[Samba] Samba weirdness over different subnets

David Noriega tsk133 at my.utsa.edu
Fri Aug 27 15:48:47 MDT 2010


Well turns out it wasn't related to samba when I found ftp was doing
the same thing. The server was hooked into both an external and
internal network and as I found out you cant have GATEWAY set for both
nics without one of them being the default gateway and in this case it
was using the internal one and thus routing packets incorrectly. Now
that thats fixed, so are my network services.

David

On Fri, Aug 27, 2010 at 2:04 PM, David Noriega <tsk133 at my.utsa.edu> wrote:
> I've had the following setup working for years now. Subnet A contains
> linux/windows workstations along with the PDC+LDAP. Subnet B contains
> a BDC+LDAP and a domain member on the file server that windows users
> connect too.
>
> Whats new is I'm setting up a new domain member in Subnet B. It has
> joined the domain and net getdomainsid works. From machines in Subnet
> B I can run smbclient -L and have it correctly authenticate against
> the local BDC and return a list of shares.
>
> The problem is when I try to do the same from Subnet A. From my ubuntu
> box, smblclient will simply sit there indefinitely, while from windows
> it will wait for a while before it returns an error about the network
> name no longer being available. From the server's point of view,
> nothing is happening. I have to turn up the log level to 3 to see the
> following:
>
> [2010/08/27 13:35:42, 3] smbd/oplock.c:init_oplocks(863)
>  init_oplocks: initializing messages.
> [2010/08/27 13:35:42, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(234)
>  Linux kernel oplocks enabled
> [2010/08/27 13:35:42, 3] smbd/process.c:process_smb(1083)
>  Transaction 0 of length 194
> [2010/08/27 13:35:42, 3] smbd/process.c:switch_message(932)
>  switch message SMBnegprot (pid 28515) conn 0x0
> [2010/08/27 13:35:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [PC NETWORK PROGRAM 1.0]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [MICROSOFT NETWORKS 1.03]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [MICROSOFT NETWORKS 3.0]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [LANMAN1.0]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [LM1.2X002]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [DOS LANMAN2.1]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [LANMAN2.1]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(505)
>  Requested protocol [Samba]
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_nt1(364)
>  using SPNEGO
> [2010/08/27 13:35:42, 3] smbd/negprot.c:reply_negprot(606)
>  Selected protocol NT LANMAN 1.0
>
> Here it will wait for sometime before printing out the rest.
>
> [2010/08/27 13:36:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2010/08/27 13:37:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2010/08/27 13:37:42, 2] smbd/process.c:timeout_processing(1390)
>  Closing idle connection
> [2010/08/27 13:37:42, 3] smbd/sec_ctx.c:set_sec_ctx(241)
>  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2010/08/27 13:37:42, 3] smbd/connection.c:yield_connection(69)
>  Yielding connection to
> [2010/08/27 13:37:42, 3] smbd/server.c:exit_server_common(768)
>  Server exit (normal exit)
>
> smb.conf
>
> [Global]
>        workgroup = XXX.XXX.XXX
>        server string = XXXX %v
>        security = domain
>        password server = XXXX, XXXX
>        loglevel = 3
>        syslog = 0
>        interfaces = eth0
>        bind interfaces only = yes
>
> [homes]
>        read only = No
>        valid users = %S
>        comment = %U Home Directory
>        path = /home/%U
>        browseable = no
>
> [Public]
>        path = /groups/Public
>        browseable = yes
>        writeable = yes
>        create mask = 0777
>        directory mask = 0777
>        force group = "Domain Users"
>        public = yes
>
>
> I have no clue, any ideas?
>
> David
>
> PS: One thing that has never worked is resolving a netbios name that
> isnt in the same subnet. It only works for machines in the same
> subnet. I do have remote announce and remote browser sync on in the
> BDC in Subnet B, but all that does is show those remote servers when
> ever I do network browsing, but when I try to connect, i cant. I
> always have to give its full dns hostname.
> --
> Personally, I liked the university. They gave us money and facilities,
> we didn't have to produce anything! You've never been out of college!
> You don't know what it's like out there! I've worked in the private
> sector. They expect results. -Ray Ghostbusters
>



-- 
Personally, I liked the university. They gave us money and facilities,
we didn't have to produce anything! You've never been out of college!
You don't know what it's like out there! I've worked in the private
sector. They expect results. -Ray Ghostbusters


More information about the samba mailing list