diff options
Diffstat (limited to 'docs/htmldocs/Samba3-ByExample/HA.html')
| -rw-r--r-- | docs/htmldocs/Samba3-ByExample/HA.html | 236 |
1 files changed, 118 insertions, 118 deletions
diff --git a/docs/htmldocs/Samba3-ByExample/HA.html b/docs/htmldocs/Samba3-ByExample/HA.html index 5edebc832b..ce01c67d7d 100644 --- a/docs/htmldocs/Samba3-ByExample/HA.html +++ b/docs/htmldocs/Samba3-ByExample/HA.html @@ -1,7 +1,7 @@ -<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 13. Performance, Reliability, and Availability</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.73.1"><link rel="start" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="DomApps.html" title="Chapter 12. Integrating Additional Services"><link rel="next" href="ch14.html" title="Chapter 14. Samba Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 13. Performance, Reliability, and Availability</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="HA"></a>Chapter 13. Performance, Reliability, and Availability</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="HA.html#id2612034">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2612122">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2612593">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2612620">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613096">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613424">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613499">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613521">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613570">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613625">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613671">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2613829">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2613932">Key Points Learned</a></span></dt></dl></div><p> - <a class="indexterm" name="id2611996"></a> - <a class="indexterm" name="id2612003"></a> - <a class="indexterm" name="id2612010"></a> +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 13. Performance, Reliability, and Availability</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><link rel="home" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="DomApps.html" title="Chapter 12. Integrating Additional Services"><link rel="next" href="ch14.html" title="Chapter 14. Samba Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 13. Performance, Reliability, and Availability</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="HA"></a>Chapter 13. Performance, Reliability, and Availability</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="HA.html#id2618932">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619019">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2619492">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2619520">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2619995">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620323">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620398">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620420">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620470">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620524">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620570">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2620728">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2620832">Key Points Learned</a></span></dt></dl></div><p> + <a class="indexterm" name="id2618894"></a> + <a class="indexterm" name="id2618901"></a> + <a class="indexterm" name="id2618907"></a> Well, you have reached one of the last chapters of this book. It is customary to attempt to wrap up the theme and contents of a book in what is generally regarded as the chapter that should draw conclusions. This book is a suspense thriller, and since @@ -10,8 +10,8 @@ regarding some of the things everyone can do to deliver a reliable Samba-3 network. </p><div class="blockquote"><table border="0" width="100%" cellspacing="0" cellpadding="0" class="blockquote" summary="Block quote"><tr><td width="10%" valign="top"> </td><td width="80%" valign="top"><p> In a world so full of noise, how can the sparrow be heard? - </p></td><td width="10%" valign="top"> </td></tr><tr><td width="10%" valign="top"> </td><td colspan="2" align="right" valign="top">--<span class="attribution">Anonymous</span></td></tr></table></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2612034"></a>Introduction</h2></div></div></div><p> - <a class="indexterm" name="id2612042"></a> + </p></td><td width="10%" valign="top"> </td></tr><tr><td width="10%" valign="top"> </td><td colspan="2" align="right" valign="top">--<span class="attribution">Anonymous</span></td></tr></table></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2618932"></a>Introduction</h2></div></div></div><p> + <a class="indexterm" name="id2618940"></a> The sparrow is a small bird whose sounds are drowned out by the noise of the busy world it lives in. Likewise, the simple steps that can be taken to improve the reliability and availability of a Samba network are often drowned out by the volume @@ -20,22 +20,22 @@ itself to discussion of clustering because each clustering methodology uses its own custom tools and methods. Only passing comments are offered concerning these methods. </p><p> - <a class="indexterm" name="id2612062"></a> - <a class="indexterm" name="id2612069"></a> - <a class="indexterm" name="id2612076"></a> + <a class="indexterm" name="id2618960"></a> + <a class="indexterm" name="id2618967"></a> + <a class="indexterm" name="id2618974"></a> <a class="ulink" href="http://www.google.com/search?hl=en&lr=&ie=ISO-8859-1&q=samba+cluster&btnG=Google+Search" target="_top">A search</a> for “<span class="quote">samba cluster</span>” produced 71,600 hits. And a search for “<span class="quote">highly available samba</span>” and “<span class="quote">highly available windows</span>” produced an amazing number of references. It is clear from the resources on the Internet that Windows file and print services availability, reliability, and scalability are of vital interest to corporate network users. </p><p> - <a class="indexterm" name="id2612109"></a> + <a class="indexterm" name="id2619007"></a> So without further background, you can review a checklist of simple steps that can be taken to ensure acceptable network performance while keeping costs of ownership well under control. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2612122"></a>Dissection and Discussion</h2></div></div></div><p> - <a class="indexterm" name="id2612130"></a> - <a class="indexterm" name="id2612136"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619019"></a>Dissection and Discussion</h2></div></div></div><p> + <a class="indexterm" name="id2619027"></a> + <a class="indexterm" name="id2619034"></a> If it is your purpose to get the best mileage out of your Samba servers, there is one rule that must be obeyed. If you want the best, keep your implementation as simple as possible. You may well be forced to introduce some complexities, but you should do so only as a last resort. @@ -44,8 +44,8 @@ make life easier for your successor. Simple implementations can be more readily audited than can complex ones. </p><p> - <a class="indexterm" name="id2612158"></a> - <a class="indexterm" name="id2612165"></a> + <a class="indexterm" name="id2619056"></a> + <a class="indexterm" name="id2619063"></a> Problems reported by users fall into three categories: configurations that do not work, those that have broken behavior, and poor performance. The term <span class="emphasis"><em>broken behavior</em></span> means that the function of a particular Samba component appears to work sometimes, but not at @@ -54,12 +54,12 @@ list of Windows machines in MS Explorer changes, sometimes listing machines that are running and at other times not listing them even though the machines are in use on the network. </p><p> - <a class="indexterm" name="id2612193"></a> - <a class="indexterm" name="id2612200"></a> - <a class="indexterm" name="id2612206"></a> - <a class="indexterm" name="id2612213"></a> - <a class="indexterm" name="id2612220"></a> - <a class="indexterm" name="id2612227"></a> + <a class="indexterm" name="id2619090"></a> + <a class="indexterm" name="id2619097"></a> + <a class="indexterm" name="id2619104"></a> + <a class="indexterm" name="id2619111"></a> + <a class="indexterm" name="id2619118"></a> + <a class="indexterm" name="id2619124"></a> A significant number of reports concern problems with the <code class="literal">smbfs</code> file system driver that is part of the Linux kernel, not part of Samba. Users continue to interpret that <code class="literal">smbfs</code> is part of Samba, simply because Samba includes the front-end tools @@ -70,32 +70,32 @@ common infrastructure with some Samba components, but they are not maintained as part of Samba and are really foreign to it. </p><p> - <a class="indexterm" name="id2612288"></a> + <a class="indexterm" name="id2619185"></a> The new project, <code class="literal">cifsfs</code>, is destined to replace <code class="literal">smbfs</code>. It, too, is not part of Samba, even though one of the Samba Team members is a prime mover in this project. </p><p> Table 13.1 lists typical causes of: </p><div class="itemizedlist"><ul type="disc"><li><p>Not Working (NW)</p></li><li><p>Broken Behavior (BB)</p></li><li><p>Poor Performance (PP)</p></li></ul></div><div class="table"><a name="ProbList"></a><p class="title"><b>Table 13.1. Effect of Common Problems</b></p><div class="table-contents"><table summary="Effect of Common Problems" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th align="left"><p>Problem</p></th><th align="center"><p>NW</p></th><th align="center"><p>BB</p></th><th align="center"><p>PP</p></th></tr></thead><tbody><tr><td align="left"><p>File locking</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Hardware problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Incorrect authentication</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Incorrect configuration</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>LDAP problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Name