[Samba] Multi-homed Samba PDC problem

M. D. Parker mike.parker at ga.com
Wed Apr 7 18:47:40 GMT 2004


I've been kinda wondering that myself....if samba things that the "primary"
interface it should use is the private network for its operations.  There
does not seem to be a way to force this from what I can find in the smb.conf
file.  I'll be trying your suggestion to change the order of the interfaces
in the interfaces line....the one that definetly does not work is:

	interfaces = eth3 lo eth0

		where eth3 is the public side
			eth0 is the private side

I'm kinda wondering if samba just sorts the interfaces and uses the first
one in the sort order.

Mike

-----Original Message-----
From: Clint Sharp [mailto:clint at typhoon.org]
Sent: Wednesday, April 07, 2004 11:16 AM
To: M. D. Parker
Cc: aseidel at aseidel.com; samba at lists.samba.org
Subject: RE: [Samba] Multi-homed Samba PDC problem


On Wed, 2004-04-07 at 10:41, M. D. Parker wrote:
> The samba PDC is the only PDC for the given domain.
>
> Maybe a picture:
>
> 	system A <----private network----> system B <-----> ... system N
> 		|	(possibly other system)	|				|
> 		|					|				|
> 		|					|				|
> 		|					|				|
> 		|		public network	|				|
> 		V					V				V
>
> 			WINS server on public network
>
> Both system A and system B are in the same domain.  Only A is the Samba
PDC.
>
> so question is when I do not mention the private interface in the
interfaces
> statement things work OK.
>
> However, when I activate the private interface on the PDC, it times out
> requests
> to the WINS server, does not apparently become the domain master browser
> because
> of this.  However access seems to work just fine otherwise from what I can
> see.
>
> Why does adding the private network to the samba configuration cause this
> type of problem?
>
> Mike
>
> -----Original Message-----
> From: samba-bounces+parkerm=ga.com at lists.samba.org
> [mailto:samba-bounces+parkerm=ga.com at lists.samba.org]On Behalf Of Arno
> Seidel
> Sent: Wednesday, April 07, 2004 9:48 AM
> To: samba at lists.samba.org
> Subject: AW: [Samba] Multi-homed Samba PDC problem
>
>
> Hi Mike,
>
> hope i understand everything right,
>
> > Question: What type of problem is this?  and how serious?
> It is a windows network problem and or a collision between two PDC´s.
>
>
> > Question: Ok, how do I correct it?
> There are some possible solutions for your problem:
>
> a:
>
> If there is allready a PDC (W2K/NT) then change on
> the samba PDC the domain, and create on both sides an
> interdomaintrust relationship
>
> b:
> Change the Samba config, that it is a Domainmember-Server.
>
> >Binding to the public interface only (via
> >bind interfaces, and bind interfaces only) .  The
> >examination of the log for NMBD indicates proper registration
> >of the Samba PDC as a Domain Master Browser as well
> >as Local Master browser on the segment.
> >
> >However, adding the private backend interface to the
> >samba PDC interfaces statement, the NMBD logs are different.
> >Access to the WINS server is indicated as timing out.
> >Further, the PDC is unable to register itself as the
> >Domain Master Browser, but it does register itself as
> >the Local Master Browser.
> >
> >The private network is on eth0 and the public on eth3.
> >
> >The bind interfaces statement states the interfaces
> >in the following order eth3 then eth0.
>
>
>
> with kind regards
>
> Arno Seidel
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

So I take it the public network is not accessible from the private
network?  Most likely this is because WINS requests and advertisements
are being sent out the private interface and cannot reach the public
network.  I also take it that the WINS server on the public network is
not on the same subnet as your public interface?  The only way Samba
could possible know which interface to send the queries out would be to
send out requests for IPs on a subnet which is it bound to out that
interface, but anything to an IP that is routed instead of on the same
subnet is truly just guess work based on Samba's part (it doesn't know).

Have you tried playing with the order of the interfaces in the
interfaces statement?  I can find no supporting documentation to support
that it chooses which interface to send WINS requests out based on any
configuration parameter, but it has to choose it somehow.  The only
other option I could see would be to setup a Router to NAT you before
you get to the public network so this machine lives entirely on the
private network.

Clint



More information about the samba mailing list