Guide to TCP/IP, Third Edition : Guide to TCP/IP, Third Edition Chapter 12:
TCP/IP, NetBIOS, and WINS
Objectives : TCP/IP, NetBIOS, and WINS 2 Objectives Discuss the history of NetBIOS
Understand what NetBIOS is and its limitations
Understand the role of NetBIOS in Windows 2000 and higher operating systems
Understand the significance of NetBIOS over TCP/IP on your network
Understand how NetBIOS works
Objectives (continued) : TCP/IP, NetBIOS, and WINS 3 Objectives (continued) Explore NetBIOS names, including structure and types
Explore the various ways of registering and resolving NetBIOS names
Understand naming conventions associated with NetBIOS over TCP/IP
Understand how NetBIOS names must change to work with DNS name resolution
Objectives (continued) : TCP/IP, NetBIOS, and WINS 4 Objectives (continued) Set up a WINS server for your network
Integrate WINS services with DNS
Troubleshoot WINS and NetBIOS errors with commonly used tools
History of NetBIOS : TCP/IP, NetBIOS, and WINS 5 History of NetBIOS NetBIOS
Developed by Sytek in 1983
Adopted by IBM and Microsoft for naming network resources on small peer-to-peer networks
Original was an Application Programming Interface (API) used to call network resources
NetBIOS Extended User Interface (NetBEUI)
Extension of NetBIOS
What is NetBIOS (and Why Do I care) : TCP/IP, NetBIOS, and WINS 6 What is NetBIOS (and Why Do I care) NetBIOS operates by
Maintaining a list of unique names assigned to network resources
Providing the services to establish, defend, and resolve these names
Carrying the needed communications between applications that make use of these network resources
How Windows 2000, Windows XP, and Windows Server 2003 Work with NetBIOS : TCP/IP, NetBIOS, and WINS 7 How Windows 2000, Windows XP, and Windows Server 2003 Work with NetBIOS Windows 2000
First Microsoft operating system to use DNS
When upgrading servers to Windows 2000 Server or Windows Server 2003
Determine if you will still need to support NetBIOS names on your network
If uncertain if your network requires NetBIOS support
You can use the WINS performance monitor counter
NetBIOS and TCP/IP : TCP/IP, NetBIOS, and WINS 8 NetBIOS and TCP/IP Using DNS Only
Preferred form of networking in an all-Windows 2000 and/or Windows XP environment
Direct hosting of the (SMB) protocol
Using NBF Only
To deliberately restrict resource sharing only to the local network segment
Bind Windows File and Print Sharing to NBF, but not to TCP/IP
Combining TCP/IP and NetBIOS : TCP/IP, NetBIOS, and WINS 9 Combining TCP/IP and NetBIOS NetBT or NBT
NetBIOS over TCP/IP
NetBIOS names
Can be resolved by any of several combinations of methods
Default configuration for Windows 2000 and Windows XP machines
Have both NetBT and NBF enabled
Slide 10 : TCP/IP, NetBIOS, and WINS 10
How Does NetBIOS Work? : TCP/IP, NetBIOS, and WINS 11 How Does NetBIOS Work? NetBIOS
Takes advantage of simple naming, address handling, and message formatting conventions
Supports connectionless datagrams as well as connection-oriented session frames
Supports simple name registration and challenge mechanisms
NetBIOS Traffic : TCP/IP, NetBIOS, and WINS 12 NetBIOS Traffic Consists of NetBIOS frames of one of two types
Datagrams or session frames
NetBIOS sessions
Used in situations that require a reliable connection
When NetBIOS is run over TCP/IP as NetBT
Datagrams are carried in UDP packets and session frames are carried in TCP packets
How Does NetBIOS Work? : TCP/IP, NetBIOS, and WINS 13 How Does NetBIOS Work? Registering and Challenging NetBIOS Names
Registration
Process of asserting that a name exists and belongs to a particular computer, user, process, or group
Categories of name resolution methods
Look up in a list of names on the local machine
Broadcast queries on the local subnet
Direct queries to name servers
Other NetBIOS Services : TCP/IP, NetBIOS, and WINS 14 Other NetBIOS Services Name services
The most important NetBIOS services
NetBIOS datagram and session services
Used by applications such as Applications such as the Network Browser, LAN Manager
Slide 15 : TCP/IP, NetBIOS, and WINS 15
NetBIOS Names : TCP/IP, NetBIOS, and WINS 16 NetBIOS Names Based on
User name during logon
Information configured for the specific computer in the Network applet in Control Panel
NetBIOS names are of two general types
Unique names and group names
Unique names
Resolve to a single address
Structure of NetBIOS Names : TCP/IP, NetBIOS, and WINS 17 Structure of NetBIOS Names Group names
May resolve to multiple addresses
NetBIOS names
16 characters long, divided into two parts
First 15 characters are the name itself
Last character is a code describing the class of resource to which the name belongs
Slide 18 : TCP/IP, NetBIOS, and WINS 18
Slide 19 : TCP/IP, NetBIOS, and WINS 19
NetBIOS Scope Identifier : TCP/IP, NetBIOS, and WINS 20 NetBIOS Scope Identifier NetBIOS
Provides the NetBIOS scope identifier
Scope identifier
Adds a character string to end of the name, separated from rest of name by a period (.)
