[ previous ] [ next ] [ threads ]
 
 From:  "Jason Brunk" <jbrunk at wthosting dot com>
 To:  =?iso-8859-1?Q?'Thomas_Kolst=F8'?= <thomas at kolsto dot no>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] ipsec tunnel network neighborhood
 Date:  Fri, 29 Apr 2005 08:59:45 -0400
Do I need 2 samba servers?  Or just one?

Jason

-----Original Message-----

Sent: Friday, April 29, 2005 5:28 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] ipsec tunnel network neighborhood

Chris Buechler wrote:

>On 4/28/05, Neil Schneider <pacneil at linuxgeek dot net> wrote:
>  
>
>>Jason Brunk said:
>>    
>>
>>>I am working to get mono wall setup for a client of mine and his
>>>branch
>>>office.  So far the tunnel is working great, I have a wins server
>>>running on
>>>one side and every machine on both networks is registering with it.
>>>Name
>>>resolution works and everything pings fine.  But network neighborhood
>>>browsing only shows machines on that side of the network.  Anyone know
>>>why
>>>the workstations wouldn't be showing the rest of the machines
>>>registered in
>>>wins?
>>>
>>>      
>>>
>>Windows won't do cross-subnet browsing without a master browser on the
>>subnet that knows about all the hosts on the other side. This probably
>>should be in the FAQs if it isn't already. Network neighborhood uses
>>broadcast packets and broadcast packets don't cross network
>>boundaries.
>>
>>    
>>
>
>This is going to become a FAQ, but I haven't yet had time to come up
>with a definitive answer that I'm satisfied with.
>
>Browsing should work without passing broadcasts, but Windows browsing
>has always been flaky at best in my experience, especially across
>subnets.  A master browser on the remote subnet should communicate
>back to the PDC (or likely the PDC-emulator on a 2000/2003 AD network,
>or which ever server is the browse master.  that's the PDC if
>available in a NT 4 domain, so I'm assuming the DC holding the
>PDC-emulator FSMO role in AD would pick up the same role - I could be
>way off).  I don't believe WINS has anything to do with the browse
>process in general, though it may have something to do with how the
>remote subnet browse master contacts the other subnet's browse master.
> Network browsing is handled by the local subnet's browse master.
>
>This MS KB article might help.  http://support.microsoft.com/kb/q188305/
>
>-Chris
>  
>

This could also be solved with Samba and the "remote browse sync" and 
"remote announce" statements in it`s config;

remote browse sync = 10.10.1.2
remote announce = 10.10.1.2/Workgroup

I have this up and running on a couple of sites and it seems to do the 
trick, but it might be a bit overkill depending on your setup.


--



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch