Web lists-archives.com

Re: [Samba] Network Meltdown after Samba 4.9.0 Upgrade




On Sat, 2018-09-15 at 13:57 +0100, Rowland Penny wrote:
> On Sat, 15 Sep 2018 05:39:02 -0700
> Andrew Bartlett <abartlet@xxxxxxxxx> wrote:
> 
> > 
> > On Sat, 2018-09-15 at 10:37 +0100, Rowland Penny via samba wrote:
> > > 
> > > On Sat, 15 Sep 2018 04:02:29 -0500
> > > "David C. Rankin via samba" <samba@xxxxxxxxxxxxxxx> wrote:
> > > 
> > > > 
> > > > 
> > > > On 09/15/2018 03:40 AM, Rowland Penny via samba wrote:
> > > > > 
> > > > > 
> > > > > 
> > > > > It is undoubtedly for a 'standalone server', so why does it
> > > > > also
> > > > > have the line 'domain master = Yes' ??
> > > > > It cannot be both, I would suggest removing this line.
> > > > > 
> > > > > Rowland
> > > > > 
> > > > > 
> > > > Rowland,
> > > > 
> > > >   domain master=yes used to be standard for stand-alone to
> > > > cause
> > > > nmbd
> > > > claim a special domain specific NetBIOS name as a domain master
> > > > browser (based on the os level/preferred master election rules)
> > > > 
> > > >   man smb.conf does not mention any discontinuation for use in
> > > > stand-alone mode. Should it not be used any longer in that
> > > > role,
> > > > or is it a matter of network scale?
> > > > 
> > > Things have changed, you should allow the domain/workgroup to set
> > > its own master especially if there is a PDC or DC in the mix.
> > Rowland,
> > 
> > The purpose of the 'domain master' parameter is as David describes,
> > to
> > configure exactly this mode.  
> > 
> > It is not in conflict with 'server role = standalone server', the
> > parameters are intended to allow this, which is why the default for
> > 'domain master' is 'auto'.
> > 
> > I hope this clarifies things,
> > 
> > Andrew Bartlett
> Not really, if you examine man smb.conf, you will find this:
> 
> 
>        domain master (G)
> 
>            Tell smbd(8) to enable WAN-wide browse list collation.
> Setting this
>            option causes nmbd to claim a special domain specific
> NetBIOS name
>            that identifies it as a domain master browser for its
> given
>            workgroup. Local master browsers in the same workgroup on
>            broadcast-isolated subnets will give this nmbd their local
> browse
>            lists, and then ask smbd(8) for a complete copy of the
> browse list
>            for the whole wide area network. Browser clients will then
> contact
>            their local master browser, and will receive the domain-
> wide browse
>            list, instead of just the list for their broadcast-
> isolated subnet.

...

> So, from my reading, you should only set 'domain master' (be it 'yes'
> or 'no') on a PDC or a BDC, on anything else it shouldn't be set at
> all
> and allow the default, which is auto.

No, there is that third mode, being a domain master browser alone. 

That is what the first paragraph above refers.

> Also, doesn't network browsing need SMBv1 and isn't it now turned off
> by default ?

Yes it uses SMBv1, but no it is still very popular.

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba