[samba-jp:22044] Re: 認証までに時間が掛かる
H.Nakai
nakai @ shinko.co.jp
2013年 7月 4日 (木) 09:50:17 JST
古山様
ご返事、ありがとうございます。
(2013/07/03 17:32), Nobuyuki Furuyama wrote:
> samba-3.5.10-125.el6.i686 / CentOS 6.3
> で同じ現象を経験しました。
>
> このときは smb.conf の hosts allow をコメントアウトしたところ解消しました。
>
> コメントアウトしたhosts allowはipv4のIPアドレスのみ記載。
>
> hosts allow = 192.168.1. 127.
>
> Windows7でクライアントのipv6が有効になり、ipv6でIPチェック→タイムアウト
> →ipv4でIPチェック→OKとなり時間がかかったのかなぁ…と。
>
> 結局コメントアウトしたまま使っています。
>
コメントアウトして再起動しましたが、変わりませんでした。
Samba側もPC側もIPv6は停止させてあるので、別の要因がありそうです。
アドレスに関しては、ユーザー名・パスワードを入力する時点で
多分、解決しているのではないかと思います。
wiresharkからの出力を付けます。(wiresharkを使い始めたところです)
パケットNo.228 の後、ユーザー名・パスワードを入力しました。
パケットNo.287 までパケットをやり取りした後、PCは黙りこんで、
パケットNo.373 でやっと認証を始めたように見えます。
No. Time Source Destination
Protocol Length Info
146 32.364784000 192.168.0.222 192.168.0.67 TCP
62 58669 > microsoft-ds [SYN] Seq=0 Win=8192 Len=0 MSS=1460
SACK_PERM=1
147 32.364887000 192.168.0.67 192.168.0.222 TCP
62 microsoft-ds > 58669 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0
MSS=1460 SACK_PERM=1
148 32.365020000 192.168.0.222 192.168.0.67 TCP
54 58669 > microsoft-ds [ACK] Seq=1 Ack=1 Win=64240 Len=0
149 32.365129000 192.168.0.222 192.168.0.67 SMB
213 Negotiate Protocol Request
150 32.365238000 192.168.0.67 192.168.0.222 TCP
60 microsoft-ds > 58669 [ACK] Seq=1 Ack=160 Win=15544 Len=0
151 32.368045000 192.168.0.67 192.168.0.222 SMB
185 Negotiate Protocol Response
159 32.460787000 192.168.0.222 192.168.0.67 SMB
196 Session Setup AndX Request, NTLMSSP_NEGOTIATE
160 32.461543000 192.168.0.67 192.168.0.222 SMB
314 Session Setup AndX Response, NTLMSSP_CHALLENGE, Error:
STATUS_MORE_PROCESSING_REQUIRED
161 32.461961000 192.168.0.222 192.168.0.67 SMB
502 Session Setup AndX Request, NTLMSSP_AUTH, User:
DOMAINNM\SRN2828282
162 32.462607000 192.168.0.67 192.168.0.222 SMB
93 Session Setup AndX Response, Error: STATUS_LOGON_FAILURE
165 32.674849000 192.168.0.222 192.168.0.67 TCP
54 58669 > microsoft-ds [ACK] Seq=750 Ack=431 Win=63810 Len=0
228 46.138008000 192.168.0.222 192.168.0.67 TCP
54 58669 > microsoft-ds [RST, ACK] Seq=750 Ack=431 Win=0 Len=0
269 48.721240000 192.168.0.222 192.168.0.67 TCP
62 58674 > microsoft-ds [SYN] Seq=0 Win=8192 Len=0 MSS=1460
SACK_PERM=1
270 48.721393000 192.168.0.67 192.168.0.222 TCP
62 microsoft-ds > 58674 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0
MSS=1460 SACK_PERM=1
271 48.721524000 192.168.0.222 192.168.0.67 TCP
54 58674 > microsoft-ds [ACK] Seq=1 Ack=1 Win=64240 Len=0
272 48.721665000 192.168.0.222 192.168.0.67 SMB
213 Negotiate Protocol Request
273 48.721777000 192.168.0.67 192.168.0.222 TCP
60 microsoft-ds > 58674 [ACK] Seq=1 Ack=160 Win=15544 Len=0
274 48.724585000 192.168.0.67 192.168.0.222 SMB
185 Negotiate Protocol Response
287 48.929860000 192.168.0.222 192.168.0.67 TCP
54 58674 > microsoft-ds [ACK] Seq=160 Ack=132 Win=64109 Len=0