resolution</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Printing problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Slow file transfer</p></td><td align="center"><p>-</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Winbind problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr></tbody></table></div></div><br class="table-break"><p> - <a class="indexterm" name="id2612580"></a> + <a class="indexterm" name="id2619479"></a> It is obvious to all that the first requirement (as a matter of network hygiene) is to eliminate problems that affect basic network operation. This book has provided sufficient working examples to help you to avoid all these problems. - </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2612593"></a>Guidelines for Reliable Samba Operation</h2></div></div></div><p> - <a class="indexterm" name="id2612601"></a> - <a class="indexterm" name="id2612608"></a> + </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2619492"></a>Guidelines for Reliable Samba Operation</h2></div></div></div><p> + <a class="indexterm" name="id2619501"></a> + <a class="indexterm" name="id2619508"></a> Your objective is to provide a network that works correctly, can grow at all times, is resilient at times of extreme demand, and can scale to meet future needs. The following subject areas provide pointers that can help you today. - </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2612620"></a>Name Resolution</h3></div></div></div><p> + </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2619520"></a>Name Resolution</h3></div></div></div><p> There are three basic current problem areas: bad hostnames, routed networks, and network collisions. These are covered in the following discussion. - </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2612632"></a>Bad Hostnames</h4></div></div></div><p> - <a class="indexterm" name="id2612640"></a> - <a class="indexterm" name="id2612649"></a> - <a class="indexterm" name="id2612656"></a> - <a class="indexterm" name="id2612663"></a> - <a class="indexterm" name="id2612670"></a> + </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619531"></a>Bad Hostnames</h4></div></div></div><p> + <a class="indexterm" name="id2619539"></a> + <a class="indexterm" name="id2619548"></a> + <a class="indexterm" name="id2619555"></a> + <a class="indexterm" name="id2619562"></a> + <a class="indexterm" name="id2619569"></a> When configured as a DHCP client, a number of Linux distributions set the system hostname to <code class="constant">localhost</code>. If the parameter <em class="parameter"><code>netbios name</code></em> is not specified to something other than <code class="constant">localhost</code>, the Samba server appears @@ -107,13 +107,13 @@ the local Windows machine itself. Hostnames must be valid for Windows networking to function correctly. </p><p> - <a class="indexterm" name="id2612724"></a> + <a class="indexterm" name="id2619624"></a> A few sites have tried to name Windows clients and Samba servers with a name that begins with the digits 1-9. This does not work either because it may result in the client or server attempting to use that name as an IP address. </p><p> - <a class="indexterm" name="id2612738"></a> - <a class="indexterm" name="id2612747"></a> + <a class="indexterm" name="id2619638"></a> + <a class="indexterm" name="id2619647"></a> A Samba server called <code class="constant">FRED</code> in a NetBIOS domain called <code class="constant">COLLISION</code> in a network environment that is part of the fully-qualified Internet domain namespace known as <code class="constant">parrots.com</code>, results in DNS name lookups for <code class="constant">fred.parrots.com</code> @@ -122,49 +122,49 @@ attempts to resolve <code class="constant">fred.parrots.com.parrots.com</code>, which most likely fails given that you probably do not have this in your DNS namespace. </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> - <a class="indexterm" name="id2612792"></a> - <a class="indexterm" name="id2612801"></a> - <a class="indexterm" name="id2612808"></a> + <a class="indexterm" name="id2619691"></a> + <a class="indexterm" name="id2619700"></a> + <a class="indexterm" name="id2619707"></a> An Active Directory realm called <code class="constant">collision.parrots.com</code> is perfectly okay, although it too must be capable of being resolved via DNS, something that functions correctly if Windows 200x ADS has been properly installed and configured. - </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2612824"></a>Routed Networks</h4></div></div></div><p> - <a class="indexterm" name="id2612832"></a> - <a class="indexterm" name="id2612839"></a> - <a class="indexterm" name="id2612848"></a> + </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619723"></a>Routed Networks</h4></div></div></div><p> + <a class="indexterm" name="id2619731"></a> + <a class="indexterm" name="id2619738"></a> + <a class="indexterm" name="id2619747"></a> NetBIOS networks (Windows networking with NetBIOS over TCP/IP enabled) makes extensive use of UDP-based broadcast traffic, as you saw during the exercises in <a