[Samba] PDC BDC hot failover

Felipe Augusto van de Wiel felipe at paranacidade.org.br
Fri Jan 19 17:21:26 GMT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/19/2007 12:29 PM, Florian Zierer escreveu:
> Felipe Augusto van de Wiel wrote:
>> On 01/17/2007 07:32 AM, Florian Zierer escreveu:
>>
>>> Hi there,
>>> I have a problem getting my Samba installation redundant.
>>> I installed a PDC and a BDC working with 2 LDAP servers.
>>>
>>> The problem is, when users are logged in and the BDC fails, 
>>> the PDC does not take over the running sessions and vice
>>> versa.
>>
>>     And it shouldn't. :-)
> 
> Ah, ok. Thanks for the clarification. I have nowhere read 
> something like a table about the features of a bdc.

	You are welcome. ;)


> Perhaps this would be good to mention in the official 
> samba howto at http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-bdc.html.
> There is something written about bdcs but it would be good to have a
> section like:
> 
> What does it do?
>     - load balancing
>     - logons still possible if one dc fails
>     - ...
> 
> What does it NOT do?
>     - take over running session
>     - ...
> 
> There is so much Samba Documentation out there but it is difficult to
> find the right answers.

	Usually the official documentation, this mail list and
the wiki are the right place to check. If there are information
that you think it should appear in the documentation, starting
a wiki page can help, and I'm pretty sure that jht would like
to get some patches to the docs. (Even if it takes sometime to
get merged).

	If there are something out there that is missing to the
official docs, please, report it, by doing that the documentation
on the official central point can be improved.


> What are the differences between a BDC and a PDC?

	One important point is that a PDC is able to write to
the backend and BDCs are read-only. You should have only one
PDC in your network and you can have more than one BDC.

	As you already know, BDCs share the load of the
connections and they also play the role of keep the
authentication working if the PDC is down for some reason.

	Reading the documentation of Samba you will also
find differences like being or not the local master and so
on, and if I'm not wrong, Microsoft also has articles
explaining some of the differences.



>>     PDC/BDC strategy is used to share the load and keep your
>> network running logons and so on, if you have a common backend
>> then you can share the files and work something like a High
>> Avaliability or CLustered environment.
> 
> perhaps this should also be written on the official howto.

	As Volker already pointed, having HA and Clustered is
not _really_ possible with Samba (right now), you can have
resources that combined will provide you with some sort of
good strategy to keep your clients up, but you will still have
problems with "hot take over" of established connections.

	IMHO, that's why you can find info on the wiki and
not yet on the HOWTO, because it is not yet the way that it
should be.


> There is not that much written about failure scenarios and 
> redundancy. What is going on if my pdc and the master ldap
> server fail. Can the bdc still operate with the slave ldap?

	Yes. And that's has a little bit of description on
the Samba Official HOWTO.  BDCs should have Slave LDAPs,
that are also read only, if the PDC dies, they can keep
accepting authentication request, but if the files are in
the PDC (which is the most common case) your users won't
have access to it.

	That's why you will need an independent place to
add your files, so if the PDC fails you still have access
to the shares by authenticating against BDCs.

	And yes, indeed a good documentation of tested
scenarios and reports would be great, and I do think the
entire Samba Community would appreciate such effort. ;)


> What is going on if the machine trust passwords are 
> changed in such a scenario?

	AFAIR, when the PDC is not available, BDCs are
able to tell the clients that the password change is not
allowed at this time and that they should retry later.


> Do i have to "propagate" the bdc to a pdc (in smb.conf)?

	I don't think so.

	Kind regards,

- --
Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/           Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFFsP4WCj65ZxU4gPQRArXlAKCWyQ7D2AFRG6wK8fqfgpUTUwYjDACcCxRc
UC+YMCiSHzYXqm5yOwiJ8SQ=
=PYFa
-----END PGP SIGNATURE-----

More information about the samba mailing list