6201 – nbmd floods netbios/dns servers

Bug 6201 - nbmd floods netbios/dns servers

Summary: nbmd floods netbios/dns servers

Status:	NEW

Alias:	None

Product:	Samba 3.2
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	3.2.3
Hardware:	x86 Linux

Importance:	P3 normal
Target Milestone:	---
Assignee:	Jeremy Allison
QA Contact:	Samba QA Contact

URL:	http://ckozler.net
Keywords:

Depends on:
Blocks:

Reported:	2009-03-20 11:59 UTC by Charles Kozler
Modified:	2009-05-13 04:28 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Charles Kozler 2009-03-20 11:59:16 UTC

Hi,

nbmd process seems to flood DNS/Netbios servers on disabling second ethernet devices.  Here is what happens, this may not be able to be recreated as it could be by University but I figured it is a bug I should report.

1.) Two ethernet devices, one PCI and the other stock on the motherboard
2.) nbmd running as well as smbd
3.) Disable the second ethernet device

ex: ifconfig eth1 down

4.) After a few seconds, ethernet network traffic goes all the way up (almost pegged at max).

After I saw the network traffic going up I did

tcpdump port 53

And this showed a lot of traffic of something querying my Uni's DNS/NetBios servers looking for "eth1.<my_host_name>".  From there, I just started to iterate everything that uses network services like the DNS servers (port 53).  The first thing I turned off was smbd to no avail.  Then, I killed the nmbd process and the network traffic dropped.  TCPDump had stopped being overloaded with "NX Domain eth1.<host_name> no such domain" or whatever the text had been (along those lines).

I do know that nmbd was flooding my Uni's DNS/NetBios servers with traffic since when I killed that process, the network traffic returned to normal instantly.