firewall and nis

Dear members:

I am operating a small cluster and recently installed leap 15.0 on the server (previously 42.2). The firewall did not allow the NIS info to be communicated to the clients (still on 42.2). Setting the connection of the server to the clients (second network card) to internal zone and manually opening all channels for ypserv got the NIS to work, finally. I wonder whether there is a more elegant solution than this manual work-around?

Herbert.

By default NIS is using dynamic port allocation via portmapper. You will need to tell ypserv/ypbind to use fixed port (-p option) and allow this port in firewalld rules. Firewalld does not support dynamic rpc ports.

Well, I was able to assign a static port but NIS stopped after a while. I assume there are additional services (yppasswd,…?) that require a static port?

Thanks for the advice. Indeed, I was able to assign a static port but NIS stopped after a while. I assume there are additional services (yppasswd,…?) that require a static port?