Enabling Samba Shares Across Subnets, Part 2
Sharing With Windows and Multiple Subnets
LinuxPlanet Classics: originally published January 17, 2008
In Part 1 we set up a simple anonymous Samba file and printer server. Now we're going to share it across subnets. Both Windows and Linux clients will be able to use this server. Our example network has three segments, as this elegant ASCII network diagram shows:
| | |
192.168.1.0/24 192.168.2.0/24 192.168.3.0/24
lan1 lan2 lan3
For ease of discussion, we'll call them lan1, lan2, and lan3. Our Samba server sits on lan1, with an address of 192.168.1.10. lan2 and lan3 contain a motley assortment of Windows and Linux clients. In this example there is no domain controller, but only a peer network. We'll get to Windows-type domains in a moment.
Your Windows clients need three things to be able to use the Samba server:
- They must all be in the same workgroup (in part 1 it's group1)
- They must all be configured to support NetBIOS over TCP
- They need the address of your WINS server
You can save a step by delivering the WINS address via DHCP. Windows 2000, XP, and Vista should have NetBIOS-over-TCP enabled by default, but it never hurts to check. It can be disabled, and in Active Directory domains that do not have antique, unsafe Windows 9x/ME clients it is often turned off.
Then the Samba server must be the WINS (Windows Internetworking Name) server and domain master browser. You must have one, and one only WINS server per workgroup to enable cross-subnet Samba browsing. WINS is the magic ingredient that makes it all work. WINS performs NetBIOS name resolution, because ordinary DNS does not include the necessary NetBIOS extensions. NetBIOS-based networking uses UDP broadcasts; since broadcast traffic cannot cross routers, your Samba WINS server encapsulates NetBIOS over TCP/IP. The domain master browser controls the browse lists; it has nothing to do with Active Directory or NT domains.
Take the smb.conf from part 1 and add these lines to the [global] section:
domain master = yes
preferred master = yes
local master = yes
wins support = yes
wins proxy = yes
os level = 65
Test and restart Samba just like we did in Part 1. Once your Windows clients are correctly configured, they should all be able to browse the file shares on your Samba server and use your shared printers. Figure 1 shows what an example cross-subnet workgroup looks like on Windows Vista. Xena is the Samba server on lan1, Freya and Uberpc are on lan2, and Newpad is on lan3.