#127398 - 21/11/2002 15:41
Samba + Wins + Multihomed box = irritation
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
Ok, I have a Samba box connected to two separate networks. For my sake, lets name them the way we refer to them here, Deadnet (our lab network), and Corpnet (the production network with all the workstations and such).
This box sits on both networks, and has it's default route on the Corpnet. It also has the Wins server address set to a Corpnet Wins server. The Deadnets default gateway allows any machine on that network to see the Corpnet. But, the Corpnet has no way of seeing the Deadnet.
The box initially had eth0 on the Deadnet, and eth1 on the Corpnet. I had Samba running fine, and everyone on the Deadnet could see it. But, the Corpnet side couldn't. Pinging the machine name (but not the full DNS name) resulted in the name resolving to the Deadnet IP, even on the Corpnet side. So I changed the interfaces around so that eth0 is Corpnet, and eth1 is Deadnet. Figuring some obscure cache in Windows would bite me on this, I tried pinging the server from a different Corpnet workstation after rebooting the entire box. Same problem, the name resolved to the Deadnet IP.
How can I fix this? Or maybe it is a caching problem still on the server side, is there a utility out there to directly query the Wins server?
|
Top
|
|
|
|
#127399 - 21/11/2002 15:57
Re: Samba + Wins + Multihomed box = irritation
[Re: drakino]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Where are you pinging from? What does it use for name resolution? What exactly are you trying to accomplish?
_________________________
Bitt Faulk
|
Top
|
|
|
|
#127400 - 21/11/2002 18:16
Re: Samba + Wins + Multihomed box = irritation
[Re: drakino]
|
old hand
Registered: 12/08/2000
Posts: 702
Loc: Netherlands
|
try nmblookup :
nmblookup -R -U <ip of wins-server> <name>#<type>
I've also got a perl script to set WINS entries on a remote WINS-server. all record types can be set except 0x1c (PDC). Got to sniff an NT4-server sometimes to see how he is doing it.
_________________________
Frank van Gestel
|
Top
|
|
|
|
#127401 - 25/11/2002 09:00
Re: Samba + Wins + Multihomed box = irritation
[Re: fvgestel]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
Where are you pinging from? What does it use for name resolution? What exactly are you trying to accomplish?
I was pinging from multiple Windows workstations attached only to the Corporate net. I want this Samba server to be accessable by name from either network either via the normal Network Neighboorhood, or by typing \\ and it's name from the run box. Neither works right now for Corporate machines since the WINS address is coming back with an inaccessable (to them) IP.
try nmblookup
It confirms the problem. Even after 3 days since the interface swap, the WINS server shows the Deadnet address as the WINS address for the box. Not knowing the types to put after the # sign, I tried it without, and it's returning 00 for the type.
I've also got a perl script to set WINS entries on a remote WINS-server.
I'd be interested in this, so I can get this machine accessable. I'm supprised there is no way to do this in Samba. By what I can tell, this problem was talked about on their listserv back in 99, but was never fully resolved.
|
Top
|
|
|
|
#127402 - 26/11/2002 03:00
Re: Samba + Wins + Multihomed box = irritation
[Re: drakino]
|
old hand
Registered: 12/08/2000
Posts: 702
Loc: Netherlands
|
I think the default timeout for WINS-entries is 6 days, so this could explain things. According to the RFC's the entry should be overwritten when an update is done, if non-secure WINS is running. If secure(???) WINS is implemented, a check is made to see if the old IP-address is still using the name. This is according to RFC; it could be that only a ping is sent to the IP-address...
Anyway, I attached the perl script...
Attachments
126850-winsreg.pl (293 downloads)
_________________________
Frank van Gestel
|
Top
|
|
|
|
#127403 - 26/11/2002 03:04
Re: Samba + Wins + Multihomed box = irritation
[Re: fvgestel]
|
old hand
Registered: 12/08/2000
Posts: 702
Loc: Netherlands
|
The server doesn't like perl scripts as attachment. Another try as tar...
Attachments
126852-winsreg.tar (59 downloads)
_________________________
Frank van Gestel
|
Top
|
|
|
|
#127404 - 26/11/2002 14:18
Re: Samba + Wins + Multihomed box = irritation
[Re: fvgestel]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
If secure(???) WINS is implemented, a check is made to see if the old IP-address is still using the name.
I guess that is not implemented here, since the WINS servers are located on the corporate net, and have no way of pinging the deadnet IP that was being given to them.
Anyway, I attached the perl script...
It's working like a charm. After running it twice, my workstation showed the change. I'm going to go subscribe to the Samba lists and submit this as a bug/feature request. As far as I can tell, Samba has no way of using a certain WINS server for a specific interface, and part of the problem I had is due to this option missing, and it sending the wrong IP out.
|
Top
|
|
|
|
#127405 - 26/11/2002 14:27
Re: Samba + Wins + Multihomed box = irritation
[Re: drakino]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
As far as I can tell, Samba has no way of using a certain WINS server for a specific interface I think the idea is that if you need that feature, you just run two instances of Samba, one bound to each interface. This, I believe, is a limitation of how it binds to the interfaces under Unix. It doesn't bind to each interface explicitly, but to 0.0.0.0, which just gets everything, and once they've done that, there's not any way to distinguish over which interface packets came from.
But I could be wrong.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#127406 - 26/11/2002 15:15
Re: Samba + Wins + Multihomed box = irritation
[Re: wfaulk]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
It doesn't bind to each interface explicitly, but to 0.0.0.0
It can be told to bind to specific interfaces with the bind interfaces parameter in the config file. At least 2.2 can.
I never did try binding it two the two different interfaces and playing with the order though, so maybe that could be the solution. I'll have to try that during a less busy time for the box.
|
Top
|
|
|
|
#127407 - 26/11/2002 15:59
Re: Samba + Wins + Multihomed box = irritation
[Re: drakino]
|
old hand
Registered: 12/08/2000
Posts: 702
Loc: Netherlands
|
I'm going to go subscribe to the Samba lists and submit this as a bug/feature request. As far as I can tell, Samba has no way of using a certain WINS server for a specific interface, and part of the problem I had is due to this option missing, and it sending the wrong IP out.
I personally think that WINS is a bug. If you look at how dependant corporate networks are to WINS, it's a miracle there hasn't been a virus that overflows the WINS database. not to think about names spoofing...
The dynamic DNS with secure updates approach of win2000 and XP looks a lot more robust, though I'm not convinced yet. We're implementing it right now, so the future will tell...
_________________________
Frank van Gestel
|
Top
|
|
|
|
|
|