News Group Posts

Windows lmhosts

Jeff was apparently thinking about NETBIOS lookups, because SCO (and any server) will try to do a reverse IP lookup when a client connects.

See Slow logins for the fix to that.

From: Jeff Liebermann <jeffl@comix.santa-cruz.ca.us>
Newsgroups: comp.unix.sco.misc
Subject: Re: network configuration woes,gateway,DNS
Date: Tue, 13 Jun 2000 16:30:37 -0700
Message-ID: <gkfdkso8qod7k1o0mdkpvujnu8irebt909@4ax.com> 

On Tue, 13 Jun 2000 20:11:51 GMT, Ken Wolff <kenw@cscc.maximus.com>
wrote:

>My problem I with win95 machines, defined in /etc/hosts, running into the 2 
>minute (or there abouts) delay trying to telnet/ftp/pop to the OpenServer 
>machine when DNS is down.

Stop.  This is a Windoze problem, not an OSR5 problem.  I don't know
your network topology, but I'm guessing that you have your Windoze
boxes configured with the DNS servers pointing to your ISP's DNS
servers.  The OSR5 box is not involved in the DNS lookups.  Tweaking
of /etc/resolv.conf only affects lookups initiated by programs running
on the OSR5 box.  (Disclaimer: This assumes the you're not running
Merge, VisionFS, or AFPS, which will make the DNS configuration
different).

Here's how to fix your problem:
1.  On your Windoze boxes, created files called:
        c:\windoze\hosts
        c:\windoze\lmhosts
and fill them with various hostnames and IP addresses found on your
local network, especially the the OSR5 box.  See the files:
        c:\windoze\hosts.sam
        c:\windoze\lmhosts.sam
for a sample configurations.  If you're running Windoze NT, the files
are:
        c:\winnt\system32\drivers\etc\hosts
        c:\winnt\system32\drivers\etc\hosts
There is no need to reboot Windoze or perform other un-naturals acts
to activate these files.

The lmhosts file is not optional and is required to keep Windoze from
doing DNS lookups for Netbios name lookups.

2.  There are bugs in various Windoze mutations which prevent things
from working as expected.  Read:

How to Disable NetBIOS Name Resolution on DNS
   http://support.microsoft.com/support/kb/articles/Q137/3/68.asp

NetBIOS over tcp/ip name resolution and WINS
   http://support.microsoft.com/support/kb/articles/Q119/4/93.asp

Windoze Does Not Parse LMHOSTS File with DNS enabled
   http://support.microsoft.com/support/kb/articles/Q137/8/56.asp

Windoze Sockets 2.0 Does Not Use DnsNbtLookupOrder Value
   http://support.microsoft.com/support/kb/articles/Q216/4/70.asp

In general, I do not think it possible to completely prevent a random
Windoze machine from doing NetBios DNS lookups.  Therefore, these
calls must be trapped at the firewall or router.  Just about every
router worth spending money on has this feature.

3.  In the future, when you are discussing more than one machine,
please be a bit more obvious as to which machine you're working on.



-- 
Jeff Liebermann   jeffl@comix.santa-cruz.ca.us
150 Felker St #D  Santa Cruz CA  95060
831-421-6491 pager   831-429-1240 fax
http://www.cruzio.com/~jeffl/sco/   SCO stuff

From: Jeff Liebermann <jeffl@comix.santa-cruz.ca.us>
Newsgroups: comp.unix.sco.misc
Subject: Re: network configuration woes,gateway,DNS
Date: Tue, 13 Jun 2000 19:12:36 -0700
Message-ID: <c4odksofdhlc4v0o5r4vkn871i6lpfdokk@4ax.com> 
 
On Wed, 14 Jun 2000 00:32:14 GMT, Ken Wolff <kenw@cscc.maximus.com>
wrote:
 
>Well, you made a bad guess.  My win95 machines have a c:\windows\hosts and 
>c:\windows\lmhosts that include our SCO machines IP.  As far as the SCO box 
>not being involved in DNS lookups, you are correct, EXCEPT that for some 
>reason 'telnetd' wants to ignore /etc/hosts and do a DNS lookup when a 
>win95 (or linux, or I would imagine any OS) machine trys to connect to the 
>SCO machine.  As far as /etc/resolv.conf only effecting programs on the SCO 
>machine, I realize that.  That's where telnetd is being run and where my 
>problem lies.
 
