[Samba] Network Meltdown after Samba 4.9.0 Upgrade

Reuben Farrelly reuben-samba at reub.net
Sat Sep 15 02:52:52 UTC 2018 

Hi,

Last night I attempted to upgrade from Samba 4.8.5 to 4.9.0, with 
disastrous results.  Upon starting Samba 4.9.0 my entire network came to 
a screaming halt a few seconds later, and upon shutting Samba down it 
came back to life again.

Just to be sure this wasn't a coincidence, I then started Samba again. 
Once again all connectivity stopped, but came back as soon as I was able 
to shut down Samba.

Network switches were all logging that they were shutting down physical 
ports due excessive numbers of broadcast packets being seen, and a 
Wireshark capture from my PC verified that indeed there really was a 
broadcast storm happening that was triggering this.

The capture showed that upon startup Samba 4.9.0 was sending thousands 
and thousands of broadcast packets onto the wire in very quick 
succession.  Wireshark counted around 6500 broadcasts in about 300ms. 
The packets are all Host Announcement packets sent from the IPv4 address 
of the host to the broadcast address of the subnet the Samba is on.

Upon reverting back to 4.8.5 with no other config changes, everything is 
back to normal again.

The config is very basic:

thunderstorm ~ # testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[root]"
Processing section "[photos]"
Processing section "[store]"
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
         dns proxy = No
         domain master = Yes
         load printers = No
         log file = /var/log/samba/log.%m
         map to guest = Bad User
         max log size = 200
         pam password change = Yes
         preferred master = Yes
         printcap name = /dev/null
         security = USER
         server role = standalone server
         server string = Samba Server %v
         unix extensions = No
         unix password sync = Yes
         username map = /etc/samba/smbusers
         workgroup = REUB
         idmap config * : backend = tdb

There are four very basic shares specified after this.

There is a Win2k16 server on the network but it is not currently 
providing any services and is not configured to support domain logins 
(workgroup only).

I have uploaded the pcap file and the daemon logs to my web server:

https://www.reub.net/files/samba/Samba-Syslog.log
https://www.reub.net/files/samba/Samba-4.9.0-NetworkMeltdown.pcap

The system is a Gentoo Linux x86_64 kept very up to date.  The server is 
a VM which has one interface that has 4 IPv4 and IPv6 addresses on it, 
as well as a second vNIC (currently used for backups only with no hosts 
on it right now).

Can anyone please assist in getting to the bottom of what appears to be 
a nasty bug?  I'm keen to work on getting to the root cause of this.

Thanks,
Reuben

More information about the samba mailing list