MSRPC R_WinsGetBrowserNames, NBNS, samba features/bugs?

[Aleksandr Koltsoff]

First of all I'd like to apologize for the length of this mail. I could have
split it into multiple questions, but since all of them are related I felt
it would be better this way.

I'm in the process of writing a NBNS daemon for Linux. This comes after I've
failed to get the wins code in samba to work for me. Related to this are the
following questions:

1) Samba does not seem to implement the MSRPC R_WinsGetBrowserNames request
(at least fast grepping trough the source did not reveal this to me). It
seems that implementing that in the WINS code is what is needed to get cross
subnet multidomain browsing working. I posted a question related to this
problem some months ago but then I assumed (like most) that cross subnet
browsing just magically works. Since then (and since I've been looking at
NBNS packets on the wire quite extensively), I also found a MS KB article
188001 which says also this (quoting):

"The PDC has is also responsible for connecting to its primary Windows
Internet Name Service (WINS) server every 12 minutes to obtain a list of all
the DomainName type <1b> entries that are registered by the PDCs throughout
the enterprise. This is done by issuing an MSRPC R_WinsGetBrowserNames
request."

This was my problem exactly. I have multiple domains, and the PDCs and
domain members are isolated on their own subnets. Since the domains are
limited within a subnet, none of the other subnets' LMBs (local master
browser) have any reasons to contact those domains' DMBs (PDCs).

Please correct me if I'm wrong, but if not that RPC call, how do the DMBs
learn about other domains/workgroups (apart of their own)? Normally group
names of DOMAIN<1b> are used by the LMBs to locate that groups/domains DMB.
It seems to me that LMBs have no reason to even ask for the other
OTHERDOMAIN<1B> and indeed, there is no way (at least I found no reference)
to query the wins server for a list of <1B> names.

Also I've read the browsing.txt quite a few times (over past months) and it
only documents the cases where a domain spans subnets. In that case the
previous paragraph is enough. In my case, it is not enough and it seems that
after googling around the net also listed some universities which just
bluntly say that "you have learned to expect browsing to work. It doesn't
anymore, use direct names" and it seems they truly believe that this kind of
browsing wouldn't work. It won't work with samba WINS (again, please correct
me if I'm wrong).

Is there any quick way to fix this or should I just use MS WINS server
instead? I've been hoping to not go that way but it sure seems inevitable
now.

2) related to the above mess, I have a question:
how many LMBs are there in a subnet with multiple domains (say three) and do
they
interact at all between themselves or does each LMB only exist in it's
workgroup/domain (which would seem logical in some perverse way)?

3) looking at the NBNS packets it looks like a samba host will always be
M-node.
This is also evident by the name resolution sequence (as seen on wire). The
parameter for controlling the resolution order (wins/bcast) doesn't seem to
affect
this at all. Also there doesn't seem a way to force samba into working as
H-node or P-node.

Is this normal behaviour or a samba misfeature?
While testing, I've been using 2.2.3-6 (latest debian version in testing).

4) when running multihost samba (host with multiple interfaces) some funny
things are seen on wire. and yes I know that multi-interface support in NBNS
is a joke, but just bear with me for a while.
by default samba will bind to all present bcast capable interfaces.
including the loopback. if you have only one physical interface, this will
mean that samba will bind to loopback and that interface, which will make
samba multihost node.
when samba is using wins, it will send MULTI-HOMED REGISTRATION REQUEST
packet to the NBNS for each interface. For some reason it will not do this
for the loopback device (I guess linux doesn't want to route stuff from
lo-net into a real net) which will mean that only one of those packets
actually arrive at the NBNS. That's still ok. NBNS will still query the
samba host for all of it's names and pick the ones that got pre-registered
from there and negative acks the rest (including the lo).
Is there any point in making a host with lo to be multihomed? If there is,
the logic escapes me.

5) with respect to browsing.txt:
somewhere in the doc it mentions that you should not set samba to be the DMB
for a workgroup that has the same name as an NT Domain.
I'm not quite clear how this is even possible unless bcast resolution within
one subnet is used an samba will win the elections for the domain PDC. is
this what the document really means?

6) once these issues are solved, I volunteer to overhaul the browsing.txt
unless there are other plans with respect of that. in places it's not as
clear as it should it and also there are too many "should/should not's"
scattered troughough the document without telling why not. I could also
include a mention about the WINS/multi subnet/multi PDC problem.


postscript)
Don't understand me wrong, I love samba, I use samba all the day, but I just
thought that having just a WINS daemon which would not participate in the
browsing at all (except it seems it still needs the RPC) would have been
nicer for all kinds of router projects with small memory footprint
requirements. And besides that, I failed to get samba wins working :-). I
also debugged a lot of the wins code in samba but failing to understand all
the intricacies involved in a real network, didn't find any problems there.
BTW the code is nice :-) whoever enforces the style, kudos for them. it was
clear (for once).

please cc-reply, I'm on multiple lists as it is.

Aleksandr Koltsoff
net/secadmin