Super NIS weirdness

So I'm working on The Thing today, and it's decided that the automount daemon needs to be set up on The Inside Things. (The Inside Things are in a separate network, with The Outside Thing acting as a gateway between them and the rest of our internal network. And so everyone knows, The Thing is running FreeBSD.) It's not going to be left like this when The Thing is deployed, but it's handy for right now.

Only The Inside Things are on a separate network -- 10.0.0/24, as opposed to 192.168.0/24 for the rest of our network -- so ypbind isn't working. I'm not too familiar with NIS/NFS, so this is taking me a while to figure out.

Eventually I decide that I need to enable NIS for amd to work, and to do NIS I need to bind to the right server. Well, in the man page for ypbind I see the -S option: bind to a particular server. Should work, right?

So I boot The Inside Thing, and do these commands:

domainname thing ypbind ypset -h localhost -d thing 192.168.0.1

At the same time I'm running tcpdump on The Outside Thing to watch what happens, because these commands aren't working. And I see the weirdest thing: packets going to another, completely foreign IP address, port 111: RPC.

I scratch my head, try again: same thing. Reboot The Inside Thing, try again: same thing. The Inside Thing is running nothing more than NFS and SSH, I'm the only one on it, and still it keeps going to this IP.

I look up the IP address and it belongs to the Washington State Department of Transportation. WTF?

Try it on The Outside Thing -- unnecessary, since it's running amd quite happily, but I want to see what happens. Same thing.

I check the source code for ypset on the off chance that Theo de Raadt (he wrote it) put in some kind of trojan to...I don't know, ask for his driveway in Seattle to be plowed. Nothing -- but then, my rule of thumb has always been "If you're looking at source code, you're in over your head." (True for me, and if the source code is written in anything other than Perl or Bash. Still learning.)

I have no idea what the hell was going on. Anyone?

Flash! Just tried it at home on my FreeBSD gateway: same results. Jesus.

Original entry.