[Samba] Cannot Sync Browser Lists

dxd at dariux.net dxd at dariux.net
Mon Jul 8 13:54:23 GMT 2002 

I run an IPsec/Freeswan VPN to connect 4 disparet windows LANS.
I managed to RTFM until cross-subnet browsing worked (samba 2.0). 
Having upgraded to 2.2.3 It would seem that this feature is not working.

BACKGROUND:

originally all sources of information led me to understand that I would
need a box running samba behind the firewall/IPsec box as I could not
even ping a remote internal IP from the firewall. I then built a few
cheap x86 boxes to simply collate share information then remote browse
sync to the DMB in the main office. 

It worked!
Network neighborhood was never happier.

Since then my knowledge of iptables has increased and I now invoke 
`/sbin/iptables -t nat -A POSTROUTING -o ipsec0 -s $EXTERNALIP 
-j SNAT --to $INTERNALIP` 
This allows me to connect to services on remote internal networks from
an IPsec Gateway. 

AHA I thought. I can eliminate  those
unsightly pentium samba boxes and place the share collation on the
reliable (and underworked) firewall/IPsec Gateways now that I could
actually ping the DMB from any given IPsec GW.

If I can ping the DMB from another samba server I should be able to perform 
a remote browse sync without error.


CURRENT:

Since the only samba availible to the IPsec
gateway boxes was 2.2.3 I had to use it ( debian woody). I figured that
it would not cause any problems. 
It would appear that something is foiling my attempts for  the elegant
one box solution.

Unexplanibly the only box that correctly performs the remote browse sync
is one stray pentium running samba 2.0 (debian potato) which is on the
inside of the firewall. Perhaps because it always worked... hmm? I wonder.

The other two samba boxes luckily produce errors.. 
/var/log/samba/log.nmbd from \\SAMBA-KC  		IP 192.168.4.1:

[2002/07/08 15:58:28, 0] nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(359) find_domain_master_name_query_fail: Unable to find the Domain Master Browser name WORKGROUP<1b> for the workgroup WORKGROUP. Unable to sync browse lists in this workgroup.

/var/log/samba/log.nmbd from \\SAMBA-HYDEPARK 	IP 192.168.3.1:

[2002/07/08 07:42:24, 0] nmbd/nmbd_incomingdgrams.c:process_master_browser_announce(396) process_master_browser_announce: Not configured as domain master - ignoring master announce.
[2002/07/08 07:44:07, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(263)domain_master_node_status_fail:
  Doing a node status request to the domain master browser
  for workgroup WORKGROUP at IP 192.168.100.4 failed.
  Cannot sync browser lists.


The core of my smb.conf is basically the same on the 3 non-DMBs:

wins server = 192.168.100.4 ; this is the  IP of the DMB

os level = 65
domain master = no
localmaster = yes
preferred master = yes
remote browse sync = 192.168.100.4 192.168.3.1 192.168.4.1


On the the DMB \\SAMBA-UNION:

os level = 65
        preferred master = True
        domain master = True
        dns proxy = No
        wins support = Yes
        remote announce = 192.168.1.2 192.168.3.1 192.168.4.1
        remote browse sync = 192.168.1.2 192.168.3.1 192.168.4.1 


If anyone can suggest any pointers I would greatly appreciate it.
I /dont/ want to return to the former config. the physical distance between makes physical maintainace a logistical PITA
I will place conf's and logs on a website upon request

I am not on the list.
please cc: 	dxd at phmeco.com
or			dxd at dariux.net

later
-dxd

More information about the samba mailing list