class="link" href="primer.html" title="Chapter 16. Networking Primer">“Networking Primer”</a>. </p><p> - <a class="indexterm" name="id2612868"></a> - <a class="indexterm" name="id2612875"></a> - <a class="indexterm" name="id2612881"></a> + <a class="indexterm" name="id2619767"></a> + <a class="indexterm" name="id2619774"></a> + <a class="indexterm" name="id2619780"></a> UDP broadcast traffic is not forwarded by routers. This means that NetBIOS broadcast-based networking cannot function across routed networks (i.e., multi-subnet networks) unless special provisions are made: </p><div class="itemizedlist"><ul type="disc"><li><p> - <a class="indexterm" name="id2612898"></a> - <a class="indexterm" name="id2612905"></a> - <a class="indexterm" name="id2612912"></a> + <a class="indexterm" name="id2619797"></a> + <a class="indexterm" name="id2619804"></a> + <a class="indexterm" name="id2619811"></a> Either install on every Windows client an LMHOSTS file (located in the directory <code class="filename">C:\windows\system32\drivers\etc</code>). It is also necessary to add to the Samba server <code class="filename">smb.conf</code> file the parameters <em class="parameter"><code>remote announce</code></em> and <em class="parameter"><code>remote browse sync</code></em>. For more information, refer to the online manual page for the <code class="filename">smb.conf</code> file. </p></li><li><p> - <a class="indexterm" name="id2612958"></a> + <a class="indexterm" name="id2619857"></a> Or configure Samba as a WINS server, and configure all network clients to use that WINS server in their TCP/IP configuration. </p></li></ul></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p> - <a class="indexterm" name="id2612975"></a> - <a class="indexterm" name="id2612984"></a> + <a class="indexterm" name="id2619874"></a> + <a class="indexterm" name="id2619883"></a> The use of DNS is not an acceptable substitute for WINS. DNS does not store specific information regarding NetBIOS networking particulars that get stored in the WINS name resolution database and that Windows clients require and depend on. - </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2612997"></a>Network Collisions</h4></div></div></div><p> - <a class="indexterm" name="id2613005"></a> - <a class="indexterm" name="id2613014"></a> - <a class="indexterm" name="id2613023"></a> - <a class="indexterm" name="id2613030"></a> + </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2619896"></a>Network Collisions</h4></div></div></div><p> + <a class="indexterm" name="id2619904"></a> + <a class="indexterm" name="id2619913"></a> + <a class="indexterm" name="id2619922"></a> + <a class="indexterm" name="id2619929"></a> Excessive network activity causes NetBIOS network timeouts. Timeouts may result in blue screen of death (BSOD) experiences. High collision rates may be caused by excessive UDP broadcast activity, by defective networking hardware, or through excessive network @@ -173,9 +173,9 @@ The use of WINS is highly recommended to reduce network broadcast traffic, as outlined in <a class="link" href="primer.html" title="Chapter 16. Networking Primer">“Networking Primer”</a>. </p><p> - <a class="indexterm" name="id2613059"></a> - <a class="indexterm" name="id2613066"></a> - <a class="indexterm" name="id2613073"></a> + <a class="indexterm" name="id2619958"></a> + <a class="indexterm" name="id2619965"></a> + <a class="indexterm" name="id2619972"></a> Under no circumstances should the facility be supported by many routers, known as <code class="constant">NetBIOS forwarding</code>, unless you know exactly what you are doing. Inappropriate use of this facility can result in UDP broadcast storms. In one case in 1999, a university network became @@ -183,13 +183,13 @@ testing of a Samba server. The maximum throughput on a 100-Base-T (100 MB/sec) network was less than 15 KB/sec. After the NetBIOS forwarding was turned off, file transfer performance immediately returned to 11 MB/sec. - </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613096"></a>Samba Configuration</h3></div></div></div><p> + </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2619995"></a>Samba Configuration</h3></div></div></div><p> As a general rule, the contents of the <code class="filename">smb.conf</code> file should be kept as simple as possible. No parameter should be specified unless you know it is essential to operation. </p><p> - <a class="indexterm" name="id2613116"></a> - <a class="indexterm" name="id2613123"></a> - <a class="indexterm" name="id2613130"></a> + <a class="indexterm" name="id2620015"></a> + <a class="indexterm" name="id2620022"></a> + <a class="indexterm" name="id2620029"></a> Many UNIX administrators like to fully document the settings in the <code class="filename">smb.conf</code> file. This is a bad idea because it adds content to the file. The <code class="filename">smb.conf</code> file is re-read by every <code class="literal">smbd</code> process every time the file timestamp changes (or, on systems where this does not work, every 20 seconds or so). @@ -197,7 +197,7 @@ As the size of the <code class="filename">smb.conf</code> file