samba - Sep 1997 - More questions about WINS, interfaces, etc

I have yet another question about WINS and DNS...  Why can't the
DNS be used as the database of reference for name-to-address
mappings when using NB over TCP/IP?  Assuming you could easily
make incremental changes to the name server and propagate them
out to all of the secondaries, then why bother having nmbd (or
whatever) keep in-memory tables at all?

On the subject of that, who would be responsible for adding the
name to the DNS:  Samba or the DHCP server?  What about
deletions?

I've modified source/interface.c to handle interface names instead
of addresses/netmasks...  I thought this might be nicer since if
you renumber a network or change a host's address, the fewer
places you have to change its IP address the better.  So with these
patches (I'm working with 1.9.16p11 -- sorry) you can say something
like:

	interfaces = le0 le1

or

	interfaces = all

(where "all" excludes interfaces that aren't "running"
or that
are "loopback".)

Does anyone really use iface_set_default()?  Or is this there
mostly to support the defunct -B option?  Can this be safely nuked?
(Assuming the calls to it in client.c and nmblookup.c get cleaned
up...)

-Philip

On Thu, 18 Sep 1997, Philip A. Prindeville wrote:
> I have yet another question about WINS and DNS...  Why can't the
> DNS be used as the database of reference for name-to-address
> mappings when using NB over TCP/IP?
we're working on that, for samba-2.
>  Assuming you could easily
> make incremental changes to the name server and propagate them
> out to all of the secondaries, then why bother having nmbd (or
> whatever) keep in-memory tables at all?
cacheing, to reduce network traffic.  also, nmbd is a single process.  
we'd need to add a non-blocking, state-based way to resolve dns names.  
(gethostbyname() is blocking...)
> On the subject of that, who would be responsible for adding the
> name to the DNS:  Samba or the DHCP server?  What about
> deletions?
the DNS administrator.  NOT samba.  and NOT the DHCP server.  samba has 
nothing directly to do with DHCP daemons or named daemons.
> I've modified source/interface.c to handle interface names instead
> of addresses/netmasks...  I thought this might be nicer since if
> you renumber a network or change a host's address, the fewer
> places you have to change its IP address the better.  So with these
> patches (I'm working with 1.9.16p11 -- sorry)
i don't care: the samba team deals with patches from different versions 
all the time.  we prefer diff -u, if you can generate it.  patch < 
diff_file usually deals with things automatically, and creates .rej files 
for rejected bits, which have to be added by hand - no problem there.
> you can say something
> like:
> 
> 	interfaces = le0 le1
> 
> or
> 
> 	interfaces = all
oh, _good_!  an excellent addition.

Luke Kenneth Casson Leighton (lkcl@switchboard.net)
"Deal with difficult problems while they are still easy"

> On Thu, 18 Sep 1997, Philip A. Prindeville wrote:
> 
> > I have yet another question about WINS and DNS...  Why can't the
> > DNS be used as the database of reference for name-to-address
> > mappings when using NB over TCP/IP?
> 
> we're working on that, for samba-2.
I would be interested in collaborating on that.
> >  Assuming you could easily
> > make incremental changes to the name server and propagate them
> > out to all of the secondaries, then why bother having nmbd (or
> > whatever) keep in-memory tables at all?
> 
> cacheing, to reduce network traffic.  also, nmbd is a single process.  
> we'd need to add a non-blocking, state-based way to resolve dns names.
> (gethostbyname() is blocking...)
At least under Solaris, there is a thread-safe gethostbyname_r()
function that could be used.  I don't know how portable this is,
though.
> > On the subject of that, who would be responsible for adding the
> > name to the DNS:  Samba or the DHCP server?  What about
> > deletions?
> 
> the DNS administrator.  NOT samba.  and NOT the DHCP server.  samba has 
> nothing directly to do with DHCP daemons or named daemons.
I'm assuming that a machine, say that has a network identity of
"FIDO", gets an address lease from a DHCP server, and then tries to
defend the name via NetBIOS.  Having succeeded, the name should
probably be re-integrated into the DNS with the leased address.
Of course, this happens too often and too dynamically to involve
the intervention of a hostmaster.
> > I've modified source/interface.c to handle interface names instead
> > of addresses/netmasks...  I thought this might be nicer since if
> > you renumber a network or change a host's address, the fewer
> > places you have to change its IP address the better.  So with these
> > patches (I'm working with 1.9.16p11 -- sorry)
> 
> i don't care: the samba team deals with patches from different versions
> all the time.  we prefer diff -u, if you can generate it.  patch < 
> diff_file usually deals with things automatically, and creates .rej files 
> for rejected bits, which have to be added by hand - no problem there.
Hmmmm...  My diff doesn't understand -u.  Where can I get one that
does?
> > you can say something
> > like:
> > 
> > 	interfaces = le0 le1
> > 
> > or
> > 
> > 	interfaces = all
> 
> oh, _good_!  an excellent addition.
I'm just not sure about one thing, however:  in the original code
they seem to ignore the broadcast address and force the address to
be the all-ones host address.  Which is what the broadcast address
should be anyway, unless you have misconfigured or incredibly old
machines.
> Luke Kenneth Casson Leighton (lkcl@switchboard.net)
> "Deal with difficult problems while they are still easy"
-Philip

> Date: Thu, 18 Sep 1997 17:02:38 +0100 (BST)
> From: Luke Kenneth Casson Leighton <lkcl@switchboard.net>
> To: mac@nibsc.ac.uk
> Subject: Re: More questions about WINS, interfaces, etc
> On Thu, 18 Sep 1997 mac@nibsc.ac.uk wrote:
> > Hi all,
> > 
> > >> I have yet another question about WINS and DNS...  Why
can't the
> > >> DNS be used as the database of reference for name-to-address
> > >> mappings when using NB over TCP/IP?
> > >
> > >we're working on that, for samba-2.
> > 
> > 
> > No, no, NO !!!
> ??  i don't understand.
> ok.  i'll re-read (or, more like read) your question.  why can't
dns be
> used as the database of reference for name-to-address mappings.
> it can be.  put "dns proxy = yes" in the [global] section of
smb.conf.
> this will do a gethostbyname() call on the NetBIOS name, and cache the 
> response received for up to two hours.  this is because gethostbyname() 
> is a blocking call, which therefore disrupts your name services and 
> browsing services until gethostbyname() returns.
OK, first a simple question:  why not just set it to the TTL of
the DNS response?

And next, what if the DNS server was local and came back with an answer
very quickly?  What if there was non-blocking code to make queries?
Or for that matter, what if you wanted NIS or NIS+ to be the database 
of reference?
> > Why can't I have completely separate DNS and NB namespaces?
> i don't understand the intent behind your question.  DNS and NetBIOS 
> namespaces are on 
> > Windows clients support this quite happily, so why can't Samba?
> no they don't: only NT workstation supports DNS resolution of ip 
> addresses instead of using NetBIOS name resolution of ip addresses.
> because of this limitation (in all windows clients to only use DNS, not 
> NIS or NIS+, and in all windows clients except NT, which uses DNS 
> directly), we have added an option "dns proxy = yes" which
results in a
> gethostbyname() call if a NetBIOS name is not in the WINS cache in nmbd.
Sanity check here.  A host gets its address either statically, or via
DHCP.  Its name is static.  It defends the name on the network, and
in doing so gets noticed by the local NB name server (or domain
controller?).  Next, when someone wants to resolve that host's name,
do they ask the NB name server, or do they just broadcast the request,
hoping that the host is local, and will respond itself (like ARP)?

What if DNS delay weren't an issue?  What if, for that matter, you
wanted to use NIS+ as your database of reference?
> > Each system has its own repository of information (named, or WINS
server)
> > and distinct mechanisms exist for lookup and retrival of info.
IMHO this is a liability.  As long as the possibility of clashes
or inconsistencies exist between two name spaces that allow the
same name to exist in both spaces, you are setting yourself up
for confusion (best case) and gapping wide security holes (worst
case).
> true.  it is worth mentioning that the resolution of these names is on 
> completely separate port numbers.  it is also worth mentioning that 
> rfc1001/2.txt (NetBIOS) is based on rfc883.txt (DNS).
> > By all means give Samba the capability to use the DNS as the prime
source
> > of information, but please, please allow it also to keep the NB
namespace
> > uterly separate.
> we do.  DNS-looked-up names are marked with a special flag: "DNS"
or
> "DNSFAIL" in the WINS cache.  if the NetBIOS name is subsequently
> registered (a pc gets switched on), then the DNS entry is deleted.
> luke
-Philip