 
Ok, that makes sense.  So, you're getting a delay getting the initial
telnet login prompt?  telnetd is probably trying to do a reverse DNS
lookup on your connected IP address in order to give you a human
readable connect line or something.  From the man page at:
  http://stage.sco.com/cgi-bin/ssl_getmanpage?telnetd+ADMN+OS5   
Quoting...
  Normally, telnetd displays the system release, hostname, and
  terminal port prior to the login prompt. The -h option
  stops telnetd from displaying this information. 
My guess(tm) is that the -h might turn off the reverse DNS lookup.
 
>Just an FYI, the win95 machines only run TCP/IP.  They do not run 
>netbuei.  They have no DNS configured.
 
Drivel:  The way Windoze tcp/ip networking works is to use Netbios
over tcp/ip.  The DNS name lookup from Windoze I was refering to is fo
Netbios name lookups.  My references are to Netbios and not Netbeui.
I've seen Windoze boxes that have both hosts and lmhosts configured,
yet still insist on doing Netbios name lookups.  See the references in
my previous tirade on Windoze Netbios name lookup resolution order
bugs.
 
If you have no DNS configured, Windoze can still assign a DNS server
if you have DHCP running somewhere.  Run:
        winipcfg
or open an MSDOS window and run:
        ipconfig /all | more
and see if you have DNS servers.  I had one user fire up a DHCP server
on a company lan and send all the Windoze boxes off into the DNS
wonderland.  It seems that "Disable DNS" really means "Get it from
DHCP".
 
>Wrong Jeff, this IS an SCO problem.  It has nothing to do with our win95 
>machines.When our gateway to our ISP is working....no problem.  When it's 
>not, I change /etc/resolv.conf to remove the 'nameserver' lines and change 
>'hostresorder' from 'local bind' to 'local', then restart routed and 
>everything works ok.  I'm not changing anything anywhere else.  It's 
>OSR5.0.5 that's delaying the connect from telnet/ftp/pop, it's not that my 
>win95 machines can't find the SCO box.  'ping' works just fine, also 
>'tracert' works fine from the win95 machines to the SCO box.  It's SCO's 
>problem, always has been.
 
Dumb question:  Why are you running routed?  Are you using RIP-1
router updates to change the default route or add routes on the fly?
This is great stuff if you're running an ISP or a WAN with multiple
routes between sites, but for a small system, it's overkill.
 
 
One common problem is mis-spelling hostresorder.  I know because I've
done it and experienced what the resolver does by default when no
order is specified.  Learn by Destroying(tm).  First, it tries the DNS
server.  (This is from DNS and BIND in a Nutshell Pg 107).  It tries 4
times.  If it gets 4 errors (bogus domain), then it goes on to
/etc/hosts.  However, if it gets only one timeout, as in the DNS
server not there, the application does NOT fall back on /etc/hosts.  I
don't consider this to be particularly useful behavior, but that's
what I found when I was trying to figure out why various applications
were ignoring /etc/hosts.  The logic is that the well maintained DNS
server will be more up to date than a local hosts file.  Ugh.
 
You say the ping and tracert work immediately, yet telnet, ftp, and
pop3 have a delay.  That doesn't make sense because both ping and
tracert use name resolution by default.  Are you perhaps running:
        ping -n osr5box
        tracert -d osr5box
which disables name resolution?
 
I have about 6 customers using various Windoze telnet mutations used
to connect to 3.2v5.0.5 boxes running mostly Foxplus apps.  Only one
has a full time internet connection.  The rest are dial on demand.
None are running local DNS servers.  I have seen the login prompt
delay problem on occassion, but it was never caused by the OSR5 box
configuration.  If these customers were experiencing a telnet or pop3
connection delay, equal to the dialup time, they would be screaming at
me.  While this is anecdotal evidence that the problem does not exist,
I'll certainly try it out when I drag myself to the office on Thurs or
Fri.  Tcpdump, IPTraf, Netmon, and my cacheing DNS server logs, should
show any reverse DNS lookups issued by telnetd and such on initial
connection.
 
 
 
-- 
Jeff Liebermann   jeffl@comix.santa-cruz.ca.us
150 Felker St #D  Santa Cruz CA  95060
831-421-6491 pager   831-429-1240 fax
http://www.cruzio.com/~jeffl/sco/   SCO stuff
 

Comments?

More Articles by Tony Lawrence

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.