David Black
2005-Jan-13 17:49 UTC
[Samba] multi-homed server: trouble hiding private interfaces
How can I effectively and completely hide private interfaces on my Linux Samba servers? (PDC and file server) Even when I use the "interfaces" option and even "bind interfaces only", "net lookup dc" still returns IP addresses from the private interfaces, and for that matter another machine that is not even running Samba (once was, no longer). Seems like the info is cached somewhere I don't know of. I'm running Samba 3.0.7. My PDC's interfaces are as follows (eth0 is down and unused): eth1: 192.168.10.193/24 eth1:0: 192.168.10.230 eth2: 192.168.20.2/24 Another machine that backs up the PDC - normally not running samba at all, but takes over the .230 address if the PDC goes down has: eth1: 192.168.10.194/24 eth2: 192.168.20.1/24 When I type net lookup dc, here's what I see: 192.168.10.230 192.168.10.193 192.168.10.194 192.168.20.1 192.168.20.2 Ideally I'd like to have it show just the .230 address. Beats me where all the others are coming from. I've tried: interfaces = 192.168.10.0/255.255.255.0 127.0.0.1 bind interfaces only = Yes - seems to actually hose things up; clients say a DC is not available interfaces = 192.168.10.230 127.0.0.1 bind interfaces only = Yes - works ok but I still see output from net lookup as above and clients trying to talk to the .20 network interfaces = eth1* 127.0.0.1 bind interfaces only = Yes - same result as #2 Thanks in advance for any help. Dave
David Black
2005-Jan-13 18:22 UTC
[Samba] multi-homed server: trouble hiding private interfaces
Figured this one out too - /var/cache/samba was the answer (in particular, wins.dat and gencache.tdb). I stopped samba, removed the files and restarted. Now net lookup dc returns the single IP address I wanted. Sorry for the wasted bandwidth... Dave David Black wrote:> Even when I use the "interfaces" option and even "bind interfaces only", > "net lookup dc" still returns IP addresses from the private interfaces, > and for that matter another machine that is not even running Samba (once > was, no longer). Seems like the info is cached somewhere I don't know > of. I'm running Samba 3.0.7.