security = server
Christopher R. Hertel
crh at ubiqx.mn.org
Sat Jun 18 15:59:54 GMT 2005
On Sat, Jun 18, 2005 at 01:09:13PM +1000, Andrew Bartlett wrote:
> I'm not sure how it applies to things like 'rabbit pellet mode', but the
> mechanism is different. I only really know about the auth end of it.
The connection between "rabbit pellet mode" and security=server was based
on empirical observation. I did some work for a company that was having
trouble with this, with W/9x clients in particular.
Note that this was all several years ago, before Samba 3 was even out, so
I don't know if the problem still exists.
The problem was easy to repeat, however. If the W/9x client was talking
to a Samba server in security=server mode, and if the user was working
entirely through the GUI (Windows Explorer), then the writes would all be
very small (1536 bytes in the captures, which I still have) and each would
be followed by a flush operation. It took forever to copy a file to the
The problem went away if the share was mapped from the command line or if
the server was in security=<anything other than server> mode.
Rabbit pellet mode occurs in more than the one situation I've described
above, but it's still rare enough that it hasn't been a top priority.
Samba has had work-arounds for some (but not all) of the symptoms for
quite a while, and it's likely that newer versions of Windows are less
Anyway, at last years CIFS conference Ronnie Sahlberg said that he thought
he had found the answer. His theory is that there are layering violations
in the Windows IP stack. Lower layers report information back to higher
layers which react by changing their behavior. This goes all the way up
to the GUI in some cases.
So... the perceived latency caused by doing pass-through authentication
*could* trigger a higher layer to assume a WAN link, in which case it
*might* decide to call a flush() after every 1.5K write() (not sure
why...), which would cause rabbit-pellet mode.
I do remember an obscure KB article (I think Jeremy found it) that is no
longer available. It talked about the latency on satallite links causing
what we call rabbit pellet mode. That would be in line with Ronnie's
explanation. I wish I'd saved a copy, but it did say something about
using flush to ensure that the file wouldn't get corrupted. Urgh.
At the time, I was also working on a theory based on the idea that Samba
was replying as if it were an NT server, and Windows NT servers don't
really do pass-through mode. The idea was that the 9x client might assume
that latency from another 9x machine was 'normal', which is why using a 9x
server didn't cause rabbit pellet mode, but using Samba did.
Odd stuff, this "Windows"...
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical