LAN-Tech Network Management

LMHosts and Hosts files

April 7, 2011

There are two files in the %systemroot%\system32\drivers\etc directory that can be used for name resolution. The Hosts file, used for DNS name resolution, and the LMHosts.sam file used for NetBIOS name resolution. In an age where DNS dominates your network both locally and throughout the Internet, these two files are seldom ever used, but they can be very useful in a few situations. Both are simple text files that match names to IP addresses, and are very easy to create and implement. Most people are familiar with these files, but are often frustrated when they do not work as expected. This is usually due to the fact that they have some very simple, but specific requirements, for them to work at all.

LMHosts (NetBIOS names):
The primary use today for an LMHosts file, is for name resolution over a VPN. If DNS is configured on the host and client machines there should be no need of static text files for resolving names, but it does work well, and many folks uses them as a dependable simple solution. The catch is there are a few gotcha’s you need to be aware of:

The LMHosts file in it’s default form, is named lmhosts.sam The .sam represents sample. If you are planning on using this file it needs to be saved without a file extension – lmhosts. Be careful if using a text editor like NotePad as it will add a .txt file extension to the name. The safest method is to save the file using quotes, “lmhosts” to assure no extensions are added.
Text following a # in the LMHosts file is a comment and can be ignored or deleted.
A typical entry would look like:
192.168.100.101 COMPUTERNAME #PRE #my notes
When making a new entry you must hit enter at the end of the line, which adds a “carriage return”
Use the Tab key between items in each line rather than spaces (recommended but not necessary), but there must be a space.
Though it is not needed, adding the #PRE parameter or extension will load the entry into the local NetBIOS name cache when the computer boots. This allows for a slightly faster resolving of the name, before it has been added to the cache.
Most entries such as #PRE, #DOM, DOMAIN names and such are case sensitive. Always use uppercase to be safe.
It is a good idea to add the domain name as well. This requires two lines, and uses extremely critical formatting. A sample would be:
192.168.100.10   DCNAME   #PRE   #DOM:YOUR-DOMAIN
192.168.100.10   “YOUR-DOMAIN    x1b”   #PRE
There must be exactly 20 characters, including spaces, between the quotes in “YOUR-DOMAIN    x1b”, and the spaces need to be between the domain name and the x1b. The domain name used is the NetBIOS name, not the FQDN. If your domain name exceeds 15 characters, you must truncate it at the 15th character, it will still work.
If you find this last step tedious, the University Of Sait Louis has a little Java script that will create these two lines for you: http://bflinux.slu.edu/LSI/tools/lmhosts.html

Hosts (DNS names):
The Hosts file today seems to be more used for blocking unwanted web sites. This is done by simply entering the website address and substituting the IP address with the localhost IP address such as:
127.0.0.1 www.unwantedsite.com #advertising site
There are subscription services that will actually update your Hosts file, according to a schedule, with a list of known unwanted sites.

Another handy use of the Hosts file is to create abbreviations for your own use. For example quick access to a website like Google can be achieved adding an abbreviation like ‘G”, or your firewall with ‘F”, or I frequently uses it for accessing client sites with remote desktop using 3 letter acronyms such as ACL for Acme Corp Ltd. :
64.233.187.99         G         #Google
192.168.100.254      F         #my firewall
123.123.123.123      ACL    #Acme Corp Ltd
Most of the rules that apply to the LMHosts file, apply to the Hosts file as well:

The Hosts file already has no file extension, so there is no need to change it like the LMHosts file. Just be careful when editing you don’t accidentally add one such as .txt when using NotePad or a similar editor.
Text following a # in the Hosts file is a comment, and can be ignored or deleted
A typical entry would look like:
123.123.123.123 ftp.acme.com #company FTP site
When making a new entry you must hit enter at the end of the line, which adds a “carriage return”
Use the Tab key between items in each line rather than spaces (recommended but not necessary), but there must be a space.

