Samba 3.2 attempts to resolve names for servers that are a corrupted form of the IPv6 plus the domain name. For example, when connecting to a Windows Server 2008 server called w2008rc1.s32ip6.com with an IPv6 address of 3000::2 the following happens. Samba attempts to resolve A and AAAA records for the name [3000.s32ip6.com and yes the name does include a left square bracket at the start. Attached is a trace. gencache has an entry of [3000::2] this has a key of NBT/S32IP6.COM#1C. However, there is no such thing of NBT over IPv6 so surely this entry should not exist in the first place? I will attach a trace of an attempt to join a W2008 RC1 domain.
Created attachment 3099 [details] net ads join -d 10 -U Administrator with IPv6 This is trace of an attempt to join a W2008 DC that is IPv6 enabled. I was not attempting to join over IPv6 as I cannot currently join over IPv4! However, the DNS lookup errors mentioned in this bug are not restricted to joins. I have observed them when Samba 3.2 is filesharing to Windows Vista Ultimate over IPv6. The common denominator is that the machine Samba is communicating with has an IPv6 address assocaited with its DNS name.
Created attachment 3101 [details] Pcap Pcap wireshark of failure
Ok, I took a look at the namecache code. It explicitly strips off the leading and trailing '[' characters when dealing with IPv6 addresses. Is it possible that the call : getnameinfo((const struct sockaddr *)psa, psalen, dest, destlen, NULL, 0, NI_NUMERICHOST); would print an address IPv6 address as [IPv6]:portnumber on some systems ? Jeremy.
Jeremy, > Is it possible that the call : > getnameinfo((const struct sockaddr *)psa, > psalen, > dest, destlen, > NULL, 0, > NI_NUMERICHOST); > would print an address IPv6 address as [IPv6]:portnumber on some systems ? > Jeremy. No. Should never do this. Especially on Linux which has a pretty reasonable implementation now. It must be something else. I also did an strace on the failure. I'll load that up too it might help.
Created attachment 3102 [details] Strace of the failure Attached is an strace of the failure (taken with the same parameters and settings as the packet capture).
Created attachment 3103 [details] kerberos file
Created attachment 3105 [details] Patch Took me a little longer than I expected. Here is the patch (applied to the 3.2 git-tree). Jeremy.
Closing this bug -- the patch is pushed. David, Jeremy, please re-open if there's still a problem. Volker
Actually closing