I have a rather unusual setup within which I'd like to run samba.
At this point I have:
a) 3 networks (all private IP's)
b) net1, net2 are interconnected by a router.
net1 has a host that also acts as a WINS server and is local master,
domain master, preferred master for it's group. (linux slack7.0, samba
2.0.5)
router between net1, net2 has an IP in each network and samba
configured on both interfaces. local master for it's own group, and
configured to use WINS server on net1. (linux slack 7.1, samba 2.0.?)
clients are MSwin95/98 all configured to use WINS on net1.
on these 2 networks browsing works fine.
c) add net3 (and here comes the odd setup). net3 is connected to WINS
of net1 through a tunnel (over the big bad internet).
tunnel end on net3 is Slack8, samba 2.2.0a. configured as local master,
uses wins of NET1. both ends of the tunnel are configured to remote
announce to the other end and remote browse sync with the other end.
RESULT: browsing of net3 does not work from within net1, net2, although
group name is seen and \\net3-router works.
net3-router only sees net1-router (wins). does not see any groups in
net1, net2.
Here's a more graphical explanation:
net1-router (also wins) eth0 ------- eth0 net2-router eth1 ---- net2
|tun1 | |
| net1 hosts net2 hosts
| group1 group2
|
tunnel
|
|
|tun3
net3-router eth1 (public IP1, tunnel end)
net3-router eth0 -- net3
| |
| net3 hosts
eth0 (public IP2, private IP-net3)
Entire network is supposed to work with private IP's and through the
tunnel.
net1-router has a public IP
net3-router has 2 public IP's, each on one interface. It is also a
router for a C subclass of public addresses. Also has private network
alias.
Over this entire private network, routing of packets works properly.
both net1-router and net3-router also act as firewall, but tunnel
traffic is not filtered (already checked thoroughly).
Checked with icmp, checked with ssh from host on net1 to host on net3.
works.
on net1-router:
nmbd logs show LMB announcement from net3-router
smbclient -L net3-router works.
smbclient -L net3-host does not.
same from net1-host.
Before writing this message:
on net3-router:
eth1 first declared IP is a public address
second (but not declared as SECONDARY) is private IP on net3.
any communication from net3-router to net1 is initiated with
source-IP=tun3-IP (also from private space).
When samba is configured with interfaces :
eth1 first IP (public)
eth1 second IP (private, net3 IP)
all messages coming from net3-router to net1-router (also wins) arrive
with source-IP=eth1 first IP (public).
This seems quite odd. Added tun3-IP to interfaces clause, with same
result.
In the end, I removed the public IP declaration from interfaces clause
in smb.conf.
Now packets arriving from net3-router to net1-router have
source-IP=eth1 second IP (private) which is ok for what we want.
However, this last idea did not help browsing to work at all.
Please help. By now I am completely out of ideas.
Thank you.
====ing. Andrei Boros
Centrul pt. Tehnologia Informatiei
Societatea Romana de Radiodifuziune
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
I have a rather unusual setup within which I'd like to run samba.
At this point I have:
a) 3 networks (all private IP's)
b) net1, net2 are interconnected by a router.
net1 has a host that also acts as a WINS server and is local master,
domain master, preferred master for it's group. (linux slack7.0, samba
2.0.5)
router between net1, net2 has an IP in each network and samba
configured on both interfaces. local master for it's own group, and
configured to use WINS server on net1. (linux slack 7.1, samba 2.0.?)
clients are MSwin95/98 all configured to use WINS on net1.
on these 2 networks browsing works fine.
c) add net3 (and here comes the odd setup). net3 is connected to WINS
of net1 through a tunnel (over the big bad internet).
tunnel end on net3 is Slack8, samba 2.2.0a. configured as local master,
uses wins of NET1. both ends of the tunnel are configured to remote
announce to the other end and remote browse sync with the other end.
RESULT: browsing of net3 does not work from within net1, net2, although
group name is seen and \\net3-router works.
net3-router only sees net1-router (wins). does not see any groups in
net1, net2.
Here's a more graphical explanation:
net1-router (also wins) eth0 ------- eth0 net2-router eth1 ---- net2
|tun1 | |
| net1 hosts net2 hosts
| group1 group2
|
tunnel
|
|
|tun3
net3-router eth1 (public IP1, tunnel end)
net3-router eth0 -- net3
| |
| net3 hosts
eth0 (public IP2, private IP-net3)
Entire network is supposed to work with private IP's and through the
tunnel.
net1-router has a public IP
net3-router has 2 public IP's, each on one interface. It is also a
router for a C subclass of public addresses. Also has private network
alias.
Over this entire private network, routing of packets works properly.
both net1-router and net3-router also act as firewall, but tunnel
traffic is not filtered (already checked thoroughly).
Checked with icmp, checked with ssh from host on net1 to host on net3.
works.
on net1-router:
nmbd logs show LMB announcement from net3-router
smbclient -L net3-router works.
smbclient -L net3-host does not.
same from net1-host.
Before writing this message:
on net3-router:
eth1 first declared IP is a public address
second (but not declared as SECONDARY) is private IP on net3.
any communication from net3-router to net1 is initiated with
source-IP=tun3-IP (also from private space).
When samba is configured with interfaces :
eth1 first IP (public)
eth1 second IP (private, net3 IP)
all messages coming from net3-router to net1-router (also wins) arrive
with source-IP=eth1 first IP (public).
This seems quite odd. Added tun3-IP to interfaces clause, with same
result.
In the end, I removed the public IP declaration from interfaces clause
in smb.conf.
Now packets arriving from net3-router to net1-router have
source-IP=eth1 second IP (private) which is ok for what we want.
However, this last idea did not help browsing to work at all.
Please help. By now I am completely out of ideas.
Thank you.
====ing. Andrei Boros
Centrul pt. Tehnologia Informatiei
Societatea Romana de Radiodifuziune
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com