[Samba] Very slow wbinfo -u

Erik Holst Trans eht at it-trans.dk
Mon Mar 28 22:05:46 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Again,

I have traced some more on the problem.
It is the failing name resolution via netbios that delay the output from 
wbinfo -u.

I can see from a trace that failing lookup's are on other DC's in the 
domain, which i don't have access to, but they probably don't provide WINS.

How do i avoid winbind to lookup these DC's, i am not going to use theme 
anyway. ?


Regards
//Erik

Erik Holst Trans wrote:

> Hi,
>
> I have set up  Samba-3.0.11 to retrive account information from W2k 
> server via winbind, and it works.
> But is takes about 10 sec. to retrive the information.
>
> I have dumped some traffic from the request, and it looks like this:
>
> A lot of these:
> 21:21:55.133423 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; UNICAST (DF)
> 21:21:55.133842 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
> PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
> 21:21:55.136553 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:21:55.406642 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:21:55.676634 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
>
> And at the end this.
> 21:22:03.358852 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; UNICAST (DF)
> 21:22:03.359260 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
> PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
> 21:22:03.362375 172.20.3.131.1077 > 172.20.3.130.53:  19551+ A? 
> MAIL.ag-electric.ts-gruppen.lokal. (51) (DF)
> 21:22:03.362696 172.20.3.130.53 > 172.20.3.131.1077:  19551 NXDomain* 
> 0/1/0 (133)
> 21:22:03.365096 172.20.3.131.1077 > 172.20.3.130.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.365304 172.20.3.130.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.367225 172.20.3.131.1077 > 172.20.100.2.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.393420 172.20.100.2.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.394424 172.20.3.131.1077 > 172.20.100.3.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.417466 172.20.100.3.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.418430 172.20.3.131.1077 > 172.20.3.130.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.418693 172.20.3.130.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.420718 172.20.3.131.1077 > 172.20.100.2.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.453146 172.20.100.2.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.454160 172.20.3.131.1077 > 172.20.100.3.53:  19552+ A? MAIL. 
> (22) (DF)
> 21:22:03.475636 172.20.100.3.53 > 172.20.3.131.1077:  19552 ServFail 
> 0/0/0 (22)
> 21:22:03.477011 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:03.543035 172.20.3.130.445 > 172.20.3.131.1195: . 
> 896738190:896738191(1) ack 2114075428 win 65353 (DF)
> 21:22:03.543236 172.20.3.131.1195 > 172.20.3.130.445: . ack 1 win 
> 14076 <nop,nop,sack sack 1 {0:1} > (DF)
> 21:22:03.746618 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:04.016733 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:04.288070 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; UNICAST (DF)
> 21:22:04.288503 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
> PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
> 21:22:04.289752 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:04.556624 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:04.826634 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
> PACKET(137): QUERY; REQUEST; BROADCAST (DF)
> 21:22:05.098145 172.20.3.131.1200 > 172.20.3.130.389: S 
> 2238976557:2238976557(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 
> 0> (DF)
> 21:22:05.098373 172.20.3.130.389 > 172.20.3.131.1200: S 
> 925400727:925400727(0) ack 2238976558 win 65535 <mss 1460,nop,wscale 
> 0,nop,nop,sackOK> (DF)
> 21:22:05.098655 172.20.3.131.1200 > 172.20.3.130.389: . ack 1 win 5840 
> (DF)
> 21:22:05.101294 172.20.3.131.1077 > 172.20.3.130.53:  19553+ PTR? 
> 130.3.20.172.in-addr.arpa. (43) (DF)
> 21:22:05.101577 172.20.3.130.53 > 172.20.3.131.1077:  19553* 1/0/0 (97)
> 21:22:05.104163 172.20.3.131.1200 > 172.20.3.130.389: P 1:61(60) ack 1 
> win 5840 (DF)
> 21:22:05.104565 172.20.3.130.389 > 172.20.3.131.1200: P 1:87(86) ack 
> 61 win 65475 (DF)
> 21:22:05.104857 172.20.3.131.1200 > 172.20.3.130.389: . ack 87 win 
> 5840 (DF)
> 21:22:05.107316 172.20.3.131.1200 > 172.20.3.130.389: P 61:68(7) ack 
> 87 win 5840 (DF)
> 21:22:05.107594 172.20.3.130.389 > 172.20.3.131.1200: F 87:87(0) ack 
> 68 win 65468 (DF)
> 21:22:05.107907 172.20.3.131.1200 > 172.20.3.130.389: F 68:68(0) ack 
> 88 win 5840 (DF)
> 21:22:05.108047 172.20.3.130.389 > 172.20.3.131.1200: . ack 69 win 
> 65468 (DF)
> 21:22:11.745590 172.20.3.130.445 > 172.20.3.131.1196: . 
> 896798331:896798332(1) ack 2106587559 win 64837 (DF)
> 21:22:11.745880 172.20.3.131.1196 > 172.20.3.130.445: . ack 1 win 
> 17152 <nop,nop,sack sack 1 {0:1} > (DF)
>
>
> Seem like some sort of name-resolution problem, but i have no idea 
> about what is missing.
> I also have no clue about the DNS lookup of MAIL comes from, there is 
> none and never has been  ?
>
> Anyone a hint ?
>
> Regards
> //Erik
>
> Here is my smb.conf
>
> [global]
>
>        # Optimum Samba performance settings
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>        loglevel = 1
>
>        # NT workgroup settings
>       workgroup = AG-ELECTRIC
>       server string = Samba Server
>
>        # WINS & network browsing settings
>        # All functions disabled apart from using a WINS server for 
> lookups.
>       local master = no
>       domain master = no
>       preferred master = no
>       wins support = no
>       wins server = 172.20.3.130
>       dns proxy = yes
>
>        security = DOMAIN
>        encrypt passwords = Yes
>        password server = *
>        #password server = AG-W2K-SRV1
>        #password server = 172.20.3.130
>
>        # Enable Winbind for AD and local account synchronisation
>        winbind separator = +
>
>        winbind use default domain = yes
>        idmap uid = 10000-20000
>        idmap gid = 10000-20000
>        winbind enum users = yes
>        winbind enum groups = yes
>        winbind cache time = 15
>
>        # Defaults for local accounts created by Winbind
>        template homedir = /home/%U
>        template shell = /bin/nologin
>
>        # Logging settings
>       log file = /var/log/samba/%m.log
>       max log size = 5000
>
>        # Printer sharing
>       printcap name = /etc/printcap
>       load printers = no
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCSH+/pnjBy39MSwURAhi1AKCrN4NIDKJKlltkt5uBB2gPGLVlrgCeI+5O
+/S6s6NTwLbk5Iq4XYvgjSs=
=bXRc
-----END PGP SIGNATURE-----


More information about the samba mailing list