[Samba] 75 seconds timeout when negotiating with smbd.
Aleksandr Vinokurov
aleksandr.vin at gmail.com
Wed Nov 29 09:21:47 GMT 2006
Hello all,
After upgrading to 3.0.23c on my FreeBSD 6.1 box Samba stopped working
on any connections. When connecting to smbd, tcp session is established
(SYN, SYN+ACK, ACK) then a client send a NEGOTIATION packet, and after
some timeout (about 10-15 seconds) this tcp session is closed (by the
client) because no response to NEG. packet was received. Then after 75
seconds (counting from the ACK packet) the SUCCESS NEG. response is sent
by smbd, and this packet is answered by RST as the port is already closed.
Here is the log of smbd:
[2006/11/29 09:30:53, 3] smbd/oplock.c:init_oplocks(862)
open_oplock_ipc: initializing messages.
[2006/11/29 09:32:08, 0] smbd/notify_fam.c:fam_notify_init(455)
FAM file change notifications not available
[2006/11/29 09:32:08, 3] lib/access.c:check_access(312)
check_access: no hostnames in host allow/deny list.
You can see a 75 seconds delay between 1-st and 2-nd entries.
My FreeBSD box runs as a NAT from rl0 to rl1 and as a Samba server for
rl0, some configuration data is below.
kustik:~# uname -a
FreeBSD kustik 6.1-STABLE FreeBSD 6.1-STABLE #0: Tue Sep 12 09:49:17 UTC
2006 root at kustik:/usr/obj/usr/src/sys/KUSTIK i386
kustik:~# ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 10.0.1.8 netmask 0xffffff00 broadcast 10.0.1.255
inet 10.0.1.1 netmask 0xffffff00 broadcast 10.0.1.255
ether 00:40:f4:70:8b:e4
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 172.17.11.246 netmask 0xfffffc00 broadcast 172.17.11.255
ether 00:16:cb:a3:9f:da
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
kustik:~# ipfw show
00300 3926602 3789413783 divert 8668 ip from any to any via rl1
65534 7717861 7560613261 allow ip from any to any
65535 0 0 deny ip from any to any
kustik:~# sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root smbd 10548 18 tcp4 10.0.1.8:445 *:*
root smbd 10548 19 tcp4 10.0.1.8:139 *:*
root nmbd 10542 6 udp4 *:137 *:*
root nmbd 10542 7 udp4 *:138 *:*
root nmbd 10542 8 udp4 10.0.1.8:137 *:*
root nmbd 10542 9 udp4 10.0.1.8:138 *:*
root sshd 555 3 tcp4 *:22 *:*
root natd 264 3 div4 *:8668 *:*
kustik:~# cat /usr/local/etc/smb.conf
[global]
workgroup = Tuman
server string = Kustik Samba Server
security = user
hosts allow = 10.0.1. 10.0.2. 127.
guest account = pcguest
log file = /var/log/samba/log.%m
log level = 3
max log size = 5000
passdb backend = tdbsam
hostname lookups = no
load printers = no
# Most people will find that this option gives better performance.
# See the chapter 'Samba performance issues' in the Samba HOWTO Collection
# and the manual pages for details.
# You may want to add the following on a Linux system:
; socket options = SO_RCVBUF=8192 SO_SNDBUF=8192
bind interfaces only = yes
interfaces = 10.0.1.8/24
dns proxy = no
; display charset = UTF-8-MAC
; unix charset = UTF-8-MAC
dos charset = cp866
# Use extended attributes to store file modes
store dos attributes = yes
map hidden = no
map system = no
map archive = no
# Use inherited ACLs for directories
; nt acl support = yes
; inherit acls = yes
; map acl inherit = yes
;[homes]
; comment = Home Directories
; browseable = no
; writable = yes
[Podkustom]
comment = Kustik's Public
path = /home/samba
; geust ok = yes
public = yes
writable = yes
printable = no
[Kanavka]
comment = FAT Store on Kustik
path = /mnt/data
fstype = FAT
public = yes
writable = yes
printable = no
[Flop]
comment = Flop on Kustik
path = /flop
fstype = FAT
public = yes
writable = yes
printable = no
kustik:~# tcpdump -i rl0 -vvn not port 22
tcpdump: listening on rl0, link-type EN10MB (Ethernet), capture size 68
bytes
12:17:57.716711 IP (tos 0x0, ttl 64, id 29205, offset 0, flags [DF],
proto: TCP (6), length: 64) 10.0.1.12.52698 >
10.0.1.8.445: S 2296625852:2296625852(0) win 65535
<mss 1460,nop,wscale 0,nop,nop,timestamp[|tcp]>
12:17:57.716900 IP (tos 0x0, ttl 83, id 21945, offset 0, flags [DF],
proto: TCP (6), length: 64) 10.0.1.8.445 >
10.0.1.12.52698: S 3732422950:3732422950(0) ack
2296625853 win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp[|tcp]>
12:17:57.717045 IP (tos 0x0, ttl 64, id 29206, offset 0, flags [DF],
proto: TCP (6), length: 52) 10.0.1.12.52698 >
10.0.1.8.445: ., cksum 0xea89 (correct), 1:1 (0) ack
1 win 65535 <nop,nop,timestamp 1066921360 245565308>
12:17:57.748985 IP (tos 0x0, ttl 64, id 29207, offset 0, flags [DF],
proto: TCP (6), length: 235) 10.0.1.12.52698 >
10.0.1.8.445: P 1:184(183) ack 1 win 65535
<nop,nop,timestamp 1066921360 245565308>
12:17:57.848389 IP (tos 0x0, ttl 83, id 21948, offset 0, flags [DF],
proto: TCP (6), length: 52) 10.0.1.8.445 >
10.0.1.12.52698: ., cksum 0x6792 (correct), 1:1 (0)
ack 184 win 33212 <nop,nop,timestamp 245565440 1066921360>
12:18:17.748603 IP (tos 0x0, ttl 64, id 29208, offset 0, flags [DF],
proto: TCP (6), length: 52) 10.0.1.12.52698 >
10.0.1.8.445: F, cksum 0xe925 (correct), 184 :184(0)
ack 1 win 65535 <nop,nop,timestamp 1066921400 245565440>
12:18:17.748790 IP (tos 0x0, ttl 83, id 21955, offset 0, flags [DF],
proto: TCP (6), length: 52) 10.0.1.8.445 >
10.0.1.12.52698: ., cksum 0x19aa (correct), 1:1 (0)
ack 185 win 33212 <nop,nop,timestamp 245585343 1066921400>
12:19:12.747727 IP (tos 0x0, ttl 83, id 21969, offset 0, flags [DF],
proto: TCP (6), length: 183) 10.0.1.8.445 > 10.0.1.12.52698: P
1:132(131) ack 185 win 33304 <nop,nop,timestamp 245640350 1066921400>
12:19:12.747940 IP (tos 0x0, ttl 64, id 29225, offset 0, flags [DF],
proto: TCP (6), length: 40) 10.0.1.12.52698 > 10.0.1.8.445: R, cksum
0x85dc (correct), 2296626037:2296626037(0) win 0
Any help will be very appreciated,
Aleksandr.
More information about the samba
mailing list