Win32 gethostbyaddr() does NetBIOS query?
Christopher R. Hertel
crh at NTS.Umn.EDU
Fri Oct 2 16:03:58 GMT 1998
Jerry, Richard,
Thanks for the replies. What you are seeing is the gethostbyname()
equivalent call. When a Windows system tries to resolve a *name* it will
go through a formula (which varies, depending upon the OS version, DLLs,
etc.) to see if it *looks* like a DNS or NetBIOS name. Behavior after
that will also vary as well.
At least, that's the second hand information I have. I've got an NT box
in the lab at the moment, but haven't had time to mess with it.
What I was asking about was the reverse lookup: address to name. Andrew
confirmed what I've been hearing from other sources. The gethostbyaddr()
equivalent call tries to get the NetBIOS name from the machine at the IP
address before doing a reverse lookup in the DNS. This would work just
fine on a small, isolated, Microsoft LAN. It doesn't work on the
Internet.
It also explains the very large number of UDP/139 packets we drop at our
border.
Chris -)-----
> Chris, I haven't actually coded it up, but simply
> trying to ping a hostname on NT4 will attempt to resolve the
> hostname in DNS first and then do a query for MACHINE<00>.
> The docs with VC++ 4.2 don't seem to indicate what it queries,
> but my gut is that if it does query Netbios, that it would be
> second. Don't know for sure though.
--
Christopher R. Hertel -)----- University of Minnesota
crh at nts.umn.edu Networking and Telecommunications Services
More information about the samba-technical
mailing list