First of all I'd like to apologize for the length of this mail. I could have split it into multiple questions, but since all of them are related I felt it would be better this way.
I'm in the process of writing a NBNS daemon for Linux. This comes after I've failed to get the wins code in samba to work for me. Related to this are the following questions: 1) Samba does not seem to implement the MSRPC R_WinsGetBrowserNames request (at least fast grepping trough the source did not reveal this to me). It seems that implementing that in the WINS code is what is needed to get cross subnet multidomain browsing working. I posted a question related to this problem some months ago but then I assumed (like most) that cross subnet browsing just magically works. Since then (and since I've been looking at NBNS packets on the wire quite extensively), I also found a MS KB article 188001 which says also this (quoting): "The PDC has is also responsible for connecting to its primary Windows Internet Name Service (WINS) server every 12 minutes to obtain a list of all the DomainName type <1b> entries that are registered by the PDCs throughout the enterprise. This is done by issuing an MSRPC R_WinsGetBrowserNames request." This was my problem exactly. I have multiple domains, and the PDCs and domain members are isolated on their own subnets. Since the domains are limited within a subnet, none of the other subnets' LMBs (local master browser) have any reasons to contact those domains' DMBs (PDCs). Please correct me if I'm wrong, but if not that RPC call, how do the DMBs learn about other domains/workgroups (apart of their own)? Normally group names of DOMAIN<1b> are used by the LMBs to locate that groups/domains DMB. It seems to me that LMBs have no reason to even ask for the other OTHERDOMAIN<1B> and indeed, there is no way (at least I found no reference) to query the wins server for a list of <1B> names. Also I've read the browsing.txt quite a few times (over past months) and it only documents the cases where a domain spans subnets. In that case the previous paragraph is enough. In my case, it is not enough and it seems that after googling around the net also listed some universities which just bluntly say that "you have learned to expect browsing to work. It doesn't anymore, use direct names" and it seems they truly believe that this kind of browsing wouldn't work. It won't work with samba WINS (again, please correct me if I'm wrong). Is there any quick way to fix this or should I just use MS WINS server instead? I've been hoping to not go that way but it sure seems inevitable now. 2) related to the above mess, I have a question: how many LMBs are there in a subnet with multiple domains (say three) and do they interact at all between themselves or does each LMB only exist in it's workgroup/domain (which would seem logical in some perverse way)? 3) looking at the NBNS packets it looks like a samba host will always be M-node. This is also evident by the name resolution sequence (as seen on wire). The parameter for controlling the resolution order (wins/bcast) doesn't seem to affect this at all. Also there doesn't seem a way to force samba into working as H-node or P-node. Is this normal behaviour or a samba misfeature? While testing, I've been using 2.2.3-6 (latest debian version in testing). 4) when running multihost samba (host with multiple interfaces) some funny things are seen on wire. and yes I know that multi-interface support in NBNS is a joke, but just bear with me for a while. by default samba will bind to all present bcast capable interfaces. including the loopback. if you have only one physical interface, this will mean that samba will bind to loopback and that interface, which will make samba multihost node. when samba is using wins, it will send MULTI-HOMED REGISTRATION REQUEST packet to the NBNS for each interface. For some reason it will not do this for the loopback device (I guess linux doesn't want to route stuff from lo-net into a real net) which will mean that only one of those packets actually arrive at the NBNS. That's still ok. NBNS will still query the samba host for all of it's names and pick the ones that got pre-registered from there and negative acks the rest (including the lo). Is there any point in making a host with lo to be multihomed? If there is, the logic escapes me. 5) with respect to browsing.txt: somewhere in the doc it mentions that you should not set samba to be the DMB for a workgroup that has the same name as an NT Domain. I'm not quite clear how this is even possible unless bcast resolution within one subnet is used an samba will win the elections for the domain PDC. is this what the document really means? 6) once these issues are solved, I volunteer to overhaul the browsing.txt unless there are other plans with respect of that. in places it's not as clear as it should it and also there are too many "should/should not's" scattered troughough the document without telling why not. I could also include a mention about the WINS/multi subnet/multi PDC problem. postscript) Don't understand me wrong, I love samba, I use samba all the day, but I just thought that having just a WINS daemon which would not participate in the browsing at all (except it seems it still needs the RPC) would have been nicer for all kinds of router projects with small memory footprint requirements. And besides that, I failed to get samba wins working :-). I also debugged a lot of the wins code in samba but failing to understand all the intricacies involved in a real network, didn't find any problems there. BTW the code is nice :-) whoever enforces the style, kudos for them. it was clear (for once). please cc-reply, I'm on multiple lists as it is. Aleksandr Koltsoff net/secadmin
