Tony Markel
2012-Apr-30 21:12 UTC
[Samba] Bringing up interface causes smbd to become unresponsive on that subnet
This is a strange problem I can't seem to wrap my head around.
I have a server with 2 interfaces. Samba is serving happily on one, and
will remain on a single interface (eth0, subnet A(/22), vlan 101). I wish
to bring up a second interface (eth1, subnet B(/24), vlan 102) that will be
serving up nfs and ssh traffic only. Currently, Samba will process
requests from any computer on the public internet.
Now, before I bring up the second interface on subnet B, I modify my
smb.conf to bind to eth0, and I speficy the netmasks of subnet A and B.
The problem is this:
When I bring up eth1, subnet B cannot access the service. When I take it
down, normal service resumes.
Here's the relevant sections of smb.conf taken from the command testparm:
[global]
workgroup = GOBLUE
realm = ADS.SERVER.UMICH.EDU
server string = nuit-filer01 %v
interfaces = eth0, 10.211.68.0/22, 10.211.122.0/24, 10.211.201.0/24
bind interfaces only = Yes
security = ADS
allow trusted domains = No
password server = ads.server.umich.edu
log file = /var/log/samba/%m
max log size = 50
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
printcap name = /dev/null
username map script = /etc/samba/map.sh
os level = 30
local master = No
dns proxy = No
ldap ssl = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /sbin/nologin
winbind use default domain = Yes
winbind offline logon = Yes
idmap config GOBLUE:range = 16777216-33554431
idmap config GOBLUE:base_rid = 0
idmap config GOBLUE:backend = rid
hosts allow = ALL
printing = bsd
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
results of ip addr show:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
link/ether 00:25:90:25:ae:26 brd ff:ff:ff:ff:ff:ff
inet 141.211.68.143/23 brd 141.211.69.255 scope global eth0
inet6 fe80::225:90ff:fe25:ae26/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen
1000
link/ether 00:25:90:25:ae:27 brd ff:ff:ff:ff:ff:ff
inet 141.211.201.7/24 brd 141.211.201.255 scope global eth1
inet6 fe80::225:90ff:fe25:ae27/64 scope link
valid_lft forever preferred_lft forever
results of netstat -tapn | grep smb
[root at nuit-filer01 ~]# netstat -tapn | grep smb | sed
's/141.211/10.211/g'
tcp 0 0 :::139 :::*
LISTEN 4026/smbd
tcp 0 0 :::445 :::*
LISTEN 4026/smbd
tcp 0 0 ::ffff:10.211.68.143:445
::ffff:10.211.122.23:59355ESTABLISHED 4943/smbd
tcp 0 0 ::ffff:10.211.68.143:445
::ffff:10.211.201.15:53806ESTABLISHED 6194/smbd
tcp 0 0 ::ffff:10.211.68.143:445
::ffff:10.211.201.21:49358ESTABLISHED 5673/smbd
tcp 0 0 ::ffff:10.211.68.143:445
::ffff:10.211.122.23:56012ESTABLISHED 4202/smbd
tcp 0 0 ::ffff:10.211.68.143:445
::ffff:67.194.122.180:50187ESTABLISHED 8267/smbd
--
Tony Markel
Jeremy Allison
2012-May-01 03:04 UTC
[Samba] Bringing up interface causes smbd to become unresponsive on that subnet
On Mon, Apr 30, 2012 at 05:12:18PM -0400, Tony Markel wrote:> This is a strange problem I can't seem to wrap my head around. > > I have a server with 2 interfaces. Samba is serving happily on one, and > will remain on a single interface (eth0, subnet A(/22), vlan 101). I wish > to bring up a second interface (eth1, subnet B(/24), vlan 102) that will be > serving up nfs and ssh traffic only. Currently, Samba will process > requests from any computer on the public internet. > > Now, before I bring up the second interface on subnet B, I modify my > smb.conf to bind to eth0, and I speficy the netmasks of subnet A and B. > > The problem is this: > When I bring up eth1, subnet B cannot access the service. When I take it > down, normal service resumes.What does "cannot access the service" mean ? How exactly does it fail ?