the Nut-upsuser mailing list