samba - Aug 2007 - Subnet not visible in Network Neighbourhood

Hi list!

I've got a debian "etch" box running samba 3.0.24.
The server is a firewall (running Shorewall 3.2.6) with five NICs:
eth0 -> DSL (it has a public IP address and it allows all the people 
browse by masquerading other interfaces)
eth1 and eth3 -> bond0 (IP address is 192.168.1.1/24)
eth2 and eth4 -> bond1 (IP address is 192.168.2.1/24)
BTW, bond+ refers to an interface which enslaves two physical NICs.

Samba is acting as WINS server, and I don't have other Windows Servers 
which acts as PDCs or WINS servers.
There is no PDC in the network.

The smb.conf is the following (only [global] section is
reported):
> [global]
>         workgroup = WORK
>         server string = server Etch
>         interfaces = 192.168.1.0/24, 192.168.2.0/24, 10.1.0.0/24, 
> 127.0.0.1/8
>         bind interfaces only = Yes
>         obey pam restrictions = Yes
>         passdb backend = tdbsam
>         passwd program = /usr/bin/passwd %u
>         passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
> *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
>         syslog = 0
>         log file = /var/log/samba/log.%m
>         max log size = 1000
>         dns proxy = No
>         wins support = Yes
>         ldap ssl = no
>         panic action = /usr/share/samba/panic-action %d
>         invalid users = root
>         hosts allow = 192.168.1., 192.168.2., 10.1., 127.
10.1.0.0/24 is a subnet for OpenVPN roadwarriors.

The problem is that from my laptop (belonging to 192.168.1.0/24 subnet), 
running Windows XP Pro SP2, in the Network Neighbourhood I can only see 
machines belonging to my subnet. Machine of the other subnet are not 
listed, even if I can reach them (e.g. \\machine shows me shares and 
printers). The same for machines belonging to the second subnet, with 
the difference that they can only see machines in their subnet.
I checked the firewall, and apparently there are no rules which block 
broadcast traffic between the two subnets.

Any hint is GREATLY appreciated.

TIA
--Alessandro

Alessandro FAGLIA escreveu:
> Hi list!
>
> I've got a debian "etch" box running samba 3.0.24.
> The server is a firewall (running Shorewall 3.2.6) with five NICs:
> eth0 -> DSL (it has a public IP address and it allows all the people 
> browse by masquerading other interfaces)
> eth1 and eth3 -> bond0 (IP address is 192.168.1.1/24)
> eth2 and eth4 -> bond1 (IP address is 192.168.2.1/24)
> BTW, bond+ refers to an interface which enslaves two physical NICs.
>
> Samba is acting as WINS server, and I don't have other Windows Servers 
> which acts as PDCs or WINS servers.
> There is no PDC in the network.
>
> The smb.conf is the following (only [global] section is reported):
>> [global]
>>         workgroup = WORK
>>         server string = server Etch
>>         interfaces = 192.168.1.0/24, 192.168.2.0/24, 10.1.0.0/24, 
>> 127.0.0.1/8
>>         bind interfaces only = Yes
>>         obey pam restrictions = Yes
>>         passdb backend = tdbsam
>>         passwd program = /usr/bin/passwd %u
>>         passwd chat = *Enter\snew\sUNIX\spassword:* %n\n 
>> *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
>>         syslog = 0
>>         log file = /var/log/samba/log.%m
>>         max log size = 1000
>>         dns proxy = No
>>         wins support = Yes
>>         ldap ssl = no
>>         panic action = /usr/share/samba/panic-action %d
>>         invalid users = root
>>         hosts allow = 192.168.1., 192.168.2., 10.1., 127.
> 10.1.0.0/24 is a subnet for OpenVPN roadwarriors.
>
> The problem is that from my laptop (belonging to 192.168.1.0/24 
> subnet), running Windows XP Pro SP2, in the Network Neighbourhood I 
> can only see machines belonging to my subnet. Machine of the other 
> subnet are not listed, even if I can reach them (e.g. \\machine shows 
> me shares and printers). The same for machines belonging to the second 
> subnet, with the difference that they can only see machines in their 
> subnet.
> I checked the firewall, and apparently there are no rules which block 
> broadcast traffic between the two subnets.
>
> Any hint is GREATLY appreciated.
>
> TIA
> --Alessandro
Read this (it explains how cross-subnet browsing works):
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/NetworkBrowsing.html#id349811

In fact I recommend you to read the entire chapter about network 
browsing (it explains the roles of LMBs, DMBs, WINS, etc, and how they 
work).


Regards.

Edmundo Valle Neto