[Samba] Nmbd is using the wrong ip address as source
Frank Gruman
fgatwork at verizon.net
Thu Oct 9 22:22:40 GMT 2008
Thanks for the update. I was banging my head trying to figure out why
yours acted different from mine, with somewhat similar structures...
On Thu, 2008-10-09 at 12:58 +0300, Teodor Iacob wrote:
>
>
> Problem solved:
>
> The origin was a bad configured SNAT rule that didn't include the
> output interface so it was doing NAT
> on its own IP addresses .. samba works correctly.
>
> Teo
>
>
>
>
>
> ______________________________________________________________________
> From: Teodor Iacob
> Sent: Thursday, October 09, 2008 9:11 AM
> To: Frank Gruman
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Nmbd is using the wrong ip address as source
>
>
>
> I have used also the interface names, with the same results.
> Thank you for your time, I'll see to it further on the technical
> list..
>
> Teo
>
>
>
>
>
> ______________________________________________________________________
> From: Frank Gruman [mailto:fgatwork at verizon.net]
> Sent: Thursday, October 09, 2008 5:26 AM
> To: Teodor Iacob
> Cc: samba at lists.samba.org
> Subject: RE: [Samba] Nmbd is using the wrong ip address as source
>
>
>
>
> On Wed, 2008-10-08 at 09:21 +0300, Teodor Iacob wrote:
>
> >
> > Also nmblookup is using the external ip address:
> > querying HDV on 10.10.10.255
> > 09:19:19.461813 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> > PACKET(137): QUERY; REQUEST; BROADCAST
> > 09:19:19.732139 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> > PACKET(137): QUERY; REQUEST; BROADCAST
> > 09:19:20.002136 IP X.X.X.X.45781 > 10.10.10.255.netbios-ns: NBT UDP
> > PACKET(137): QUERY; REQUEST; BROADCAST
> > name_query failed to find name HDV
> >
> > The debugging information would show:
> > params.c:pm_process() - Processing configuration file
> > "/etc/samba/smb.conf"
> > Processing section "[global]"
> > doing parameter workgroup = HOSTNAME
> > doing parameter netbios name = HDV
> > handle_netbios_name: set global_myname to: HDV
> > doing parameter interfaces = 10.10.10.1
> > doing parameter hosts allow = 127.0.0., 10.10.10.
> > doing parameter bind interfaces only = yes
> > doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
> > SO_RCVBUF=8192 SO_SNDBUF=8192
> > doing parameter preferred master = yes
> > doing parameter domain master = yes
> > doing parameter local master = yes
> > doing parameter os level = 100
> > doing parameter remote announce = 10.10.10.255/HOSTNAME
> > doing parameter socket address = 10.10.10.255
> > doing parameter log level = 1
> > ..
> > added interface ip=10.10.10.1 bcast=10.10.10.255 nmask=255.255.255.0
> > socket option SO_KEEPALIVE = 0
> > socket option SO_REUSEADDR = 1
> > socket option SO_BROADCAST = 1
> > ..
> > Socket opened.
> > querying HDV on 10.10.10.255
> > Sending a packet of len 50 to (10.10.10.255) on port 137
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > Sending a packet of len 50 to (10.10.10.255) on port 137
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > Sending a packet of len 50 to (10.10.10.255) on port 137
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > tdb(unnamed): tdb_open_ex: could not open
> > file /var/cache/samba/unexpected.tdb: No such file or directory
> > name_query failed to find name HDV
> > ..
