Training
Find Training
Manage My Learning
Training Options
Browse by Subject
Guide My Training
Certifications
Certification Overview
Browse by Subject
Browse by Name
Find an Exam
Prepare for an Exam
Register for an Exam
Books
Books Overview
New and Upcoming
Find Books
Where to Buy
Special Offers
What's New
Community
Learning Community
Member Sites
Worldwide Sites
Help and Support




 
ALS Microsoft® Windows® 2000 Network Infrastructure Administration
Author Microsoft Corporation
Pages 576
Disk N/A
Level Beg/Int
Published 12/13/2000
ISBN 9780735609891
 

More Information

About the Book
Table of Contents
Sample Chapter
Index
Related Series
Related Books
About the Author

Support: Book & CD

 

 

Chapter 9: Implementing Windows Internet Name Service (WINS)

Implementing Windows Internet Name Service (WINS)

About This Chapter

Although Microsoft Windows Internet Name Service (WINS) servers are not needed in a network consisting entirely of Microsoft Windows 2000-based computers, they are crucial in most Transmission Control Protocol/Internet Protocol (TCP/IP) networks containing computers based on the older architectures of Windows NT 4.0, Windows 98, or Windows 95. In this chapter, you will learn how to implement WINS on your network.

Before You Begin

To complete this chapter, you must have

  • Installed Windows 2000 Server with TCP/IP

Lesson 1: Introduction to WINS

WINS provides a distributed database for registering and querying dynamic mappings of NetBIOS names for computers and groups used on your network. WINS maps NetBIOS names to IP addresses and was designed to solve the problems arising from NetBIOS name resolution in routed environments. WINS is the best choice for NetBIOS name resolution in routed networks that use NetBIOS over TCP/IP.

After this lesson, you will be able to

  • Describe the relationship between NetBIOS and TCP/IP

  • Describe the advantage of using WINS

  • Describe a new Windows 2000 feature relating to NetBIOS

Estimated lesson time: 15 minutes

Name Resolution with NetBIOS

This section explains NetBIOS name resolution concepts and methods to help you better understand WINS functionality. This is because previous versions of Windows, such as Windows NT 4.0, and some Windows-based applications use NetBIOS names to identify network resources.

Overview of NetBIOS

NetBIOS was developed for IBM in 1983 by Sytek Corporation to allow applications to communicate over a network. As illustrated in Figure 9.1, NetBIOS defines two entities:

  • A session-level interface

  • A session management/data transport protocol

Click to view graphic

Figure 9.1 NetBIOS communication over TCP/IP

The NetBIOS interface is a presentation-layer application programming interface (API) for user applications to submit network input/output (I/O) and control directives to underlying network protocols. An application program that uses the NetBIOS interface API for network communication can be run on any protocol that supports the NetBIOS interface. This is implemented by the session layer software, such as NetBIOS Frame Protocol (NBFP) or NetBIOS over TCP/IP (NetBT), to perform the network I/O required to accommodate the NetBIOS interface command set.

NetBIOS provides commands and support for the following services:

  • Network name registration and verification

  • Session establishment and termination

  • Reliable connection-oriented session data transfer

  • Unreliable connectionless datagram data transfer

  • Support protocol (driver) and adapter monitoring and management

NetBIOS Names

A NetBIOS name is a unique 16-byte address used to identify a NetBIOS resource on the network. This name is either a unique (exclusive) or group (nonexclusive) name. Unique names are typically used to send network communication to a specific process on a computer. Group names are used to send information to multiple computers at one time. An example of a process that uses a NetBIOS name is the File and Printer Sharing for Microsoft Networks service on a computer running Windows 2000. When your computer starts up, this service registers a unique NetBIOS name based on the name of your computer. The exact name used by the service is the 15-character computer name plus a 16th character of 0x20. If the computer name is not 15 characters long, it is padded with spaces up to 15 characters.

NetBIOS name resolution is the process of mapping a computer';s NetBIOS name to an IP address. A computer';s NetBIOS name must be resolved to an IP address before the IP address can be resolved to a hardware address. Microsoft TCP/IP uses several methods to resolve NetBIOS names; however, the exact mechanism by which NetBIOS names are resolved to IP addresses depends on the NetBIOS node type that is configured for the node. Request for Comments (RFC) 1001, "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and Methods," defines the NetBIOS node types, as listed in Table 9.1.

