Archive for the ‘Samba’ Category

Samba is the world’s leading Windows-Linux integration open source project. Here at Erion we have a long history of working with Samba to IPv6 enable its various components. This year is no different. At SambaXP 2015, Erion’s David Holder gave a presentation on IPv6-only Samba. He described the rational behind the need for IPv6-only Samba deployments, the status of IPv6-only Samba and how to deploy Samba in an IPv6-only environment.

Here is a brief summary of the presentation, the slides for which can be found here.

IPv6 is becoming increasingly common. It is standard in all major operating systems, deployed in all Tier-1 ISPs, available in almost 100% of transit carriers and is supported on 46% of the world’s top web-sites. Today, users that have a dual-stack service from their ISPs (that is they have both IPv4 and IPv6) find on average that 70% of their traffic is carried over IPv6. Furthermore, world-wide the percentage of Internet users who are IPv6 capable is doubling year upon year.

This increase in the use of IPv6 was evident at SambaXP. When asked, over 50% of attendees at the presentation stated that they now use IPv6. In previous years, only a handful were using IPv6.

Today organisations are moving beyond adding IPv6 to create dual-stack networks. Now some are looking to create IPv6-only environments where nodes no longer use IPv4. This change means that Samba now needs to be able to operate not only in dual-stack environments but also in IPv6-only environments. Previously, in dual-stack networks, if Samba had a feature that was not supported in IPv6 then it could drop back to use IPv4. In IPv6-only networks, dropping back to IPv4 is not possible and everything must work over IPv6 and IPv6 alone.

Organisations are moving to IPv6-only networks for a range of reasons. The most obvious is that it significantly reduces network administration. Managing two protocols rather than one not only doubles administration tasks but it can also significantly complicate certain scenarios where IPv6 and IPv4 interact. This particularly true where a mix of transition mechanisms are involved. There are other equally significant reasons for creating IPv6-only networks. In some large IPv4 networks there are multiple islands of duplicated RFC1918 address space. This is a major impediment to network operations and administration. Many ISPs and mobile operators use multiple 10.x.x.x networks internally because their networks are so large. Removing these and replacing them with a single IPv6 network avoids all the difficulties with operating across multi-islands of private address space.

A final growing reason to reduce or remove IPv4 in a network is the growth in the use of Carrier Grade NAT (CGN) in the access networks of ISPs. Content providers and others have no control over where and when an ISP may deploy CGN. However, the deployment of CGN many cause them significant issues. Using IPv6 in addition to IPv4 provides a method of circumventing the problems caused by CGN.

As a result, IPv6-only environments are appearing in an increasing number of networks including those of ISPs, mobile operators, data centres and cloud providers. Samba is used in many of these and environments and it is therefore imperative that Samba be made IPv6-only ready.

Samba is “IPv6 ready”, it works successfully in a dual-stack environment. However, when it comes to IPv6-only operation Samba exhibits issues because some features retain IPv4-only code. Whilst workarounds are possible and the major of functionality is fully IPv6-ready, the current Samba releases are not quite ready for IPv6-only operation. This will change with future releases as we fix the remaining issues.

Once Samba is fully IPv6-only ready there are a number of additional potential benefits.

Internally SMB/CIFS uses large MTU sizes. From SMB 2.1 onwards the use of Multi-Credit allows SMB MTU to go from a maximum of 64KB to multiple megabytes. In Samba, the default is 1MB and in Windows it is 8MB. However, in IPv4 the maximum MTU is 64KB and so it is not possible to reflect the SMB multi-credit sizes of 1MB or 8MB at the network layer. In IPv6, there is support for Jumbograms allowing multi-megabyte MTUs. In theory the use of Jumbograms could lead to performance improvements in SMB over IPv6. In practice, you still need to datalink that can support very large MTUs. Few such datalinks exist. One example is Infiniband. Another possible option in virtualised environments is the use of virtual networks adapters such as virtio. At the moment, virtio supports MTUs up to 64KB even though Ethernet only supports MTUs of 9KB. It is conceivable that in the future this could be extended to allow for IPv6 Jumbograms.

Another possible benefit is the use by IPv6 of Path MTU discovery (PMTU). PMTU allows for an internal network to use the largest possible MTU without increasing the amount of fragmentation taking place within the network. Thereby improving SMB throughput performance. Whilst, in most modern networks, IPv4 also has Path MTU discovery support, IPv6 still has the edge as IPv6 PMTU is mandatory and available on all IPv6 nodes.

There are a number of other potential benefits from using IPv6. These include, for example, the removal of NAT (and CGN) from the transmission path. This makes possible communication using AD protocols and SMB over the wider Internet along with the use of IPsec to secure them. Both things which are difficult or impossible through NAT/CGN. Microsoft has leveraged this benefit in its DirectAccess product that many organisations are using as a replacement for their VPN concentrators.

Configuring IPv6-only Samba is very similar to the configuration of dual-stack Samba. The difference is the absence of IPv4 addresses (except on the loopback interface). The presentation covered a few issues that need to be considered in IPv6-only Samba deployments. These will be fixed in future Samba releases.

Finally, there was a demonstration of IPv6-only Samba operation and a discussion of IPv6-only Samba related topics.

Erion is proud to announce the release of a new and comprehensive Samba course. This course covers all aspects of Windows and Linux/Unix integration focussing mainly on solutions based upon samba the Open Software world’s leading cross-platform integration solution. Not only does this course cover the latest versions and features of Samba it also is applicable to the most recent releases of Microsoft Windows including Windows Server 2012 R2 and Windows 8.1.

The first public run of this course is scheduled for February 2015 in London UK. Full details of the course and its current schedule can be found here.

At this year’s SambaXP, Erion’s David Holder gave a comprehensive presentation on how to deploy Samba in IPv6 networks. The presentation, Deploying Samba in IPv6 Networks, covered how to configure IPv6 in a network consisting of Samba Unix/Linux servers and Windows clients/servers all running IPv6.

The presentation highlights the key differences between IPv6 and IPv4 that must be considered when deploying Windows networking using Samba. These include the correct configuration of the right kinds of IPv6 addresses, the configuraton of StateLess Address AutoConfiguration (SLAAC), the optional configuration of DHCPv6, the configuration of IPv6 enabled DNS and finally the configuration and operation of IPv6 enabled Samba.

Erion has a long history of working with Unix/Linux and Windows integration and in particular with the Samba Team on IPv6 enabling Samba. Further information can be found on our blog under Samba.

Erion is the world’s leading provider of IPv6 training. We have the largest portfolio of IPv6 training courses, suitable for all audiences, covering all aspects of IPv6 on all major operating systems and platforms. In addition to our public IPv6 training schedule, we also provide IPv6 training as on-site courses and we provide Erion Modular IPv6 Training which allows for a bespoke training programme to be created based on our hundreds of IPv6 training modules.For further information please contact us on +44 (0)1422 207000, or through our web-site contact form.

Copyright Erion Ltd 2011, all rights reserved. Permission to publish this article unchanged is hereby given.

At this year’s Storage Developers Conference in Santa Clara, Erion’s David Holder gave a presentation on IPv6 and SMB.

One question that was raised was that of whether Samba4 will include IPv6 support when it is released. Jeremy Allison was able to confirm that IPv6 was a blocking feature and that Samba4 would not be released without Ipv6 support. He went onto explain that at SambaXP the Samba Team had agreed that Samba4 would not be released without support for any of the major features already found in Samba3. Since IPv6 is a standard feature of Samba3 since version 3.2 Samba4 must support IPv6.

Erion has a long history of working towards IPv6 enabling Samba and was involved in IPv6 enabling the Linux CIFS client and Samba3. Erion carried out the first IPv6 Samba join to Windows Server 2008  and the first ever IPv6 Linux CIFS mount to Windows Server 2008 in 2008.

Copyright Erion Ltd 2010.

David Holder is to speak at this year’s Storage Developer Conference in Santa Clara. Erion has a long history of working to IPv6 enable networked storage solutions and in particular the Open Source Samba implementation of the CIFS/SMB protocols. This year, Dr Holder plans to give a presentation on how to IPv6 enabled storage applications. The full abstract is below.

IPv6 Enabling CIFS/SMB Applications

Today IPv6 is no longer the protocol of the future, it is being extensively deployed in production networks. The central pool of IPv4 addresses will be exhausted in 2010 to 2011. As a result, Governments and organisations world-wide have been mandating its use for a number of years. As a CIFS/SMB developer, the time has come where you can no longer ignore IPv6.

IPv6 is the default protocol in all major operating systems, including Windows Server 2008 and Windows 7. CIFS and Active Directory have had support for IPv6 for a number of years.

This paper will address the key issues facing CIFS/SMB developers when migrating their applications to IPv6. It will provide a review of the status of IPv6 in Samba and Windows and describe how CIFS/SMB applications should be migrated to IPv6. This presentation will also include a brief IPv6 API and porting tutorial presenting the key things that developers need to know about IPv6 and the IPv6 socket API in order to effectively use IPv6 in their applications.

Dr David Holder is closely involved in the migration of Samba to IPv6. He has worked with IPv6 for well over a decade and is a regular speaker at global IPv6 conferences.

