Strategy for mapping the neighborhood

Christopher R. Hertel crh at
Thu Oct 30 04:02:20 GMT 2003

David Wuertele wrote:
> CH> I assume that also means you are looking for nodes in all Scope
> CH> IDs.
> Right.  So the problem includes the task of enumerating all ScopeIDs
> in use on the subnet.  If I can discover a WINS server, and if I can
> prompt it to replicate its table to me, I would have the ScopeIDs.
> I'm not sure how to do that.

If you have a Samba NBNS, then you can just look at the WINS.DAT file.

As JF mentioned in an earlier message, there are some RPC calls that work
against Windows' WINS, but no one has bothered to reverse them.

> CH> Note that many implementations will not respond to Node Status
> CH> (NBSTAT) queries if the query does not contain the same Scope ID.
> D'oh!
> I guess one thing I could do is trial-and-error access using various
> munges of the local DNS domain name (I might get this from DHCP).

Again, a ScopeID defines an NBT vLAN.  In essence, if you have a different
Scope ID then you have a separate NBT vLAN.

> Hmm.... So if a host is only offering SMB over naked TCP, does that
> mean it is not advertising its services?

The SMB protocol remains the same, but *everything* else is replaced with
something new.  Service advertising becomes an Active Directory thingy, and
you have to do LDAP queries to get the equivalent of the Browse List.

> Yes, shares are what I'm really looking for, but I've discovered that
> some shares visible by MS clients are not in the LMB's browse list.

Shares themselves are not in the Browse List.  Only servers.  Not sure what
you mean here.

> So I'm assuming that I have to enumerate the nodes, then ask each one
> for its list of shares.


Oh... but you know about the "browsable = no" smb.conf setting?

If you set that on a share, then it won't appear in the share list.
Another problem is that shares with names longer than 12 bytes are not
returned by the normal RAP function call (as used by smbclient).  You need
to make an MS-RPC call to get shares with names longer than 12 characters. 
I just tested smbclient as shipped with Samba 3.0 and we still use the older
RAP call, which means that long share names don't show up.  (Dunno what
libsmbclient offers.)

> CH> You can find your local LMB (within the same ScopeID scope) by
> CH> doing a broadcast query for workgroup<1D>.  You can find the DMB
> CH> by querying the WINS server for workgroup<1B>.  If the NBNS is a
> CH> Samba server, you can also query for *<1B> and get a list of known
> CH> DMBs.
> Why would I want to find DMBs if I could already find LMBs?

Because you may not have an LMB for every workgroup on your local subnet. 
Also, the DMBs do double duty, and become the LMB for their own subnet. 
Finally, the DMB usually has the most up-to-date information for workgroup
members outside of your subnet.

> If there
> were a DMB on my subnet, it would also be an LMB, so I would find it
> with a broadcast query for workgroup<1D>. 

True, but you would not know it was the DMB unless you also do a <1B> query.

> If there were a DMB for
> workgroup on a different subnet but no LMB for that workgroup on my
> subnet, I think that workgroup must be outside my union of scopes
> participating on my subnet, right? 

In theory, yes.  In practice, you might have a member of that workgroup on
your local subnet, but that member might not participate in elections (and
so would become the LMB).

> Oh s**t, there's the P nodes.


> I guess if there is a P node talking to a remote DMB, and there are no
> M/B/H nodes on this subnet, that means I need to talk to that remote
> DMB to browse the scope of the P node... I think I got it.

Ain't this the most amazing system since the Slinky fell into the Wankel
Rotary Engine at the lolipop factory?

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team --     -)-----   Christopher R. Hertel
jCIFS Team --   -)-----   ubiqx development, uninq.
ubiqx Team --     -)-----   crh at
OnLineBook --    -)-----   crh at

More information about the samba-technical mailing list