373 63.735124000 192.168.0.222 192.168.0.67 SMB
196 Session Setup AndX Request, NTLMSSP_NEGOTIATE
374 63.735914000 192.168.0.67 192.168.0.222 SMB
314 Session Setup AndX Response, NTLMSSP_CHALLENGE, Error:
STATUS_MORE_PROCESSING_REQUIRED
375 63.736410000 192.168.0.222 192.168.0.67 SMB
500 Session Setup AndX Request, NTLMSSP_AUTH, User: DOMAINNM\nakai
376 63.739153000 192.168.0.67 192.168.0.222 SMB
178 Session Setup AndX Response
377 63.739457000 192.168.0.222 192.168.0.67 SMB
136 Tree Connect AndX Request, Path: \\KXX88CC\IPC$
378 63.740460000 192.168.0.67 192.168.0.222 SMB
114 Tree Connect AndX Response
379 63.740753000 192.168.0.222 192.168.0.67 SMB
156 Trans2 Request, GET_DFS_REFERRAL, File: \kxx88cc\share
380 63.741072000 192.168.0.67 192.168.0.222 SMB
93 Trans2 Response, GET_DFS_REFERRAL, Error: STATUS_NOT_FOUND
381 63.742966000 192.168.0.222 192.168.0.67 SMB
138 Tree Connect AndX Request, Path: \\KXX88CC\SHARE
382 63.745015000 192.168.0.67 192.168.0.222 SMB
120 Tree Connect AndX Response
383 63.851165000 192.168.0.222 192.168.0.67 SMB
134 Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path:
384 63.851703000 192.168.0.67 192.168.0.222 SMB
158 Trans2 Response, QUERY_PATH_INFO
385 63.851871000 192.168.0.222 192.168.0.67 SMB
134 Trans2 Request, QUERY_PATH_INFO, Query File Standard Info,
Path:
386 63.852034000 192.168.0.67 192.168.0.222 SMB
142 Trans2 Response, QUERY_PATH_INFO
387 63.911011000 192.168.0.222 192.168.0.67 SMB
146 NT Create AndX Request, FID: 0x4506, Path: \
388 63.911922000 192.168.0.67 192.168.0.222 SMB
193 NT Create AndX Response, FID: 0x4506
389 63.912063000 192.168.0.222 192.168.0.67 SMB
130 Trans2 Request, QUERY_FILE_INFO, FID: 0x4506, Query File
Internal Info
390 63.912264000 192.168.0.67 192.168.0.222 SMB
126 Trans2 Response, FID: 0x4506, QUERY_FILE_INFO
391 63.912356000 192.168.0.222 192.168.0.67 SMB
142 NT Trans Request, NT NOTIFY, FID: 0x4506
392 63.937663000 192.168.0.222 192.168.0.67 SMB
168 NT Create AndX Request, Path: \desktop.ini
393 63.937862000 192.168.0.67 192.168.0.222 TCP
60 microsoft-ds > 58674 [ACK] Seq=1084 Ack=1546 Win=17688 Len=0
394 63.938165000 192.168.0.67 192.168.0.222 SMB
93 NT Create AndX Response, FID: 0x0000, Error:
STATUS_OBJECT_NAME_NOT_FOUND
395 63.938662000 192.168.0.222 192.168.0.67 SMB
146 NT Create AndX Request, FID: 0x4509, Path: \
396 63.939014000 192.168.0.67 192.168.0.222 SMB
193 NT Create AndX Response, FID: 0x4509
397 63.939283000 192.168.0.222 192.168.0.67 SMB
144 Trans2 Request, FIND_FIRST2, Pattern: \*
398 63.940458000 192.168.0.67 192.168.0.222 TCP
1514 [TCP segment of a reassembled PDU]
399 63.940534000 192.168.0.67 192.168.0.222 TCP
1514 [TCP segment of a reassembled PDU]
400 63.940535000 192.168.0.67 192.168.0.222 SMB
1154 Trans2 Response, FIND_FIRST2, Files: . .. .comments 6.2
