[Samba] Mutli-Homed Subnetting - Advice please

J. Pilfold-Bagwell jpb at bordengrammar.kent.sch.uk
Mon Aug 11 13:23:11 GMT 2008


Hiya,

Just a few questions left;)

The setup I originally had in mind was three subnets, 172.20.0.0, 1.0
and 2.0 with the each NIC set up to serve one of the ranges. This
obviously requires routing between the subnets. Alternatively, I guess I
can bridge the NICs onto a single IP and use a central DHCP/DNS etc
server as this will handle broadcasts and other stuff transparently.

I'm sure as hell that the latter is easiest to set up but how have you
set yours up?

Cheers,

Jools 


On Mon, 2008-07-28 at 19:11 -0400, Charlie wrote:
> On Mon, Jul 28, 2008 at 1:41 PM,  <jools at oss4all.plus.com> wrote:
> 
> > 1) I assume that as the NICs are on the same server (PDC & WINS)  the WINS
> > server part of Samba will store both NIC IPs in the wins.dat file and that
> > it'll answer WINS queries from both subnet without a problem. Dynamic data
> > will be stored on the PDC so I assume this will be easy. Am I on safe
> > ground here?
> 
> My WINS servers have 2 to 6 NICs each.  No problems there.
> 
> > 2) I plan to have a server on each subnet that will hold the static data
> > and act as BDCs relieving the load on the PDC. Effectively, the content
> > will be identical but as staff update data on one, is there a way of
> > binding the server shares together so one updates the other. I know you
> > can bind two drives on a unix box together with mount --bind. Has anyone
> > tried binding two samba shares together? Is it easier to script an rsync
> > -u .
> 
> I would make one machine a WINS, DNS, and PDC server with no shares
> other than the logon share and possibly user homes.  Then I'd set up
> two more servers that did nothing but share files, with 2 NICs in
> each.  Many of my file servers have 4 NICs in them and work fine.
> Complexity is the enemy of reliability - I would avoid synchronizing
> shares and instead architect so that a single set of shares can be
> reached by all.  NICs are cheaper than the time it takes to build
> reliable synchronized file shares.
> 
> > 3) Finally, I need to run login scripts based on group membership but with
> > static data shares mounted on a different server depending on the subnet
> > you're on. Any tips on stacking login scripts? Can samba do this.
> 
> You can dynamically generate your logon scripts.  See here:
> http://freshmeat.net/projects/exampleadvancedsambaloginscript/
> 
> > Any hints and tips appreciated. I have limited time to do this and set up
> > three web servers with limited time for testing but that's life.
> 
> I've found keeping my PDC/logon servers separate from my "heavy
> lifter" file servers saves me much pain; I can work on login and
> authentication issues separately from load and permissions problems.
> I also use DHCP to set my windows clients to "hybrid" mode.
> 
>         option netbios-dd-server 192.168.0.1;
>         option netbios-node-type 8;
> 
> # 1    B-node: Broadcast - no WINS
> # 2    P-node: Peer - WINS only.
> # 4    M-node: Mixed - broadcast, then WINS
> # 8    H-node: Hybrid - WINS, then broadcast
> #  It should be obvious that this is a bit-mapped value, more info in
> RFCs 1001 and 1002
> 
>   You can really clog up a network fast with broadcast name
> resolution, so you want to restrict that as much as possible.
> 
> --Charlie



More information about the samba mailing list