Erion’s David Holder is to speak at this year’s SambaXP conference in Göttingen, Germany. The paper entitled “How to Implement Samba in IPv6 Windows Server 2008 and Windows 7 Networks” will provided detailed guidance on migrating heterogeneous networks to IPv6 using Samba. Details of the Samba XP agenda can be found at

Erion has been instrumental in the IPv6 enabling of the popular Windows and Unix integration open source package Samba. We were the first to successfully IPv6 enable the Linux CIFS client, Samba 3.2 and Samba4. In addition, we carried out the first IPv6 SMB connections between Samba and Windows Server 2008. Further information on Erion’s work with Samba and IPv6 can be found on our IPv6 blog at

SambaXP runs from 5th  May to 6th May 2010.

Samba 3.2 was released today (1st July 2008). Samba 3.2 is the first production version of the popular open source Windows integration product to fully support IPv6.

Erion was instrumental in the development of an IPv6 enabled version of Samba. Erion’s David Holder carried out a number of firsts with the development version of Samba 3.2, including the first ever join of Samba to a Windows Server 2008 Active Directory domain over IPv6.

Further information on Erion’s involvement with Samba and IPv6 can be found in the these blog posts.

At lot can happen in a year. This is certainly true of IPv6 and Samba. In this article, I summarise the progress made in IPv6 enabling Samba and review the current status of Samba and IPv6 support. Further details can be found in my presentation Configuring Samba 3/4 for IPv6 Operation with Windows Server 2008 and Windows Vista.

Last year in my presentation at SambaXP 2007 (see SambaXP IPv6 Presentation) I showed how important it was that Samba catch up with Microsoft Windows in supporting IPv6. Microsoft’s latest operating systems, Windows Vista and Windows Server 2008 (then codenamed Longhorn) are IPv6 enabled by default. The increasing drive to implement IPv6 in various parts of the world meant that Samba risked being kept out of, or dropped from, environments where IPv6 is required.

Since then a lot has changed. Here are some highlights from the last twelve months:

Erion is proud to have carried out each of these firsts and being involved with Jermey Allison in IPv6 enabling Samba 3.2.

Linux CIFS Client

The Linux CIFS client has full support for IPv6 in the Linux kernel. This kernel is now widely available in the latest releases of many Linux distributions. At present, the mount command mount.cifs does not support IPv6 name resolution and the IPv6 address must be specified using a mount option. However, my patch to mount.cifs enables IPv6 name resolution. During Samba XP, I worked with Steve French and Jelmer Vernooij to improve support for IPv6 in mount.cifs. Friday evening found Jelmer still working on rewriting mount.cifs to include IPv6 support.

Samba 3.2

As Samba 3.2 nears a production release, it has been fully IPv6 enabled. This was a result of my presentation at CIFS Engineering Workshop held at Google last year. Erion has carried out the IPv6 testing for Samba 3.2. This has gone well and very few bugs have been found. During SambaXP Jeremy Allison put in time to investigate and resolve IPv6 bugs in Samba 3.2. Further information on IPv6 enabling Samba 3.2 can be found in our presentations from the Google IPv6 Conference earlier this year.

Samba 4

Support for IPv6 in Samba 4 still relies on my hack (a new version of which can be found here). The interest in IPv6 shown by the Samba team is illustrated by the time I spent with Andrew Tridgell. Andrew was very keen to incorporate my patch into the standard build of Samba 4. This would mean that, where possible, Samba 4 would build with IPv6 support as standard. The work was not completed by the end of SambaXP, but I will be chasing Andrew to complete it over the next few weeks.

In conclusion, SambaXP 2008 was a very positive event for IPv6 support in Samba. Much work still has to be done, but in the very near future there will be a solution for those who wish to upgrade Samba 3.0 to Samba 3.2 in order to get IPv6 support. So far most of the IPv6 testing of Samba has been undertaken by Erion. I would be very interested to hear of anyone else who is testing or even using Samba over IPv6 in live environments. During the conference Jelmer migrated his use of the Linux CIFS client in his home network to operate over IPv6! Now for the rest of the world…

The Linux CIFS client has had kernel support for IPv6 since early 2007. Up until now it has been necessary to specify an IPv6 address with the ip option. IPv6 name resolution was not supported.  A new patch from Erion’s David Holder provides IPv6 name resolution in the mount.cifs command.

The mount.cifs patch can be found at IPv6 Name Resolution Patch for Linux CIFS Client.

The Samba team have released a new preview version of Samba 3.2. This version includes the changes that Jeremy Allision made to enable IPv6 support in Samba 3.2.

At last year CIFS workshop at Google, Erion’s David Holder gave a presentation on how to IPv6 enable Samba. As a result Jeremy took up the challenge to IPv6 enable Samba 3.2 in “three weeks”. Jeremy succeeded.

Erion’s testing of the IPv6 enabled version of Samba 3.2 produced very good results. A few minor changes were required in order to allow Samba 3.2 to join a Windows Server 2008 domain. Finally, in January 2008, Erion’s David Holder made the first ever IPv6 join to a Windows Server 2008 AD domain using Samba 3.2.