Bug 6201 - nbmd floods netbios/dns servers
nbmd floods netbios/dns servers
Status: NEW
Product: Samba 3.2
Classification: Unclassified
Component: Winbind
3.2.3
x86 Linux
: P3 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
http://ckozler.net
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-20 11:59 UTC by Charles Kozler
Modified: 2009-05-13 04:28 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Charles Kozler 2009-03-20 11:59:16 UTC
Hi,

nbmd process seems to flood DNS/Netbios servers on disabling second ethernet devices.  Here is what happens, this may not be able to be recreated as it could be by University but I figured it is a bug I should report.

1.) Two ethernet devices, one PCI and the other stock on the motherboard
2.) nbmd running as well as smbd
3.) Disable the second ethernet device

ex: ifconfig eth1 down

4.) After a few seconds, ethernet network traffic goes all the way up (almost pegged at max).

After I saw the network traffic going up I did

tcpdump port 53

And this showed a lot of traffic of something querying my Uni's DNS/NetBios servers looking for "eth1.<my_host_name>".  From there, I just started to iterate everything that uses network services like the DNS servers (port 53).  The first thing I turned off was smbd to no avail.  Then, I killed the nmbd process and the network traffic dropped.  TCPDump had stopped being overloaded with "NX Domain eth1.<host_name> no such domain" or whatever the text had been (along those lines).

I do know that nmbd was flooding my Uni's DNS/NetBios servers with traffic since when I killed that process, the network traffic returned to normal instantly.