multiple domain contr. not allowed?
Luke Kenneth Casson Leighton
lkcl at cb1.com
Fri Aug 8 17:42:38 GMT 1997
On Sat, 9 Aug 1997, Charles Owens wrote:
> On Thu, 7 Aug 1997, Luke Kenneth Casson Leighton wrote:
> > On Thu, 7 Aug 1997, Charles Owens wrote:
> > > > > Using samba 1.9.17alpha5 on all servers, I'd like to configure one of my
> > > > > servers to be a failover domain controller in case my usual domain
> > > > > controller dies.
> > > >
> > > > cool. someone that wants to use this feature! you thinking of using
> > > > automount volumes, too, so that it _really_ doesn't matter which machine
> > > > you use - they both appear to be the same?
> Along related lines, what would be the best technique for me to use if I'm
> trying to achieve netbios share load sharing and failover?
look at rfc1002.txt. read the bits about "NetBIOS session setup" and
retargetting - section 4.3.5:
4.3.5. SESSION RETARGET RESPONSE PACKET
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
| TYPE | FLAGS | LENGTH |
| RETARGET_IP_ADDRESS |
| PORT |
code this up. have one samba server that is capable of retargetting to
other samba servers. in those other samba servers, have an "include =
smb.conf.%l", where the smb.conf.retargetted_samba_server file is
identical to that of the main samba server.
this is one possible solution.
> I'd been
> hoping to do it at the DNS level (using a load balancing DNS server), but
> for this to work the nmbd WINS database would have to store a DNS name to
> Netbios name mapping; thus the DNS name would be resolved to IP
> address everytime a client did a WINS name resolution request of the
> netbios server name. Currently, the WINS database can only store the
> fully resolved IP address to netbios name mapping, right?
> So, I see two choices:
> 1. change nmbd somehow to allow for the special case of storing
> a DNS to netbios name mapping as discussed above
> (maybe with a new lmhosts file flag?)
don't understand. sounds horrible, though.
> 2. somehow implement this at the netbios name level... so
> nmbd would track multiple IP addresses for the
> same netbios name... doing round-robin resolution
> much like BIND will do.
i like this one better, but that's because i'm more familiar with nmbd...
> I suspect that choice #1 would require much less intrusive changes to
actually, given than nmbd caches the dns lookup that it does (for about
two hours), option #2 is required to implement option #1.
> plus, it allows the complexity to be handled at the DNS level,
> which is appealing, IMHO.
> Thoughts? Other ways of pulling this off?
> Do you think its likely that
> such functionality will be added into nmbd any time soon?
absolutely... clueless. i'm currently trying to get the samba-2 tree
back on-line with the current code revision of samba-1.
i'd suggest waiting until the samba-2 tree goes live, because it can
handle multi-homed netbios names, and internet group netbios names.
extending the data structures to include some sort of round-robin system
wouldn't exactly be a great drag. which it would on samba-1.
> > > Thoughts?
> > - can you make do with turning your configuration into 'peers'?
> Yes, except that my current implementation was going to use a personal
> workstation as the peer/backup server. It would be nice to have a way to
> cause the main server to be preferred... though I can always manually
> restart nmbd on the backup server to force it to lose the PDC role.
> > - how about a nmbregister program, similar to nmblookup, that does
> > name_register() and name_release()? a name_release() being sent to the
> > client will clear the way for A to reclaim the name.
> Hmmm... these would be very nice tools to have at times... it's a pain to
> have to kill and restart nmbd to get it to reload the lmhosts file.
oh. yeh. must get nmbd to implement kill -HUP properly. something that
ought to have been done two years ago. never mind.
> > except that you will need to kick A _quick_ to get it to reclaim.
> Yeah... I see that this could be a bit tricky. So if B is PDC and I tell
> it to cease and desist (using the nmbregister tool?) how quickly would A,
> on its own, tend to notice the absence of a PDC?
5 min cycle. or whatever you decide to modify the #define in nameserv.h to.
> Would a client trying to
> locate a PDC prompt A to try to assume that role, or would A only try to
> become PDC after some timeout had expired? If the latter then clients
> would potentially not be able to locate a PDC for some time period...
correct. they will not. they will (maybe) look for a BDC (domain<1c>)
which should suffice. maybe. this all needs to be looked at.
> > p.s - those script (perl hacks). you interested in them being in the
> > samba distribution?
> Yeah... at some point... It'll be a bit before I have time to pull it
> together though.
More information about the samba