+[Chapter 7] 7.3 Name Resolution with Samba

+ +7.3 Name Resolution with Samba

Before NetBIOS Name Servers (NBNS) came about, name resolution worked entirely by broadcast. If you needed a machine's address, you simply broadcast its name across the network and, in theory, the machine itself would reply. This approach is still possible: anyone looking for a machine named +fred can still broadcast a query and find out if it exists and what its IP address is. (We use this capability to troubleshoot Samba name services with the +nmblookup command in Chapter 9, Troubleshooting Samba.)

+As you saw in the first chapter, however, broadcasting - whether it be browsing or name registration and resolution - does not pass easily across multiple subnets. In addition, many broadcasts tend to bog down networks. To solve this problem, Microsoft now provides the Windows Internet Naming Service (WINS), a cross-subnet NBNS, which Samba supports. With it, an administrator can designate a single machine to act as a WINS server, and can then provide each client that requires name resolution the address of the WINS server. Consequently, name registration and resolution requests can be directed to a single machine from any point on the network, instead of broadcast.

+WINS and broadcasting are not the only means of name resolution, however. There are actually four mechanisms that can be used with Samba:

+
+ +WINS
+
+ +Broadcasting
+
+ +Unix +/etc/hosts or NIS/NIS+ matches
+
+ + +LMHOSTS file

+Samba can use any or all of these name resolution methods in the order that you specify in the Samba configuration file using the +name +resolve +order parameter. However, before delving into configuration options, let's discuss the one that you've probably not encountered before: the +LMHOSTS file.

+ +7.3.1 The LMHOSTS File

+ +LMHOSTS is the standard LAN Manager +hosts file used to resolve names into IP addresses on the system. It is the NBT equivalent of the +/etc/hosts file that is standard on all Unix systems. By default, the file is usually stored as +/usr/local/samba/lib/LMHOSTS and shares a format similar to +/etc/hosts. For example:

+192.168.220.100    hydra
+192.168.220.101    phoenix

+The only difference is that the names on the right side of the entries are NetBIOS names instead of DNS names. Because they are NetBIOS names, you can assign resource types to them as well:

+192.168.220.100    hydra#20
+192.168.220.100    simple#1b
+192.168.220.101    phoenix#20

+Here, we've assigned the +hydra machine to be the primary domain controller of the +SIMPLE domain, as indicated by the resource type <1B> assigned to the name after +hydra's IP address in the second line. The other two are standard workstations.

+If you wish to place an +LMHOSTS file somewhere other than the default location, you will need to notify the +nmbd process upon start up, as follows:

+nmbd -H /etc/samba/lmhosts -D

+ +7.3.2 Setting Up Samba to Use Another WINS Server

You can set up Samba to use a WINS server somewhere else on the network by simply pointing it to the IP address of the WINS server. This is done with the global +wins +server configuration option, as shown here:

+[global]
+	wins server = 192.168.200.122

+With this option enabled, Samba will direct all WINS requests to the server at 192.168.200.122. Note that because the request is directed at a single machine, we don't have to worry about any of the problems inherent to broadcasting. However, though you have specified an IP address for a WINS server in the configuration file, Samba will not necessarily use the WINS server before other forms of name resolution. The order in which Samba attempts various name-resolution techniques is given with the +name +resolve +order configuration option, which we will discuss shortly.

+If you have a Samba server on a subnet that still uses broadcasting and the Samba server knows the correct location of a WINS server on another subnet, you can configure the Samba server to forward any name resolution requests with the +wins +proxy option:

+[global]
+	wins server = 192.168.200.12
+	wins proxy = yes

+Use this only in situations where the WINS server resides on another subnet. Otherwise, the broadcast will reach the WINS server regardless of any proxying.

+ +7.3.3 Setting Up Samba as a WINS Server

You can set up Samba as a WINS server by setting two global options in the configuration file, as shown below:

+[global]
+	wins support = yes
+	name resolve order = wins lmhosts hosts bcast

+The +wins +support option turns Samba into a WINS server. Believe it or not, that's all you need to do! Samba handles the rest of the details behind the scenes, leaving you a relaxed administrator. The +wins +support=yes and the +wins +server option are mutually exclusive; you cannot simultaneously offer Samba as the WINS server and point to another system as the server.

+If Samba is acting as a WINS server, you should probably get familiar with the +name +resolve +order option mentioned earlier. This option tells Samba the order of methods in which it tries to resolve a NetBIOS name. It can take up to four values:

+lmhosts: +
+Uses a LAN Manager +LMHOSTS file
+hosts: +
+Uses the standard name resolution methods of the Unix system, +/etc/hosts, DNS, NIS, or a combination (as configured for the system)
+wins: +
+Uses the WINS server
+bcast: +
+Uses a broadcast method

+The order in which you specify them in the value is the order in which Samba will attempt name resolution when acting as a WINS server. For example, let's look at the value specified previously:

+name resolve order = wins lmhosts hosts bcast

+This means that Samba will attempt to use its WINS entries first for name resolution, followed by the LAN Manager +LMHOSTS file on its system. Next, the hosts value causes it to use Unix name resolution methods. The word +hosts may be misleading; it covers not only the +/etc/hosts file, but also the use of DNS or NIS (as configured on the Unix host). Finally, if those three do not work, it will use a broadcast to try to locate the correct machine.

