[Samba] multi subnetted network (was: CIDR notation in config file)

Leonardo Boselli leo at dicea.unifi.it
Mon Dec 29 08:12:34 GMT 2003 

I have a slightly different problem, but it is veeery similar:
I have a number of machines with variu\ous OS, some uses real M$ 
client/server, other use samba (in server mode).
These are set in a MS domain .
most machine have a 192.168.a.* address , other a public b.c.d.* 
address , the PDC and BDC have two NIC on both networks.
It works fine.
However i have some [win 2k] clients that are either on b.c.e.* and 
192.169.f.* or worse are behind a natting firewall that convert 
[symmetrically dnat/snat] the private addresses thay have in a "remote" 
rentwork into unique b.c.d.* addresses .
While if i login locally and try to access remote servers i have almost no 
problem (except a very, very, interesting effect, see below) if i stay 
outside one of the "home"network i have the following problems:
(note: the routers are linux server with statical routes and no firewalling 
active, all addresses, either private or public are static) 
  1. I cannot add new windows hosts to the domain, since it say that no
      domain server is found, althought if i plug in one of the home
      networks i can add
  2. Once i have added and move to the "remote" network i cannot use
      the authenthication of user at login, since it say thet PDC is not
      reacheable. However i can, if i login as a local user, access to the
      shares in that host, that ask me domain/username/password [so
     i can corfirm that routing is really working]
   3. From machine behind DNAT/SNAT i cannot even change
     permissions since i cannot get the list of user/group from domain !
 . 4. the final problem, that I mentioned before:
      From machines behind NAT i can access the server but ...
      If the client is XP pro i can access only 
      server with win2k or samba3.0 . No luck with hosts with NT4 sp6
      But if i plug it in the home networks, directly, i can access the NT4
      servers again.. Win2k works ok, instead !

Any idea/ihint/explaination/ ?

  

Il 28 Dec 2003 alle 23:32 Malte Starostik immise in rete
> I wrote:
> > Hi again,
> > one of "my" networks spans several subnets for some reason or the
> > other.
> The whole net is 192.168.0.0/21. I'd really very very much like if I
> > could put it like that into smb.conf
> [...]
> Args, sorry!
> I promise I did try it some time ago. Now I tried again and sure as
> hell it worked already. Why didn't I try before sending the mail?
> Would it have worked then as well? :-)
--
Leonardo Boselli
Nucleo Informatico e Telematico del Dipartimento Ingegneria Civile
Universita` di Firenze , V. S. Marta 3 - I-50139 Firenze
tel +39 0554796431 cell +39 3488605348 fax +39 055495333
http://www.dicea.unifi.it/~leo

More information about the samba mailing list