someone told me that this piece of network hardware (netapp NAS) has a security setting such that it can only be accessed by hostname, not by IP address. I don't understand, as I thought DNS resolved the hostname to an address on the connecting client's side, then at protocol level always used the raw address, so how can this 'security' measure be possible?
"the NAS won't allow for access by IP, i.e. \\x.y.z.w\SHARE. Instead, you have to use \\hostname\SHARE after creating the DNS entry.
edit: it appears to be a CIFS thing: you can access the nas from linux via NFS by address, but not on windows via CIFS.
-
It's likely that he meant the Web interface (that's provided by a web server running on the NAS itself) has a virtual host configured on it that requires you to send along the host header with your request; if you're trying to go to http://12.34.56.78, it doesn't know what website to bring up.
Dustin Getz : that is reasonable, but not the context my peer means, see editsgravyface : Perhaps someone else can chime in here with more NFS experience, but when you setup your "shares" in NFS (in /etc/export), you can use IPs or DNS hostnames, however, I'm not sure if they're mutually exclusive from the client-side when connecting: http://nfs.sourceforge.net/nfs-howto/ar01s03.html Have you actually confirmed that it doesn't work or are you just taking his word for it?Dustin Getz : i confirmed it.From gravyface -
What's the device in question? There may be an option where it filters out like you describe, but it's not part of the SMB or CIFS protocols (assuming that you're talking about these protocols). That would be a device specific option. I've never seen that, though, and question the usefulness of such an option.
From squillman
0 comments:
Post a Comment