[Samba] Network Meltdown after Samba 4.9.0 Upgrade
reuben-samba at reub.net
Sat Sep 15 02:52:52 UTC 2018
Last night I attempted to upgrade from Samba 4.8.5 to 4.9.0, with
disastrous results. Upon starting Samba 4.9.0 my entire network came to
a screaming halt a few seconds later, and upon shutting Samba down it
came back to life again.
Just to be sure this wasn't a coincidence, I then started Samba again.
Once again all connectivity stopped, but came back as soon as I was able
to shut down Samba.
Network switches were all logging that they were shutting down physical
ports due excessive numbers of broadcast packets being seen, and a
Wireshark capture from my PC verified that indeed there really was a
broadcast storm happening that was triggering this.
The capture showed that upon startup Samba 4.9.0 was sending thousands
and thousands of broadcast packets onto the wire in very quick
succession. Wireshark counted around 6500 broadcasts in about 300ms.
The packets are all Host Announcement packets sent from the IPv4 address
of the host to the broadcast address of the subnet the Samba is on.
Upon reverting back to 4.8.5 with no other config changes, everything is
back to normal again.
The config is very basic:
thunderstorm ~ # testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[root]"
Processing section "[photos]"
Processing section "[store]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
dns proxy = No
domain master = Yes
load printers = No
log file = /var/log/samba/log.%m
map to guest = Bad User
max log size = 200
pam password change = Yes
preferred master = Yes
printcap name = /dev/null
security = USER
server role = standalone server
server string = Samba Server %v
unix extensions = No
unix password sync = Yes
username map = /etc/samba/smbusers
workgroup = REUB
idmap config * : backend = tdb
There are four very basic shares specified after this.
There is a Win2k16 server on the network but it is not currently
providing any services and is not configured to support domain logins
I have uploaded the pcap file and the daemon logs to my web server:
The system is a Gentoo Linux x86_64 kept very up to date. The server is
a VM which has one interface that has 4 IPv4 and IPv6 addresses on it,
as well as a second vNIC (currently used for backups only with no hosts
on it right now).
Can anyone please assist in getting to the bottom of what appears to be
a nasty bug? I'm keen to work on getting to the root cause of this.
More information about the samba