Re: [Samba] Very slow wbinfo -u

[Erik Holst Trans]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Again,
I have traced some more on the problem.
It is the failing name resolution via netbios that delay the output from 
wbinfo -u.

I can see from a trace that failing lookup's are on other DC's in the 
domain, which i don't have access to, but they probably don't provide WINS.

How do i avoid winbind to lookup these DC's, i am not going to use theme 
anyway. ?

Regards
//Erik
Erik Holst Trans wrote:
Hi,
I have set up  Samba-3.0.11 to retrive account information from W2k 
server via winbind, and it works.
But is takes about 10 sec. to retrive the information.

I have dumped some traffic from the request, and it looks like this:
A lot of these:
21:21:55.133423 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
PACKET(137): QUERY; REQUEST; UNICAST (DF)
21:21:55.133842 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
21:21:55.136553 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:21:55.406642 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:21:55.676634 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)

And at the end this.
21:22:03.358852 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
PACKET(137): QUERY; REQUEST; UNICAST (DF)
21:22:03.359260 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
21:22:03.362375 172.20.3.131.1077 > 172.20.3.130.53:  19551+ A? 
MAIL.ag-electric.ts-gruppen.lokal. (51) (DF)
21:22:03.362696 172.20.3.130.53 > 172.20.3.131.1077:  19551 NXDomain* 
0/1/0 (133)
21:22:03.365096 172.20.3.131.1077 > 172.20.3.130.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.365304 172.20.3.130.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.367225 172.20.3.131.1077 > 172.20.100.2.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.393420 172.20.100.2.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.394424 172.20.3.131.1077 > 172.20.100.3.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.417466 172.20.100.3.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.418430 172.20.3.131.1077 > 172.20.3.130.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.418693 172.20.3.130.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.420718 172.20.3.131.1077 > 172.20.100.2.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.453146 172.20.100.2.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.454160 172.20.3.131.1077 > 172.20.100.3.53:  19552+ A? MAIL. 
(22) (DF)
21:22:03.475636 172.20.100.3.53 > 172.20.3.131.1077:  19552 ServFail 
0/0/0 (22)
21:22:03.477011 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:03.543035 172.20.3.130.445 > 172.20.3.131.1195: . 
896738190:896738191(1) ack 2114075428 win 65353 (DF)
21:22:03.543236 172.20.3.131.1195 > 172.20.3.130.445: . ack 1 win 
14076 <nop,nop,sack sack 1 {0:1} > (DF)
21:22:03.746618 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:04.016733 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:04.288070 172.20.3.131.1077 > 172.20.3.130.137: NBT UDP 
PACKET(137): QUERY; REQUEST; UNICAST (DF)
21:22:04.288503 172.20.3.130.137 > 172.20.3.131.1077: NBT UDP 
PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
21:22:04.289752 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:04.556624 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:04.826634 172.20.3.131.1077 > 172.20.3.255.137: NBT UDP 
PACKET(137): QUERY; REQUEST; BROADCAST (DF)
21:22:05.098145 172.20.3.131.1200 > 172.20.3.130.389: S 
2238976557:2238976557(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 
0> (DF)
21:22:05.098373 172.20.3.130.389 > 172.20.3.131.1200: S 
925400727:925400727(0) ack 2238976558 win 65535 <mss 1460,nop,wscale 
0,nop,nop,sackOK> (DF)
21:22:05.098655 172.20.3.131.1200 > 172.20.3.130.389: . ack 1 win 5840 
(DF)
21:22:05.101294 172.20.3.131.1077 > 172.20.3.130.53:  19553+ PTR? 
130.3.20.172.in-addr.arpa. (43) (DF)
21:22:05.101577 172.20.3.130.53 > 172.20.3.131.1077:  19553* 1/0/0 (97)
21:22:05.104163 172.20.3.131.1200 > 172.20.3.130.389: P 1:61(60) ack 1 
win 5840 (DF)
21:22:05.104565 172.20.3.130.389 > 172.20.3.131.1200: P 1:87(86) ack 
61 win 65475 (DF)
21:22:05.104857 172.20.3.131.1200 > 172.20.3.130.389: . ack 87 win 
5840 (DF)
21:22:05.107316 172.20.3.131.1200 > 172.20.3.130.389: P 61:68(7) ack 
87 win 5840 (DF)
21:22:05.107594 172.20.3.130.389 > 172.20.3.131.1200: F 87:87(0) ack 
68 win 65468 (DF)
21:22:05.107907 172.20.3.131.1200 > 172.20.3.130.389: F 68:68(0) ack 
88 win 5840 (DF)
21:22:05.108047 172.20.3.130.389 > 172.20.3.131.1200: . ack 69 win 
65468 (DF)
21:22:11.745590 172.20.3.130.445 > 172.20.3.131.1196: . 
896798331:896798332(1) ack 2106587559 win 64837 (DF)
21:22:11.745880 172.20.3.131.1196 > 172.20.3.130.445: . ack 1 win 
17152 <nop,nop,sack sack 1 {0:1} > (DF)

Seem like some sort of name-resolution problem, but i have no idea 
about what is missing.
I also have no clue about the DNS lookup of MAIL comes from, there is 
none and never has been  ?

Anyone a hint ?
Regards
//Erik
Here is my smb.conf
[global]
       # Optimum Samba performance settings
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
       loglevel = 1
       # NT workgroup settings
      workgroup = AG-ELECTRIC
      server string = Samba Server
       # WINS & network browsing settings
       # All functions disabled apart from using a WINS server for 
lookups.
      local master = no
      domain master = no
      preferred master = no
      wins support = no
      wins server = 172.20.3.130
      dns proxy = yes

       security = DOMAIN
       encrypt passwords = Yes
       password server = *
       #password server = AG-W2K-SRV1
       #password server = 172.20.3.130
       # Enable Winbind for AD and local account synchronisation
       winbind separator = +
       winbind use default domain = yes
       idmap uid = 10000-20000
       idmap gid = 10000-20000
       winbind enum users = yes
       winbind enum groups = yes
       winbind cache time = 15
       # Defaults for local accounts created by Winbind
       template homedir = /home/%U
       template shell = /bin/nologin
       # Logging settings
      log file = /var/log/samba/%m.log
      max log size = 5000
       # Printer sharing
      printcap name = /etc/printcap
      load printers = no

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCSH+/pnjBy39MSwURAhi1AKCrN4NIDKJKlltkt5uBB2gPGLVlrgCeI+5O
+/S6s6NTwLbk5Iq4XYvgjSs=
=bXRc
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba