samba - Jul 2002 - Cannot Sync Browser Lists

I run an IPsec/Freeswan VPN to connect 4 disparet windows LANS.
I managed to RTFM until cross-subnet browsing worked (samba 2.0). 
Having upgraded to 2.2.3 It would seem that this feature is not working.

BACKGROUND:

originally all sources of information led me to understand that I would
need a box running samba behind the firewall/IPsec box as I could not
even ping a remote internal IP from the firewall. I then built a few
cheap x86 boxes to simply collate share information then remote browse
sync to the DMB in the main office. 

It worked!
Network neighborhood was never happier.

Since then my knowledge of iptables has increased and I now invoke 
`/sbin/iptables -t nat -A POSTROUTING -o ipsec0 -s $EXTERNALIP 
-j SNAT --to $INTERNALIP` 
This allows me to connect to services on remote internal networks from
an IPsec Gateway. 

AHA I thought. I can eliminate  those
unsightly pentium samba boxes and place the share collation on the
reliable (and underworked) firewall/IPsec Gateways now that I could
actually ping the DMB from any given IPsec GW.

If I can ping the DMB from another samba server I should be able to perform 
a remote browse sync without error.


CURRENT:

Since the only samba availible to the IPsec
gateway boxes was 2.2.3 I had to use it ( debian woody). I figured that
it would not cause any problems. 
It would appear that something is foiling my attempts for  the elegant
one box solution.

Unexplanibly the only box that correctly performs the remote browse sync
is one stray pentium running samba 2.0 (debian potato) which is on the
inside of the firewall. Perhaps because it always worked... hmm? I wonder.

The other two samba boxes luckily produce errors.. 
/var/log/samba/log.nmbd from \\SAMBA-KC  		IP 192.168.4.1:

[2002/07/08 15:58:28, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(359)
find_domain_master_name_query_fail: Unable to find the Domain Master Browser
name WORKGROUP<1b> for the workgroup WORKGROUP. Unable to sync browse
lists in this workgroup.

/var/log/samba/log.nmbd from \\SAMBA-HYDEPARK 	IP 192.168.3.1:

[2002/07/08 07:42:24, 0]
nmbd/nmbd_incomingdgrams.c:process_master_browser_announce(396)
process_master_browser_announce: Not configured as domain master - ignoring
master announce.
[2002/07/08 07:44:07, 0]
nmbd/nmbd_browsesync.c:domain_master_node_status_fail(263)domain_master_node_status_fail:
  Doing a node status request to the domain master browser
  for workgroup WORKGROUP at IP 192.168.100.4 failed.
  Cannot sync browser lists.


The core of my smb.conf is basically the same on the 3 non-DMBs:

wins server = 192.168.100.4 ; this is the  IP of the DMB

os level = 65
domain master = no
localmaster = yes
preferred master = yes
remote browse sync = 192.168.100.4 192.168.3.1 192.168.4.1


On the the DMB \\SAMBA-UNION:

os level = 65
        preferred master = True
        domain master = True
        dns proxy = No
        wins support = Yes
        remote announce = 192.168.1.2 192.168.3.1 192.168.4.1
        remote browse sync = 192.168.1.2 192.168.3.1 192.168.4.1 


If anyone can suggest any pointers I would greatly appreciate it.
I /dont/ want to return to the former config. the physical distance between
makes physical maintainace a logistical PITA
I will place conf's and logs on a website upon request

I am not on the list.
please cc: 	dxd@phmeco.com
or			dxd@dariux.net

later
-dxd

Hi,

 I just read your samba problem and I belive I know
about 1% about IPSec, FreeSwan, Smaba, GWs, tcp/ip and
nothing about ipchains and friendss, but the ability
to ping a server accross the network is just a proff
of conectivity.

 if you remember ping uses icmp packets and SMB uses
tcp (perhaps udp) packets they are very different from
a fw/gw prespective.

  check for access to the netbios ports (you'll find
them in /etc/services) in your fw rules..

regards,
esv.
================================================I run an IPsec/Freeswan VPN to
connect 4 disparet
windows LANS.
I managed to RTFM until cross-subnet browsing worked
(samba 2.0). 
Having upgraded to 2.2.3 It would seem that this
feature is not 
working.

BACKGROUND:

originally all sources of information led me to
understand that I would
need a box running samba behind the firewall/IPsec box
as I could not
even ping a remote internal IP from the firewall. I
then built a few
cheap x86 boxes to simply collate share information
then remote browse
sync to the DMB in the main office. 

It worked!
Network neighborhood was never happier.

Since then my knowledge of iptables has increased and
I now invoke 
`/sbin/iptables -t nat -A POSTROUTING -o ipsec0 -s
$EXTERNALIP 
-j SNAT --to $INTERNALIP` 
This allows me to connect to services on remote
internal networks from
an IPsec Gateway. 

AHA I thought. I can eliminate  those
unsightly pentium samba boxes and place the share
collation on the
reliable (and underworked) firewall/IPsec Gateways now
that I could
actually ping the DMB from any given IPsec GW.

If I can ping the DMB from another samba server I
should be able to 
perform 
a remote browse sync without error.


CURRENT:

Since the only samba availible to the IPsec
gateway boxes was 2.2.3 I had to use it ( debian
woody). I figured that
it would not cause any problems. 
It would appear that something is foiling my attempts
for  the elegant
one box solution.

Unexplanibly the only box that correctly performs the
remote browse 
sync
is one stray pentium running samba 2.0 (debian potato)
which is on the
inside of the firewall. Perhaps because it always
worked... hmm? I 
wonder.

The other two samba boxes luckily produce errors.. 
/var/log/samba/log.nmbd from \\SAMBA-KC  		IP
192.168.4.1:

[2002/07/08 15:58:28, 0] 
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(359)
find_domain_master_name_query_fail: Unable to find the

Domain Master Browser name WORKGROUP<1b> for the
workgroup WORKGROUP. 
Unable to sync browse lists in this workgroup.

/var/log/samba/log.nmbd from \\SAMBA-HYDEPARK 	IP
192.168.3.1:

[2002/07/08 07:42:24, 0] 
nmbd/nmbd_incomingdgrams.c:process_master_browser_announce(396)
process_master_browser_announce: Not configured as 
domain master - ignoring master announce.
[2002/07/08 07:44:07, 0] 
nmbd/nmbd_browsesync.c:domain_master_node_status_fail(263)domain_master_node_status_fail:
  Doing a node status request to the domain master
browser
  for workgroup WORKGROUP at IP 192.168.100.4 failed.
  Cannot sync browser lists.


The core of my smb.conf is basically the same on the 3
non-DMBs:

wins server = 192.168.100.4 ; this is the  IP of the
DMB

os level = 65
domain master = no
localmaster = yes
preferred master = yes
remote browse sync = 192.168.100.4 192.168.3.1
192.168.4.1


On the the DMB \\SAMBA-UNION:

os level = 65
        preferred master = True
        domain master = True
        dns proxy = No
        wins support = Yes
        remote announce = 192.168.1.2 192.168.3.1
192.168.4.1
        remote browse sync = 192.168.1.2 192.168.3.1
192.168.4.1 


If anyone can suggest any pointers I would greatly
appreciate it.
I /dont/ want to return to the former config. the
physical distance 
between makes physical maintainace a logistical PITA
I will place conf's and logs on a website upon request

I am not on the list.
please cc: 	dxd@phmeco.com
or			dxd@dariux.net

later
-dxd



__________________________________________________
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com

This samba server is alone in its subnet.  It's host and netbios name
are TCSL.  There is a NT4 WINS/PDC server on another subnet.  Using
winbind, and authentication works (security=domain).  Samba-2.2.7a-1.  I
keep on getting:

nmbd[28838]: [2003/02/27 07:09:38, 0]
nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262)
nmbd[28838]:   domain_master_node_status_fail:
nmbd[28838]:   Doing a node status request to the domain master browser
nmbd[28838]:   for workgroup [DOMAIN_NAME] at IP [IP of PDC/WINS server]
failed.
nmbd[28838]:   Cannot sync browser lists.

After sending a -HUP to nmbd

nmbd[28838]:   Got SIGHUP dumping debug info.
nmbd[28838]: [2003/02/27 07:39:59, 0]
nmbd/nmbd_workgroupdb.c:dump_workgroups(289)
nmbd[28838]:   dump_workgroups()
nmbd[28838]:    dump workgroup on subnet   [IP of TCSL]: netmask255.255.255.0:
nmbd[28838]:   ^I[DOMAIN_NAME](1) current master browser = TCSL
nmbd[28838]:   ^I^ITCSL 40049b03 (Samba Server on TCSL)
nmbd[28838]: [2003/02/27 07:39:59, 0]
nmbd/nmbd_workgroupdb.c:dump_workgroups(289)
nmbd[28838]:   dump_workgroups()
nmbd[28838]:    dump workgroup on subnet  UNICAST_SUBNET: netmask=  [IP
of PDC/WINS server]:
nmbd[28838]:   ^I[DOMAIN_NAME](1) current master browser = UNKNOWN
nmbd[28838]:   ^I^ITCSL 40019b03 (Samba Server on TCSL)

testparm shows:
        wins proxy = No
        wins server = [hostname of PDC/WINS]
        wins support = No
        wins hook 
I've tried two different WINS servers, and this samba server simply will
not show up in network neighborhood, etc.  Any ideas?

Thanks,
~ Daniel






-----------------------------------------------------------------------

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.

umm you lost me...lets start again.
remember, wins is for name resolution. What do you mean point to point
connection? ie Ras or vpn ? whatever you dial into has to include you in
their browse list or your samba box has to be a local browse master and
sync browse lists with the pdc after a wins lookup. It is a domain
member right? If i've erred I hope someone will correct me.
regards,
Richard Coates.

On Fri, 2003-02-28 at 23:28, daniel.jarboe@custserv.com
wrote:
> > We run a similar setup as yours...Nt4 pdc routed subnets with Samba
> > local-master-browsers joined to domain and using Nt4 as 
> > password server.
> > I saw messages similar to yours when we had network problems.
> > Have you tried following the "troubleshooting howto" in case
> > you missed
> > something?
> > regards
> > Richard Coates.
> 
> Hi Richard, thanks for the tip.
> I've checked out the Samba Trouble Shooting Guide, and the
> Troubleshooting Techniques from the samba documentation page.  Talking
> to our windows guys, I did find out that the PDC/Wins server was having
> problems over the weekend, went down, and had to be restarted.  Since
> then I haven't been able to show up in the network neighborhood.
> 
> Diagnosing is further complicated by the fact that the network interface
> on the samba box is a point-to-point connection (not standard ethernet,
> no broadcast).  Oh well, I'll keep looking.
> 
> Thanks for the tip,
> ~ Daniel
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> -----------------------------------------------------------------------
> 
> This message is the property of Time Inc. or its affiliates. It may be
> legally privileged and/or confidential and is intended only for the use
> of the addressee(s). No addressee should forward, print, copy, or
> otherwise reproduce this message in any manner that would allow it to be
> viewed by any individual not originally listed as a recipient. If the
> reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized disclosure, dissemination, distribution,
> copying or the taking of any action in reliance on the information
> herein is strictly prohibited. If you have received this communication
> in error, please immediately notify the sender and delete this message.
> Thank you.
>

> umm you lost me...lets start again.
> remember, wins is for name resolution. What do you mean point to point
> connection? ie Ras or vpn ? whatever you dial into has to 
> include you in
> their browse list or your samba box has to be a local browse 
> master and
> sync browse lists with the pdc after a wins lookup. It is a domain
> member right? If i've erred I hope someone will correct me.
Yes, wins is for name resolution.  I was also under the impression that
wins allowed a server on a different subnet to show up in
network-neighborhood, by syncing browse lists with the domain master
browser (in this case, an nt wins server and pdc).

By point to point I mean a network where there are two ends, A and B.  B
is in its own subnet, no broadcast, it uses A as its gateway/router.
There is nothing else in that subnet.  B access the network through A.
The samba server is B.  B is a local master, but not a domain master.

The samba server is a domain member, with winbind and security = domain,
and that part is working.  The part that isn't working is:

nmbd[19140]: [2003/03/03 06:44:18, 0]
nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262)
nmbd[19140]:   domain_master_node_status_fail:
nmbd[19140]:   Doing a node status request to the domain master browser
nmbd[19140]:   for workgroup [my_domain] at IP [ip addr of nt pdc/wins]
failed.
nmbd[19140]:   Cannot sync browser lists.

The domain name and ip address are correct, and an nmap -P0 -sU -p
137-139 (ip_addr) shows:
Port       State       Service
137/udp    open        netbios-ns
138/udp    open        netbios-dgm
139/udp    open        netbios-ssn

But samba won't sync browse lists.

~ Daniel






-----------------------------------------------------------------------

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.

> 
> Yes, wins is for name resolution.  I was also under the impression that
> wins allowed a server on a different subnet to show up in
> network-neighborhood, by syncing browse lists with the domain master
> browser (in this case, an nt wins server and pdc).
not correct. If I understand this correctly wins provides the address of
the pdc so the local-subnet-master-browsers can sync their browse-lists
with it.
> By point to point I mean a network where there are two ends, A and B.  B
> is in its own subnet, no broadcast, it uses A as its gateway/router.
> There is nothing else in that subnet.  B access the network through A.
> The samba server is B.  B is a local master, but not a domain master.
> 
I assume routing from the pdc back to samba is ok. Did you specify your
ppp interface in "interfaces = .." ?
We used a samba box to share a dialup a couple of years back with
similar unreliable browse-lists. From memory if samba was restarted
AFTER the ppp interface came up it worked quicker. hope this helps,
Richard Coates

> > I was also under the impression that
> > wins allowed a server on a different subnet to show up in
> > network-neighborhood, by syncing browse lists with the domain
> > master browser (in this case, an nt wins server and pdc).
> 
> not correct. If I understand this correctly wins provides the 
> address of the pdc so the local-subnet-master-browsers can sync
> their browse-lists with it.
Okay, well samba isn't syncing browse lists anymore:

[2003/03/04 09:30:27, 0]
nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262)
  domain_master_node_status_fail:
  Doing a node status request to the domain master browser
  for workgroup [DOMAIN_NAME] at IP [PDC/WINS Server IP] failed.
  Cannot sync browser lists.
> > By point to point I mean a network where there are two 
> > ends, A and B.  B is in its own subnet, no broadcast, it
> > uses A as its gateway/router.  There is nothing else in that
> > subnet.  B access the network through A.
> > The samba server is B.  B is a local master, but not a 
> > domain master.
> > 
> 
> I assume routing from the pdc back to samba is ok. Did you 
> specify your
> ppp interface in "interfaces = .." ?
> We used a samba box to share a dialup a couple of years back with
> similar unreliable browse-lists. From memory if samba was restarted
> AFTER the ppp interface came up it worked quicker. hope this helps,
Yup, routing is okay, and winbind domain authentication works to the
Same pdc.  The interface is defined in smb.conf.  Smbd/nmbd is started
after the network, so that shouldn't be the problem, and restarting it
does not help.

~ Daniel





-----------------------------------------------------------------------

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.

No the tcpdump makes no sense to me either!! just curious what os uses
interface ctc0 ?
well your ping packets are returned so routing should be ok..
samba is configured to use/listen-on interface ctc0 right ?
what does    smbclient -L winshostname  -U validuseronserver    return?
if i'm right an error, as the "winshostname" won't be
resolved. And
probably no other names either except by "broadcasting" on local lan
when wins-retries time out. 

Ahh wait a minute...if some things work and not others...I believe wins
calls are udp protocol based NOT tcp...even though the port nos are the
same. which brings us back to the firewall again!!!!
regards
Richard Coates.

On Fri, 2003-03-07 at 22:53, daniel.jarboe@custserv.com
wrote:
> Hey, I really appreciate you getting back to me.  Your firewall
> suspicion could be true, but the network guys deny changing anything.
> That really seems the most likely answer though.  Not sure if this is
> significant, but a nmap can get to UDP 137-139 of the pdc/wins server,
> but only after -P0? 
> 
> [root@tcsl root]# ping -c 3 [pdc/wins host]
> PING [pdc/wins host] (172.16.23.193) from 172.16.62.207 : 56(84) bytes
> of data.
> 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=0 ttl=127 time=351
> usec
> 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=1 ttl=127 time=361
> usec
> 64 bytes [pdc/wins host] (172.16.23.193): icmp_seq=2 ttl=127 time=358
> usec
> 
> --- [pdc/wins host] ping statistics ---
> 3 packets transmitted, 3 packets received, 0% packet loss
> round-trip min/avg/max/mdev = 0.351/0.356/0.361/0.022 ms
> [root@tcsl root]# nmap -sU -p 137-139 [pdc/wins host]
> 
> Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> Note: Host seems down. If it is really up, but blocking our ping probes,
> try -P0
> 
> Nmap run completed -- 1 IP address (0 hosts up) scanned in 31 seconds
> [root@tcsl root]# nmap -P0 -sU -p 137-139 [pdc/wins host]
> 
> Starting nmap V. 2.54BETA22 ( www.insecure.org/nmap/ )
> Interesting ports on [pdc/wins host] (172.16.23.193):
> Port       State       Service
> 137/udp    open        netbios-ns
> 138/udp    open        netbios-dgm
> 139/udp    open        netbios-ssn
> 
> Nmap run completed -- 1 IP address (1 host up) scanned in 12 seconds
> 
> Anyway, here's that tcpdump, I'm not sure how to read it except
that I
> expect the packets with 0089 (decimal 137) at bytes 7-8 and 9-10 are the
> ones I'm interested in.  It looks like the smaller packets from
> 07:07:51-07:07:52 are from the local newserver (innd).
> 
> Here's log.nmbd during the tcpdump
> [2003/03/07 07:02:16, 0] nmbd/nmbd.c:main(794)
>   Netbios nameserver version 2.2.8pre2 started.
>   Copyright Andrew Tridgell and the Samba Team 1994-2002
> [2003/03/07 07:02:16, 1] lib/debug.c:debug_message(258)
>   INFO: Debug class all level = 1   (pid 19037 from pid 19037)
> [2003/03/07 07:08:05, 0]
> nmbd/nmbd_become_lmb.c:become_local_master_stage2(404)
>   *****
> 
>   Samba name server TCSL is now a local master browser for workgroup
> TCS_MAIN_DOM on subnet 172.16.18.130
> 
>   *****
> [2003/03/07 07:08:36, 0]
> nmbd/nmbd_browsesync.c:domain_master_node_status_fail(262)
>   domain_master_node_status_fail:
>   Doing a node status request to the domain master browser
>   for workgroup TCS_MAIN_DOM at IP 172.16.23.193 failed.
>   Cannot sync browser lists.
> 
> And the dump for the the first five minutes or so of smbd/nmbd startup
> (47 packets):
> [root@tcsl root]# tcpdump -i ctc0
> tcpdump: listening on ctc0
> 07:02:16.528825 0:0:7d:11:14:9d 45:0:0:5a:a6:92 ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 9524 0746
>                          ad80 0000 0001 0000 0000 2046 4545 4446
>                          4445 4d43 4143 4143 4143 4143 4143 4143
>                          4143 4143 4143 4143 4143 4100 0020 0001
>                          0007 e900 0006 4000 ac10 1282
> 07:02:16.546848 0:0:7d:11:13:9d 45:0:0:5a:a7:92 ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 9225 0747
>                          ad80 0000 0001 0000 0000 2046 4545 4446
>                          4445 4d43 4143 4143 4143 4143 4143 4143
>                          4143 4143 4143 4143 4141 4400 0020 0001
>                          0007 e900 0006 4000 ac10 1282
> 07:02:16.558658 0:0:7d:11:11:9d 45:0:0:5a:a9:92 ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 9524 0748
>                          ad80 0000 0001 0000 0000 2046 4545 4446
>                          4445 4d43 4143 4143 4143 4143 4143 4143
>                          4143 4143 4143 4143 4141 4100 0020 0001
>                          0007 e900 0006 4000 ac10 1282
> 07:02:16.582561 0:0:7d:11:d:9d 45:0:0:5a:ad:92 ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 be10 0749
>                          ad80 0000 0001 0000 0000 2046 4545 4446
>                          4446 5045 4e45 4245 4a45 4f46 5045 4545
>                          5045 4e43 4143 4143 4141 4100 0020 0001
>                          0007 e900 0006 c000 ac10 1282
> 07:02:16.594338 0:0:7d:11:c:9d 45:0:0:5a:ae:92 ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 b00e 074a
>                          ad80 0000 0001 0000 0000 2046 4545 4446
>                          4446 5045 4e45 4245 4a45 4f46 5045 4545
>                          5045 4e43 4143 4143 4142 4f00 0020 0001
>                          0007 e900 0006 c000 ac10 1282
> 07:02:33.825933 0:0:40:11:3c:ca 45:0:1:24:bf:db ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:02:33.826024 0:0:ff:1:7a:a7 45:c0:1:40:c2:31 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bfdb 0000 4011 3cca ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:02:45.648117 40:0:fc:1:be:75 45:0:5:dc:38:3d ac10 1500:
>                          17cb ac10 1282 0800 f7ff 0000 0000 0000
>                          0000 0000 0000 0000 0000 0000 0000 0000
>                          0000 0000 0000 0000 0000 0000 0000 0000
>                          0000 0000 0000 0000 0000 0000 0000 0000
>                          0000 0000 0000 0000 0000 0000 0000 0000
>                          0000
> 07:03:03.830596 0:0:40:11:3c:c3 45:0:1:24:bf:e2 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:03:03.830688 0:0:ff:1:7a:a6 45:c0:1:40:c2:32 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bfe2 0000 4011 3cc3 ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:03:33.852954 0:0:40:11:3c:bd 45:0:1:24:bf:e8 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:03:33.853043 0:0:ff:1:7a:a5 45:c0:1:40:c2:33 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bfe8 0000 4011 3cbd ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:03:39.605172 0:0:1b:11:e4:53 45:0:0:4c:38:e0 ac10 76:
>                          17cb ac10 1282 007b 007b 0038 a642 1b04
>                          08ef 0000 01c5 0000 06d3 ac10 1282 c213
>                          081b 9a81 5000 c213 081b 9a42 070b c213
>                          081b 9a81 5000 c213 091b 9aac b000
> 07:04:03.856054 0:0:40:11:3c:ba 45:0:1:24:bf:eb ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:04:03.856136 0:0:ff:1:7a:a4 45:c0:1:40:c2:34 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bfeb 0000 4011 3cba ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:04:33.859183 0:0:40:11:3c:b1 45:0:1:24:bf:f4 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:04:33.859267 0:0:ff:1:7a:a3 45:c0:1:40:c2:35 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bff4 0000 4011 3cb1 ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:05:03.861890 0:0:40:11:3c:aa 45:0:1:24:bf:fb ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:05:03.861981 0:0:ff:1:7a:a2 45:c0:1:40:c2:36 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 bffb 0000 4011 3caa ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:05:33.864311 0:0:40:11:3c:a4 45:0:1:24:c0:1 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:05:33.864398 0:0:ff:1:7a:a1 45:c0:1:40:c2:37 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c001 0000 4011 3ca4 ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:06:03.868229 0:0:40:11:3c:9d 45:0:1:24:c0:8 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:06:03.868313 0:0:ff:1:7a:a0 45:c0:1:40:c2:38 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c008 0000 4011 3c9d ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:06:33.869884 0:0:40:11:3c:96 45:0:1:24:c0:f ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:06:33.869967 0:0:ff:1:7a:9f 45:c0:1:40:c2:39 ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c00f 0000 4011 3c96 ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:07:03.874127 0:0:40:11:3c:8d 45:0:1:24:c0:18 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:07:03.874214 0:0:ff:1:7a:9e 45:c0:1:40:c2:3a ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c018 0000 4011 3c8d ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:07:33.876357 0:0:40:11:3b:ee 45:0:1:24:c0:b7 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:07:33.876443 0:0:ff:1:7a:9d 45:c0:1:40:c2:3b ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c0b7 0000 4011 3bee ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:07:51.900083 40:0:7e:6:74:a6 45:0:0:2e:ef:49 ac10 46:
>                          2e37 ac10 1282 0421 0077 4171 7a1d e6b5
>                          2b7c 5018 42e8 59f8 0000 5155 4954 0d0a
> 07:07:51.901500 40:0:7e:6:74:9f 45:0:0:30:ef:4e ac10 48:
>                          2e37 ac10 1282 0436 0077 49ae 2613 0000
>                          0000 7002 4000 2a63 0000 0204 1128 0101
>                          0402
> 07:07:51.904950 40:0:7e:6:74:a6 45:0:0:28:ef:4f ac10 40:
>                          2e37 ac10 1282 0436 0077 49ae 2614 0d68
>                          d1dc 5010 4410 7f36 0000
> 07:07:51.905428 40:0:7e:6:74:a5 45:0:0:28:ef:50 ac10 40:
>                          2e37 ac10 1282 0421 0077 4171 7a23 e6b5
>                          2b84 5010 42e1 01b3 0000
> 07:07:51.905702 40:0:7e:6:74:a4 45:0:0:28:ef:51 ac10 40:
>                          2e37 ac10 1282 0421 0077 4171 7a23 e6b5
>                          2b84 5011 42e1 01b2 0000
> 07:07:51.938381 40:0:7e:6:74:94 45:0:0:35:ef:54 ac10 53:
>                          2e37 ac10 1282 0436 0077 49ae 2614 0d68
>                          d22d 5018 43bf e7a6 0000 4d4f 4445 2052
>                          4541 4445 520d 0a
> 07:07:51.940466 40:0:7e:6:74:87 45:0:0:41:ef:55 ac10 65:
>                          2e37 ac10 1282 0436 0077 49ae 2621 0d68
>                          d27e 5018 436e e8f8 0000 4752 4f55 5020
>                          7a4f 535f 416e 6e6f 756e 6365 6d65 6e74
>                          730d 0a
> 07:07:51.943043 40:0:7e:6:74:8c 45:0:0:3b:ef:56 ac10 59:
>                          2e37 ac10 1282 0436 0077 49ae 263a 0d68
>                          d29d 5018 434f 3622 0000 4752 4f55 5020
>                          7a4f 535f 496e 7374 616c 6c0d 0a
> 07:07:51.945100 40:0:7e:6:74:87 45:0:0:3f:ef:57 ac10 63:
>                          2e37 ac10 1282 0436 0077 49ae 264d 0d68
>                          d2b4 5018 4338 9658 0000 4752 4f55 5020
>                          7a4f 535f 496e 7374 616c 6c5f 4953 560d
>                          0a
> 07:07:51.947354 40:0:7e:6:74:89 45:0:0:3c:ef:58 ac10 60:
>                          2e37 ac10 1282 0436 0077 49ae 2664 0d68
>                          d2cf 5018 431d 239c 0000 4752 4f55 5020
>                          7a4f 535f 5072 6f62 6c65 6d73 0d0a
> 07:07:51.949406 40:0:7e:6:74:87 45:0:0:3d:ef:59 ac10 61:
>                          2e37 ac10 1282 0436 0077 49ae 2678 0d68
>                          d2e9 5018 4303 b270 0000 4752 4f55 5020
>                          7a4f 535f 5175 6573 7469 6f6e 730d 0a
> 07:07:52.071773 40:0:7e:6:74:9b 45:0:0:28:ef:5a ac10 40:
>                          2e37 ac10 1282 0436 0077 49ae 268d 0d68
>                          d304 5010 42e8 7ebd 0000
> 07:07:55.624621 0:0:1b:11:e1:50 45:0:0:4c:3b:e3 ac10 76:
>                          17cb ac10 1282 007b 007b 0038 0773 1b04
>                          08ef 0000 01af 0000 07bd ac10 1282 c213
>                          091b 9b3c 2000 c213 091b 9af6 0e0e c213
>                          091b 9b3c 2000 c213 0a1b 9b7b a000
> 07:08:03.880513 0:0:40:11:3b:af 45:0:1:24:c0:f6 ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:08:03.880599 0:0:ff:1:7a:9c 45:c0:1:40:c2:3c ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c0f6 0000 4011 3baf ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 07:08:15.590680 0:0:7d:11:18:43 45:0:0:5a:a2:ec ac10 90:
>                          17c1 ac10 1282 0089 0089 0046 1ec9 0759
>                          8580 0000 0001 0000 0000 2046 4545 4446
>                          4446 5045 4e45 4245 4a45 4f46 5045 4545
>                          5045 4e43 4143 4143 4142 4c00 0020 0001
>                          0000 0000 0006 6000 ac10 17c1
> 07:08:33.882840 0:0:40:11:3b:a6 45:0:1:24:c0:ff ac10 292:
>                          1281 ac10 1282 0208 0208 0110 4d83 0201
>                          0000 0002 0000 ac10 1a41 0000 0000 0000
>                          0000 0000 0001 0002 0000 ac10 1a21 0000
>                          0000 0000 0000 0000 0001 0002 0000 a8a1
>                          8881 0000 0000 0000 0000 0000 0001 0002
>                          0000
> 07:08:33.882916 0:0:ff:1:7a:9b 45:c0:1:40:c2:3d ac10 320:
>                          1282 ac10 1281 0303 7b42 0000 0000 4500
>                          0124 c0ff 0000 4011 3ba6 ac10 1281 ac10
>                          1282 0208 0208 0110 4d83 0201 0000 0002
>                          0000 ac10 1a41 0000 0000 0000 0000 0000
>                          0001 0002 0000 ac10 1a21 0000 0000 0000
>                          0000
> 
> 47 packets received by filter
> 0 packets dropped by kernel
> 
> Does that make any sense to you?
> 
> ~ Daniel
> 
> -----------------------------------------------------------------------
> 
> This message is the property of Time Inc. or its affiliates. It may be
> legally privileged and/or confidential and is intended only for the use
> of the addressee(s). No addressee should forward, print, copy, or
> otherwise reproduce this message in any manner that would allow it to be
> viewed by any individual not originally listed as a recipient. If the
> reader of this message is not the intended recipient, you are hereby
> notified that any unauthorized disclosure, dissemination, distribution,
> copying or the taking of any action in reliance on the information
> herein is strictly prohibited. If you have received this communication
> in error, please immediately notify the sender and delete this message.
> Thank you.
>