Table 9.1 NetBIOS Node Types

Node TypeDescription
B-node (broadcast)B-node uses broadcast NetBIOS name queries for name registration and resolution. B-node has two major problems: (1) Broadcasts disturb every node on the network. (2) Routers typically do not forward broadcasts, so only NetBIOS names on the local network can be resolved.
P-node (peer_peer) P-node uses a NetBIOS name server, such as a WINS server, to resolve NetBIOS names. P-node does not use broadcasts; instead, it queries the name server directly.
M-node (mixed)M-node is a combination of B-node and P-node. By default, an M-node functions as a B-node. If an M-node is unable to resolve a name by broadcast, it queries a NetBIOS name server using P-node.
H-node (hybrid)H-node is a combination of P-node and B-node. By default, an H-node functions as a P-node. If an H-node is unable to resolve a name through the NetBIOS name server, it uses a broadcast to resolve the name.

Computers running Windows 2000 are B-node by default and become H-node when they are configured with a WINS server. Windows 2000 can also use a local database file called LMHOSTS to resolve remote NetBIOS names. The LMHOSTS file is stored in the %systemroot%\System32\Drivers\Etc folder. A sample LMHOSTS file (LMHOSTS.SAM) is included in this directory.

The LMHOSTS File

The LMHOSTS file is a static ASCII file used to resolve NetBIOS names to IP addresses of remote computers running Windows NT and other NetBIOS-based hosts.

Figure 9.2 shows an example of the LMHOSTS file.

Click to view graphic
Click to view graphic

Figure 9.2 The LMHOSTS file

Predefined Keywords

An LMHOSTS file also contains predefined keywords that are prefixed with a #. If you use this LMHOSTS file on an older NetBT system such as LAN Manager, these directives are ignored as comments because they begin with a number sign (#). Table 9.2 lists the possible LMHOSTS keywords.

Table 9.2 LMHOSTS Keywords

Predefined Keyword Description
#PREDefines which entries should be initially preloaded as permanent entries in the name cache. Preloaded entries reduce network broadcasts, because names are resolved from cache rather than from broadcast or by parsing the LMHOSTS file. Entries with a #PRE tag are loaded automatically at initiali- zation or manually by typingnbtstat _Rat a command prompt
#DOM:[domain_name]Facilitates domain activity, such as logon validation over a router, account synchronization, and browsing.
#NOFNRAvoids using NetBIOS-directed name queries for older LAN Manager UNIX systems.
#BEGIN_ALTERNATE #END_ALTERNATEDefines a redundant list of alternate locations for LMHOSTS files. The recommended way to #INCLUDE remote files is using a Universal Naming Convention (UNC) path, to ensure access to the file. Of course, the UNC names must exist in the LMHOSTS file with a proper IP address to NetBIOS name translation
#INCLUDELoads and searches NetBIOS entries in a separate file from the default LMHOSTS file. Typically, an #INCLUDE file is a centrally located shared LMHOST file.
#MHAdds multiple entries for a multihomed computer.

WINS Overview

WINS eliminates the need for broadcasts to resolve computer names to IP addresses and provides a dynamic database that maintains mappings of computer names to IP addresses. WINS is an enhanced NetBIOS name server (NBNS) designed by Microsoft to eliminate broadcast traffic associated with the B-node implementation of NetBT. It is used to register NetBIOS computer names and resolve them to IP addresses for both local and remote hosts.

There are several advantages of using WINS. The primary advantage is that client requests for computer name resolution are sent directly to a WINS server. If the WINS server can resolve the name, it sends the IP address directly to the client. As a result, a broadcast is not needed and network traffic is reduced. However, if the WINS server is unavailable, the WINS client can still use a broadcast in an attempt to resolve the name. Another advantage of using WINS is that the WINS database is updated dynamically, so it is always current. This eliminates the need for an LMHOSTS file. In addition, WINS provides network and interdomain browsing capabilities.

Before two NetBIOS-based hosts can communicate, the destination NetBIOS name must be resolved to an IP address. This is necessary because TCP/IP requires an IP address rather than a NetBIOS computer name to communicate. As illustrated in Figure 9.3, resolution uses the following process:

  1. In a WINS environment, each time a WINS client starts, it registers its NetBIOS name/IP address mapping with a configured WINS server.

  2. When a WINS client initiates a command to communicate with another host, the name query request is sent directly to the WINS server instead of being broadcast on the local network.

  3. If the WINS server finds a NetBIOS name/IP address mapping for the destination host in this database, it returns the destination host';s IP address to the WINS client. Because the WINS database obtains NetBIOS name/IP address mappings dynamically, it is always current.

Click to view graphic

Figure 9.3 Name resolution with WINS

WINS and Windows 2000

Prior to Windows 2000, all MS-DOS and Windows-based operating systems required the NetBIOS naming interface to support network capabilities. With the release of Windows 2000, support for the NetBIOS naming interface is no longer required for networking computers because you can disable NetBT for each network connection. This feature is intended for computers that only use Domain Name System (DNS) name registration and resolution techniques, and communicate by using the Client for Microsoft Networks and the File and Print Sharing for Microsoft Networks components with other computers where NetBT is disabled. Examples of disabling NetBT include computers in specialized or secured roles for your network, such as an edge proxy server or bastion host in a firewall environment, where NetBT support is not required or desired.

Another example is an environment consisting of host computers and programs that support the use of the DNS that could be built to run using Windows 2000 and other operating systems not requiring NetBIOS names, such as some versions of UNIX. However, most networks still need to integrate legacy operating systems that require NetBIOS network names with computers running Windows 2000. For this reason, Microsoft has continued to provide default support for NetBIOS names with Windows 2000 to ease interoperability with legacy operating systems that require their use. This support is provided mainly in two ways:

  • By default, all computers running Windows 2000 that use TCP/IP are enabled to provide client-side support for registering and resolving NetBIOS names.

This support is provided through NetBT and can, if desired, be manually disabled.

  • Windows 2000 Server continues to provide server-side support through WINS. WINS can be used to effectively manage NetBT-based networks.

Lesson Summary

Some applications and previous versions of Windows use NetBIOS names to identify network resources. WINS is an enhanced NBNS designed by Microsoft to eliminate broadcast traffic associated with the B-node implementation of NetBT. There are several advantages to using WINS. The primary advantage is that broadcast traffic is reduced because requests for name resolution are sent directly to the WINS server.

Lesson 2: The WINS Resolution Process

WINS uses standard methods of name registration, name renewal, and name release. This lesson introduces the different phases used to resolve a NetBIOS name to an IP address using WINS.

After this lesson, you will be able to

  • Describe WINS name registration, renewal, release, query, and response.

Estimated lesson time: 25 minutes

Resolving NetBIOS Names with WINS

When a client needs to contact another host on the network, it first contacts the WINS server to resolve the IP address using mapping information from the database of the server. The relational database engine of the WINS server accesses an indexed sequential access method (ISAM) database. The ISAM database is a replicated database that contains NetBIOS computer names and IP address mappings. For a WINS client to log on to the network, it must register its computer name and IP address with the WINS server. This creates an entry in the WINS database for every NetBIOS service running on the client. Because these entries are updated each time a WINS-enabled client logs on to the network, information stored in the WINS server database remains accurate.

The process WINS uses to resolve and maintain NetBIOS names is similar to the B-node implementation. The method used to renew a name is unique to NetBIOS node types that use a NetBIOS name server. WINS is an extension of RFCs 1001 and 1002. Figure 9.4 shows the process of resolving a NetBIOS name.

Name Registration

Each WINS client is configured with the IP address of a primary WINS server and optionally, a secondary WINS server. When a client starts, it registers its NetBIOS name and IP address with the configured WINS server. The WINS server stores the client';s NetBIOS name/IP address mapping in its database.

Name Renewal

All NetBIOS names are registered on a temporary basis, which means that the same name can be used later by a different host if the original owner stops using it.

Name Release

Each WINS client is responsible for maintaining the lease on its registered name. When the name will no longer be used, such as when the computer is shut down, the WINS client sends a message to the WINS server to release it.

Name Query and Name Resolution

After a WINS client has registered its NetBIOS name and IP address with a WINS server, it can communicate with other hosts by obtaining the IP address of other NetBIOS-based computers from a WINS server. All WINS communications are done using directed datagrams over UDP port 137 (NBNS).

Click to view graphic

Figure 9.4 Name resolution between clients and a WINS server

Name Registration

Unlike the B-node implementation of NetBT, which broadcasts its name registration, WINS clients register their NetBIOS names with WINS servers.

When a WINS client initializes, it registers its NetBIOS name by sending a name registration request directly to the configured WINS server. NetBIOS names are registered when services or applications start, such as the Workstation, Server, and Messenger.

If the WINS server is available and the name is not already registered by another WINS client, a successful registration message is returned to the client. This message contains the amount of time the NetBIOS name is registered to the client, specified as the Time to Live (TTL). Figure 9.5 shows the name registration process.

Click to view graphic

Figure 9.5 Name registration process

When a Duplicate Name Is Found

If there is a duplicate name registered in the WINS database, the WINS server sends a challenge to the currently registered owner of the name. The challenge is sent as a name query request. The WINS server sends the challenge three times at 500-millisecond intervals.