grows, the risk of introducing parsing errors also increases. It is recommended to keep a fully documented <code class="filename">smb.conf</code> file on hand, and then to operate Samba only with an optimized file. - </p><p><a class="indexterm" name="id2613180"></a> + </p><p><a class="indexterm" name="id2620079"></a> The preferred way to maintain a documented file is to call it something like <code class="filename">smb.conf.master</code>. You can generate the optimized file by executing: </p><pre class="screen"> @@ -223,7 +223,7 @@ Loaded services file OK. Server role: ROLE_DOMAIN_PDC Press enter to see a dump of your service definitions </pre><p> - <a class="indexterm" name="id2613239"></a> + <a class="indexterm" name="id2620138"></a> You now, of course, press the enter key to complete the command, or else abort it by pressing Ctrl-C. The important thing to note is the noted Server role, as well as warning messages. Noted configuration conflicts must be remedied before proceeding. For example, the following error message represents a @@ -233,28 +233,28 @@ ERROR: both 'wins support = true' and 'wins server = <server list>' cannot be set in the smb.conf file. nmbd will abort with this setting. </pre><p> </p><p> - <a class="indexterm" name="id2613267"></a> - <a class="indexterm" name="id2613274"></a> - <a class="indexterm" name="id2613281"></a> + <a class="indexterm" name="id2620166"></a> + <a class="indexterm" name="id2620173"></a> + <a class="indexterm" name="id2620180"></a> There are two parameters that can cause severe network performance degradation: <em class="parameter"><code>socket options</code></em> and <em class="parameter"><code>socket address</code></em>. The <em class="parameter"><code>socket options</code></em> parameter was often necessary when Samba was used with the Linux 2.2.x kernels. Later kernels are largely self-tuning and seldom benefit from this parameter being set. Do not use either parameter unless it has been proven necessary to use them. </p><p> - <a class="indexterm" name="id2613315"></a> - <a class="indexterm" name="id2613322"></a> - <a class="indexterm" name="id2613329"></a> - <a class="indexterm" name="id2613336"></a> + <a class="indexterm" name="id2620214"></a> + <a class="indexterm" name="id2620221"></a> + <a class="indexterm" name="id2620228"></a> + <a class="indexterm" name="id2620235"></a> Another <code class="filename">smb.conf</code> parameter that may cause severe network performance degradation is the <em class="parameter"><code>strict sync</code></em> parameter. Do not use this at all. There is no good reason to use this with any modern Windows client. The <em class="parameter"><code>strict sync</code></em> is often used with the <em class="parameter"><code>sync always</code></em> parameter. This, too, can severely degrade network performance, so do not set it; if you must, do so with caution. </p><p> - <a class="indexterm" name="id2613377"></a> - <a class="indexterm" name="id2613384"></a> - <a class="indexterm" name="id2613391"></a> - <a class="indexterm" name="id2613398"></a> + <a class="indexterm" name="id2620276"></a> + <a class="indexterm" name="id2620283"></a> + <a class="indexterm" name="id2620290"></a> + <a class="indexterm" name="id2620297"></a> Finally, many network administrators deliberately disable opportunistic locking support. While this does not degrade Samba performance, it significantly degrades Windows client performance because this disables local file caching on Windows clients and forces every file read and written to @@ -262,12 +262,12 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. support, do so only on the share on which it is required. That way, all other shares can provide oplock support for operations that are tolerant of it. See <a class="link" href="appendix.html#ch12dblck" title="Shared Data Integrity">“Shared Data Integrity”</a> for more information. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613424"></a>Use and Location of BDCs</h3></div></div></div><p> - <a class="indexterm" name="id2613432"></a> - <a class="indexterm" name="id2613438"></a> - <a class="indexterm" name="id2613444"></a> - <a class="indexterm" name="id2613451"></a> - <a class="indexterm" name="id2613458"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620323"></a>Use and Location of BDCs</h3></div></div></div><p> + <a class="indexterm" name="id2620331"></a> + <a class="indexterm" name="id2620337"></a> + <a class="indexterm" name="id2620344"></a> + <a class="indexterm" name="id2620351"></a> + <a class="indexterm" name="id2620358"></a> On a network segment where there is a PDC and a BDC, the BDC carries the bulk of the network logon processing. If the BDC is a heavily loaded server, the PDC carries a greater proportion of authentication and logon processing. When a sole BDC on a routed network segment gets heavily @@ -275,13 +275,13 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. to a BDC on a distant network segment. This significantly hinders WAN operations and is undesirable. </p><p> - <a class="indexterm" name="id2613477"></a> - <a class="indexterm" name="id2613484"></a> + <a class="indexterm" name="id2620376"></a> + <a class="indexterm" name="id2620383"></a> As a general guide, instead of adding domain member servers to a network, you would be better advised to add BDCs until there are fewer than 30 Windows clients per BDC. Beyond that ratio, you should add domain member servers. This practice ensures that there are always sufficient domain controllers to handle logon requests and authentication traffic. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613499"></a>Use One Consistent Version of MS Windows Client</h3></div></div></div><p> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620398"></a>Use One Consistent Version of MS Windows Client</h3></div></div></div><p> Every network client has its own peculiarities. From a management perspective, it is easier to deal with one version of MS Windows that is maintained to a consistent update level than it is to deal with a mixture of clients. @@ -289,61 +289,61 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. On a number of occasions, particular Microsoft service pack updates of a Windows server or client have necessitated special handling from the Samba server end. If you want to remain sane, keep you client workstation configurations consistent. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613521"></a>For Scalability, Use SAN-Based Storage on Samba Servers</h3></div></div></div><p> - <a class="indexterm" name="id2613529"></a> - <a class="indexterm" name="id2613536"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620420"></a>For Scalability, Use SAN-Based Storage on Samba Servers</h3></div></div></div><p> + <a class="indexterm" name="id2620429"></a> + <a class="indexterm" name="id2620436"></a> Many SAN-based storage systems permit more than one server to share a common data store. Use of a shared SAN data store means that you do not need to use time- and resource-hungry data synchronization techniques. </p><p> - <a class="indexterm" name="id2613550"></a> - <a class="indexterm" name="id2613557"></a> + <a class="indexterm" name="id2620450"></a> + <a class="indexterm" name="id2620456"></a> The use of a collection of relatively low-cost front-end Samba servers that are coupled to a shared backend SAN data store permits load distribution while containing costs below that of installing and managing a complex clustering facility. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613570"></a>Distribute Network Load with MSDFS</h3></div></div></div><p> - <a class="indexterm" name="id2613578"></a> - <a class="indexterm" name="id2613585"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620470"></a>Distribute Network Load with MSDFS</h3></div></div></div><p> + <a class="indexterm" name="id2620478"></a> + <a class="indexterm" name="id2620485"></a> Microsoft DFS (distributed file system) technology has been implemented in Samba. MSDFS permits data to be accessed from a single share and yet to actually be distributed across multiple actual servers. Refer to <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 19, for information regarding implementation of an MSDFS installation. </p><p> - <a class="indexterm" name="id2613604"></a> - <a class="indexterm" name="id2613613"></a> + <a class="indexterm" name="id2620503"></a> + <a class="indexterm" name="id2620512"></a> The combination of multiple backend servers together with a front-end server and use of MSDFS can achieve almost the same as you would obtain with a clustered Samba server. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613625"></a>Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</h3></div></div></div><p> - <a class="indexterm" name="id2613634"></a> - <a class="indexterm" name="id2613640"></a> - <a class="indexterm" name="id2613647"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620524"></a>Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</h3></div></div></div><p> + <a class="indexterm" name="id2620533"></a> + <a class="indexterm" name="id2620540"></a> + <a class="indexterm" name="id2620547"></a> Consider using <code class="literal">rsync</code> to replicate data across the WAN during times of low utilization. Users can then access the replicated data store rather than needing to do so across the WAN. This works best for read-only data, but with careful planning can be implemented so that modified files get replicated back to the point of origin. Be careful with your implementation if you choose to permit modification and return replication of the modified file; otherwise, you may inadvertently overwrite important data. