Error mounting Samba Shares in FreeBSD

Over a number of years I’ve had an issue “reliably” mounting some samba shares from my Windows 7 machine. The FreeBSD machine and Windows machine are on the same LAN Subnet and have no firewalls between them. Generally I’ve also disabled the firewall on the win7 machine but still I cannot mount the samba shares (where as they were working previously).

The error given by the mount command does not help with troubleshooting.

root@zzz:~ # mount /data3
mount_smbfs: unable to open connection: syserr = Connection refused
root@zzz:~ # mount /data3
mount_smbfs: unable to open connection: syserr = Connection reset by peer

The options in the nsmb.conf file are nicely described in this man page. The default connectivity (port445 option) is normal which means it will attempt to connect via port 445. If that is unsuccessful, try to connect via NetBIOS over TCP/IP (ie TCP port 139).

In my case a wireshark shows that the connection to port 139 was being immediately dropped.

10:12:50.195293 IP 10.202.70.220.47946 > 10.202.70.162.139: Flags [S], seq 3682484936, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 4148422 ecr 0], length 0
10:12:50.195393 IP 10.202.70.162.139 > 10.202.70.220.47946: Flags [R.], seq 0, ack 3682484937, win 0, length 0

On the Windows machine I used the ifconfig command to check if NetBIOS over TCP/IP was enabled.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : A0-B3-CC-FC-34-A5
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::95e:16e8:af2f:2493%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.202.70.162(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.202.70.151
   DHCPv6 IAID . . . . . . . . . . . : 245412812
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-41-B0-3E-A0-B3-CC-FC-34-A5
   DNS Servers . . . . . . . . . . . : 10.48.2.160
                                       10.48.2.162
   NetBIOS over Tcpip. . . . . . . . : Enabled

However this isn’t enough. Microsoft, for some unknown reason, only allows netbios to bind to one ip address on my windows interface. So if you have two ip address: 10.202.70.162 and 10.10.10.5 then netbios will bind to the lowest ip address (ie 10.10.10.5). The best way to check this is to use netstat:

C:\Users\myuser>netstat -an | find /i "139"
  TCP    10.10.10.5:139         0.0.0.0:0              LISTENING
  TCP    169.254.178.132:139    0.0.0.0:0              LISTENING
  TCP    192.168.56.1:139       0.0.0.0:0              LISTENING
  TCP    192.168.195.1:139      0.0.0.0:0              LISTENING

This can be easily fixed by removing the secondary ip address and rebooting the machine. NetBios will now bind to the correct address:

C:\Users\agarg>netstat -an | find /i "139"
  TCP    10.202.70.162:139      0.0.0.0:0              LISTENING
  TCP    169.254.178.132:139    0.0.0.0:0              LISTENING
  TCP    192.168.56.1:139       0.0.0.0:0              LISTENING
  TCP    192.168.195.1:139      0.0.0.0:0              LISTENING

The netbios bind address changes only if the following events happen:

1) On reboot, netbios will bind to the lowest ip address

2) On restarting the netbios process it will bind to the lowest ip address (Control Panel->Network Connections -> Lan Adapter -> IPv4 -> Properties -> Advanced -> WINS -> Disable/Enable netbios)

3) Removing the lowest numbered ip address, netbios will bind to the next lowest ip address

If you just add a “lower” ip address to an exiting interface then it will not change till the next event defined above. This is where the problem is! I would add a temp address to test a config and then 4-6 weeks later reboot the windows machine (to apply patches or install software) and suddenly the SMB mounts are no long working because netbios isn’t listening on the primary address anymore.

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s