NetBios Group Name Lookup?
Christopher R. Hertel
crh at nts.umn.edu
Thu Oct 7 18:19:35 GMT 1999
>
> Christopher R. Hertel wrote:
> >
> > Mike and I have been discussing this issue a bit. Here's the tofu:
> >
> > - The RFCs say that you should be able to send a query on a group name to
> > an NBNS (WINS) server. You should get back an array of entries. If
> > the UDP packet is too small, the truncation bit will be set and the
> > query must be repeated using UDP.
> >
> > - Instead, the WINS server that Mike is testing against returns only
> > 255.255.255.255. Sending to that address will not, of course, reach
> > any group members that are not on the local LAN.
> >
> > Is this a bug (or bad implementation) in WINS?
>
> This is exactly what the spec says you should do for
> a group name. Read RFC 1001/1002.
RFC 1001:
15.3.2. QUERY BY P NODES
An NBNS answers queries from a P node with a list of IP address and
other information for each owner of the name. If there are multiple
owners (i.e. if the name is a group name), the NBNS loads as many
answers into the response as will fit into a UDP packet. A
truncation flag indicates whether any additional owner information
remains. All the information may be obtained by repeating the query
over a TCP connection.
RFC 1002:
4.2.13. POSITIVE NAME QUERY RESPONSE
The ADDR_ENTRY ARRAY a sequence of zero or more ADDR_ENTRY
records. Each ADDR_ENTRY record represents an owner of a name.
For group names there may be multiple entries. However, the list
may be incomplete due to packet size limitations. Bit 22, "T",
will be set to indicate truncated data.
Each ADDR_ENTRY has the following format:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| NB_FLAGS | NB_ADDRESS |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| NB_ADDRESS (continued) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
So, the RFCs *do* specify that an array of entries will be returned in
response to a name query. This list could only be returned from an NBNS
server, since only the NBNS server would keep track of multiple entries
for the same group name.
Now, it's quite possible that MS punted on this and decided to return the
broadcast address. When they wrote this stuff, they made a lot of local
LAN assumptions about the networks on which they would be running.
Returning the broadcast address would, on a LAN, be "good enough" and
would releive MS from having to open a TCP connection to get the full
list.
If the 255.255.255.255 address return value is listed in the RFCs, please
point it out to us. I did a quick search and could not find any
reference.
> An *internet* group name is a special MS invention
> that returns an IP list as you require. I used this
> in the recent PDC/BDC query code on NAME<1c>. Our
> WINS server also supports this.
I'm not familiar with this distinction. Is there some documentation that
explains the difference? Is there a difference in the query packet?
Chris -)-----
--
-- I have a shoehorn, the kind with teeth. --
---
Christopher R. Hertel -)----- University of Minnesota
crh at nts.umn.edu Networking and Telecommunications Services
More information about the samba-technical
mailing list