RE: [Samba] Cannot sync browser lists
On Mon, 2003-03-17 at 23:13, [EMAIL PROTECTED] wrote: It's still working like a champ. good to hear everything is ok. The weird thing is it used to work over the ctc channel. Then one weekend it stopped, and nothing I could do would get it started again. I wonder..do you use rip or a similar routing protocol? hhmm.. regards, Richard Coates. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot sync browser lists
Well, thanks for all your help. interface ctc0 ? Channel to channel, a point-to-point connection without broadcast, one of the interface types that are available with the s/390 architecture. That could be why the tcpdump looked screwy. The server is dual-homed, I'll go ahead and add the eth interface to samba, route to the pdc through that, and see if I have better luck. It'll at least help in diagnosing with tcpdump, probably. what doessmbclient -L winshostname -U validuseronserver I saw the shares on that WINS/PDC and below that, the computers that show up in network neighborhood (and mine wasn't in there :(). Things just got more interesting... I changed the route table so traffic to the pdc goes through the eth0 interface, and added eth0 to my interfaces line in smb.conf. Right after firing up nmbd I got: [2003/03/10 07:10:46, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 693 received with no matching record. [2003/03/10 07:10:46, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235) find_response_record: response packet id 694 received with no matching record. but since first start, it hasn't shown up in log.nmdb, and now the wins server sees me, the samba server shows up in network neighborhood. I've read that the find_response_record sometimes occurs with subnets with some versions of win95 on them? I don't know what's on that subnet. Ahh wait a minute...if some things work and not others...I believe wins calls are udp protocol based NOT tcp...even though the port nos are the same. which brings us back to the firewall again Well, using either interface, nmap -sU -p 137 [wins/pdc] says: Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 And using -P0 works over both interfaces, shows 137 udp open. Same deal with tcp 139. Have to -P0 and then it shows it open. Unfortunately users are on now... tomorrow morning I'll try switching back to ctc0 and see if things stop working. Things stopped working the first time over a weekend, and the windows guys said that the pdc/wins server had crashed and burned and needed to be rebooted, and since then I wouldn't show up anymore. Wishful thinking, I know, but maybe connecting over the other interface will get me back in over the interface which used to work and which I should be connecting over, ctc. I guess I'll find out tomorrow. I took a tcpdump over eth0, a lot more chatty (probably because things are working, and it may just be a chattier interface). Any things I should be looking for in it? regards Richard Coates. Thanks for your patience, ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot sync browser lists
No the tcpdump makes no sense to me either!! just curious what os uses interface ctc0 ? well your ping packets are returned so routing should be ok.. samba is configured to use/listen-on interface ctc0 right ? what doessmbclient -L winshostname -U validuseronserverreturn? if i'm right an error, as the winshostname won't be resolved. And probably no other names either except by broadcasting on local lan when wins-retries time out. Ahh wait a minute...if some things work and not others...I believe wins calls are udp protocol based NOT tcp...even though the port nos are the same. which brings us back to the firewall again regards Richard Coates. On Fri, 2003-03-07 at 22:53, [EMAIL PROTECTED] wrote: Hey, I really appreciate you getting back to me. Your firewall suspicion could be true, but the network guys deny changing anything. That really seems the most likely answer though. Not sure if this is significant, but a nmap can get to UDP 137-139 of the pdc/wins server, but only after -P0? [EMAIL PROTECTED] root]# ping -c 3 [pdc/wins host] PING [pdc/wins host] (172.16.23.193) from 172.16.62.207 : 56(84) bytes of data. 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=0 ttl=127 time=351 usec 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=1 ttl=127 time=361 usec 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=2 ttl=127 time=358 usec --- [pdc/wins host] ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/mdev = 0.351/0.356/0.361/0.022 ms [EMAIL PROTECTED] root]# nmap -sU -p 137-139 [pdc/wins host] Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ ) Note: Host seems down. If it is really up, but blocking our ping probes, try -P0 Nmap run completed -- 1 IP address (0 hosts up) scanned in 31 seconds [EMAIL PROTECTED] root]# nmap -P0 -sU -p 137-139 [pdc/wins host] Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ ) Interesting ports on [pdc/wins host] (172.16.23.193): Port State Service 137/udpopennetbios-ns 138/udpopennetbios-dgm 139/udpopennetbios-ssn Nmap run completed -- 1 IP address (1 host up) scanned in 12 seconds Anyway, here's that tcpdump, I'm not sure how to read it except that I expect the packets with 0089 (decimal 137) at bytes 7-8 and 9-10 are the ones I'm interested in. It looks like the smaller packets from 07:07:51-07:07:52 are from the local newserver (innd). Here's log.nmbd during the tcpdump [2003/03/07 07:02:16, 0] nmbd/nmbd.c:main(794) Netbios nameserver version 2.2.8pre2 started. Copyright Andrew Tridgell and the Samba Team 1994-2002 [2003/03/07 07:02:16, 1] lib/debug.c:debug_message(258) INFO: Debug class all level = 1 (pid 19037 from pid 19037) [2003/03/07 07:08:05, 0] nmbd/nmbd_become_lmb.c:become_local_master_stage2(404) * Samba name server TCSL is now a local master browser for workgroup TCS_MAIN_DOM on subnet 172.16.18.130 * [2003/03/07 07:08:36, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262) domain_master_node_status_fail: Doing a node status request to the domain master browser for workgroup TCS_MAIN_DOM at IP 172.16.23.193 failed. Cannot sync browser lists. And the dump for the the first five minutes or so of smbd/nmbd startup (47 packets): [EMAIL PROTECTED] root]# tcpdump -i ctc0 tcpdump: listening on ctc0 07:02:16.528825 0:0:7d:11:14:9d 45:0:0:5a:a6:92 ac10 90: 17c1 ac10 1282 0089 0089 0046 9524 0746 ad80 0001 2046 4545 4446 4445 4d43 4143 4143 4143 4143 4143 4143 4143 4143 4143 4143 4143 4100 0020 0001 0007 e900 0006 4000 ac10 1282 07:02:16.546848 0:0:7d:11:13:9d 45:0:0:5a:a7:92 ac10 90: 17c1 ac10 1282 0089 0089 0046 9225 0747 ad80 0001 2046 4545 4446 4445 4d43 4143 4143 4143 4143 4143 4143 4143 4143 4143 4143 4141 4400 0020 0001 0007 e900 0006 4000 ac10 1282 07:02:16.558658 0:0:7d:11:11:9d 45:0:0:5a:a9:92 ac10 90: 17c1 ac10 1282 0089 0089 0046 9524 0748 ad80 0001 2046 4545 4446 4445 4d43 4143 4143 4143 4143 4143 4143 4143 4143 4143 4143 4141 4100 0020 0001 0007 e900 0006 4000 ac10 1282 07:02:16.582561 0:0:7d:11:d:9d 45:0:0:5a:ad:92 ac10 90: 17c1 ac10 1282 0089 0089 0046 be10 0749 ad80 0001 2046 4545 4446 4446 5045 4e45 4245 4a45 4f46 5045 4545 5045 4e43 4143 4143 4141 4100 0020 0001 0007 e900 0006 c000 ac10 1282 07:02:16.594338 0:0:7d:11:c:9d 45:0:0:5a:ae:92
RE: [Samba] Cannot sync browser lists
I was also under the impression that wins allowed a server on a different subnet to show up in network-neighborhood, by syncing browse lists with the domain master browser (in this case, an nt wins server and pdc). not correct. If I understand this correctly wins provides the address of the pdc so the local-subnet-master-browsers can sync their browse-lists with it. Okay, well samba isn't syncing browse lists anymore: [2003/03/04 09:30:27, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262) domain_master_node_status_fail: Doing a node status request to the domain master browser for workgroup [DOMAIN_NAME] at IP [PDC/WINS Server IP] failed. Cannot sync browser lists. By point to point I mean a network where there are two ends, A and B. B is in its own subnet, no broadcast, it uses A as its gateway/router. There is nothing else in that subnet. B access the network through A. The samba server is B. B is a local master, but not a domain master. I assume routing from the pdc back to samba is ok. Did you specify your ppp interface in interfaces = .. ? We used a samba box to share a dialup a couple of years back with similar unreliable browse-lists. From memory if samba was restarted AFTER the ppp interface came up it worked quicker. hope this helps, Yup, routing is okay, and winbind domain authentication works to the Same pdc. The interface is defined in smb.conf. Smbd/nmbd is started after the network, so that shouldn't be the problem, and restarting it does not help. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot sync browser lists
umm you lost me...lets start again. remember, wins is for name resolution. What do you mean point to point connection? ie Ras or vpn ? whatever you dial into has to include you in their browse list or your samba box has to be a local browse master and sync browse lists with the pdc after a wins lookup. It is a domain member right? If i've erred I hope someone will correct me. regards, Richard Coates. On Fri, 2003-02-28 at 23:28, [EMAIL PROTECTED] wrote: We run a similar setup as yours...Nt4 pdc routed subnets with Samba local-master-browsers joined to domain and using Nt4 as password server. I saw messages similar to yours when we had network problems. Have you tried following the troubleshooting howto in case you missed something? regards Richard Coates. Hi Richard, thanks for the tip. I've checked out the Samba Trouble Shooting Guide, and the Troubleshooting Techniques from the samba documentation page. Talking to our windows guys, I did find out that the PDC/Wins server was having problems over the weekend, went down, and had to be restarted. Since then I haven't been able to show up in the network neighborhood. Diagnosing is further complicated by the fact that the network interface on the samba box is a point-to-point connection (not standard ethernet, no broadcast). Oh well, I'll keep looking. Thanks for the tip, ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Cannot sync browser lists
umm you lost me...lets start again. remember, wins is for name resolution. What do you mean point to point connection? ie Ras or vpn ? whatever you dial into has to include you in their browse list or your samba box has to be a local browse master and sync browse lists with the pdc after a wins lookup. It is a domain member right? If i've erred I hope someone will correct me. Yes, wins is for name resolution. I was also under the impression that wins allowed a server on a different subnet to show up in network-neighborhood, by syncing browse lists with the domain master browser (in this case, an nt wins server and pdc). By point to point I mean a network where there are two ends, A and B. B is in its own subnet, no broadcast, it uses A as its gateway/router. There is nothing else in that subnet. B access the network through A. The samba server is B. B is a local master, but not a domain master. The samba server is a domain member, with winbind and security = domain, and that part is working. The part that isn't working is: nmbd[19140]: [2003/03/03 06:44:18, 0] nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262) nmbd[19140]: domain_master_node_status_fail: nmbd[19140]: Doing a node status request to the domain master browser nmbd[19140]: for workgroup [my_domain] at IP [ip addr of nt pdc/wins] failed. nmbd[19140]: Cannot sync browser lists. The domain name and ip address are correct, and an nmap -P0 -sU -p 137-139 (ip_addr) shows: Port State Service 137/udpopennetbios-ns 138/udpopennetbios-dgm 139/udpopennetbios-ssn But samba won't sync browse lists. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba