the "dns proxy" functionality, enabled per default, seems not to work.
I tried to reproduce this on the current 3.0o cvs tree and everythings works ok. Working on getting more information from a bug report on the samba ml.
I can't reproduce this on Samba 3.0.3pre1 (CVS).
I tested it right now on my old NT4 system with 3.0.2a. "ping SERVER" works. but a "\\SERVER" command to see the list of shares fails ("SERVER not found"). Maybe the dns proxy doesn't serve the necessary WINS types?? Our workaround is to enable the "use DNS for windows name resolution" checkbox.
are reports are that this working correctly. Closing the report.
The behaviour definitly changed from 2.2. Suddenly (and still) I can't use shares from servers outside my wins reach. In 2.2 they were resolved per dns proxy. I don't talk about name resolution in general (ping works), but \\server works different than 2.2, it throws an error. It's not a critical issue, I can live without it, but I don't think it is working correctly.
None of the tsting by Samba developers points to 'dns proxy' being broken. I would recommend that you look at a network trace from the client and see why the name resolution is failing. If you can prove that 'dns proxy' is not working as expected, please feel free to reopen thus report.
confirmed! After a nmbd restart it works. Don't ask me why, the underlying dns resolver system wasn't changed during nmbd run time. I will keep an eye on this and track more data if it happens again. Thanks anyway!
after some runtime of nmbd it fails again, next restart cures it
From Dimitry: I just found why dns proxy doesn't work in samba 3. It do dns lookup for first time and then caches value with some TTL. Than it checks for name in cache first. But, when TTL is expired nmbd doesn't delete name from cache! This is why dns proxy doesn't work. don't know how this cache machanism works and have no enough time to learn :-( So, I just did quick hack- if nmbd finds that name is expired it tries to resolve it with dns. diff nmbd_winsserver.c.orig nmbd_winsserver.c 1489a1490,1497 > if(lp_dns_proxy() && ((question->name_type == 0x20) || question->name_type == 0)) { > DEBUG(3,("wins_process_name_query: name query for name %s is expired - doing dns lookup.\n", > nmb_namestr(question) )); > > queue_dns_query(p, question, &namerec); > return; > } > Certanly, this is not right way, but this works for me.
Is there any plan to fix this problem in any future release of Samba? I installed FC2 which was prepackaged with Samba 3.0.4 and ran into this problem. I pulled my hair out trying to figure out what was happening. I uninstalled 3.0.4 and tried 3.0.5 and the problem still exists. What I did find out is that it takes 2 hours (ttl=7200) for the problem to crop up. If I restart smbd/nmbd and try to ping certain addresses from a windows workstation, (using ns-updates in my example) nmbd logs the initial dns lookup with a ttl of 7200 and after the 2 hours expires, I see this in my logs: (ignore timestamps as I have had to patch log info together) [2004/06/23 13:55:57, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1485) wins_process_name_query: name query for name NS-UPDATES<00> from IP 10.239.10.38 [2004/06/23 13:55:57, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1531) wins_process_name_query: name query for name NS-UPDATES<00> - name expired. Returning fail. The original entry would have looked similar to this: [2004/06/23 13:56:49, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1485) wins_process_name_query: name query for name NS-UPDATES<00> from IP 10.239.10.38 [2004/06/23 13:56:49, 3] nmbd/nmbd_winsserver.c:wins_process_name_query_request (1549) wins_process_name_query: name query for name NS-UPDATES<00> not found - doing dns lookup. [2004/06/23 13:56:49, 3] nmbd/asyncdns.c:queue_dns_query(308) added DNS query for NS-UPDATES<00> [2004/06/23 13:56:49, 3] nmbd/asyncdns.c:add_dns_result(43) add_dns_result: DNS gave answer for NS-UPDATES of 10.3.9.100 [2004/06/23 13:56:49, 3] nmbd/nmbd_namelistdb.c:add_name_to_subnet(236) add_name_to_subnet: Added netbios name NS-UPDATES<00> with first IP 10.3.9.100 ttl=7200 nb_flags= 4 to subnet WINS_SERVER_SUBNET
fyi, using the "hack" that Dimitry posted, and some slight modifications, I was able to workaround this problem. I added the following (in nmbd_winsserver.c - Samba 3.0.4): if(lp_dns_proxy() && (namerec->data.death_time != PERMANENT_TTL) && (namerec->data.death_time < p->timestamp) && ((question- >name_type == 0x20) || question->name_type == 0)) { DEBUG(3,("wins_process_name_query: name query for name %s is expired - doing dns lookup.\n", nmb_namestr(question) )); queue_dns_query(p, question, &namerec); return; } right above: if( (namerec->data.death_time != PERMANENT_TTL) && (namerec- >data.death_time < p->timestamp) ) { DEBUG(3,("wins_process_name_query: name query for name %s - name expired. Returning fail.\n", nmb_namestr(question) )); send_wins_name_query_response(NAM_ERR, p, namerec); return; } If I used Dimitry's idea, every lookup that would normally have generated a ttl of 7200 would have been looked up each and every time. The way I did this above (which I'm sure is not an optimal solution) the lookup gets cached for 7200 seconds then when it expires, gets looked up again and cached for another 7200 seconds.
Created attachment 549 [details] Patch I've appied. This should fix it - please re-open if not. Jeremy.
It appears the patch by Jeremy works on <=3.0.5. The patch fails on 3.0.6 and 3.0.7 #cd samba-3.0.6/source #patch -p0 <../../winspatch2 patching file nmbd/nmbd_winsserver.c Reversed (or previously applied) patch detected! Assume -R? [n] n Apply anyway? [n] n Skipping patch. 1 out of 1 hunk ignored -- saving rejects to file nmbd/nmbd_winsserver.c.rej With our without the patch on >= 3.0.6 the 2 hour problem returns.
This message when you try and apply to 3.0.6 and above : atching file nmbd/nmbd_winsserver.c Reversed (or previously applied) patch detected! Assume -R? [n] n Apply anyway? [n] n Means the patch is already included in that release. That's why you can't re-apply it. If this is still failing for you on 3.0.7 and above can you attach a capture file or log showing the name lookup failing and a dump of your wins db. Jeremy.
FIxed in 3.0.6. Reopen if that is not the case.
It works in 3.0.7.
I apologize. I recompiled 3.0.7 and I can confirm that it does indeed work. Sorry again. Jeff Gerard