--- /dev/null
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>Chapter 13. Performance, Reliability, and Availability</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.68.1"><link rel="start" href="index.html" title="Samba-3 by Example"><link rel="up" href="RefSection.html" title="Part III. Reference Section"><link rel="prev" href="DomApps.html" title="Chapter 12. Integrating Additional Services"><link rel="next" href="ch14.html" title="Chapter 14. Samba Support"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 13. Performance, Reliability, and Availability</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><th width="60%" align="center">Part III. Reference Section</th><td width="20%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr></table><hr></div><div class="chapter" lang="en"><div class="titlepage"><div><div><h2 class="title"><a name="HA"></a>Chapter 13. Performance, Reliability, and Availability</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="HA.html#id2587472">Introduction</a></span></dt><dt><span class="sect1"><a href="HA.html#id2587559">Dissection and Discussion</a></span></dt><dt><span class="sect1"><a href="HA.html#id2588031">Guidelines for Reliable Samba Operation</a></span></dt><dd><dl><dt><span class="sect2"><a href="HA.html#id2588058">Name Resolution</a></span></dt><dt><span class="sect2"><a href="HA.html#id2588543">Samba Configuration</a></span></dt><dt><span class="sect2"><a href="HA.html#id2588870">Use and Location of BDCs</a></span></dt><dt><span class="sect2"><a href="HA.html#id2588945">Use One Consistent Version of MS Windows Client</a></span></dt><dt><span class="sect2"><a href="HA.html#id2588967">For Scalability, Use SAN-Based Storage on Samba Servers</a></span></dt><dt><span class="sect2"><a href="HA.html#id2589016">Distribute Network Load with MSDFS</a></span></dt><dt><span class="sect2"><a href="HA.html#id2589071">Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</a></span></dt><dt><span class="sect2"><a href="HA.html#id2589117">Hardware Problems</a></span></dt><dt><span class="sect2"><a href="HA.html#id2589265">Large Directories</a></span></dt></dl></dd><dt><span class="sect1"><a href="HA.html#id2589363">Key Points Learned</a></span></dt></dl></div><p>
+ <a class="indexterm" name="id2587425"></a>
+ <a class="indexterm" name="id2587432"></a>
+ <a class="indexterm" name="id2587439"></a>
+ Well, you have reached one of the last chapters of this book. It is customary to attempt
+ to wrap up the theme and contents of a book in what is generally regarded as the
+ chapter that should draw conclusions. This book is a suspense thriller, and since
+ the plot of the stories told mostly lead you to bigger, better Samba-3 networking
+ solutions, it is perhaps appropriate to close this book with a few pertinent comments
+ regarding some of the things everyone can do to deliver a reliable Samba-3 network.
+ </p><div class="blockquote"><table border="0" width="100%" cellspacing="0" cellpadding="0" class="blockquote" summary="Block quote"><tr><td width="10%" valign="top"> </td><td width="80%" valign="top"><p>
+ In a world so full of noise, how can the sparrow be heard?
+ </p></td><td width="10%" valign="top"> </td></tr><tr><td width="10%" valign="top"> </td><td colspan="2" align="right" valign="top">--<span class="attribution">Anonymous</span></td></tr></table></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2587472"></a>Introduction</h2></div></div></div><p>
+ <a class="indexterm" name="id2587480"></a>
+ The sparrow is a small bird whose sounds are drowned out by the noise of the busy
+ world it lives in. Likewise, the simple steps that can be taken to improve the
+ reliability and availability of a Samba network are often drowned out by the volume
+ of discussions about grandiose Samba clustering designs. This is not intended to
+ suggest that clustering is not important, because clearly it is. This chapter does not devote
+ itself to discussion of clustering because each clustering methodology uses its own
+ custom tools and methods. Only passing comments are offered concerning these methods.
+ </p><p>
+ <a class="indexterm" name="id2587500"></a>
+ <a class="indexterm" name="id2587507"></a>
+ <a class="indexterm" name="id2587514"></a>
+<a href="http://www.google.com/search?hl=en&lr=&ie=ISO-8859-1&q=samba+cluster&btnG=Google+Search" target="_top">A search</a>
+ for “<span class="quote">samba cluster</span>” produced 71,600 hits. And a search for “<span class="quote">highly available samba</span>”
+ and “<span class="quote">highly available windows</span>” produced an amazing number of references.
+ It is clear from the resources on the Internet that Windows file and print services
+ availability, reliability, and scalability are of vital interest to corporate network users.
+ </p><p>
+ <a class="indexterm" name="id2587547"></a>
+ So without further background, you can review a checklist of simple steps that
+ can be taken to ensure acceptable network performance while keeping costs of ownership
+ well under control.
+ </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2587559"></a>Dissection and Discussion</h2></div></div></div><p>
+ <a class="indexterm" name="id2587567"></a>
+ <a class="indexterm" name="id2587574"></a>
+ If it is your purpose to get the best mileage out of your Samba servers, there is one rule that
+ must be obeyed. If you want the best, keep your implementation as simple as possible. You may
+ well be forced to introduce some complexities, but you should do so only as a last resort.
+ </p><p>
+ Simple solutions are likely to be easier to get right than are complex ones. They certainly
+ make life easier for your successor. Simple implementations can be more readily audited than can
+ complex ones.
+ </p><p>
+ <a class="indexterm" name="id2587596"></a>
+ <a class="indexterm" name="id2587603"></a>
+ Problems reported by users fall into three categories: configurations that do not work, those
+ that have broken behavior, and poor performance. The term <span class="emphasis"><em>broken behavior</em></span>
+ means that the function of a particular Samba component appears to work sometimes, but not at
+ others. The resulting intermittent operation is clearly unacceptable. An example of
+ <span class="emphasis"><em>broken behavior</em></span> known to many Windows networking users occurs when the
+ list of Windows machines in MS Explorer changes, sometimes listing machines that are running
+ and at other times not listing them even though the machines are in use on the network.
+ </p><p>
+ <a class="indexterm" name="id2587630"></a>
+ <a class="indexterm" name="id2587637"></a>
+ <a class="indexterm" name="id2587644"></a>
+ <a class="indexterm" name="id2587651"></a>
+ <a class="indexterm" name="id2587658"></a>
+ <a class="indexterm" name="id2587664"></a>
+ A significant number of reports concern problems with the <span><strong class="command">smbfs</strong></span> file system
+ driver that is part of the Linux kernel, not part of Samba. Users continue to interpret that
+ <span><strong class="command">smbfs</strong></span> is part of Samba, simply because Samba includes the front-end tools
+ that are used to manage <span><strong class="command">smbfs</strong></span>-based file service connections. So, just
+ for the record, the tools <span><strong class="command">smbmnt</strong></span>, <span><strong class="command">smbmount</strong></span>,
+ <span><strong class="command">smbumount</strong></span>, and <span><strong class="command">smbumnt</strong></span> are front-end
+ facilities to core drivers that are supplied as part of the Linux kernel. These tools share a
+ common infrastructure with some Samba components, but they are not maintained as part of
+ Samba and are really foreign to it.
+ </p><p>
+ <a class="indexterm" name="id2587725"></a>
+ The new project, <span><strong class="command">cifsfs</strong></span>, is destined to replace <span><strong class="command">smbfs</strong></span>.
+ It, too, is not part of Samba, even though one of the Samba Team members is a prime mover in
+ this project.
+ </p><p>
+ Table 13.1 lists typical causes of:
+ </p><div class="itemizedlist"><ul type="disc"><li><p>Not Working (NW)</p></li><li><p>Broken Behavior (BB)</p></li><li><p>Poor Performance (PP)</p></li></ul></div><div class="table"><a name="ProbList"></a><p class="title"><b>Table 13.1. Effect of Common Problems</b></p><table summary="Effect of Common Problems" border="1"><colgroup><col align="left"><col align="center"><col align="center"><col align="center"></colgroup><thead><tr><th align="left"><p>Problem</p></th><th align="center"><p>NW</p></th><th align="center"><p>BB</p></th><th align="center"><p>PP</p></th></tr></thead><tbody><tr><td align="left"><p>File locking</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Hardware problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Incorrect authentication</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Incorrect configuration</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>LDAP problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Name resolution</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Printing problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr><tr><td align="left"><p>Slow file transfer</p></td><td align="center"><p>-</p></td><td align="center"><p>-</p></td><td align="center"><p>X</p></td></tr><tr><td align="left"><p>Winbind problems</p></td><td align="center"><p>X</p></td><td align="center"><p>X</p></td><td align="center"><p>-</p></td></tr></tbody></table></div><p>
+ <a class="indexterm" name="id2588018"></a>
+ It is obvious to all that the first requirement (as a matter of network hygiene) is to eliminate
+ problems that affect basic network operation. This book has provided sufficient working examples
+ to help you to avoid all these problems.
+ </p></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2588031"></a>Guidelines for Reliable Samba Operation</h2></div></div></div><p>
+ <a class="indexterm" name="id2588039"></a>
+ <a class="indexterm" name="id2588046"></a>
+ Your objective is to provide a network that works correctly, can grow at all times, is resilient
+ at times of extreme demand, and can scale to meet future needs. The following subject areas provide
+ pointers that can help you today.
+ </p><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2588058"></a>Name Resolution</h3></div></div></div><p>
+ There are three basic current problem areas: bad hostnames, routed networks, and network collisions.
+ These are covered in the following discussion.
+ </p><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2588070"></a>Bad Hostnames</h4></div></div></div><p>
+ <a class="indexterm" name="id2588077"></a>
+ <a class="indexterm" name="id2588087"></a>
+ <a class="indexterm" name="id2588094"></a>
+ <a class="indexterm" name="id2588100"></a>
+ <a class="indexterm" name="id2588107"></a>
+ When configured as a DHCP client, a number of Linux distributions set the system hostname
+ to <code class="constant">localhost</code>. If the parameter <em class="parameter"><code>netbios name</code></em> is not
+ specified to something other than <code class="constant">localhost</code>, the Samba server appears
+ in the Windows Explorer as <code class="constant">LOCALHOST</code>. Moreover, the entry in the <code class="filename">/etc/hosts</code>
+ on the Linux server points to IP address <code class="constant">127.0.0.1</code>. This means that
+ when the Windows client obtains the IP address of the Samba server called <code class="constant">LOCALHOST</code>,
+ it obtains the IP address <code class="constant">127.0.0.1</code> and then proceeds to attempt to
+ set up a NetBIOS over TCP/IP connection to it. This cannot work, because that IP address is
+ the local Windows machine itself. Hostnames must be valid for Windows networking to function
+ correctly.
+ </p><p>
+ <a class="indexterm" name="id2588162"></a>
+ A few sites have tried to name Windows clients and Samba servers with a name that begins
+ with the digits 1-9. This does not work either because it may result in the client or
+ server attempting to use that name as an IP address.
+ </p><p>
+ <a class="indexterm" name="id2588176"></a>
+ <a class="indexterm" name="id2588185"></a>
+ A Samba server called <code class="constant">FRED</code> in a NetBIOS domain called <code class="constant">COLLISION</code>
+ in a network environment that is part of the fully-qualified Internet domain namespace known
+ as <code class="constant">parrots.com</code>, results in DNS name lookups for <code class="constant">fred.parrots.com</code>
+ and <code class="constant">collision.parrots.com</code>. It is therefore a mistake to name the domain
+ (workgroup) <code class="constant">collision.parrots.com</code>, since this results in DNS lookup
+ attempts to resolve <code class="constant">fred.parrots.com.parrots.com</code>, which most likely
+ fails given that you probably do not have this in your DNS namespace.
+ </p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>
+ <a class="indexterm" name="id2588229"></a>
+ <a class="indexterm" name="id2588239"></a>
+ <a class="indexterm" name="id2588245"></a>
+ An Active Directory realm called <code class="constant">collision.parrots.com</code> is perfectly okay,
+ although it too must be capable of being resolved via DNS, something that functions correctly
+ if Windows 200x ADS has been properly installed and configured.
+ </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2588262"></a>Routed Networks</h4></div></div></div><p>
+ <a class="indexterm" name="id2588269"></a>
+ <a class="indexterm" name="id2588276"></a>
+ <a class="indexterm" name="id2588286"></a>
+ NetBIOS networks (Windows networking with NetBIOS over TCP/IP enabled) makes extensive use
+ of UDP-based broadcast traffic, as you saw during the exercises in <a href="primer.html" title="Chapter 16. Networking Primer">???</a>.
+ </p><p>
+ <a class="indexterm" name="id2588305"></a>
+ <a class="indexterm" name="id2588312"></a>
+ <a class="indexterm" name="id2588319"></a>
+ UDP broadcast traffic is not forwarded by routers. This means that NetBIOS broadcast-based
+ networking cannot function across routed networks (i.e., multi-subnet networks) unless
+ special provisions are made:
+ </p><div class="itemizedlist"><ul type="disc"><li><p>
+ <a class="indexterm" name="id2588336"></a>
+ <a class="indexterm" name="id2588343"></a>
+ <a class="indexterm" name="id2588350"></a>
+ Either install on every Windows client an LMHOSTS file (located in the directory
+ <code class="filename">C:\windows\system32\drivers\etc</code>). It is also necessary to
+ add to the Samba server <code class="filename">smb.conf</code> file the parameters <em class="parameter"><code>remote announce</code></em>
+ and <em class="parameter"><code>remote browse sync</code></em>. For more information, refer to the online
+ manual page for the <code class="filename">smb.conf</code> file.
+ </p></li><li><p>
+ <a class="indexterm" name="id2588395"></a>
+ Or configure Samba as a WINS server, and configure all network clients to use that
+ WINS server in their TCP/IP configuration.
+ </p></li></ul></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>
+ <a class="indexterm" name="id2588412"></a>
+ <a class="indexterm" name="id2588422"></a>
+ The use of DNS is not an acceptable substitute for WINS. DNS does not store specific
+ information regarding NetBIOS networking particulars that get stored in the WINS
+ name resolution database and that Windows clients require and depend on.
+ </p></div></div><div class="sect3" lang="en"><div class="titlepage"><div><div><h4 class="title"><a name="id2588434"></a>Network Collisions</h4></div></div></div><p>
+ <a class="indexterm" name="id2588442"></a>
+ <a class="indexterm" name="id2588452"></a>
+ <a class="indexterm" name="id2588461"></a>
+ <a class="indexterm" name="id2588468"></a>
+ Excessive network activity causes NetBIOS network timeouts. Timeouts may result in
+ blue screen of death (BSOD) experiences. High collision rates may be caused by excessive
+ UDP broadcast activity, by defective networking hardware, or through excessive network
+ loads (another way of saying that the network is poorly designed).
+ </p><p>
+ The use of WINS is highly recommended to reduce network broadcast traffic, as outlined
+ in <a href="primer.html" title="Chapter 16. Networking Primer">???</a>.
+ </p><p>
+ <a class="indexterm" name="id2588496"></a>
+ <a class="indexterm" name="id2588503"></a>
+ <a class="indexterm" name="id2588510"></a>
+ Under no circumstances should the facility be supported by many routers, known as <code class="constant">NetBIOS
+ forwarding</code>, unless you know exactly what you are doing. Inappropriate use of this
+ facility can result in UDP broadcast storms. In one case in 1999, a university network became
+ unusable due to NetBIOS forwarding being enabled on all routers. The problem was discovered during performance
+ testing of a Samba server. The maximum throughput on a 100-Base-T (100 MB/sec) network was
+ less than 15 KB/sec. After the NetBIOS forwarding was turned off, file transfer performance
+ immediately returned to 11 MB/sec.
+ </p></div></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2588543"></a>Samba Configuration</h3></div></div></div><p>
+ As a general rule, the contents of the <code class="filename">smb.conf</code> file should be kept as simple as possible.
+ No parameter should be specified unless you know it is essential to operation.
+ </p><p>
+ <a class="indexterm" name="id2588562"></a>
+ <a class="indexterm" name="id2588570"></a>
+ <a class="indexterm" name="id2588576"></a>
+ Many UNIX administrators like to fully document the settings in the <code class="filename">smb.conf</code> file. This is a
+ bad idea because it adds content to the file. The <code class="filename">smb.conf</code> file is re-read by every <span><strong class="command">smbd</strong></span>
+ process every time the file timestamp changes (or, on systems where this does not work, every 20 seconds or so).
+ </p><p>
+ As the size of the <code class="filename">smb.conf</code> file grows, the risk of introducing parsing errors also increases.
+ It is recommended to keep a fully documented <code class="filename">smb.conf</code> file on hand, and then to operate Samba only
+ with an optimized file.
+ </p><p><a class="indexterm" name="id2588626"></a>
+ The preferred way to maintain a documented file is to call it something like <code class="filename">smb.conf.master</code>.
+ You can generate the optimized file by executing:
+</p><pre class="screen">
+<code class="prompt">root# </code> testparm -s smb.conf.master > smb.conf
+</pre><p>
+ You should carefully observe all warnings issued. It is also a good practice to execute the following
+ command to confirm correct interpretation of the <code class="filename">smb.conf</code> file contents:
+</p><pre class="screen">
+<code class="prompt">root# </code> testparm
+Load smb config files from /etc/samba/smb.conf
+Can't find include file /etc/samba/machine.
+Processing section "[homes]"
+Processing section "[print$]"
+Processing section "[netlogon]"
+Processing section "[Profiles]"
+Processing section "[printers]"
+Processing section "[media]"
+Processing section "[data]"
+Processing section "[cdr]"
+Processing section "[apps]"
+Loaded services file OK.
+'winbind separator = +' might cause problems with group membership.
+Server role: ROLE_DOMAIN_PDC
+Press enter to see a dump of your service definitions
+</pre><p>
+ <a class="indexterm" name="id2588686"></a>
+ You now, of course, press the enter key to complete the command, or else abort it by pressing Ctrl-C.
+ The important thing to note is the noted Server role, as well as warning messages. Noted configuration
+ conflicts must be remedied before proceeding. For example, the following error message represents a
+ common fatal problem:
+</p><pre class="screen">
+ERROR: both 'wins support = true' and 'wins server = <server list>'
+cannot be set in the smb.conf file. nmbd will abort with this setting.
+</pre><p>
+ </p><p>
+ <a class="indexterm" name="id2588713"></a>
+ <a class="indexterm" name="id2588720"></a>
+ <a class="indexterm" name="id2588727"></a>
+ There are two parameters that can cause severe network performance degradation: <em class="parameter"><code>socket options</code></em>
+ and <em class="parameter"><code>socket address</code></em>. The <em class="parameter"><code>socket options</code></em> parameter was often necessary
+ when Samba was used with the Linux 2.2.x kernels. Later kernels are largely self-tuning and seldom benefit from
+ this parameter being set. Do not use either parameter unless it has been proven necessary to use them.
+ </p><p>
+ <a class="indexterm" name="id2588761"></a>
+ <a class="indexterm" name="id2588768"></a>
+ <a class="indexterm" name="id2588775"></a>
+ <a class="indexterm" name="id2588782"></a>
+ Another <code class="filename">smb.conf</code> parameter that may cause severe network performance degradation is the
+ <em class="parameter"><code>strict sync</code></em> parameter. Do not use this at all. There is no good reason
+ to use this with any modern Windows client. The <em class="parameter"><code>strict sync</code></em> is often
+ used with the <em class="parameter"><code>sync always</code></em> parameter. This, too, can severely
+ degrade network performance, so do not set it; if you must, do so with caution.
+ </p><p>
+ <a class="indexterm" name="id2588823"></a>
+ <a class="indexterm" name="id2588830"></a>
+ <a class="indexterm" name="id2588837"></a>
+ <a class="indexterm" name="id2588844"></a>
+ Finally, many network administrators deliberately disable opportunistic locking support. While this
+ does not degrade Samba performance, it significantly degrades Windows client performance because
+ this disables local file caching on Windows clients and forces every file read and written to
+ invoke a network read or write call. If for any reason you must disable oplocks (opportunistic locking)
+ support, do so only on the share on which it is required. That way, all other shares can provide
+ oplock support for operations that are tolerant of it. See <a href="appendix.html#ch12dblck" title="Shared Data Integrity">???</a> for more
+ information.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2588870"></a>Use and Location of BDCs</h3></div></div></div><p>
+ <a class="indexterm" name="id2588878"></a>
+ <a class="indexterm" name="id2588884"></a>
+ <a class="indexterm" name="id2588891"></a>
+ <a class="indexterm" name="id2588898"></a>
+ <a class="indexterm" name="id2588904"></a>
+ On a network segment where there is a PDC and a BDC, the BDC carries the bulk of the network logon
+ processing. If the BDC is a heavily loaded server, the PDC carries a greater proportion of
+ authentication and logon processing. When a sole BDC on a routed network segment gets heavily
+ loaded, it is possible that network logon requests and authentication requests may be directed
+ to a BDC on a distant network segment. This significantly hinders WAN operations
+ and is undesirable.
+ </p><p>
+ <a class="indexterm" name="id2588923"></a>
+ <a class="indexterm" name="id2588930"></a>
+ As a general guide, instead of adding domain member servers to a network, you would be better advised
+ to add BDCs until there are fewer than 30 Windows clients per BDC. Beyond that ratio, you should add
+ domain member servers. This practice ensures that there are always sufficient domain controllers
+ to handle logon requests and authentication traffic.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2588945"></a>Use One Consistent Version of MS Windows Client</h3></div></div></div><p>
+ Every network client has its own peculiarities. From a management perspective, it is easier to deal
+ with one version of MS Windows that is maintained to a consistent update level than it is to deal
+ with a mixture of clients.
+ </p><p>
+ On a number of occasions, particular Microsoft service pack updates of a Windows server or client
+ have necessitated special handling from the Samba server end. If you want to remain sane, keep you
+ client workstation configurations consistent.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2588967"></a>For Scalability, Use SAN-Based Storage on Samba Servers</h3></div></div></div><p>
+ <a class="indexterm" name="id2588976"></a>
+ <a class="indexterm" name="id2588982"></a>
+ Many SAN-based storage systems permit more than one server to share a common data store.
+ Use of a shared SAN data store means that you do not need to use time- and resource-hungry data
+ synchronization techniques.
+ </p><p>
+ <a class="indexterm" name="id2588996"></a>
+ <a class="indexterm" name="id2589003"></a>
+ The use of a collection of relatively low-cost front-end Samba servers that are coupled to
+ a shared backend SAN data store permits load distribution while containing costs below that
+ of installing and managing a complex clustering facility.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2589016"></a>Distribute Network Load with MSDFS</h3></div></div></div><p>
+ <a class="indexterm" name="id2589025"></a>
+ <a class="indexterm" name="id2589031"></a>
+ Microsoft DFS (distributed file system) technology has been implemented in Samba. MSDFS permits
+ data to be accessed from a single share and yet to actually be distributed across multiple actual
+ servers. Refer to <span class="emphasis"><em>TOSHARG2</em></span>, Chapter 19, for information regarding
+ implementation of an MSDFS installation.
+ </p><p>
+ <a class="indexterm" name="id2589050"></a>
+ <a class="indexterm" name="id2589059"></a>
+ The combination of multiple backend servers together with a front-end server and use of MSDFS
+ can achieve almost the same as you would obtain with a clustered Samba server.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2589071"></a>Replicate Data to Conserve Peak-Demand Wide-Area Bandwidth</h3></div></div></div><p>
+ <a class="indexterm" name="id2589080"></a>
+ <a class="indexterm" name="id2589087"></a>
+ <a class="indexterm" name="id2589093"></a>
+ Consider using <span><strong class="command">rsync</strong></span> to replicate data across the WAN during times
+ of low utilization. Users can then access the replicated data store rather than needing to do so
+ across the WAN. This works best for read-only data, but with careful planning can be
+ implemented so that modified files get replicated back to the point of origin. Be careful with your
+ implementation if you choose to permit modification and return replication of the modified file;
+ otherwise, you may inadvertently overwrite important data.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2589117"></a>Hardware Problems</h3></div></div></div><p>
+ <a class="indexterm" name="id2589125"></a>
+ <a class="indexterm" name="id2589132"></a>
+ <a class="indexterm" name="id2589139"></a>
+ <a class="indexterm" name="id2589145"></a>
+ <a class="indexterm" name="id2589155"></a>
+ <a class="indexterm" name="id2589164"></a>
+ Networking hardware prices have fallen sharply over the past 5 years. A surprising number
+ of Samba networking problems over this time have been traced to defective network interface
+ cards (NICs) or defective HUBs, switches, and cables.
+ </p><p>
+ <a class="indexterm" name="id2589180"></a>
+ Not surprising is the fact that network administrators do not like to be shown to have made
+ a bad decision. Money saved in buying low-cost hardware may result in high costs incurred
+ in corrective action.
+ </p><p>
+ <a class="indexterm" name="id2589194"></a>
+ <a class="indexterm" name="id2589201"></a>
+ <a class="indexterm" name="id2589208"></a>
+ <a class="indexterm" name="id2589215"></a>
+ <a class="indexterm" name="id2589222"></a>
+ Defective NICs, HUBs, and switches may appear as intermittent network access problems, intermittent
+ or persistent data corruption, slow network throughput, low performance, or even as BSOD
+ problems with MS Windows clients. In one case, a company updated several workstations with newer, faster
+ Windows client machines that triggered problems during logon as well as data integrity problems on
+ an older PC that was unaffected so long as the new machines were kept shut down.
+ </p><p>
+ Defective hardware problems may take patience and persistence before the real cause can be discovered.
+ </p><p>
+ <a class="indexterm" name="id2589245"></a>
+ Networking hardware defects can significantly impact perceived Samba performance, but defective
+ RAID controllers as well as SCSI and IDE hard disk controllers have also been known to impair Samba server
+ operations. One business came to this realization only after replacing a Samba installation with MS
+ Windows Server 2000 running on the same hardware. The root of the problem completely eluded the network
+ administrator until the entire server was replaced. While you may well think that this would never
+ happen to you, experience shows that given the right (unfortunate) circumstances, this can happen to anyone.
+ </p></div><div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="id2589265"></a>Large Directories</h3></div></div></div><p>
+ There exist applications that create or manage directories containing many thousands of files. Such
+ applications typically generate many small files (less than 100 KB). At the best of times, under UNIX,
+ listing of the files in a directory that contains many files is slow. By default, Windows NT, 200x,
+ and XP Pro cause network file system directory lookups on a Samba server to be performed for both
+ the case preserving file name as well as for the mangled (8.3) file name. This incurs a huge overhead
+ on the Samba server that may slow down the system dramatically.
+ </p><p>
+ In an extreme case, the performance impact was dramatic. File transfer from the Samba server to a Windows
+ XP Professional workstation over 1 Gigabit Ethernet for 250-500 KB files was measured at approximately
+ 30 MB/sec. But when tranferring a directory containing 120,000 files, all from 50KB to 60KB in size, the
+ transfer rate to the same workstation was measured at approximately 1.5 KB/sec. The net transfer was
+ on the order of a factor of 20-fold slower.
+ </p><p>
+ The symptoms that will be observed on the Samba server when a large directory is accessed will be that
+ aggregate I/O (typically blocks read) will be relatively low, yet the wait I/O times will be incredibly
+ long while at the same time the read queue is large. Close observation will show that the hard drive
+ that the file system is on will be thrashing wildly.
+ </p><p>
+ Samba-3.0.12 and later, includes new code that radically improves Samba perfomance. The secret to this is
+ really in the <a class="indexterm" name="id2589308"></a>case sensitive = True line. This tells smbd never to scan
+ for case-insensitive versions of names. So if an application asks for a file called <code class="filename">FOO</code>,
+ and it can not be found by a simple stat call, then smbd will return "file not found" immediately without
+ scanning the containing directory for a version of a different case.
+ </p><p>
+ Canonicalize all the files in the directory to have one case, upper or lower - either will do. Then set up
+ a new custom share for the application as follows:
+ </p><pre class="screen">
+ [bigshare]
+ path = /data/xrayfiles/neurosurgeons/
+ read only = no
+ case sensitive = True
+ default case = upper
+ preserve case = no
+ short preserve case = no
+ </pre><p>
+ </p><p>
+ All files and directories under the <em class="parameter"><code>path</code></em> directory must be in the same case
+ as specified in the <code class="filename">smb.conf</code> stanza. This means that smbd will not be able to find lower case
+ filenames with these settings. Note, this is done on a per-share basis.
+ </p></div></div><div class="sect1" lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2589363"></a>Key Points Learned</h2></div></div></div><p>
+ This chapter has touched in broad sweeps on a number of simple steps that can be taken
+ to ensure that your Samba network is resilient, scalable, and reliable, and that it
+ performs well.
+ </p><p>
+ Always keep in mind that someone is responsible to maintain and manage your design.
+ In the long term, that may not be you. Spare a thought for your successor and give him or
+ her an even break.
+ </p><p>
+ <a class="indexterm" name="id2589384"></a>
+ Last, but not least, you should not only keep the network design simple, but also be sure it is
+ well documented. This book may serve as your pattern for documenting every
+ aspect of your design, its implementation, and particularly the objects and assumptions
+ that underlie it.
+ </p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="DomApps.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="RefSection.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="ch14.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 12. Integrating Additional Services </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 14. Samba Support</td></tr></table></div></body></html>
projects / samba / blobdiff