[Samba] Samba3 on multiple networks, how to make it hand out the correct IP?
L.P.H. van Belle
belle at bazuin.nl
Wed Sep 24 00:31:00 MDT 2014
I suggest you setup advanced routing with routing tables.
google a bit for it and start with reading..
here are some pointers.
add a table to /etc/iproute2/rt_tables
100 UseFirstNetwork
200 UseSecondNetwork
something like this in your interfaces file.
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.221
netmask 255.255.255.0
post-up ip route add 192.168.1.0/24 dev eth0 src 192.168.249.221 table UseFirstNetwork
post-up ip route add 10.1.0.0/24 dev eth0 via 192.168.249.1 table UseSecondNetwork
post-up ip rule add from 192.168.1.0/24 table UseFirstNetwork
post-up ip rule add to 192.168.1.0/24 table UseFirstNetwork
post-up ip rule add from 10.1.0.0/16 table UseSecondNetwork
post-up ip rule add to 10.1.0.0/16 table UseSecondNetwork
post-up ip route add 192.168.1.0/24 via YOURGATEWAYIP table UseFirstNetwork
post-up ip route add 0.1.0.0/24 via YOURGATEWAYIP2 table UseSecondNetwork
post-down ip rule del from 192.168.1.0/24 table UseFirstNetwork
post-down ip rule del from 10.1.0.0/16 table UseSecondNetwork
these is a nice links to read.
https://www.debian-administration.org/article/377/Routing_for_multiple_uplinks
www.lartc.org
http://www.rjsystems.nl/en/2100-adv-routing.php
and really read and understand before you start using this in production.
Good luck.
Louis
>-----Oorspronkelijk bericht-----
>Van: syzop at vulnscan.org [mailto:samba-bounces at lists.samba.org]
>Namens Bram Matthys
>Verzonden: dinsdag 23 september 2014 19:55
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Samba3 on multiple networks, how to make it
>hand out the correct IP?
>
>Hi,
>
>My Samba 4.1.x server is connected to two networks, one in the
>192.168.*
>range (wired) and one in the 10.* range (wifi). The clients on either
>network normally cannot reach each other.
>I noticed Samba hands out (eg: for dcname.company.net) it's
>IP's from both
>ranges to clients on both sides. So the 192.168.* clients get
>two A records:
>192.168.1.1 & 10.0.0.2.
>
>I noticed that, because of this current behavior, domain
>logins (well, time
>between login & until the user sees a desktop) have an extra
>delay of more
>than 60 seconds because the client tries to connect to the wrong IP.
>Eventually it works, but the penalty is huge.
>
>Given that Samba knows which network the client is on I would
>have expected
>it to actually be a little bit smarter with regards to that.
>
>Anyway, I'd like to see this changed so that any clients on
>192.168.* only
>get the 192.168.1.1 address, and the clients on 10.* only get 10.0.0.2.
>
>How can I do this?
>
>Thanks,
>
>Bram.
>
>--
>Bram Matthys
>Software developer/IT consultant syzop at vulnscan.org
>Website: www.vulnscan.org
>PGP key: www.vulnscan.org/pubkey.asc
>PGP fp: EBCA 8977 FCA6 0AB0 6EDB 04A7 6E67 6D45 7FE1 99A6
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list