[Samba] WINS doesn't work on some ip addresses in multihome setup

Sebastian Suchanek samba at suchanek.de
Wed Jun 27 09:03:09 MDT 2012


Hello everybody!

Still struggeling with my latest Samba setup, I've just run accross 
another problem which I can't figure out on my own. Samba is supposed to 
act as a WINS server (among other things) on a multihomed machine. (The 
Samba version is 3.5.1 as part of Debian Squeeze)

Here's the [global] part of the samba setup:

----------------------------------- 8< -------------------------------
[global]
    workgroup = HST
    netbios name = Tux
    server string = %h server
    wins support = yes
    interfaces = 127.0.0.0/8 a.b.c.128/25 10.8.0.0/24
    hosts allow = 127.0.0.0/8 a.b.c.128/25 10.8.0.0/24
    bind interfaces only = yes
    domain master = yes
    local master = yes
    preferred master = yes
    os level = 65
    log file = /var/log/samba/log.%m
    max log size = 1000
    syslog = 0
    panic action = /usr/share/samba/panic-action %d
    security = user
    encrypt passwords = true
    passdb backend = tdbsam
    obey pam restrictions = yes
    unix password sync = yes
    passwd program = /usr/bin/passwd %u
    passwd chat = *Enter\snew\s*\spassword:* %n\n 
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
    pam password change = yes
    printing = bsd
    printcap name = /etc/printcap
----------------------------------- 8< -------------------------------

(Please note that "a.b.c" is a real ip address, just "anonymised" for 
this posting.)

After starting Samba, the following ports are used:

----------------------------------- 8< -------------------------------
tux:~# netstat -tulpen | grep mbd
tcp        0      0 127.0.0.1:139           0.0.0.0:* 
LISTEN      0          8671        2362/smbd
tcp        0      0 a.b.c.233:139      0.0.0.0:*               LISTEN 
    0          8669        2362/smbd
tcp        0      0 127.0.0.1:445           0.0.0.0:* 
LISTEN      0          8670        2362/smbd
tcp        0      0 a.b.c.233:445      0.0.0.0:*               LISTEN 
    0          8668        2362/smbd
udp        0      0 a.b.c.255:137      0.0.0.0:* 
    0          8649        2359/nmbd
udp        0      0 a.b.c.233:137      0.0.0.0:* 
    0          8648        2359/nmbd
udp        0      0 0.0.0.0:137             0.0.0.0:* 
         0          8642        2359/nmbd
udp        0      0 a.b.c.255:138      0.0.0.0:* 
    0          8651        2359/nmbd
udp        0      0 a.b.c.233:138      0.0.0.0:* 
    0          8650        2359/nmbd
udp        0      0 0.0.0.0:138             0.0.0.0:* 
         0          8643        2359/nmbd
tux:~#
----------------------------------- 8< -------------------------------

Now, when I'm trying to query the WINS server via the 10.8.0.0/24 
subnet, I'm getting what looks like a timeout to me:

----------------------------------- 8< -------------------------------
tux:~# nmblookup name-of-host -RU 10.8.0.1 -d 6
INFO: Current debug levels:
...
interpret_interface: using netmask value 8 from config file on interface lo
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
interpret_interface: using netmask value 25 from config file on 
interface eth0
added interface eth0 ip=a.b.c.233 bcast=a.b.c.255 netmask=255.255.255.128
interpret_interface: using netmask value 24 from config file on 
interface tun0
not adding non-broadcast interface tun0
Socket options:
         SO_KEEPALIVE = 0
         SO_REUSEADDR = 1
         SO_BROADCAST = 1
         Could not test socket option TCP_NODELAY.
         Could not test socket option TCP_KEEPCNT.
         Could not test socket option TCP_KEEPIDLE.
         Could not test socket option TCP_KEEPINTVL.
         IPTOS_LOWDELAY = 0
         IPTOS_THROUGHPUT = 0
         SO_SNDBUF = 124928
         SO_RCVBUF = 124928
         SO_SNDLOWAT = 1
         SO_RCVLOWAT = 1
         SO_SNDTIMEO = 0
         SO_RCVTIMEO = 0
         Could not test socket option TCP_QUICKACK.
Socket opened.
querying name-of-host on 10.8.0.1
Sending a packet of len 50 to (10.8.0.1) on port 137
Sending a packet of len 50 to (10.8.0.1) on port 137
Sending a packet of len 50 to (10.8.0.1) on port 137
name_query failed to find name name-of-host
----------------------------------- 8< -------------------------------

(Output of nmblookup slightly shortened for the sake of clarity)

When I'm using one of the other Samba server's IP addresses instead, 
everything works just fine:

----------------------------------- 8< -------------------------------
tux:~# nmblookup name-of-host -RU a.b.c.233 -d 6
INFO: Current debug levels:
...
interpret_interface: using netmask value 8 from config file on interface lo
added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
interpret_interface: using netmask value 25 from config file on 
interface eth0
added interface eth0 ip=a.b.c.233 bcast=a.b.c.255 netmask=255.255.255.128
interpret_interface: using netmask value 24 from config file on 
interface tun0
not adding non-broadcast interface tun0
Socket options:
         SO_KEEPALIVE = 0
         SO_REUSEADDR = 1
         SO_BROADCAST = 1
         Could not test socket option TCP_NODELAY.
         Could not test socket option TCP_KEEPCNT.
         Could not test socket option TCP_KEEPIDLE.
         Could not test socket option TCP_KEEPINTVL.
         IPTOS_LOWDELAY = 0
         IPTOS_THROUGHPUT = 0
         SO_SNDBUF = 124928
         SO_RCVBUF = 124928
         SO_SNDLOWAT = 1
         SO_RCVLOWAT = 1
         SO_SNDTIMEO = 0
         SO_RCVTIMEO = 0
         Could not test socket option TCP_QUICKACK.
Socket opened.
querying name-of-host on a.b.c.233
Sending a packet of len 50 to (a.b.c.233) on port 137
Received a packet of len 68 from (a.b.c.233) port 137
nmb packet from a.b.c.233(137) header: id=29452 opcode=Query(0) response=Yes
     header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes
     header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
     answers: nmb_name=name-of-host<00> rr_type=32 rr_class=1 ttl=251853
     answers   0 char `..S..`..S..   hex 60008253D4E960008253D481
Got a positive name query response from a.b.c.233 ( a.b.c.233 a.b.c.129 )
a.b.c.233 file-server-hst<00>
a.b.c.129 file-server-hst<00>
tux:~#
----------------------------------- 8< -------------------------------

It also works just fine when I set the "bind interfaces only" option to 
"no", but I'd prefer not to do this.

I guess that the problem has something to do with the "not adding 
non-broadcast interface tun0" debug message (tun0 is created by an 
OpenVPN daemon and set to 10.8.0.0/24), but how could this be avoided?


Best regards,

Sebastian


More information about the samba mailing list