Keep in mind when editing these files you can run into conflicts, or ineffective changes if you do not reboot or purge the local name caches. To clear the NetBIOS cache ( and PREload), at a command line enter (R is case sensitive):
nbtstat -R
To clear the DNS cache, at a command line enter:
ipconfig /flushdns

For the record, the LMHosts and Hosts files can also be used for IPv6 addressing. Vista for example includes the IPV6 localhost entry, by default:
::1 localhost

Category:

RRAS/VPN

VPN client name resolution

Aside

The most common problem reported with a VPN client is ” I cannot browse the remote network”. Most often if one thinks about the need to browse over a VPN connection, you quickly realize it is seldom necessary at all. You are using a VPN to access a known remote resource to which the location is well documented. It can easily be accessed using the IP address or computer name.

Within the confines of a LAN, NetBIOS name broadcasts are the primary method for registering and resolving of names, for browsing purposes. Because broadcast packets are not routable, they are not forwarded over the VPN, and thus browsing is not possible. With the exception of a few routers offering services to forward NetBIOS information over the VPN tunnel, the only possibility for browsing the remote network is using two WINS servers as outlined in option 3 below.

There are numerous ways to access a remote machine as listed below. All will work, however for the simplest and most reliable solution use the IP address. If you want to access a remote network using names, by choice, or because the resource is on a device with a dynamic IP, I would recommend you jump to the last option, and use DNS.

IP address
LMHOSTS files (HOST Files)
WINS (Windows Internet Name Service)
DNS (Domain Name Service)

1) Most often the resource is located on a server with a static IP and therefore it can easily be accessed using a combination of the machine IP and the share name, such as \\192.168.123.123\SharName This is very simple, reliable, and does not rely on other services or applications. Should you need to map a drive, that too can be easily done at a command line or in a script using Net Use Z: \\192.168.123.123\ShareName

2) Assuming again the remote device is using a static IP, dependable name resolution to allow access such as \\ServerName\ShareName can be done with the LMHosts file. Located in %systemroot%\syetem32\drivers\etc folder, the LMHosts file is a list stored on the local computer basically mapping NetBIOS (computer) names to IP addresses. Though this works extremely well, it requires maintaining an updated name/IP list. There is also the Hosts file which is similar, but it is intended for DNS Fully Qualified Domain Names, rather than NetBIOS names. The LMHosts file, is a simple text file, but it has very specific configuration rules. See the following Microsoft documents for details:

This blog site, follow article under “LMHosts and Hosts files“
http://technet.microsoft.com/en-ca/library/cc977602.aspx
http://support.microsoft.com/kb/q180094/

3) If you have A WINS server located at the RRAS server site, it can be used for dynamic NetBIOS name resolution (i.e. it does not rely on static IP’s). In order to do so the VPN client needs two options configured.

The client must be assigned the WINS server IP address. This can be done manually on the client, or assigned through DHCP by the RRAS server. If using DHCP, the RRAS server will not supply the WINS address from the DHCP scope options. The WINS server IP must be assigned to the RRAS server’s network adapter, and it will then be inherited by the VPN client when it connects.
On the VPN client’s network adapter , under TCP/IP properties, advanced, WINS, you also need to enable NetBIOS over TCP/IP.
WINS is also your only option for browsing the remote network. In order for this to work, you will need replicating WINS servers configured at both ends of the VPN tunnel. Browsing is still not 100% reliable using the two WINS server option.

4) All Windows 2000 and 2003 active directory environments have DNS configured. Thus, for name resolution of devices with dynamic IP’s, it is generally the best bet. Again there are two requirements for using DNS:

Like WINS, the client must be assigned the DNS server IP address. This can be done manually on the client, or assigned through DHCP by the RRAS server. Once again if using DHCP, the RRAS server will not supply the DNS address from the DHCP scope options. The DNS server IP must be assigned to the RRAS server’s network adapter, and it will then be inherited by the VPN client when it connects.
On the VPN client’s network adapter, under TCP/IP properties, advanced, DNS, you also need to add the domain DNS suffix, such as MyDomain.local in the “DNS suffix for this connection” box.