Web lists-archives.com

Re: [Samba] Network Meltdown after Samba 4.9.0 Upgrade




On Sat, 15 Sep 2018 21:28:43 +1000
Reuben Farrelly via samba <samba@xxxxxxxxxxxxxxx> wrote:

> 
> 
> On 15/09/2018 6:40 pm, Rowland Penny via samba wrote:
> > On Sat, 15 Sep 2018 12:52:52 +1000
> > Reuben Farrelly via samba <samba@xxxxxxxxxxxxxxx> wrote:
> >> thunderstorm ~ # testparm
> >> Load smb config files from /etc/samba/smb.conf
> >> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit
> >> (16384) Processing section "[homes]"
> >> Processing section "[root]"
> >> Processing section "[photos]"
> >> Processing section "[store]"
> >> Loaded services file OK.
> >> Server role: ROLE_STANDALONE
> >>
> >> Press enter to see a dump of your service definitions
> >>
> >> # Global parameters
> >> [global]
> >>           domain master = Yes
> >>           security = USER
> >>           server role = standalone server
> > 
> > NOTE: I have shrunk your smb.conf for clarity.
> > 
> > It is undoubtedly for a 'standalone server', so why does it also
> > have the line 'domain master = Yes' ??
> > It cannot be both, I would suggest removing this line.
> 
> Sure - valid point.  I've removed that statement now as you're right, 
> it's not needed, and things are much better.  Fingers crossed!
> 
> What I have observed now was:
> 
> - Upon startup of Samba 4.9.0 again I saw again a repeated burst of 
> broadcast packets
> - Switches once again went into storm-control mode and shut ports down

It shouldn't do that, well not to the extent you describe

> - The environment recovered, but this time things stabilised and has 
> been OK for the last hour since.  Things seem to be working fine now.

> 
> Regardless of if the config was right or not (I agree that the
> setting in my case was wrong and unnecessary), this is a regression,
> because it causes an unexpected and undocumented change in behaviour
> compared to previous versions of the code.
> 
> I also wonder why network broadcasts don't seem to be rate limited by 
> Samba.  I can't imagine any valid use case where any application
> would blast thousands of broadcasts per second out onto the wire,
> regardless of the configuration or misconfiguration of the
> application.
> 
> At the very least this needs a mention in the release notes,
> especially given the potential this has to cause an outage.  Things
> may have changed (and change is usually good), but the least that can
> be done is people are given a one line heads up.
> 

The problem is, it wasn't a know problem and we still don't know if it
is something that is just applicable to your network, so how how do you
warn people about something that you don't expect to happen. It is easy
to be wise after the fact ;-)

Rowland



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba