I'm trying to run samba but my log keeps getting filled with errors. xxx.xxx.xx.xxx sent an invalid ICMP error to a broadcast happens every few seconds... I've fixed this before but forgot how... go figure.. It was in the archives.. Anyone remember how to stop or sqwelch this anoying error message? Thanks Bob Robert j Bartels Network Administrator Physiology College of Medicine University of Kentucky 859.323.6264
[Robert Bartels <rbart2@pop.uky.edu>]> I'm trying to run samba but my log keeps getting filled with errors. > xxx.xxx.xx.xxx sent an invalid ICMP error to a broadcast happens > every few seconds...I don't think this has anything to do with Samba. It seems to be a faulty TCP/IP stack on the machine whose IP you see. (That or a buggy switch/bridge, I suppose.) You may be able to configure syslog to ignore these messages. Probably not, but check. There also might be some kernel parameters you can configure, depending on what version of Unix you are using. Peter
> ---------- > From: Peter Samuelson[SMTP:peter@cadcamlab.org] > Sent: Tuesday, September 05, 2000 8:11 AM > To: Robert Bartels > Cc: samba > Subject: Re: sent an invalid ICMP error to a broadcast. > > > [Robert Bartels <rbart2@pop.uky.edu>] > > I'm trying to run samba but my log keeps getting filled with errors. > > xxx.xxx.xx.xxx sent an invalid ICMP error to a broadcast happens > > every few seconds... > > I don't think this has anything to do with Samba. It seems to be a > faulty TCP/IP stack on the machine whose IP you see. (That or a buggy > switch/bridge, I suppose.) >No and yes : i knew this error message well and had to live with it until we cut our LAN into some VLANs. The error comes (in our case) from buggy mainframe equipment. The error appears always and on each machine running samba (all versions) when the nmbd are started. The error disappears immediately on all machines when the nmbd are stopped.> You may be able to configure syslog to ignore these messages. Probably > not, but check. There also might be some kernel parameters you can > configure, depending on what version of Unix you are using. >Sorry, but IMHO the only thing you could do is to bring these machines (the ones that send the invalid packets) into a separate LAN Segment (via VLAN or router, just as you want)> Peter > >
I had this problem at one point as well, and while I don't remember for
certain how
I fixed it, I believe it was with the interfaces paramater in smb.conf.
eg for my server with too many local networks who unfortunately has to double as
NAT/Firewall.
interfaces = 127.0.0.0/24 10.24.26.0/24 10.24.33.0/24 10.26.8.0/24
10.25.41.0/24
this is not a bad idea if you have to run samba with an inet connection, just
don't
add the inet interface. I think though, that even if you just expilicity state
all
the interfaces on the machine that the problem will go away. I think this is
caused
by samba maintaining compatibility with the MS tcp-ip stack, which calls for all
broadcasts to be sent to 255.255.255.255 instead of the subnet broadcast address
(10.24.26.255 for example).
Gothchas:
I've whacked all the tcp ip info in this mail (other than the local
interfaces)
because I'm paranoid.
Make sure to put in the localhost net in the interfaces statement, unless you
have
multiple sambas talking to wins - see my note below (from an old problem). SWAT
only
runs where samba runs as well.
Samba
this may be a bug, but when interfaces is not and is using a
non-local wins server then it tries to become a domain master browser on
the local-subnet first. It fails because the wins server has already
registered itself on the remote machine as having that address. So it
fails being a domain master browser and doesn't contiune trying (and
consequently doesn't register other interfaces with the wins server).
Cross-subnet browsing to this workgroup doesn't work. Not totally sure
this is true in all cases. I don't remember needing to change this on
Greg's smb.conf, but it should be checked.
Other than that, the other stuff you just turn on (all the master
junk) set the os level to 65 or more, add a remote browse sync to the
broadcast addresses you want to sync to, and direct to the wins server.
so this in smb.conf
interfaces = 10.4.21.1/24
domain logons = Yes
os level = 65
preferred master = Yes
local master = Yes
domain master = Yes
wins server = 10.25.27.1
remote browse sync = 10.25.27.255 10.4.24.255
invalid users = root
Wade Burgett
Burgett Systems
http://www.burgettsys.com/