NetBIOS scope
Identifies a logical community of network hosts
DHCP scope
Identifies a range of IP addresses that a DHCP server can assign to clients
NetBIOS Name Registration and Resolution : TCP/IP, NetBIOS, and WINS 21 NetBIOS Name Registration and Resolution NetBIOS names are registered and resolved using
Node type
NetBIOS name cache and the LMHOSTS file
WINS servers configured as NetBIOS Name Servers
DNS and the HOSTS file
Name Resolution Regimes by Node Type : TCP/IP, NetBIOS, and WINS 22 Name Resolution Regimes by Node Type Four basic types of NetBIOS nodes
Broadcast node (b-node)
Peer node (p-node)
Mixed node (m-node)
Hybrid node (h-node)
NetBIOS Name Cache and LMHOSTS File : TCP/IP, NetBIOS, and WINS 23 NetBIOS Name Cache and LMHOSTS File NetBIOS name cache
Temporary file that resides in memory, pairing NetBIOS names and IP addresses
Names in the NetBIOS name cache
Times out after 10 minutes, by default
LMHOSTS file
Plain text file that resides in the \system32\drivers\etc directory
WINS Name Registration and Resolution : TCP/IP, NetBIOS, and WINS 24 WINS Name Registration and Resolution WINS servers
NetBIOS Name Servers that set up and maintain database of NetBIOS names and their associated IP addresses
Do not participate in broadcast or b-node name registration and resolution
WINS servers
Support a special name registration regime called burst mode
DNS and The HOSTS File : TCP/IP, NetBIOS, and WINS 25 DNS and The HOSTS File Preferred configuration for Windows 2000 and Windows XP clients
Is to use DNS for name resolution
HOSTS file
Static list of IP name and address pairs, located in the \system32\driver\etc directory
NetBIOS Over TCP/IP : TCP/IP, NetBIOS, and WINS 26 NetBIOS Over TCP/IP To coexist with TCP/IP, NetBIOS had to accommodate TCP/IP’s conventions
NetBIOS scope identifier was added as a sort of analog of the TCP/IP domain
Set of steps created to make NetBIOS names and commands transportable over a TCP/IP connection
Slide 27 : TCP/IP, NetBIOS, and WINS 27
NetBIOS and DNS Name Resolution : TCP/IP, NetBIOS, and WINS 28 NetBIOS and DNS Name Resolution To convert NetBIOS name into name that is recognizable and routable by DNS
NetBIOS name had to become a usable host name
Domain portion of the name had to be added
Creating a Usable Host Name from a NetBIOS Name : TCP/IP, NetBIOS, and WINS 29 Creating a Usable Host Name from a NetBIOS Name NetBIOS name
Has to be restated in a way that replaces any characters not recognizable by DNS
DNS names must be printable
In the ASCII code set
None of these characters is printable
Slide 30 : TCP/IP, NetBIOS, and WINS 30
Converting an Encoded NetBIOS Name to a Fully Qualified Domain Name : TCP/IP, NetBIOS, and WINS 31 Converting an Encoded NetBIOS Name to a Fully Qualified Domain Name To convert the (translated) NetBIOS name into a fully qualified domain name (FQDN)
Domain portion of name has to be added as well
NetBIOS scope identifier
User-configurable string
Adds only one level of hierarchy
Internet domain names
Regulated and restricted
Conform to a deeper and rigorously enforced hierarchy
Slide 32 : TCP/IP, NetBIOS, and WINS 32
WINS Servers : TCP/IP, NetBIOS, and WINS 33 WINS Servers WINS
A server service
Runs under Windows NT Server, Windows 2000 Server, or Windows Server 2003
WINS server
Registers NetBIOS names and IP addresses
Can be configured to return the IP address associated with a resource name or
The NetBIOS names associated with an IP address
Different WINS Configurations : TCP/IP, NetBIOS, and WINS 34 Different WINS Configurations WINS servers
Can be deployed in several different ways to meet the needs of different networks
Netsh command-line tool in Windows Server 2003
Helpful for WINS servers over WAN links to better manage slower network connections
Different WINS Configurations (continued) : TCP/IP, NetBIOS, and WINS 35 Different WINS Configurations (continued) Administrator-level access to the WINS server allows you to
Check server statistics
