[Samba] Samba odd behaviour on double NAT network

[Ben Davis]

I'm using a rather strange config, borne out of neccessity rather than 
choice at home. My internet 'router' is a Win2000 Pro box running 
Winroute, and my three Linux boxen (running 7.2/8.0/9.0 RH) are networked 
thru to the Win box using SNAT on the box I work on (don't ask why - it's 
just pratical, and I can't afford a hub/switch to do this). In any case, 
it's a bit of an experiment to go hand-in-hand with my studies.

Basically it looks like this ('scuse ascii-art)


          INTERNET GATEWAY (ADSL-DHCP)
         /
        /eth0 (213.x.x.x)
        |
winbox1 -- eth1 (192.x.x.1) [SNAT for incoming]
        |
       /
      /eth1 (192.x.x.10) [SNAT for incoming from eth0]
      |
lin1    -- eth0 (192.x.x.20)
      |
lin2    -- eth0 (192.x.x.21)
      |
lin3    -- eth0 (192.x.x.22)

I decided to use the same subnet and simply SNAT the connections from lin2 
and lin3 which works a treat, I can access (outgoing) anything I like from 
all the lin boxes, having cleverly <g> set up the routing tables. I've 
configured Samba to act as filesharing for all the boxes, being as how 
memory is a constraint, and since I've got files spread across the hosts I 
don't want to use NFS in combination with SMB as it adds overheads; I did 
it in the past, using a central Samba server to share NFS mounted volumes, 
and it creates an awful lot of network traffic in the NFS setup, not to 
mention the security problems of opening up NFS ports.

I realise this is an arse-up approach to doing things, ideally I'd install 
another linux box in front of the damn thing, but that's more of a 
network/cost/logistics problem on a home network. I'm using Samba 2.2.x 
and 3.x on the Linux boxes and Win2000, no WINS server, no DNS proxy etc., 
just plain old /etc/hosts, /etc/samba/lmhosts and equiv. on the Windows 
box. I can see everything from the Windows box, and I can connect to 
shares on any of the Linux boxes.... BUT: accessing individual files on 
lin1 which is SNATting (mebbe a prob.) I can't read any files, I can see 
them, but any attempt to copy/read them results in the Win box going 
looking 'out to sea' ie using it's external connection to go fishing for 
the files. I can see this from a dump (a la tcpdump) - although the 
Win2000 box knows where and what the files are, it just hangs sending out 
packets on eth0 to the internet.

I've tried lots of tests, from lin3 to lin2 from lin2 to lin1 and from 
lin1 to winbox1 everything works hunky-dory - except from winbox1 to lin1. 
I hope this isn't a routing problem, because I spent ages setting it up - 
I even tried downgrading from 3.x to 2.x on lin1, as all the other linux 
hosts are running 2.x -- to no avail. I just don't understand that if the 
Winbox can make a connection to the shared volumes on every other Linux 
box and read/write files, why should it have a problem with lin1; apart 
 from the fact that it's SNATting... any ideas?


-- 
<- Ben Davis ->
T: 0044-161-285-1338
e: ben at ghost.merseine.nu / jamin at flashmail.com
@ Manchester, UK