> >
> >
> > ____________________________________________________________________
> >
> > From: Frank Gruman [mailto:fgatwork at verizon.net]
> > Sent: Tuesday, October 07, 2008 3:29 AM
> > To: Teodor Iacob
> > Cc: samba at lists.samba.org
> > Subject: RE: [Samba] Nmbd is using the wrong ip address as source
> >
> >
> >
> > On Mon, 2008-10-06 at 09:05 +0300, Teodor Iacob wrote:
> >
> > > Hello,
> > > Sorry for seeming impatient, I just had some rough night hours
> > > because of this problem :)
> > > tcpdump shows:
> > > 08:21:22.920832 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > > NBT UDP PACKET(138)
> > > 08:21:22.920986 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > > NBT UDP PACKET(138)
> > > 08:21:23.072063 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:23.072069 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:23.072073 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:23.072076 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:23.072079 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:24.072491 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > > NBT UDP PACKET(138)
> > > 08:21:24.072497 IP X.X.X.X.netbios-dgm > 10.10.10.255.netbios-dgm:
> > > NBT UDP PACKET(138)
> > > 08:21:24.072656 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST
> > > 08:21:25.073432 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:25.073438 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > > 08:21:25.073441 IP X.X.X.X.netbios-ns > 10.10.10.255.netbios-ns:
> > > NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
> > >
> > > ( where X.X.X.X is the public ip address of the linux server from
> > > eth0 ), this tcpdump was taken from another linux machine with
> > > the
> > > ip: 10.10.10.2
> > > The requested netstat output:
> > > [root at ns ~]# netstat -nap |grep [sn]mbd
> > > tcp 0 0 10.10.10.1:139 0.0.0.0:*
> > > LISTEN 18538/smbd
> > > tcp 0 0 10.10.10.1:445 0.0.0.0:*
> > > LISTEN 18538/smbd
> > > udp 0 0 10.10.10.1:137 0.0.0.0:*
> > > 18542/nmbd
> > > udp 0 0 10.10.10.255:137 0.0.0.0:*
> > > 18542/nmbd
> > > udp 0 0 10.10.10.1:138 0.0.0.0:*
> > > 18542/nmbd
> > > udp 0 0 10.10.10.255:138 0.0.0.0:*
> > > 18542/nmbd
> > > unix 2 [ ] DGRAM 194986
> > > 18542/nmbd
> > > unix 2 [ ] DGRAM 194960
> > > 18538/smbd
> > >
> > > nmblookup from both machines returns this:
> > > querying server on 10.10.10.255
> > > name_query failed to find name server
> > > Right now there are no PCs open in the network, but friday when I
> > > was testing various configurations,
> > > I was able to see that one of the XP machines reported back as
> > > master browser ( I could see the share list
> > > with _MSBROWSE_ as well. )
> > >
> > >
> > > However if I do a unicast request to 10.10.10.1 ( basically it
> > > acts as a wins server ):
> > > querying HDV on 10.10.10.1
> > > 10.10.10.1 HDV<00>
> > >
> > > In the nmbd.log I have:
> > > [2008/10/06 08:52:50, 0] nmbd/nmbd.c:main(698)
> > > Netbios nameserver version 3.0.28-1.el5_2.1 started.
> > > Copyright Andrew Tridgell and the Samba Team 1992-2007
> > > [2008/10/06 08:52:51, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
> > > become_domain_master_browser_bcast:
> > > Attempting to become domain master browser on workgroup HOSTNAME
> > > on subnet 10.10.10.1
> > > [2008/10/06 08:52:51, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
> > > become_domain_master_browser_bcast: querying subnet 10.10.10.1
> > > for domain master browser on workgroup HOSTNAME
> > > [2008/10/06 08:53:01, 0]
> > > nmbd/nmbd_become_dmb.c:become_domain_master_stage2(113)
> > > *****
> > > Samba server HNS is now a domain master browser for workgroup
> > > HOSTNAME on subnet 10.10.10.1
> > > *****
> > > [2008/10/06 08:53:15, 0]
> > > nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
> > > *****
> > > Samba name server HNS is now a local master browser for
> > > workgroup HOSTNAME on subnet 10.10.10.1
> > > *****
> > >
> > > Thank you for your time!
> > > Teodor
> > >
> > >
> > > __________________________________________________________________
> > >
> > >
> > > From: Frank Gruman [mailto:fgatwork at verizon.net]
> > > Sent: Sunday, October 05, 2008 10:28 PM
> > > To: Teodor Iacob
> > > Cc: samba at lists.samba.org
> > > Subject: RE: [Samba] Nmbd is using the wrong ip address as source
> > >
> > >
> > >
> > > On Sun, 2008-10-05 at 18:35 +0300, Teodor Iacob wrote:
> > >
> > > > Does anybody have a suggestion for another list or forum to address
> > > > this issue?
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Teodor Iacob
> > > > > Sent: 4 octombrie 2008 09:14
> > > > > To: samba at piven.org; samba at lists.samba.org
> > > > > Subject: RE: [Samba] Nmbd is using the wrong ip address as source
> > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: samba-bounces+theo=macsys.eu at lists.samba.org
> > > > > > [mailto:samba-bounces+theo=macsys.eu at lists.samba.org] On Behalf Of
> > > > > > samba at piven.org
> > > > > > Sent: Saturday, October 04, 2008 4:41 AM
> > > > > > To: samba at lists.samba.org
> > > > > > Subject: Re: [Samba] Nmbd is using the wrong ip address as source
> > > > > >
> > > > > > Teodor Iacob wrote:
> > > > > > > Hello,
> > > > > > >
> > > > > > > I have a linux box with the following S/W versions:
> > > > > > > CentOS release 5.2 (Final)
> > > > > > > Linux ns.hostname.ro 2.6.18-92.1.13.el5 #1 SMP Wed Sep 24
> > > > > > 19:32:05 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux
> > > > > > > Version 3.0.28-1.el5_2.1
> > > > > > >
> > > > > > > My server has 2 IP interfaces, eth0: with the public ip
> > > > > > address and br0: for the private subnet.
