[Samba] Re: Recovery from Domain/WINS Outage - Didn't work well

Christopher R. Hertel crh at ubiqx.mn.org
Mon Feb 24 18:00:57 GMT 2003


"Hall, Ken (ECSS)" wrote:
> 
> We're using Samba 2.2.5 and 2.2.7 in SECURITY=DOMAIN mode.
> 
> This morning we lost contact with our PDC, and for about 2 hours, users
> were unable to logon.  After chasing this down, we determined that we
> were also unable to contact the WINS server defined in smb.conf.  Our
> backup WINS server was available, but it seems Samba only supports one
> WINS server in smb.conf, so this didn't help much.  After manually
> switching to the other WINS server, we were able to connect.

WINS failover has been implemented.  It may, however, only be available in
the 3.0 beta.  I am not sure.  I wrote the original implementation but
Tridge came up with a (much) better way to handle this.

> We're still new with this, and so far Samba isn't looking too reliable to
> our management.  This is the second time a WINS-related problem has
> knocked us down while the Windows servers remained available.

Was the missing WINS server a Samba server or a Windows box?  In all
seriousness, we did not bother implementing WINS failover because the
Samba-based WINS servers generally didn't go down.  The decision to add it
came from pressure from people who used Samba in a primarily Windows
environment.

> I'm assuming we're still only allowed to specify a single WINS server.
> Does anyone have any idea if this will be fixed anytime soon?

You might try putting in two IP addresses separated by a colon.  The first
will be the primary and the second the secondary WINS server.  The code that
makes this work is in 2.2.7 *but it was not completed* so it was left
undocumented.  It is a beta feature in 2.2.x.

> Should Samba have recovered from the DC outage?  It appears that after
> losing contact with the DC, it went back to WINS, and tried to get a new
> list.  Does it only try the first DC on the list, or does it work down
> till it finds a good one?  Am I correct in assuming that being unable to
> connect to the WINS server would prevent this from happening?

When a client sends a query for a <1C> name the Windows WINS server responds
by sending a list of IPs.  This is correct per the RFCs, but unusual for
WINS (Microsoft's original implementation was kludged such that it replies
to group name queries by sending only the limited broadcast address:
255.255.255.255).  Anyway, the first entry in the list of <1C> names is the
PDC.  All others are BDCs.

> Thanks in advance for any info you can provide.

Hope that's somewhat useful.

Chris -)-----

-- 
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org


More information about the samba mailing list