[Samba] Bringing up interface causes smbd to become unresponsive on that subnet

Tony Markel tmarkel at umich.edu
Mon Apr 30 15:12:18 MDT 2012 

This is a strange problem I can't seem to wrap my head around.

I have a server with 2 interfaces.  Samba is serving happily on one, and
will remain on a single interface (eth0,  subnet A(/22), vlan 101).  I wish
to bring up a second interface (eth1, subnet B(/24), vlan 102) that will be
serving up nfs and ssh traffic only.  Currently, Samba will process
requests from any computer on the public internet.

Now, before I bring up the second interface on subnet B, I modify my
smb.conf to bind to eth0, and I speficy the netmasks of subnet A and B.

The problem is this:
When I bring up eth1, subnet B cannot access the service.  When I take it
down, normal service resumes.

Here's the relevant sections of smb.conf taken from the command testparm:

[global]
workgroup = GOBLUE
realm = ADS.SERVER.UMICH.EDU
server string = nuit-filer01 %v
interfaces = eth0, 10.211.68.0/22, 10.211.122.0/24, 10.211.201.0/24
bind interfaces only = Yes
security = ADS
allow trusted domains = No
password server = ads.server.umich.edu
log file = /var/log/samba/%m
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
printcap name = /dev/null
username map script = /etc/samba/map.sh
os level = 30
local master = No
dns proxy = No
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /sbin/nologin
winbind use default domain = Yes
winbind offline logon = Yes
idmap config GOBLUE:range = 16777216-33554431
idmap config GOBLUE:base_rid = 0
idmap config GOBLUE:backend = rid
hosts allow = ALL
printing = bsd
cups options = raw

[homes]
comment = Home Directories
read only = No
browseable = No

results of ip addr show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
    link/ether 00:25:90:25:ae:26 brd ff:ff:ff:ff:ff:ff
    inet 141.211.68.143/23 brd 141.211.69.255 scope global eth0
    inet6 fe80::225:90ff:fe25:ae26/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
    link/ether 00:25:90:25:ae:27 brd ff:ff:ff:ff:ff:ff
    inet 141.211.201.7/24 brd 141.211.201.255 scope global eth1
    inet6 fe80::225:90ff:fe25:ae27/64 scope link
       valid_lft forever preferred_lft forever

results of netstat -tapn | grep smb
[root at nuit-filer01 ~]# netstat -tapn | grep smb | sed 's/141.211/10.211/g'
tcp        0      0 :::139                      :::*
 LISTEN      4026/smbd
tcp        0      0 :::445                      :::*
 LISTEN      4026/smbd
tcp        0      0 ::ffff:10.211.68.143:445
::ffff:10.211.122.23:59355ESTABLISHED 4943/smbd
tcp        0      0 ::ffff:10.211.68.143:445
::ffff:10.211.201.15:53806ESTABLISHED 6194/smbd
tcp        0      0 ::ffff:10.211.68.143:445
::ffff:10.211.201.21:49358ESTABLISHED 5673/smbd
tcp        0      0 ::ffff:10.211.68.143:445
::ffff:10.211.122.23:56012ESTABLISHED 4202/smbd
tcp        0      0 ::ffff:10.211.68.143:445
::ffff:67.194.122.180:50187ESTABLISHED 8267/smbd



-- 
Tony Markel

More information about the samba mailing list