Check the database and version numbers for consistency
Mark records for eventual deletion (called “tombstoning” the records)
Remove old records (scavenge the database)
WINS Proxy : TCP/IP, NetBIOS, and WINS 36 WINS Proxy WINS clients
Available for recent versions of DOS, OS/2, and all versions of Windows
Available for Linux and UNIX machines running Samba
You can configure any Windows 2000, Windows Server 2003, or Windows XP computer to
Be a WINS proxy by setting the Enable Proxy parameter in the Registry to 1
Slide 37 : TCP/IP, NetBIOS, and WINS 37
Integrating WINS and DNS : TCP/IP, NetBIOS, and WINS 38 Integrating WINS and DNS The Microsoft DNS server implementation (MS DNS)
Can be configured to use WINS to resolve NetBIOS names in the primary or root zone domain
MS DNS
Cannot resolve NetBIOS names that are not direct children of the zone root or primary DNS domain
Slide 39 : TCP/IP, NetBIOS, and WINS 39
Slide 40 : TCP/IP, NetBIOS, and WINS 40
Reverse DNS Lookup for NetBIOS Names : TCP/IP, NetBIOS, and WINS 41 Reverse DNS Lookup for NetBIOS Names MS DNS servers in the in-addr.arpa domain
Provide reverse lookup
MS DNS servers in the reverse look-up zone root
Can be configured to use WINS-R to find NetBIOS resources associated with an IP address
WINS server
Uses a NetBIOS Adapter Status Query to find the name(s) associated with a given IP address
Windows Server 2003 WINS Improvements : TCP/IP, NetBIOS, and WINS 42 Windows Server 2003 WINS Improvements Two improvements in WINS have been added to Windows Server 2003
Filtering records
Accepting replication partners
With improved filtering and search functions
You locate records by showing only the records fitting the criteria you specify
Troubleshooting WINS and NetBIOS : TCP/IP, NetBIOS, and WINS 43 Troubleshooting WINS and NetBIOS Errors in Windows name resolution fall into two broad categories
Outright failure
Degradation of service
Accumulation of several instances of degradation
Seldom leads to outright failure of the service
NBTSTAT : TCP/IP, NetBIOS, and WINS 44 NBTSTAT Command-line program that returns statistics on NetBIOS
A fast way to check the status of a particular NetBIOS host, or
Get a quick snapshot of NetBIOS name resolution activity on the local network segment
WINS and DNS Consoles : TCP/IP, NetBIOS, and WINS 45 WINS and DNS Consoles WINS Console
Can search for active registrants by name or owner
DNS Console in Windows 2000 and Windows Server 2003
More geared to monitoring and system diagnostics than the WINS server
WINS operating parameters
Are stored in a Management Information Base (MIB)
Typical Errors in NetBIOS and WINS : TCP/IP, NetBIOS, and WINS 46 Typical Errors in NetBIOS and WINS Misconfiguration of end nodes due to user error
Incorrect network logon due to user error
Wrong node type due to user error or misconfigured DHCP
Timeouts set too low to allow for network latency
Unwanted traffic due to misconfiguration of end nodes and/or servers, or client/server topology
Security Flaw in NetBIOS : TCP/IP, NetBIOS, and WINS 47 Security Flaw in NetBIOS Security Bulletin MS03-034
Details flaw in NetBIOS that could result in disclosure of information from your computer
Operating systems are affected
Windows NT 4.0
Windows NT 4.0 Terminal Server Edition
Windows 2000
Windows XP
Windows Server 2003
Summary : TCP/IP, NetBIOS, and WINS 48 Summary NetBIOS
Native Windows approach to networking
NetBIOS and NetBEUI (NBF)
Use a flat namespace and are inherently non-routable
NetBIOS name can be resolved in three ways
Look it up in a locally held list
Ask the server (WINS, DNS, or Samba), or
Ask the whole local network segment
Summary (continued) : TCP/IP, NetBIOS, and WINS 49 Summary (continued) NetBIOS and WINS services
Typically used in a mixed-network environment
Windows networking clients or end nodes
Can be configured to use one of four basic regimes of name registration and resolution
WINS servers
Are like DNS servers designed to serve only the NetBIOS namespace