Well, thanks for all your help.
> interface ctc0 ?
Channel to channel, a point-to-point connection without broadcast, one
of the interface types that are available with the s/390 architecture.
That could be why the tcpdump looked screwy.  The server is dual-homed,
I'll go ahead and add the eth interface to samba, route to the pdc
through that, and see if I have better luck.  It'll at least help in
diagnosing with tcpdump, probably.
> what does    smbclient -L winshostname  -U validuseronserver  
I saw the shares on that WINS/PDC and below that, the computers that
show up in network neighborhood (and mine wasn't in there :().

Things just got more interesting... I changed the route table so traffic
to the pdc goes through the eth0 interface, and added eth0 to my
interfaces line in smb.conf.  Right after firing up nmbd I got:
[2003/03/10 07:10:46, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
  find_response_record: response packet id 693 received with no matching
record.
[2003/03/10 07:10:46, 0]
nmbd/nmbd_responserecordsdb.c:find_response_record(235)
  find_response_record: response packet id 694 received with no matching
record.
but since first start, it hasn't shown up in log.nmdb, and now the wins
server sees me, the samba server shows up in network neighborhood.

I've read that the find_response_record sometimes occurs with subnets
with some versions of win95 on them?  I don't know what's on that
subnet.
> Ahh wait a minute...if some things work and not others...I 
> believe wins
> calls are udp protocol based NOT tcp...even though the port 
> nos are the
> same. which brings us back to the firewall again!!!!
Well, using either interface, nmap -sU -p 137 [wins/pdc] says:
Note: Host seems down. If it is really up, but blocking our ping probes,
try -P0

And using -P0 works over both interfaces, shows 137 udp open.

Same deal with tcp 139.  Have to -P0 and then it shows it open.

Unfortunately users are on now... tomorrow morning I'll try switching
back to ctc0 and see if things stop working.  Things stopped working the
first time over a weekend, and the windows guys said that the pdc/wins
server had crashed and burned and needed to be rebooted, and since then
I wouldn't show up anymore.  Wishful thinking, I know, but maybe
connecting over the other interface will get me back "in" over the
interface which used to work and which I should be connecting over, ctc.
I guess I'll find out tomorrow.

I took a tcpdump over eth0, a lot more chatty (probably because things
are working, and it may just be a chattier interface).  Any things I
should be looking for in it?
> regards
> Richard Coates.
Thanks for your patience,
~ Daniel




-----------------------------------------------------------------------

This message is the property of Time Inc. or its affiliates. It may be
legally privileged and/or confidential and is intended only for the use
of the addressee(s). No addressee should forward, print, copy, or
otherwise reproduce this message in any manner that would allow it to be
viewed by any individual not originally listed as a recipient. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorized disclosure, dissemination, distribution,
copying or the taking of any action in reliance on the information
herein is strictly prohibited. If you have received this communication
in error, please immediately notify the sender and delete this message.
Thank you.

On Mon, 2003-03-17 at 23:13, daniel.jarboe@custserv.com
wrote:
> It's still working like a champ.  
good to hear everything is ok.

The weird thing is it used to work
> over the ctc channel.  Then one weekend it stopped, and nothing I could
> do would get it started again. 
 
I wonder..do you use "rip" or a similar routing protocol? hhmm..
regards,
Richard Coates.