[Samba] Nmbd is using the wrong ip address as source
Frank Gruman
fgatwork at verizon.net
Thu Oct 9 02:25:41 GMT 2008
On Wed, 2008-10-08 at 09:21 +0300, Teodor Iacob wrote:
>
>
> Also nmblookup is using the external ip address:
>
> querying HDV on 10.10.10.255
> 09:19:19.461813 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> PACKET(137): QUERY; REQUEST; BROADCAST
> 09:19:19.732139 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> PACKET(137): QUERY; REQUEST; BROADCAST
> 09:19:20.002136 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> PACKET(137): QUERY; REQUEST; BROADCAST
> name_query failed to find name HDV
>
> The debugging information would show:
> params.c:pm_process() - Processing configuration file
> "/etc/samba/smb.conf"
> Processing section "[global]"
> doing parameter workgroup = HOSTNAME
> doing parameter netbios name = HDV
> handle_netbios_name: set global_myname to: HDV
> doing parameter interfaces = 10.10.10.1
> doing parameter hosts allow = 127.0.0., 10.10.10.
> doing parameter bind interfaces only = yes
> doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
> SO_RCVBUF=8192 SO_SNDBUF=8192
> doing parameter preferred master = yes
> doing parameter domain master = yes
> doing parameter local master = yes
> doing parameter os level = 100
> doing parameter remote announce = 10.10.10.255/HOSTNAME
> doing parameter socket address = 10.10.10.255
> doing parameter log level = 1
> ..
> added interface ip=10.10.10.1 bcast=10.10.10.255 nmask=255.255.255.0
> socket option SO_KEEPALIVE = 0
> socket option SO_REUSEADDR = 1
> socket option SO_BROADCAST = 1
> ..
> Socket opened.
> querying HDV on 10.10.10.255
> Sending a packet of len 50 to (10.10.10.255) on port 137
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> Sending a packet of len 50 to (10.10.10.255) on port 137
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> Sending a packet of len 50 to (10.10.10.255) on port 137
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> tdb(unnamed): tdb_open_ex: could not open
> file /var/cache/samba/unexpected.tdb: No such file or directory
> name_query failed to find name HDV
> ..
>
>
>
>
>
>
> ______________________________________________________________________
> From: Frank Gruman [mailto:fgatwork at verizon.net]
> Sent: Tuesday, October 07, 2008 3:29 AM
> To: Teodor Iacob
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Nmbd is using the wrong ip address as source
>
>
>
>
> On Mon, 2008-10-06 at 09:05 +0300, Teodor Iacob wrote:
>
> > Hello,
> > Sorry for seeming impatient, I just had some rough night hours
> > because of this problem :)
> > tcpdump shows:
> > 08:21:22.920832 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > NBT UDP PACKET(138)
> > 08:21:22.920986 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > NBT UDP PACKET(138)
> > 08:21:23.072063 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:23.072069 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:23.072073 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:23.072076 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:23.072079 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:24.072491 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > NBT UDP PACKET(138)
> > 08:21:24.072497 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > NBT UDP PACKET(138)
> > 08:21:24.072656 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): QUERY; REQUEST; BROADCAST
> > 08:21:25.073432 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:25.073438 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > 08:21:25.073441 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns: NBT
> > UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> >
> > ( where X.X.X.X is the public ip address of the linux server from
> > eth0 ), this tcpdump was taken from another linux machine with the
> > ip: 10.10.10.2
> > The requested netstat output:
> > [root at ns ~]# netstat -nap |grep [sn]mbd
> > tcp 0 0 10.10.10.1:139 0.0.0.0:*
> > LISTEN 18538/smbd
> > tcp 0 0 10.10.10.1:445 0.0.0.0:*
> > LISTEN 18538/smbd
> > udp 0 0 10.10.10.1:137 0.0.0.0:*
> > 18542/nmbd
> > udp 0 0 10.10.10.255:137 0.0.0.0:*
> > 18542/nmbd
> > udp 0 0 10.10.10.1:138 0.0.0.0:*
> > 18542/nmbd
> > udp 0 0 10.10.10.255:138 0.0.0.0:*
> > 18542/nmbd
> > unix 2 [ ] DGRAM 194986 18542/nmbd
> > unix 2 [ ] DGRAM 194960 18538/smbd
> >
> > nmblookup from both machines returns this:
> > querying server on 10.10.10.255
> > name_query failed to find name server
> > Right now there are no PCs open in the network, but friday when I
> > was testing various configurations,
> > I was able to see that one of the XP machines reported back as
> > master browser ( I could see the share list
> > with _MSBROWSE_ as well. )
> >
> >
> > However if I do a unicast request to 10.10.10.1 ( basically it acts
> > as a wins server ):
> > querying HDV on 10.10.10.1
> > 10.10.10.1 HDV<00>
> >
> > In the nmbd.log I have:
> > [2008/10/06 08:52:50, 0] nmbd/nmbd.c:main(698)
> > Netbios nameserver version 3.0.28-1.el5_2.1 started.