tcpdump.samba.3.log tcpdump.samba.4.log
401 63.940620000 192.168.0.222 192.168.0.67 TCP
54 58674 > microsoft-ds [ACK] Seq=1728 Ack=5282 Win=64240 Len=0
402 63.940989000 192.168.0.222 192.168.0.67 SMB
178 NT Create AndX Request, Path: \boot\desktop.ini
403 63.941362000 192.168.0.67 192.168.0.222 SMB
93 NT Create AndX Response, FID: 0x0000, Error:
STATUS_OBJECT_NAME_NOT_FOUND
404 63.941713000 192.168.0.222 192.168.0.67 SMB
99 Close Request, FID: 0x4509
405 63.942115000 192.168.0.67 192.168.0.222 SMB
93 Close Response, FID: 0x4509
406 63.947975000 192.168.0.222 192.168.0.67 SMB
128 Trans2 Request, QUERY_FS_INFO, Query FS Volume Info
407 63.948306000 192.168.0.67 192.168.0.222 SMB
142 Trans2 Response, QUERY_FS_INFO
408 63.948488000 192.168.0.222 192.168.0.67 SMB
128 Trans2 Request, QUERY_FS_INFO, Query FS Attribute Info
409 63.948660000 192.168.0.67 192.168.0.222 SMB
134 Trans2 Response, QUERY_FS_INFO
410 64.070626000 192.168.0.222 192.168.0.67 SMB
156 Trans2 Request, GET_DFS_REFERRAL, File: \kxx88cc\share
411 64.070941000 192.168.0.67 192.168.0.222 SMB
93 Trans2 Response, GET_DFS_REFERRAL, Error: STATUS_NOT_FOUND
412 64.109485000 192.168.0.222 192.168.0.67 SMB
130 Trans2 Request, QUERY_FILE_INFO, FID: 0x0000, Query File
Standard Info
413 64.109979000 192.168.0.67 192.168.0.222 SMB
93 Trans2 Response, QUERY_FILE_INFO, Error: STATUS_INVALID_HANDLE
414 64.110164000 192.168.0.222 192.168.0.67 SMB
130 Trans2 Request, QUERY_FILE_INFO, FID: 0x0000, Query File
Standard Info
415 64.110313000 192.168.0.67 192.168.0.222 SMB
93 Trans2 Response, QUERY_FILE_INFO, Error: STATUS_INVALID_HANDLE
416 64.110451000 192.168.0.222 192.168.0.67 SMB
Pipe 158 WaitNamedPipe Request
417 64.110894000 192.168.0.67 192.168.0.222 SMB
93 Trans Response, Error: STATUS_NOT_SUPPORTED
418 64.326918000 192.168.0.222 192.168.0.67 TCP
54 58674 > microsoft-ds [ACK] Seq=2403 Ack=5684 Win=63838 Len=0
422 64.432731000 192.168.0.222 192.168.0.67 SMB
128 Trans2 Request, QUERY_FS_INFO, Query Full FS Size Info
423 64.433406000 192.168.0.67 192.168.0.222 SMB
146 Trans2 Response, QUERY_FS_INFO
424 64.434865000 192.168.0.222 192.168.0.67 SMB
128 Trans2 Request, QUERY_FS_INFO, Query Full FS Size Info
425 64.435307000 192.168.0.67 192.168.0.222 SMB
146 Trans2 Response, QUERY_FS_INFO
426 64.638905000 192.168.0.222 192.168.0.67 TCP
54 58674 > microsoft-ds [ACK] Seq=2551 Ack=5868 Win=63654 Len=0
459 75.034348000 192.168.0.67 192.168.0.255
NBNS 92 Name query NB ITGROUP<1d>
# アドレス、ドメイン名、ユーザー名等は変更してあります。
引き続き宜しくお願いします。
--
-=-=-=-= SHINKO ELECTRIC INDUSTRIES CO., LTD. =-=-=-=-
=-=-=-=- Research & Development Div. -=-=-=-=
-=-=-=-= Designing Technology Development Dept. =-=-=-=-
=-=-=-=- Name:Hisakazu Nakai TEL:026-263-3922 -=-=-=-=
-=-=-=-= Mail:nakai @ shinko.co.jp FAX:026-263-4562 =-=-=-=-
samba-jp メーリングリストの案内