> > > > > > > Br0 being a bridge ip interface between eth1 and tap0 ( for
> > > > > > openvpn ).
> > > > > > >
> > > > > > > Now my problem is that the nmbd is doing the netbios
> > > > > > broadcasts using the eth0 ip address instead
> > > > > > > of the br0 one. I'm only interested in enabling samba on
> > > > > > the local network (br0). I have checked
> > > > > > > this by using tcpdump on another linux machine in the
> > > > > > network and saw the broadcasts with the source
> > > > > > > address the eth0 ip. Nmbd claims to win the master browsing
> > > > > > election, but in reality the windows machines
> > > > > > > ignore the election packets and another machine becomes
> > > > > > master and the browsing list is messed up..
> > > > > > > The smbd works just fine, connecting to the shares manually
> > > > > > works correctly.
> > > > > > >
> > > > > > > How can I make nmbd to use the correct ip address? ( btw, I
> > > > > > removed the bridge config just for testing
> > > > > > > and only enabled ip on the eth1 and the same problem.. ). I
> > > > > > saw that in the previous version there was
> > > > > > > a parameter "-I" to force the source address..
> > > > > > >
> > > > > > > For reference this is my smb.conf:
> > > > > > > [global]
> > > > > > > workgroup = HOSTNAME
> > > > > > > netbios name = HNS
> > > > > > > interfaces = 10.10.10.1 127.0.0.1
> > > > > >
> > > > > > ... why not just say "interfaces = br0" so that it binds to your
> > > > > > private interface (which I presume owns 10.10.10.1)? You
> > > > > don't need
> > > > > > to have Samba listen on the loopback address if you can
> > > > > talk to it on
> > > > > > another local address.
> > > > >
> > > > > I mentioned also br0 in my quest of trying all possibilities
> > > > > I could think of.. No change.
> > > > > But bind is only for listening, my problem is when nmbd it
> > > > > sends packets by itself to make the election. I told you smbd
> > > > > works fine and I can see from netstat -an at the LISTEN part
> > > > > that it was only bound to the 10.10.10.1:139 and 10.10.10.1:445
> > > > >
> > > > >
> > > > > >
> > > > > > > hosts allow = 127.0.0., 10.10.10.
> > > > > > > bind interfaces only = yes
> > > > > > [snip]
> > > > > > > remote announce = 10.10.10.255/HOSTNAME
> > > > > > > socket address = 10.10.10.1
> > > > > >
> > > > > > Don
> > >
> > >
> > > First of all, thank you for your patience on volunteer attempts to
> > > help you resolve your issue (considering it is still the weekend
> > > in much of the world).
> > >
> > > Now, can you include a portion of the tcpdump you viewed from the
> > > other machine (particularly the part where the wrong address is
> > > appearing). Also, I am assuming you have restarted both smbd and
> > > nmbd after each configuration change.
> > >
> > > To verify that your samba settings are being read properly, try to
> > > run "netstat -nap |grep [sn]mbd" to see which ports are open on
> > > your local machine. Also, try running "nmblookup -B 10.10.10.255
> > > server" to ensure that nmbd is responding to name server queries
> > > on the broadcast address.
> > >
> > > I Googled a moment, and came up with much of the above from her -
> > > http://samba.org/~tpot/articles/multiple-interfaces.html
> > >
> > > Let us know how it goes.
> > >
> > > Regards,
> > > Frank
> > >
> >
> >
> > Thanks for the output.
> >
> > I can honestly say that I don't know why your public IP would be
> > coming back in the tcpdump. I will have to leave that one to
> > greater minds than mine. The other outputs look good except for the
> > nmblookup failure. I think I didn't provide enough information for
> > you - the "server" attribute should be the name of a machine on your
> > network (a node). That should fix the success of that query.
> >
> > Also, try to add the "-d 8" parameter to add additional debug output
> > to this command. It should give you a lot more information about
> > how it is performing lookups. If you even want to test a step
> > further, rather than setting the "interfaces = <ip_address>"
> > parameter in smb.conf, try to set it back to the interface
> > name "interfaces = <ifc name, e.g. eth1>". I recall a posting a
> > long time ago that made references to this, so all of mine use ifc
> > names rather than IP addresses.
> >
> > Regards,
> > Frank
> >
> >
>
> Theo,
>
> I must admit, I am coming to an end on what I can help you with. My
> only last suggestion is to change your smb.conf file to set the
> interfaces back to the device rather than the IP address. I don't
> know how much difference it will make...
>
> The next step (barring anyone else speaking up here) would be to
> engage the samba-technical list. To me, it appears that your
> configuration is in line with the documentation, so you may have a
> valid issue to head to that side with.
>
> Regards,
> Frank
More information about the samba
mailing list