> > Copyright Andrew Tridgell and the Samba Team 1992-2007
> > [2008/10/06 08:52:51, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
> > become_domain_master_browser_bcast:
> > Attempting to become domain master browser on workgroup HOSTNAME
> > on subnet 10.10.10.1
> > [2008/10/06 08:52:51, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
> > become_domain_master_browser_bcast: querying subnet 10.10.10.1 for
> > domain master browser on workgroup HOSTNAME
> > [2008/10/06 08:53:01, 0]
> > nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
> > *****
> > Samba server HNS is now a domain master browser for workgroup
> > HOSTNAME on subnet 10.10.10.1
> > *****
> > [2008/10/06 08:53:15, 0]
> > nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
> > *****
> > Samba name server HNS is now a local master browser for workgroup
> > HOSTNAME on subnet 10.10.10.1
> > *****
> >
> > Thank you for your time!
> > Teodor
> >
> >
> > ____________________________________________________________________
> >
> > From: Frank Gruman [mailto:fgatwork at verizon.net]
> > Sent: Sunday, October 05, 2008 10:28 PM
> > To: Teodor Iacob
> > Cc: samba at lists.samba.org
> > Subject: RE: [Samba] Nmbd is using the wrong ip address as source
> >
> >
> >
> > On Sun, 2008-10-05 at 18:35 +0300, Teodor Iacob wrote:
> >
> > > Does anybody have a suggestion for another list or forum to address
> > > this issue?
> > >
> > >
> > > > -----Original Message-----
> > > > From: Teodor Iacob
> > > > Sent: 4 octombrie 2008 09:14
> > > > To: samba at piven.org; samba at lists.samba.org
> > > > Subject: RE: [Samba] Nmbd is using the wrong ip address as source
> > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: samba-bounces+theo=macsys.eu at lists.samba.org
> > > > > [mailto:samba-bounces+theo=macsys.eu at lists.samba.org] On Behalf Of
> > > > > samba at piven.org
> > > > > Sent: Saturday, October 04, 2008 4:41 AM
> > > > > To: samba at lists.samba.org
> > > > > Subject: Re: [Samba] Nmbd is using the wrong ip address as source
> > > > >
> > > > > Teodor Iacob wrote:
> > > > > > Hello,
> > > > > >
> > > > > > I have a linux box with the following S/W versions:
> > > > > > CentOS release 5.2 (Final)
> > > > > > Linux ns.hostname.ro 2.6.18-92.1.13.el5 #1 SMP Wed Sep 24
> > > > > 19:32:05 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux
> > > > > > Version 3.0.28-1.el5_2.1
> > > > > >
> > > > > > My server has 2 IP interfaces, eth0: with the public ip
> > > > > address and br0: for the private subnet.
> > > > > > Br0 being a bridge ip interface between eth1 and tap0 ( for
> > > > > openvpn ).
> > > > > >
> > > > > > Now my problem is that the nmbd is doing the netbios
> > > > > broadcasts using the eth0 ip address instead
> > > > > > of the br0 one. I'm only interested in enabling samba on
> > > > > the local network (br0). I have checked
> > > > > > this by using tcpdump on another linux machine in the
> > > > > network and saw the broadcasts with the source
> > > > > > address the eth0 ip. Nmbd claims to win the master browsing
> > > > > election, but in reality the windows machines
> > > > > > ignore the election packets and another machine becomes
> > > > > master and the browsing list is messed up..
> > > > > > The smbd works just fine, connecting to the shares manually
> > > > > works correctly.
> > > > > >
> > > > > > How can I make nmbd to use the correct ip address? ( btw, I
> > > > > removed the bridge config just for testing
> > > > > > and only enabled ip on the eth1 and the same problem.. ). I
> > > > > saw that in the previous version there was
> > > > > > a parameter "-I" to force the source address..
> > > > > >
> > > > > > For reference this is my smb.conf:
> > > > > > [global]
> > > > > > workgroup = HOSTNAME
> > > > > > netbios name = HNS
> > > > > > interfaces = 10.10.10.1 127.0.0.1
> > > > >
> > > > > ... why not just say "interfaces = br0" so that it binds to your
> > > > > private interface (which I presume owns 10.10.10.1)? You
> > > > don't need
> > > > > to have Samba listen on the loopback address if you can
> > > > talk to it on
> > > > > another local address.
> > > >
> > > > I mentioned also br0 in my quest of trying all possibilities
> > > > I could think of.. No change.
> > > > But bind is only for listening, my problem is when nmbd it
> > > > sends packets by itself to make the election. I told you smbd
> > > > works fine and I can see from netstat -an at the LISTEN part
> > > > that it was only bound to the 10.10.10.1:139 and 10.10.10.1:445
> > > >
> > > >
> > > > >
> > > > > > hosts allow = 127.0.0., 10.10.10.
> > > > > > bind interfaces only = yes
> > > > > [snip]
> > > > > > remote announce = 10.10.10.255/HOSTNAME
> > > > > > socket address = 10.10.10.1
> > > > >
> > > > > Don
> >
> >
> > First of all, thank you for your patience on volunteer attempts to
> > help you resolve your issue (considering it is still the weekend in
> > much of the world).
> >
> > Now, can you include a portion of the tcpdump you viewed from the
> > other machine (particularly the part where the wrong address is
> > appearing). Also, I am assuming you have restarted both smbd and
> > nmbd after each configuration change.
> >
> > To verify that your samba settings are being read properly, try to
> > run "netstat -nap |grep [sn]mbd" to see which ports are open on your
> > local machine. Also, try running "nmblookup -B 10.10.10.255 server"
> > to ensure that nmbd is responding to name server queries on the
> > broadcast address.
> >
> > I Googled a moment, and came up with much of the above from her -
> > http://samba.org/~tpot/articles/multiple-interfaces.html
> >
> > Let us know how it goes.
> >
> > Regards,
> > Frank
> >
>
>
> Thanks for the output.
>
> I can honestly say that I don't know why your public IP would be
> coming back in the tcpdump. I will have to leave that one to greater
> minds than mine. The other outputs look good except for the nmblookup
> failure. I think I didn't provide enough information for you - the
> "server" attribute should be the name of a machine on your network (a
> node). That should fix the success of that query.
>
> Also, try to add the "-d 8" parameter to add additional debug output
> to this command. It should give you a lot more information about how
> it is performing lookups. If you even want to test a step further,
> rather than setting the "interfaces = <ip_address>" parameter in
> smb.conf, try to set it back to the interface name "interfaces = <ifc
> name, e.g. eth1>". I recall a posting a long time ago that made
> references to this, so all of mine use ifc names rather than IP
> addresses.
>
> Regards,
> Frank
>
>
Theo,
I must admit, I am coming to an end on what I can help you with. My
only last suggestion is to change your smb.conf file to set the
interfaces back to the device rather than the IP address. I don't know
how much difference it will make...
The next step (barring anyone else speaking up here) would be to engage
the samba-technical list. To me, it appears that your configuration is
in line with the documentation, so you may have a valid issue to head to
that side with.
Regards,
Frank
More information about the samba
mailing list