4.7. Virtual Servers
Virtualization has become a hot topic in recent years. Unix administrators have a longer history managing virtual services. Samba's capability to provide multiple virtual servers comes with a twist. Originally Samba relied upon the name sent by the client in the NetBIOS session setup request to fill in the %L variable (Table 4-2).[*] An administrator could then include alternative configuration files based on the destination name that the client used in the connection. However, with the introduction of NetBIOS-less CIFS in Windows 2000 and later clients, this name is no longer available. In fact, nothing but the standard TCP and IP headers are available in the initial connection request packet.
There are two solutions to this problem. One is to force the client to use the NetBIOS session transport layer. By default, smbd binds to TCP ports 139 and 445. Clients running Windows 2000 or a later Microsoft OS prefer to conect to port 445 and thus bypass the overhead of NetBIOS. However, the smb ports option allows administrators to restrict smbd solely to TCP port 139 and thus force the clients to use NetBIOS services for locating and accessing a Samba host.
Once you have restricted clients to using NetBIOS sessions, you can again use the name passed by the client to fill in the %L configuration variable and therefore conditionally include various configuration files. The only piece of information yet presented is the option for defining additional NetBIOS names to which the server will respond.
Now to put all the pieces together. This example builds a server named PIGEON, which registers the additional names of SEAGULL and PELICAN. smbd binds solely to port 139 and uses the destination name used by the client in the connection request to include the configuration files for the various virtual hosts:
[global] netbios name = PIGEON netbios aliases = SEAGULL PELICAN server string = Engr Dept Server (Samba %v) workgroup = GARDEN smb ports = 139 include = /usr/local/samba/lib/%L.conf
Figure 4-5 illlustrates how the virtual servers would appear when browsing the network. Notice that all three hosts, PIGEON, SEAGULL, and PELICAN, have the same comment string when a user views the server details.
Figure 4-5. Using NetBIOS aliases for a Samba server
To support virtual configurations over port 445, the server must possess multiple network interfaces, although they do not necessarily have to be real interfaces; virtual interfaces work also. In this case, the destination IP address transmitted in the connection request determines what role the Samba server should play. When a client contacts Samba, smbd fills in the %i variable with the IP address to which the client connected. In this case, the configuration can drop the netbios aliases option and add the new names to the domain name service.
If the server has three IP addresses, 192.168.1.10 (pigeon), 192.168.1.11 (seagull), and 192.168.1.12 (pelican), we can update the configuration file to appear as follows:
[global] netbios name = PIGEON workgroup = GARDEN include = /usr/local/samba/lib/%i.conf
Notice that we have removed the smb ports line, so the parameter reverts to the default of both 139 and 445. Having removed the netbios aliases option, we enter the hostnames into our DNS server:
; Bind 9 address entries pigeon IN A 192.168.1.10 seagull IN A 192.168.1.11 pelican IN A 192.168.1.12
Any legacy clients such as Windows NT or Windows 9x/Me will continue to be able to access the server. But Windows 9x/Me clients are unable to use DNS names or IP addresses of CIFS/SMB connections and therefore are unable to access any virtual server other than PIGEON. None of the Windows NT-based operating systems are subject to this limitation.
4.7.1. Virtual Server Configuration Options
Table 4-7 summaries the new parameters necessary for configuring virtual Samba hosts.
220.127.116.11. netbios aliases
The netbios aliases option can give the Samba server more than one NetBIOS name. Each NetBIOS name listed as a value is displayed in the My Network Places of Windows clients. When a connection is requested to any of the servers, it connects to the same Samba server.
[global] netbios name = BOSS netbios aliases = SALES ACCOUNTING ADMIN
nmbd registers each additional NetBIOS name with the list of addresses provided by configured network interfaces. But only the server's primary name (the value of netbios name) is used for network browsing (Chapter 8), domain control (Chapter 9), and domain membership (Chapter 10).
18.104.22.168. smb ports
The smb ports parameter controls the TCP ports on which smbd listens. The default list, ports 139 and 445, matches Windows 2000 and later servers. It is possible to bind smbd to a nonstandard CIFS/SMB port, but only non-Microsoft clients that are flexible enough to connect to alternative ports will be able to access the server. A more common use is to restrict smbd to only one of the default ports, such as forcing clients to use NetBIOS transport services:
[global] smb ports = 139