Problem understood -- Re: NAT + different subnets + NT domain = ???

Evgeny Roubinchtein eroubinc at u.washington.edu
Wed Sep 29 06:09:08 GMT 1999 

I think I know what the problem is now.  The NT client sends a bunch of
UDP packets to the PDC.  When the PDC sends a reply back, it apparently
resolves the NetBIOS name to the IP address of the NT client.  In my case,
it does so through a WINS database.  Unfortunately, the WINS database has
the bogus, "behind-the-NAT-box" addresses of the NT clients in it, so the
PDC's response gets sent to, for example 192.168.1.3, which of course is
unroutable, so it just gets dropped.  I ran tcpdump on the PDC's subnet,
and actually saw some packets with those bogus destinations, so the only
part I am inferring is the NetBIOS name to IP address resolution.  I am
not sure what the solution to this would be.  I would like to thank
everyone for their suggestions and tips.

"
I really hate this damned machine
I wish that they would sell it.
It never does quite what I want
But only what I tell it.
"

On Tue, 28 Sep 1999, Evgeny Roubinchtein wrote:

>I appologize since this is not strictly samba-related, but I thought
>some kind soul might be able to help.
>
>I have a configuration that looks like this:
>
>
>  NT clients \      .xx        	        .yyy / WINS server
>      	      }--NAT---"Ethernet cloud"-----{--misc. clients
>  Samba ---- /                               \ PDC
>
>I pointed the NT clients to the left of the NAT box (in the picture) to
>the WINS server, I also told Samba to act as a WINS proxy(shouldn't really
>be needed, but still) . Now none of the NT clients are able to log in to
>the PDC, I get "domain controller not found."  Once I log in to the NT
>clients locally, I can see the PDC in the "Network Neighborhood": I can
>browse its shares, etc.  I can also use "smbclient" on the Samba box to
>talk to the PDC on the other side of the NAT just fine.  I am a bit
>stumped for what to do next. Why can the NT clients see the PDC in the
>"network neighborhood", but not log in to it?  I tried running tcpdump on
>my NAT box, and I can see some UDP packets on netbios-dgm port being sent
>out to my NT PDC and BDC (so the WINS resolution appears to work,
>otherwise how would it find the IP address of the PDC and the BDC?)  but
>the only UDP packets I see coming in from the NT BDC are occasional
>packets on netbios-ns port.
>
>Does someone have ideas/suggestions on how I would troubleshoot this
>further?  The biggest suspition I have right now is routers might be doing
>something funny with the UDP packets.  Is that likely? (After all, I can
>talk to the PDC OK from my Samba box, and browse its shares from NT
>clients).  
>
>
>
>--
>Evgeny Roubinchtein, eroubinc at u.washington.edu
>...................
>RDLI: Rotate Disk Left Immediate
>
>

--
Evgeny Roubinchtein, eroubinc at u.washington.edu
...................
SPAT: Show Passwords on All Terminals

More information about the samba mailing list