thr3ads.net - samba - [Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired [Jan 2024]

If this information is useful, please help other people find it:
Share via:

Elias Pereira

2024-Jan-03 16:30 UTC

[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired

>
> Is dns configured correctly ?
root at dc2:~# cat /etc/resolv.conf
search campus.sertao.ifrs.edu.br
nameserver 200.xxx.xxx.163 (*own IP*)

root at dc3:~# cat /etc/resolv.conf
search campus.sertao.ifrs.edu.br
nameserver 200.xxx.xxx.160 (*own IP*)

Is a firewall running and if so, are all the> required ports open ?
We use pfsense and there's a rule allow everything between the DCs. Anyway,
I checked the logs while I was running the replicate command, and nothing
appeared in the logs.

but strangely, some ports are closed... O.o

PORT     STATE  SERVICE      VERSION
53/tcp   open   domain       (unknown banner: non3)
88/tcp   open   kerberos-sec (server time: 2024-01-03 16:19:09Z)
*123/tcp  closed ntp*
135/tcp  open   msrpc        Microsoft Windows RPC

*137/tcp  closed netbios-ns138/tcp  closed netbios-dgm*
139/tcp  open   netbios-ssn  Samba smbd 3.X - 4.X (workgroup: CAMPUS)
389/tcp  open   ldap         (Anonymous bind OK)
445/tcp  open   netbios-ssn  Samba smbd 3.X - 4.X (workgroup: CAMPUS)
464/tcp  open   kpasswd5?
636/tcp  open   ssl/ldap     (Anonymous bind OK)
3268/tcp open   ldap         (Anonymous bind OK)
3269/tcp open   ssl/ldap     (Anonymous bind OK)

Do closed ports affect replication?

On Wed, Jan 3, 2024 at 12:01?PM Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Wed, 3 Jan 2024 11:41:04 -0300
> Elias Pereira via samba <samba at lists.samba.org> wrote:
>
> > hi,
> >
> > After a "samba-tool drs showrepl" I saw that there had been
an error
> > in the replication of ForestDnsZones.
> >
> > I ran a "samba-tool drs replicate dc2 dc3
> > DC=ForestDnsZones,DC=campus,DC=sertao,DC=ifrs,DC=edu,DC=br -d10"
and
> > the error below occurred.
> >
> > ERROR(<class 'samba.drs_utils.drsException'>):
DsReplicaSync failed -
> > drsException: DsReplicaSync failed (3221225653, '{Device Timeout}
The
> > specified I/O operation on %hs was not completed before the time-out
> > period expired.')
> >   File "/usr/lib/python3/dist-packages/samba/netcmd/drs.py",
line
> > 567, in run
> >     drs_utils.sendDsReplicaSync(server_bind, server_bind_handle,
> > source_dsa_guid, NC, req_options)
> >   File "/usr/lib/python3/dist-packages/samba/drs_utils.py",
line 100,
> > in sendDsReplicaSync
> >     raise drsException("DsReplicaSync failed %s" % estr)
> >
> > Full -d10 on pastebin below
> > https://pastebin.com/raw/ihUSBN93
> >
> > What does this "{Device Timeout} The I/O operation specified in
%hs
> > was not completed before the timeout period expired." mean?
> >
>
> It looks like there are connection problems between dc2 and dc3. Is
> dns configured correctly ? Is a firewall running and if so, are all the
> required ports open ?
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

-- 
Elias Pereira

Rowland Penny

2024-Jan-03 16:53 UTC

head link

[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired

On Wed, 3 Jan 2024 13:30:48 -0300
Elias Pereira <empbilly at gmail.com> wrote:
> >
> > Is dns configured correctly ?
> 
> root at dc2:~# cat /etc/resolv.conf
> search campus.sertao.ifrs.edu.br
> nameserver 200.xxx.xxx.163 (*own IP*)
> 
> root at dc3:~# cat /etc/resolv.conf
> search campus.sertao.ifrs.edu.br
> nameserver 200.xxx.xxx.160 (*own IP*)
> 
> Is a firewall running and if so, are all the
> > required ports open ?
> 
> We use pfsense and there's a rule allow everything between the DCs.
> Anyway, I checked the logs while I was running the replicate command,
> and nothing appeared in the logs.
> 
> but strangely, some ports are closed... O.o
> 
> PORT     STATE  SERVICE      VERSION
> 53/tcp   open   domain       (unknown banner: non3)
> 88/tcp   open   kerberos-sec (server time: 2024-01-03 16:19:09Z)
> *123/tcp  closed ntp*
> 135/tcp  open   msrpc        Microsoft Windows RPC
> 
> *137/tcp  closed netbios-ns138/tcp  closed netbios-dgm*
> 139/tcp  open   netbios-ssn  Samba smbd 3.X - 4.X (workgroup: CAMPUS)
> 389/tcp  open   ldap         (Anonymous bind OK)
> 445/tcp  open   netbios-ssn  Samba smbd 3.X - 4.X (workgroup: CAMPUS)
> 464/tcp  open   kpasswd5?
> 636/tcp  open   ssl/ldap     (Anonymous bind OK)
> 3268/tcp open   ldap         (Anonymous bind OK)
> 3269/tcp open   ssl/ldap     (Anonymous bind OK)
> 
> Do closed ports affect replication?
> 
Yes and you need more than those ports, see here:

https://wiki.samba.org/index.php/Samba_AD_DC_Port_Usage	``

Where does pfsense come into this ? From my understanding, pfsense is a
firewall/router device and should be between your DCs and the internet
and not between your DCs.

Rowland

samba - Jan 2024 - {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired

[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired

[Samba] {Device Timeout} The I/O operation specified in %hs was not completed before the timeout period expired