Bug 6201 - nbmd floods netbios/dns servers
Summary: nbmd floods netbios/dns servers
Status: NEW
Alias: None
Product: Samba 3.2
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 3.2.3
Hardware: x86 Linux
: P3 normal
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
URL: http://ckozler.net
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-20 11:59 UTC by Charles Kozler
Modified: 2009-05-13 04:28 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Charles Kozler 2009-03-20 11:59:16 UTC
Hi,

nbmd process seems to flood DNS/Netbios servers on disabling second ethernet devices.  Here is what happens, this may not be able to be recreated as it could be by University but I figured it is a bug I should report.

1.) Two ethernet devices, one PCI and the other stock on the motherboard
2.) nbmd running as well as smbd
3.) Disable the second ethernet device

ex: ifconfig eth1 down

4.) After a few seconds, ethernet network traffic goes all the way up (almost pegged at max).

After I saw the network traffic going up I did

tcpdump port 53

And this showed a lot of traffic of something querying my Uni's DNS/NetBios servers looking for "eth1.<my_host_name>".  From there, I just started to iterate everything that uses network services like the DNS servers (port 53).  The first thing I turned off was smbd to no avail.  Then, I killed the nmbd process and the network traffic dropped.  TCPDump had stopped being overloaded with "NX Domain eth1.<host_name> no such domain" or whatever the text had been (along those lines).

I do know that nmbd was flooding my Uni's DNS/NetBios servers with traffic since when I killed that process, the network traffic returned to normal instantly.