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613671"></a>Hardware Problems</h3></div></div></div><p> - <a class="indexterm" name="id2613679"></a> - <a class="indexterm" name="id2613686"></a> - <a class="indexterm" name="id2613692"></a> - <a class="indexterm" name="id2613699"></a> - <a class="indexterm" name="id2613708"></a> - <a class="indexterm" name="id2613718"></a> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620570"></a>Hardware Problems</h3></div></div></div><p> + <a class="indexterm" name="id2620578"></a> + <a class="indexterm" name="id2620585"></a> + <a class="indexterm" name="id2620592"></a> + <a class="indexterm" name="id2620599"></a> + <a class="indexterm" name="id2620608"></a> + <a class="indexterm" name="id2620617"></a> Networking hardware prices have fallen sharply over the past 5 years. A surprising number of Samba networking problems over this time have been traced to defective network interface cards (NICs) or defective HUBs, switches, and cables. </p><p> - <a class="indexterm" name="id2613734"></a> + <a class="indexterm" name="id2620634"></a> Not surprising is the fact that network administrators do not like to be shown to have made a bad decision. Money saved in buying low-cost hardware may result in high costs incurred in corrective action. </p><p> - <a class="indexterm" name="id2613748"></a> - <a class="indexterm" name="id2613755"></a> - <a class="indexterm" name="id2613762"></a> - <a class="indexterm" name="id2613769"></a> - <a class="indexterm" name="id2613776"></a> + <a class="indexterm" name="id2620647"></a> + <a class="indexterm" name="id2620654"></a> + <a class="indexterm" name="id2620661"></a> + <a class="indexterm" name="id2620668"></a> + <a class="indexterm" name="id2620675"></a> Defective NICs, HUBs, and switches may appear as intermittent network access problems, intermittent or persistent data corruption, slow network throughput, low performance, or even as BSOD problems with MS Windows clients. In one case, a company updated several workstations with newer, faster @@ -352,14 +352,14 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. </p><p> Defective hardware problems may take patience and persistence before the real cause can be discovered. </p><p> - <a class="indexterm" name="id2613799"></a> + <a class="indexterm" name="id2620698"></a> Networking hardware defects can significantly impact perceived Samba performance, but defective RAID controllers as well as SCSI and IDE hard disk controllers have also been known to impair Samba server operations. One business came to this realization only after replacing a Samba installation with MS Windows Server 2000 running on the same hardware. The root of the problem completely eluded the network administrator until the entire server was replaced. While you may well think that this would never happen to you, experience shows that given the right (unfortunate) circumstances, this can happen to anyone. - </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2613829"></a>Large Directories</h3></div></div></div><p> + </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2620728"></a>Large Directories</h3></div></div></div><p> There exist applications that create or manage directories containing many thousands of files. Such applications typically generate many small files (less than 100 KB). At the best of times, under UNIX, listing of the files in a directory that contains many files is slow. By default, Windows NT, 200x, @@ -379,7 +379,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. that the file system is on will be thrashing wildly. </p><p> Samba-3.0.12 and later, includes new code that radically improves Samba perfomance. The secret to this is - really in the <a class="link" href="smb.conf.5.html#CASESENSITIVE">case sensitive = True</a> line. This tells smbd never to scan + really in the <a class="link" href="smb.conf.5.html#CASESENSITIVE" target="_top">case sensitive = True</a> line. This tells smbd never to scan for case-insensitive versions of names. So if an application asks for a file called <code class="filename">FOO</code>, and it can not be found by a simple stat call, then smbd will return "file not found" immediately without scanning the containing directory for a version of a different case. @@ -399,7 +399,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. All files and directories under the <em class="parameter"><code>path</code></em> directory must be in the same case as specified in the <code class="filename">smb.conf</code> stanza. This means that smbd will not be able to find lower case filenames with these settings. Note, this is done on a per-share basis. - </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2613932"></a>Key Points Learned</h2></div></div></div><p> + </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2620832"></a>Key Points Learned</h2></div></div></div><p> This chapter has touched in broad sweeps on a number of simple steps that can be taken to ensure that your Samba network is resilient, scalable, and reliable, and that it performs well. @@ -408,7 +408,7 @@ cannot be set in the smb.conf file. nmbd will abort with this setting. In the long term, that may not be you. Spare a thought for your successor and give him or her an even break. </p><p> - <a class="indexterm" name="id2613953"></a> + <a class="indexterm" name="id2620853"></a> Last, but not least, you should not only keep the network design simple, but also be sure it is well documented. This book may serve as your pattern for documenting every aspect of your design, its implementation, and particularly the objects and assumptions |