[Samba] Samba browsing and NAT

Gilbert C Healton ghealton at hiway1.exit109.com
Mon Mar 11 21:39:02 GMT 2002 

BACKGROUND
---------------------
I have a system running Red Hat 7.1 (2.4 kernel) that I've set up on a
local subnet to server as a router to the outside world, including the
Internet. IP forwarding and NAT work just fine on the TCP/IP level.

                      	      Outside World 
 			   [10.11.0.0 network]
			       10.11.0.1
				   |
				   |---- 10.11.0.2  Win2K   MYGROUP
				   |
				   |---- 10.11.0.95 Win95   MYGROUP
				   |
				   |---- 10.11.0.98 Win98   MYGROUP	
				   |             \
				   |              \__ SHARED PRINTER
				   |eth1
                       	       10.11.0.40
			     LinuxRouter
			   MASQUARADE (NAT)
			     (kernel 2.4)
				   |eth0
                 	           |
		    192.168.0.98 ------- 192.168.0.95
		    AnotherWin98	   AnotherWin95
 		        MYGROUP             MYGROUP

   No system is currently configured to run WINS services.

GOAL
--------
Have the windows systems on the 192.168.0.0 subnet (no W2K systems) 
be able to browse each other AND the machines on the same MYGROUP workgroup 
name on the other side of the net for Network Neighborhood. In particular 
access the 10.11.0.98 shared printer. It would be nice if the machines on 
the 10.11.0.0 network could browse the 192.168.0.98 machines.

NOTE: this is a small network and nobody on the 10.11.0.0 network runs
WINS. 

NOTE: what I've shown as 10.11.0.0 is really a subnet with public IP
addresses. We want to move as many machines as possible from the 
public addresses the 192.168.0 network.

The immediate goal is to get browsing and printer access working. 
After that there will be breathing room to play with other 
configurations.

QUESTIONS
----------
   o Do I need to increase the os level to a larger value?  20?
   o Would the 10.11.0.40 Linux host use accept NetBIOS commands from
     both eth0 and eth1?

INFORMATION
-----------
Here is the latest smb.conf file (that doesn't work). Right now I can
not even have 192.168 clients login into the windows 10.11 network.

[global]
        workgroup = MYGROUP
        netbios name = MYNETBIOS
        server string = %h samba
        security = SERVER
        ssl CA certFile = /usr/share/ssl/certs/ca-bundle.crt
        log file = /var/log/samba/%m.log
        max log size = 0
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        os level = 0
        local master = No
        dns proxy = No
        guest account = guest
        hosts allow = 10.11.0.0/255.255.255.128, 192.168.0.0/255.255.255.128  (yes, 128)
        printing = lprng


----------------------------------------------------------------------
ghealton at exit109.com   http://www.exit109.com/~ghealton/
----------------------------------------------------------------------

More information about the samba mailing list