HPE Community
Operating System - HP-UX
1851755 Members
2067 Online
104062 Solutions
New Discussion

Re: ndd uncertainty

 
jmb
Regular Advisor

‎02-22-2004 11:01 AM

‎02-22-2004 11:01 AM

ndd uncertainty

I am looking at a bastion host white paper from HP dated August 2000, in which section 10 lists some parameters with suggested changes, I believe using nddconf. At the same time, "ndd -h unsupported" lists "unsupported ndd tunables". Some of the unsupported tunables are included in the suggested changes in the white paper.

I'm using 11i with the latest patch bundle. I spent some time looking for an updated bastion document but was unsuccessful.

Why does the white paper appear to recommend changing tunables that are not supported by HP? Also, it appears at one time there was a 10 item tunable limit?

So, 2 questions (at least):

Are the "unsupported" items actually unsupported, and should not be used?

What is the relationship between nddconf, ndd -c, and /sbin/init.d?

TIA!
0 Kudos
Reply
6 REPLIES 6
Michael Tully
Honored Contributor

‎02-22-2004 11:28 AM

‎02-22-2004 11:28 AM

Re: ndd uncertainty

Before you go any further, have a look at the latest paper. Perhaps the list has changed.

http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/building_a_bastion_host.pdf
Anyone for a Mutiny ?
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎02-22-2004 11:32 AM

‎02-22-2004 11:32 AM

Re: ndd uncertainty

Unsupported means HP might take them away without prior notice.

If its documented in the latest version of the paper as Michael provided, you can use it. There should be a good reason, but don't be afraid just because its undocumented.

Todays undocumented can become tomorows ovlivion or solid feature. It depends on technical requirments and the demands of the customer.

You are a customer, if you need it, make it known to HP.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
jmb
Regular Advisor

‎02-22-2004 11:32 AM

‎02-22-2004 11:32 AM

Re: ndd uncertainty

Thanks for the quick response! Unfortunately, the link is not working for me at this time. I will try it later.
0 Kudos
Reply
Con O'Kelly
Honored Contributor

‎02-22-2004 11:37 AM

‎02-22-2004 11:37 AM

Re: ndd uncertainty

Hi

Some tunables are not supported by HP meaning that if you have problems with your system then HP may not help out if you have changed some of the unsupported tunables. If that situation arose, I'd change back the unsupported tunables to the HP defaults.
Unless there is a compelling reason I'd probably not change the unsupported tunables. If you do change them, keep a record of the changes so that if you have any issues you can chnage them back.

The nddconf file is read at bootup by /sbin/init.d/net and any ndd tunables are set.

The nnd command updates ndd tunables from the command line. However any changes will not be maintained across a reboot.

You can update the nddconf file and then run "ndd -c" to read the file and update the tunables. Using this method you will update the ndd tunables and ensure they are maintained across a reboot.

Cheers
Con
0 Kudos
Reply
Elmar P. Kolkman
Honored Contributor

‎02-22-2004 06:36 PM

‎02-22-2004 06:36 PM

Re: ndd uncertainty

What you could do is out-comment the unsupported tunables. It could very well be those have been removed with the current patches.

As for the relationship: nddconf is read directly by the 'ndd -c' command, which runs from the /sbin/init.d/net script. But as the document mentions, there was/is a bug in ndd which only let it read 10 tunables. So if you have more then that, you need to create a solution like the one mentioned in the document, doing it like other scripts.
Every problem has at least one solution. Only some solutions are harder to find.
0 Kudos
Reply
jmb
Regular Advisor

‎02-23-2004 03:20 AM

‎02-23-2004 03:20 AM

Re: ndd uncertainty

Michael, I was able to get to that link you posted above, though not directly. However, it has not been updated, and is exactly the same 3 1/2 year old document I already have.

I did find what appears to be an update embedded within an overall system document at another location. I have not yet had a chance to review that.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.