+Finally, you can instruct a Samba server that is acting as a WINS server to check with the system's DNS server if a requested host cannot be found in its WINS database. With a typical Linux system, for example, you can find the IP address of the DNS server by searching the +/etc/resolv.conf file. In it, you might see an entry such as the following:

+nameserver 127.0.0.1
+nameserver 192.168.200.192

+This tells us that a DNS server is located at 192.168.220.192. (The 127.0.0.1 is the localhost address and is never a valid DNS server address.)

+Use the global +dns +proxy option to alert Samba to use the configured DNS server:

+[global]
+	wins support = yes
+	name resolve order = wins lmhosts hosts bcast
+	dns proxy = yes

+ +7.3.4 Name Resolution Configuration Options

Samba's WINS options are shown in +Table 7.5.

+ + + + + + + + + + + + +

+ +Table 7.5: WINS Options
+ +Option	+ +Parameters	+ +Function	+ +Default	+ +Scope
+ +`+wins support`	+ +boolean	+ +If set to `+yes`, Samba will act as a WINS server.	+ +`+no`	+ +Global
+ +`+wins server`	+ +string (IP address or DNS name)	+ +Identifies a WINS server for Samba to use for name registration and resolution.	+ +None	+ +Global
+ +`+wins proxy`	+ +boolean	+ +Allows Samba to act as a proxy to a WINS server on another subnet.	+ +`+no`	+ +Global
+ +`+dns proxy`	+ +boolean	+ +If set to `+yes`, a Samba WINS server will search DNS if it cannot find a name in WINS.	+ +`+no`	+ +Global
+ +`+name resolve order`	+ +`+lmhosts`, `+hosts`, `+wins`, or `+bcast`	+ +Specifies an order of the methods used to resolve NetBIOS names.	+ +`+lmhosts hosts wins bcast`	+ +Global
+ +`+max ttl`	+ +numerical	+ +Specifies the maximum time-to-live in seconds for a requested NetBIOS names.	+ +`+259200` (3 days)	+ +Global
+ +`+max wins ttl`	+ +numerical	+ +Specifies the maximum time-to-live in seconds for NetBIOS names given out by Samba as a WINS server.	+ +`+518400` (6 days)	+ +Global
+ +`+min wins ttl`	+ +numerical	+ +Specifies the minimum time-to-live in seconds for NetBIOS names given out by Samba as a WINS server.	+ +`+21600` (6 hours)	+ +Global

+ +7.3.4.1 wins support

+Samba will provide WINS name service to all machines in the network if you set the following in the +[global] section of the +smb.conf file:

+[global]
+    wins support = yes

+The default value is +no, which is typically used to allow another Windows NT server to become a WINS server. If you do enable this option, remember that a Samba WINS server currently cannot exchange data with any backup WINS servers. If activated, this option is mutually exclusive with the +wins +server parameter; you cannot set both to +yes at the same time or Samba will flag an error.

+ +7.3.4.2 wins server

+Samba will use an existing WINS server on the network if you specify the +wins +server global option in your configuration file. The value of this option is either the IP address or DNS name (not NetBIOS name) of the WINS server. For example:

+[global]
+    wins server = 192.168.220.110

+or:

+[global]
+    wins server = wins.example.com

+In order for this option to work, the +wins +support option must be set to +no (the default). Otherwise, Samba will report an error. You can specify only one WINS server using this option.

+ +7.3.4.3 wins proxy

+This option allows Samba to act as a proxy to another WINS server, and thus relay name registration and resolution requests from itself to the real WINS server, often outside the current subnet. The WINS server can be indicated through the +wins +server option. The proxy will then return the WINS response back to the client. You can enable this option by specifying the following in the +[global] section:

+[global]
+    wins proxy = yes

+ +7.3.4.4 dns proxy

+If you want the domain name service (DNS) to be used if a name isn't found in WINS, you can set the following option:

+[global]
+    dns proxy = yes

+This will cause +nmbd to query for machine names using the server's standard domain name service. You may wish to deactivate this option if you do not have a permanent connection to your DNS server. Despite this option, we recommend using a WINS server. If you don't already have any WINS servers on your network, make one Samba machine a WINS server. Do not, however, make two Samba machines WINS servers (one primary and one backup) as they currently cannot exchange WINS databases.

+ +7.3.4.5 name resolve order

+The global +name +resolve +order option specifies the order of services that Samba will use in attempting name resolution. The default order is to use the +LMHOSTS file, followed by standard Unix name resolution methods (some combination of +/etc/hosts, DNS, and NIS), then query a WINS server, and finally use broadcasting to determine the address of a NetBIOS name. You can override this option by specifying something like the following:

+[global]
+    name resolve order = lmhosts wins hosts bcast

+This causes resolution to use the +LMHOSTS file first, followed by a query to a WINS server, the system password file, and finally broadcasting. You need not use all four options if you don't want to. This option is covered in more detail in the section +Section 7.3.3, Setting Up Samba as a WINS Server, earlier in this chapter.

Using Samba