9.4 How Browsing Functions


MS Windows machines register their NetBIOS names (i.e., the machine name for each service type in operation) on start-up. The exact method by which this name registration takes place is determined by whether or not the MS Windows client/server has been given a WINS server address, whether or not LMHOSTS lookup is enabled, or if DNS for NetBIOS name resolution is enabled, etc.

In the case where there is no WINS server, all name registrations as well as name lookups are done by UDP broadcast. This isolates name resolution to the local subnet, unless LMHOSTS is used to list all names and IP addresses. In such situations, Samba provides a means by which the Samba server name may be forcibly injected into the browse list of a remote MS Windows network (using the remote announce parameter).

Where a WINS server is used, the MS Windows client will use UDP unicast to register with the WINS server. Such packets can be routed and thus WINS allows name resolution to function across routed networks.

During the startup process an election will take place to create a Local Master Browser if one does not already exist. On each NetBIOS network one machine will be elected to function as the Domain Master Browser. This domain browsing has nothing to do with MS security Domain Control. Instead, the Domain Master Browser serves the role of contacting each local master browser (found by asking WINS or from LMHOSTS) and exchanging browse list contents. This way every master browser will eventually obtain a complete list of all machines that are on the network. Every 11 to 15 minutes an election is held to determine which machine will be the master browser. By the nature of the election criteria used, the machine with the highest uptime, or the most senior protocol version or other criteria, will win the election as Domain Master Browser.

Clients wishing to browse the network make use of this list, but also depend on the availability of correct name resolution to the respective IP address/addresses.

Any configuration that breaks name resolution and/or browsing intrinsics will annoy users because they will have to put up with protracted inability to use the network services.

Samba supports a feature that allows forced synchronization of browse lists across routed networks using the remote browse sync parameter in the smb.conf file. This causes Samba to contact the local master browser on a remote network and to request browse list synchronization. This effectively bridges two networks that are separated by routers. The two remote networks may use either broadcast-based name resolution or WINS-based name resolution, but it should be noted that the remote browse sync parameter provides browse list synchronization ” and that is distinct from name to address resolution. In other words, for cross-subnet browsing to function correctly it is essential that a name-to-address resolution mechanism be provided. This mechanism could be via DNS, /etc/ hosts , and so on.

9.4.1 Configuring WORKGROUP Browsing

To configure cross-subnet browsing on a network containing machines in a WORKGROUP, not an NT Domain, you need to set up one Samba server to be the Domain Master Browser (note that this is not the same as a Primary Domain Controller, although in an NT Domain the same machine plays both roles). The role of a Domain Master Browser is to collate the browse lists from Local Master Browsers on all the subnets that have a machine participating in the workgroup. Without one machine configured as a Domain Master Browser, each subnet would be an isolated workgroup unable to see any machines on another subnet. It is the presence of a Domain Master Browser that makes cross-subnet browsing possible for a workgroup.

In a WORKGROUP environment the Domain Master Browser must be a Samba server, and there must only be one Domain Master Browser per workgroup name. To set up a Samba server as a Domain Master Browser, set the following option in the [global] section of the smb.conf file:

 
  domain master = yes  

The Domain Master Browser should preferably be the local master browser for its own subnet. In order to achieve this, set the following options in the [global] section of the smb.conf file as shown in Example 9.1.

Example 9.1 Domain Master Browser smb.conf
  [global]   domain master = yes   local master = yes   preferred master = yes   os level = 65  

The Domain Master Browser may be the same machine as the WINS server, if necessary.

Next, you should ensure that each of the subnets contains a machine that can act as a Local Master Browser for the workgroup. Any MS Windows NT/200x/XP machine should be able to do this, as will Windows 9x/Me machines (although these tend to get rebooted more often, so it is not such a good idea to use these). To make a Samba server a Local Master Browser set the following options in the [global] section of the smb.conf file as shown in Example 9.2:

Do not do this for more than one Samba server on each subnet, or they will war with each other over which is to be the Local Master Browser.

The local master parameter allows Samba to act as a Local Master Browser. The preferred master causes nmbd to force a browser election on startup and the os level parameter sets Samba high enough so it should win any browser elections .

Example 9.2 Local master browser smb.conf
  [global]   domain master = no   local master = yes   preferred master = yes   os level = 65  

If you have an NT machine on the subnet that you wish to be the Local Master Browser, you can disable Samba from becoming a Local Master Browser by setting the following options in the [global] section of the smb.conf file as shown in Example 9.3:

Example 9.3 smb.conf for not being a Master Browser
  [global]   domain master = no   local master = no   preferred master = no   os level = 0  

9.4.2 DOMAIN Browsing Configuration

If you are adding Samba servers to a Windows NT Domain, then you must not set up a Samba server as a Domain Master Browser. By default, a Windows NT Primary Domain Controller for a domain is also the Domain Master Browser for that domain. Network browsing may break if a Samba server registers the domain master browser NetBIOS name ( DOMAIN <1B>) with WINS instead of the PDC.

For subnets other than the one containing the Windows NT PDC, you may set up Samba servers as Local Master Browsers as described. To make a Samba server a Local Master Browser, set the following options in the [global] section of the smb.conf file as shown in Example 9.4:

Example 9.4 Local Master Browser smb.conf
  [global]   domain master = no   local master = yes   preferred master = yes   os level = 65  

If you wish to have a Samba server fight the election with machines on the same subnet you may set the os level parameter to lower levels. By doing this you can tune the order of machines that will become Local Master Browsers if they are running. For more details on this refer to Section 9.4.3.

If you have Windows NT machines that are members of the domain on all subnets and you are sure they will always be running, you can disable Samba from taking part in browser elections and ever becoming a Local Master Browser by setting the following options in the [global] section of the smb.conf file as shown in Example 9.5:

Example 9.5 smb.conf for not being a master browser
  [global]   domain master = no   local master = no   preferred master = no   os level = 0  

9.4.3 Forcing Samba to Be the Master

Who becomes the master browser is determined by an election process using broadcasts. Each election packet contains a number of parameters that determine what precedence (bias) a host should have in the election. By default Samba uses a low precedence and thus loses elections to just about every Windows network server or client.

If you want Samba to win elections, set the os level global option in smb.conf to a higher number. It defaults to zero. Using 34 would make it win all elections every other system (except other samba systems).

An os level of two would make it beat Windows for Workgroups and Windows 9x/Me, but not MS Windows NT/200x Server. An MS Windows NT/200x Server Domain Controller uses level 32. The maximum os level is 255.

If you want Samba to force an election on startup, set the preferred master global option in smb.conf to yes . Samba will then have a slight advantage over other potential master browsers that are not Perferred Master Browsers. Use this parameter with care, as if you have two hosts (whether they are Windows 9x/Me or NT/200x/XP or Samba) on the same local subnet both set with preferred master to yes , then periodically and continually they will force an election in order to become the Local Master Browser.

If you want Samba to be a Domain Master Browser , then it is recommended that you also set preferred master to yes , because Samba will not become a Domain Master Browser for the whole of your LAN or WAN if it is not also a Local Master Browser on its own broadcast isolated subnet.

It is possible to configure two Samba servers to attempt to become the Domain Master Browser for a domain. The first server that comes up will be the Domain Master Browser. All other Samba servers will attempt to become the Domain Master Browser every five minutes. They will find that another Samba server is already the domain master browser and will fail. This provides automatic redundancy, should the current Domain Master Browser fail.

9.4.4 Making Samba the Domain Master

The domain master is responsible for collating the browse lists of multiple subnets so browsing can occur between subnets. You can make Samba act as the Domain Master by setting domain master = yes in smb.conf . By default it will not be a Domain Master.

Do not set Samba to be the Domain Master for a workgroup that has the same name as an NT/200x Domain. If Samba is configured to be the Domain Master for a workgroup that is present on the same network as a Windows NT/200x domain that has the same name, network browsing problems will certainly be experienced .

When Samba is the Domain Master and the Master Browser, it will listen for master announcements (made roughly every twelve minutes) from Local Master Browsers on other subnets and then contact them to synchronize browse lists.

If you want Samba to be the domain master, you should also set the os level high enough to make sure it wins elections, and set preferred master to yes , to get Samba to force an election on startup.

All servers (including Samba) and clients should be using a WINS server to resolve NetBIOS names. If your clients are only using broadcasting to resolve NetBIOS names, then two things will occur:

  1. Local Master Browsers will be unable to find a Domain Master Browser, as they will be looking only on the local subnet.

  2. If a client happens to get hold of a domain-wide browse list and a user attempts to access a host in that list, it will be unable to resolve the NetBIOS name of that host.

If, however, both Samba and your clients are using a WINS server, then:

  1. Local master browsers will contact the WINS server and, as long as Samba has registered that it is a Domain Master Browser with the WINS server, the Local Master Browser will receive Samba's IP address as its Domain Master Browser.

  2. When a client receives a domain-wide browse list and a user attempts to access a host in that list, it will contact the WINS server to resolve the NetBIOS name of that host. As long as that host has registered its NetBIOS name with the same WINS server, the user will be able to see that host.

9.4.5 Note about Broadcast Addresses

If your network uses a 0 based broadcast address (for example, if it ends in a 0) then you will strike problems. Windows for Workgroups does not seem to support a zeros broadcast and you will probably find that browsing and name lookups will not work.

9.4.6 Multiple Interfaces

Samba supports machines with multiple network interfaces. If you have multiple interfaces, you will need to use the interfaces option in smb.conf to configure them.

9.4.7 Use of the Remote Announce Parameter

The remote announce parameter of smb.conf can be used to forcibly ensure that all the NetBIOS names on a network get announced to a remote network. The syntax of the remote announce parameter is:

 
  remote announce = a.b.c.d [e.f.g.h] ...  

or

 
  remote announce = a.b.c.d/WORKGROUP [e.f.g.h/WORKGROUP] ...  

where:

a.b.c.d and e.f.g.h ” is either the LMB (Local Master Browser) IP address or the broadcast address of the remote network. i.e., the LMB is at 192.168.1.10, or the address could be given as 192.168.1.255 where the netmask is assumed to be 24 bits (255.255.255.0). When the remote announcement is made to the broadcast address of the remote network, every host will receive our announcements. This is noisy and therefore undesirable but may be necessary if we do not know the IP address of the remote LMB.

WORKGROUP ” is optional and can be either our own workgroup or that of the remote network. If you use the workgroup name of the remote network, our NetBIOS machine names will end up looking like they belong to that workgroup. This may cause name resolution problems and should be avoided.

9.4.8 Use of the Remote Browse Sync Parameter

The remote browse sync parameter of smb.conf is used to announce to another LMB that it must synchronize its NetBIOS name list with our Samba LMB. This works only if the Samba server that has this option is simultaneously the LMB on its network segment.

The syntax of the remote browse sync parameter is:

 
  remote browse sync = a.b.c.d  

where a.b.c.d is either the IP address of the remote LMB or else is the network broadcast address of the remote segment.



Official Samba-3 HOWTO and Reference Guide
The Official Samba-3 HOWTO and Reference Guide, 2nd Edition
ISBN: 0131882228
EAN: 2147483647
Year: 2005
Pages: 297

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net