LMHOSTS file information and predefined keywords (314884)


The information in this article applies to:

  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional
This article was previously published under Q314884
For a Microsoft Windows 2000 version of this article, see 102725.

SUMMARY

This article discusses the LMHOSTS file. The LMHOSTS file is a local text file that maps IP addresses to NetBIOS names of remote servers that you want to communicate with over the TCP/IP protocol.

This article is divided into the following sections:
  • Comprehensive Information
  • LMHOSTS Entry Cache
  • Predefined Keywords
  • Block Commands

MORE INFORMATION

Comprehensive Information

Windows recognizes names instead of IP addresses for network requests, and a name discovery process is used to correctly route network requests with TCP/IP. Because the name discovery process is generally not routed by an IP router, the LMHOSTS file allows Windows-based computers to use TCP/IP to communicate across a subnet.

  • LMHOSTS contains IP address to "NetBIOS over TCP/IP" name translations.
  • LMHOSTS is used only by the NBT (NetBIOS over TCP/IP) interface.
  • LMHOSTS contains some valuable additions to the LAN Manager and Windows for Workgroups LMHOSTS file, such as the ability to support routed domain logon validation.
  • LMHOSTS contains static information about TCP/IP addresses, but using logon scripts, the Replicator service, or both lets the "master" file be distributed transparently across all workstations.
  • By default, the LMHOSTS file is in the %SystemRoot%\System32\Drivers\Etc folder, which is usually the C:\Winnt\System32\Drivers\Etc folder

LMHOSTS Entry Cache

By default, entries that are specified by the #PRE keyword are cached at initialization, up to a maximum of 100 entries. You can have more initially cached entries if you modify the following registry value:

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services \NetBT\Parameters\MaxPreload

The sequence that determines NetBIOS-to-IP address resolution is the following: the cache is verified, a broadcast to the subnet is performed, and then additional entries from LMHOSTS are checked. If no connection is established within 15 seconds, the timeout occurs and you receive an error message.

Predefined Keywords

Not all predefined keywords that are valid for Windows- and Windows Advanced Server-based computers are valid for LMHOSTS files on Microsoft LAN Manager or Microsoft Windows for Workgroups-based computers. These computers cannot be validated by routed domain controllers in the same way that Windows NT-based computers can. To be able to validate these computers, use the LAN Manager TCP/IP Extensions Service that is available on all servers that run OS/2 LAN Manager version 2.1a or later.

# remark line

Used to remark IP address to NetBIOS names.

#PRE

Defines which entries should be initially preloaded into the name cache.

#DOM:domain_name

Distinguishes servers that run Windows Advanced Server from Windows workstations, a LAN Manager server, or a Windows for Workgroups computer. This keyword is needed for all servers that validate logon requests.

#NOFNR

Avoid Directed Name Queries (DNS). Some earlier versions of LAN Manager cannot handle NetBIOS DNS requests and return error 53. Specifying this flag on the same line avoids using NetBIOS directed name queries.

#BEGIN_ALTERNATE
#INCLUDE \\server_name01\sharename\LMHOSTS
#INCLUDE \\server_name02\sharename\LMHOSTS
...
#END_ALTERNATE

Defines a redundant list of alternate locations for LMHOSTS files. The recommended way to #INCLUDE remote files is using a universal naming convention (UNC) path to ensure access to the file. Of course, the UNC names must exist in the LMHOSTS file with a proper IP address to NetBIOS name translation.

#MH

Associates a single, unique NetBIOS computer name to an IP address. You can create multiple entries for the same NetBIOS computer name for each network interface card (NIC) in the multihomed device, up to a maximum of 25 different IP addresses for the same name.

#SG

Used to define a special group, such as printers or computers that belong to groups on the intranet for easy reference, browsing, or broadcasting. Special groups are limited to a total of 25 members.

The first three keywords can be used together to specify one NetBIOS over TCP/IP name to IP address translation, for example 
   102.54.94.97 rhinodc #DOM:rhino #PRE #PDC for rhino domain 
   102.54.94.99 zoobdc #DOM:rhino #PRE #BDC for rhino domain
where PDC is the primary domain controller and BDC is the backup domain controller.

The predefined entries can be defined in diverse order. It is recommended that you insert important entries first, because access to the file is in sequential order.

Block Commands

Windows provides new block commands that permit centralized location and management of the LMHOSTS file. In addition, there is provision for redundant backup copies on multiple servers. The following Windows LMHOSTS file block commands are discussed in detail below:
  • #INCLUDE
  • #BEGIN_INCLUDE
  • #END_INCLUDE
  • #BEGIN_ALTERNATE
  • #END_ALTERNATE
Block Inclusion Keywords (#BEGIN_INCLUDE, #END_INCLUDE): 
   130.20.26.169  Trustedserver  #PRE   #DOM:Testing  # Test group domain
				
   #BEGIN_INCLUDE
   #INCLUDE \\Localsrv\public\lmhosts       # Local domain
   #INCLUDE \\Trustedserver\public\lmhosts  # Server in Testing domain
   #END_INCLUDE
In this block inclusion, the specified LMHOSTS file is scanned under the following conditions:
  • During TCP/IP initialization, the local LMHOSTS file is scanned for #PRE commands and places all these entries in its name cache. In addition, all LMHOSTS files that the #INCLUDE command specifies are scanned.
  • When a computer name (NetBIOS name) is resolved to an IP address, the #INCLUDE file is also searched if the name cannot be found in the preloaded entries of the cache.
  • The LMHOSTS files are scanned to resolve the address of a domain controller of a domain that is not found in the preloaded cache name list.
This command makes it easy for system administrators to maintain a centrally-located master LMHOSTS file that each node has access to over the network. This method also works across subnets because of the use of UNC names and LMHOSTS mappings for these entries.

If the domain spans multiple subnets, or if the domain controller for a domain is across a router, there must be an entry in the LMHOSTS file for locating the domain controller for that server, with a #DOM prefix added (in the preceding example, Trustedserver is the domain controller for the Testing domain). Note the IP address line above the block inclusion. This line must appear before the #INCLUDE command.

In this case, the Testing domain has a trust relationship with the local domain. This is important for servers that are included in the block but that are not in the local domain.

Note that the LMHOSTS files that are located on servers that are in a trusted domain should have read privileges for the Everyone group, which includes all of the local users and the trusted domain users.

Alternate Block Inclusion (#BEGIN_ALTERNATE, #END_ALTERNATE): 
   #BEGIN_ALTERNATE
   #INCLUDE \\localsrv\public\lmhosts      # Local domain
   #INCLUDE \\Trustedserver\public\lmhosts # Server in Testing Domain
   #END_ALTERNATE
In this case, the "Alternate Include" condition is satisfied if just one of the #INCLUDEs is successful. This means that only one LMHOSTS file is scanned. The first successful #INCLUDE is the only LMHOSTS file that is read.

This is helpful in keeping multiple copies of the same file on different servers. If one of the servers is down, the LMHOSTS file from the alternate server identified in the block inclusion will be read.

Additional information, including a full description of all of these features, is available in the Windows Resource Kit.
Modification Type:MinorLast Reviewed:8/4/2005
Keywords:kbinfo kbnetwork KB314884
©2004 Microsoft Corporation. All rights reserved.