[Samba] Samba as PDC across multiple physical sites

Chris chris at travelconnection.com
Mon Jun 30 18:58:07 GMT 2003 

Some suggestions/comments (perhaps not an answer)......

I've got two of the items you discuss in production (nothing on the user
authentication end). It works great, though I did run into some remedial
printing and QOS issues while testing. I'm not terribly familiar with
how Samba sync's it's information between multiple servers, so that one
might require some Google'ing. 

Depending on your VPN setup(We USE FreeS/WAN) it would be advantages to
use GRE or L2TP over IPSEC (or something similar) to carry non-ip
traffic (namely broadcast/etc). Though this isn't a necessity, you can
do away with having to sync your WINS(or have a wins server altogether)
databases between sites and the like. The machines can now *discover*
each other across locations. If your using FreeS/WAN you can get some
documentation on GRE over IPSEC at
http://lists.freeswan.org/pipermail/users/2002-October/015304.html. 

On the QOS front make sure you prioritize your IPSEC traffic, and,
depending on your setup, allocate a good chunk of BW as needed. Again,
if your using Linux-FreeS/WAN I find HTB to work great for a quick and
dirty setup. Since FreeS/WAN creates a virtual Ethernet dev. for the
IPSEC connection, you can attach Queues directly to the virtual
interface and get a little more specific about what type of traffic you
prioritize/limit/etc. I've setup a queue that limits/prioritizes ALL
IPSEC BW to (n) leaving my external interface (encrypted traffic) and
subsequently attach a number of queues directly to the IPSEC interface
to get more specific about which types of traffic get what. 

This probably wasn't exactly what you were looking for.... Nonetheless I
hope it helps with at least part of the puzzle.

Best Regards,
Chris


-----Original Message-----
From: samba-bounces+chris=travelconnection.com at lists.samba.org
[mailto:samba-bounces+chris=travelconnection.com at lists.samba.org] On
Behalf Of Sorisio, Chris
Sent: Monday, June 30, 2003 11:05 AM
To: samba at lists.samba.org
Subject: [Samba] Samba as PDC across multiple physical sites

Does anyone have Samba set up to provide file, print, and authentication
services across multiple physical sites?  We're thinking of setting up a
DSL-based VPN with Samba servers at each location, but we'd want to keep
the
user accounts and data synchronized between sites.

Thanks,

Chris
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list