Technical data

ManualsBrandsCompaq ManualsComputer equipmentCompaq TCP/IP Services for OpenVMS

211

212

213

214

215

216

217

218

219

220

Conﬁguring BOOTP

9.2 BOOTP Planning and Preconﬁguration Tasks

If you conﬁgure multiple servers, each server competes to provide the

requested conﬁguration information. For efﬁcient use of each server, partition

the database with a subset of the overall client population designated to each

server.

• Separate directory for each client

To avoid writing over the same ﬁle name with conﬁguration information

from multiple clients, create a separate subdirectory for each client in the

TCPIP$TFTP_ROOT directory tree.

Some BOOTP clients, such as routers and terminal servers, can store

conﬁguration options on the BOOTP server host. In a network with two or

more of these clients, the clients can use the same ﬁle name to store the

conﬁguration information with TFTP.

• Security needs

Identify your system’s security needs (see Section 9.2.3).

9.2.3 BOOTP Security

For security purposes, the server runs as an unprivileged image that can access

only the directories and ﬁles for which it has read access.

Compaq recommends that you safeguard your system’s normal ﬁle protection

mechanisms from unauthorized access. In particular, ensure the security of

system ﬁles.

The BOOTP server runs as the nonprivileged OpenVMS user account

TCPIP$BOOTP. When you set up BOOTP, follow these security procedures:

• Ensure that neither server has automatic access to any ﬁles.

To make ﬁles accessible to the BOOTP server, grant appropriate access to

its account. Use the normal OpenVMS ﬁle protection procedures. Enter the

DCL command DIRECTORY/SECURITY to display the current ﬁle protection

settings on a directory.

• Prevent unauthorized access to sensitive system or user data. Before you

enable BOOTP, ensure that you have set up all the necessary ﬁle protections.

• Give the TCPIP$BOOTP user account read access to the ﬁles in the

TCPIP$TFTP_ROOT: directory tree that might be used for downloading.

• Some clients ﬁrst send a BOOTP request for the name of the ﬁle that they

need downloaded. On receipt, BOOTP opens the ﬁle for read access and

retrieves its size. BOOTP needs access to conﬁrm that the ﬁle exists and to

provide the size of the ﬁle to the client in the BOOTP response.

Ensure that BOOTP has access to this ﬁle.

9.3 Conﬁguring the BOOTP Service

To set up the BOOTP server software, run TCPIP$CONFIG (see the Compaq

TCP/IP Services for OpenVMS Installation and Conﬁguration manual).

The procedure creates:

• BOOTP user account

• Service records in the services database

• Default directories

Conﬁguring BOOTP 9–3