If the registered computer is a multihomed computer, the WINS server tries each IP address it has for the computer until it receives a response or until all of the IP addresses have been tried.

If the current registered owner responds successfully to the WINS server, the WINS server sends a negative name registration response to the WINS client that is attempting to register the name. If the current registered owner does not respond to the WINS server, the WINS server sends a successful name registration response to the WINS client that is attempting to register the name.

When the WINS Server Is Unavailable

A WINS client will make three attempts to find the primary WINS server. If it fails after the third attempt, the name registration request is sent to the secondary WINS server, if configured. If neither server is available, the WINS client may initiate a broadcast to register its name.

Name Renewal

To continue using the same NetBIOS name, a client must renew its lease before it expires. If a client does not renew the lease, the WINS server makes it available for another WINS client.

Name Refresh Request

WINS clients must renew their name registrations before the renewal interval expires. The renewal interval determines how long the server stores the name registration as an active record in the WINS database. When a WINS client renews its name registration, it sends a name refresh request to the WINS server. The name refresh request includes the IP address and the NetBIOS name that the client seeks to refresh. The WINS server responds to the name refresh request with a name refresh response that includes a new renewal interval for the name. When a WINS client refreshes its name, it performs the following steps:

  1. When a client has consumed half of its renewal interval, it sends a name refresh request to the primary WINS server.

  2. If its name is not refreshed by the primary WINS server, the WINS client tries to refresh again in 10 minutes and continues to try the primary WINS server repeatedly every 10 minutes for a total of 1 hour. The WINS client, after trying to refresh its name registration with the primary WINS server for 1 hour, stops trying and attempts to refresh its name with the secondary WINS server.

  3. If it is not refreshed by the secondary WINS server, the WINS client tries to refresh its name again using the secondary WINS server in 10 minutes and continues to try every 10 minutes for a total of 1 hour. The WINS client, after trying to refresh on the secondary WINS server for 1 hour, stops trying and tries to refresh using the primary WINS server. This process of trying the primary WINS server and then the secondary WINS server continues until the renewal interval is consumed or the WINS client has its name refreshed.

  4. If the WINS client succeeds in refreshing its name, the renewal interval is reset on the WINS server.

  5. If the WINS client fails to register during the renewal interval on either the primary or secondary WINS server, the name is released.

Figure 9.6 shows how a WINS client renews its lease to use the same NetBIOS name.

Click to view graphic

Figure 9.6 Renewing a lease using the same NetBIOS name

When a WINS server receives the name refresh request, it sends the client a name refresh response with a new TTL.

Name Release

When a WINS client is properly shut down, it sends a name release request directly to the WINS server for each registered name. The name release request includes the client';s IP address and the NetBIOS name to be removed from the WINS database. This allows the name to be available for another client, as illustrated in Figure 9.7.

When the WINS server receives the name release request, it checks its database for the specified name. If the WINS server encounters a database error or if a different IP address maps the registered name, it sends a negative name release to the WINS client. Otherwise, the WINS server sends a positive name release and designates the specified name as inactive in its database. The name release response contains the released NetBIOS name and a TTL value of zero.

Click to view graphic

Figure 9.7 Name release request

Name Query and Name Response

A common method of resolving NetBIOS names to IP addresses is with an NBNS, such as WINS. When a WINS client is configured, by default, the H-node type of NetBT is used. The NBNS is always checked for a NetBIOS name/IP address mapping before initiating a broadcast. The following steps and illustration in Figure 9.8 demonstrate the process:

  1. When a user initiates a Windows NT command, such as net use, the NetBIOS name cache is checked for the NetBIOS name/IP address mapping of the destination host.

  2. If the name is not resolved from cache, a name query request is sent directly to the client';s primary WINS server.

    3. If the primary WINS server is unavailable, the client resends the request two more times before switching to the secondary WINS server.

    When either WINS server resolves the name, a success message with the IP address for the requested NetBIOS name is sent to the source host.

  3. If no WINS server can resolve the name, a name query response is sent back to the WINS client with the message "Requested name does not exist," and broadcast is implemented.

If the name is not resolved from cache by a WINS server or broadcast, the name may still be resolved by parsing the LMHOSTS or Hosts file, or by using DNS.

Click to view graphic

Figure 9.8 NetBIOS name server checked for NetBIOS name/IP address mapping

Lesson Summary

WINS uses standard name registration, name renewal, and name release methods. To continue using the same NetBIOS name, a client must renew its lease before it expires. When a WINS client is shut down, it notifies the WINS server that it no longer needs its NetBIOS name.

Next



Top of Page


Last Updated: Friday, July 6, 2001