[Samba] Internet goes down. Samba dies

[Buchan Milne]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Remember, I am talking about reverse name lookups, meaning where samba
has the IP address, but is looking up the name (as opposed to forward
lookups which find an IP address for a given name).

I haven't tried to setup reverse lookups with hosts files (I don't know
if it would work, and I have no way of testing it, since we have working
dynamic dns).

So, either
a)Set up DNS. There are other advantages to this (for example, ssh might
give you a login prompt faster). Using dynamic DNS, ie DHCP which
updates DNS records, (although a bit of trouble) will make your life easier.
b)Don't use hosts allow or hosts deny
c)Find some other way of ensuring samba can do reverse lookups. Maybe
nss_wins can do this, but that doesn't help you on the machine that is
the WINS server.

I stumped my head against this one about 6 months ago (with a client's
network), and  I chose to setup a firewall, and not use hosts
allow/hosts deny. I have since setup dynamic dns, which solved this the
other way.

Buchan

| Message: 17
| From: "Mike Maki" <mmaki at adelphia.net>
| To: <samba at lists.samba.org>
| Subject: Re: [Samba] Internet goes down.  Samba dies
| Date: Wed, 24 Apr 2002 09:34:18 -0700
|
| I have the same problem and I only use IP addresses in my Host Allow/Deny.
| Strange thing is when Internet access is lost one samba server is still
| reachable the other is not. I have not been able to find the difference
| between the two. Both have almost identical global configs (Hosts
| Allow/Deny). Luckily our connectivity is quite reliable. Hope to hear some
| other possible solutions.
|
| Thanks!
|
|> Date: Wed, 24 Apr 2002 07:40:28 -0500
|> From: "John Schmerold" <john at katy.com>
|> Subject: Re: [Samba] Internet goes down.  Samba dies
|> To: samba at lists.samba.org
|>
|> If we specify ip addresses, instead of host names will this remove DNS
|> server requirements?
|>
|> We're running a firewall on this machine, however, I like to keep all
|
| SAMBA
|
|> security in one place.
|>
|> BTW, I know we didn't have this issue with older installs as we've been
|> using this technique for some time, however I believe this is first time
|
| we
|
|> used hostnames & depended on the hosts file.
|>
|>
|> ----- Original Message -----
|> From: "Buchan Milne" <bgmilne at cae.co.za>
|> To: "John Schmerold" <john at katy.com>
|> Cc: <samba at lists.samba.org>
|> Sent: Wednesday, April 24, 2002 3:19 AM
|> Subject: Re: [Samba] Internet goes down. Samba dies
|>
|>
|
|> > -----BEGIN PGP SIGNED MESSAGE-----
|> > Hash: SHA1
|> >
|> > If you are going to use "hosts allow" or "hosts deny", reverse DNS
|> > lookups must work on the server for any client connecting. You may want
|> > to run a caching and local DNS server.
|> >
|> > Otherwise, you might prefer to not use hosts allow and hosts deny, but
|> > set up a firewall instead.
|> >
|> > Regards,
|> > Buchan
|> >
|
|
|
|
|


- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE8x8MerJK6UGDSBKcRAojzAJ0REoxB7YrhM/V8+zcVDhuWxFS52ACdFX3h
aciZ5hak11EKVE0MIbSqKOw=
=CpB6
-----END PGP SIGNATURE-----