[ILUG] samba, nslookup and private network addresses.
John N S Gill
jng at renre-europe.com
Wed Sep 27 17:08:22 IST 2000
> > For a while now I've been chasing around trying to find out why our
> > NT clients sometimes experience a long delay when first trying to
> > connect to a samba share.
>
> How long is this delay?
it is precisely 1 minute.
I'm certain its DNS 'cos I added the ip address of one of the
offending NT boxes to my hosts file + it doesn't suffer from delays
anymore.
I've been digging in the samba code and there is this little snippet
of code:
if (!ret) {
if (allow_access(deny_list,allow_list,
client_name(sock),client_addr(sock))) {
DEBUG(2,("Allowed connection from %s (%s)\n",
client_name(sock),client_addr(sock)));
ret = True;
} else {
DEBUG(0,("Denied connection from %s (%s)\n",
client_name(sock),client_addr(sock)));
}
}
client_name calls gethostbyaddr. Sadly I have debug level set to 3
and so client_name gets called twice. Now when the nameserver is
timing out it takes 15 seconds. So that accounts for 30 seconds of
my 1 minute delay. I haven't che>
> Later,
> Kenn
cked the samba code to see if this
code is getting called twice.. which is what would be needed to knock
up the 1 minute delay.
> I noticed that "security = server, password server = PDC" results in
> a connection delay of about 1 sec. However, adding Samba to the NT
> domain and setting "security = domain, password server = *" results
> in no perceptible connection delay.
hmm.. on my list of things to do is to tighten up the security for
access to these machines. At the moment I'm just using security =
share (i did experiment with domain for a while several samba
versions ago + ran into trouble with some win95 clients).
> OTOH, I also run an internal nameserver, so your hypothesis might
> still be correct.
I think that's exactly what I should be doing.
Thanks for the ideas, much appreciated.
John
More information about the ILUG
mailing list