Guide To TCPIP, Second Edition

1
Guide To TCP/IP, Second Edition

• Chapter 12
• TCP/IP, NETBIOS, And WINS

2
Topics

• The history of NetBIOS
• The limitations of NetBIOS
• NetBIOS in Windows 2000/2003
• NetBIOS over TCP/IP
• How NetBIOS works
• NetBIOS names
• Registering and resolving NetBIOS names
• NBT Naming conventions
• NetBIOS name modifications for DNS name
  resolution
• WINS and DNS
• Troubleshooting

3
History Of NetBIOS

• Developed by Sytek in 1983
• Adopted by IMB and Microsoft
• Designed for small peer-to-peer networks
• NetBIOS is an Application Programming Interface
  (API)
• NetBEUI extends NetBIOS by providing a
  transmission protocol
• NetBEUI and NetBIOS were the default methods for
  Windows networking until Window NT 3.51 (prior to
  large networks)

4
NetBIOS Names

• 15 characters plus a resource type character code
• Name shared resources for local network only
• NetBIOS traffic is not routable
• NetBIOS traffic can be encapsulated in TCP
  packets for routing purposes (NBT)

5
NetBIOS Features

• Maintains a list of unique names assigned to
  network resources
• Named resources include files, services, users,
  computers, and workgroups and domains
• Default method for Windows clients to access
  shared resources
• Windows 2000 and newer networks do not need
  NetBIOS, although applications might
• NetBIOS is non-routable and chatty

6
What is NetBIOS?

• NetBIOS is a
• naming convention
• network API
• set of protocols
• Applications (Explorer, File and Print Sharing,
  Lotus Notes, Exchange, LAN Manager) call shared
  resources by their NetBIOS names through a
  provider function running in Windows Operating
  Systems

7
Why is NetBIOS Important?

• NetBIOS is the foundation of Windows peer-to-peer
  networking
• Microsoft has pledged to maintain backward
  compatibility in its newer OSes
• Windows 2000 is the first MS OS to use DNS for
  name resolution
• NetBEUI (now NBF) may need to installed to
  support older systems
• Before Active Directory NetBIOS was used to
  locate resources

8
Name Resolution Approaches

• Use DNS only Windows 2000/3/XP systems only
• Use NBF only local traffic only
• Use both TCP/IP and NetBIOS
• NetBT and NBF enabled by default on Windows 2000
  and Windows XP
• WINS integrated with DNS
• LMHOSTS

9
How Does NetBIOS Work?

• NetBIOS takes advantage of
• Simple naming
• Address handling
• Message format conventions
• NetBIOS supports
• Connectionless datagrams
• Connection-oriented session frames

10
NetBIOS Name Resolution

• Nodes send Name Registration Request packet
• Negative Name Registration Reply is returned if
  name already registered
• NetBIOS name resolution methods
• Look up names on local host using LMHOSTS, HOSTS
  files, or NetBIOS name cache
• Broadcast queries on the local subnet by node
  type
• Direct queries to WINs or DNS name servers

11
Node Types

• B-Node (Broadcast Node)
• registers and resolves using only broadcasts
• P-Node (Peer Node)
• uses local WINS server to register and resolve
  names
• M-Node (Mixed Node)
• a mixture of b and p node types
• H-Node (Hybrid Node)
• uses p-node method first then b-node
• Enhanced B-Node
• uses NetBIOS name cache, then the LMHOSTS file,
  then b-node

12
NetBIOS Name Cache and LMHOSTS File

• NetBIOS name cache
• Temporary file that resides in memory
• Maps NetBIOS names to IP addresses
• LMHOSTS file
• Plain text file
• Lists NetBIOS name to IP addresses
• Edit with plain text editor
• Located in ltwindows rootgt\system32\drivers\etc

13
WINS Name Registration And Resolution

• WINS
• Microsoft NetBIOS name server software
• Dynamic database of NetBIOS names and IP
  addresses
• Send unicasts
• Windows 2000 and Windows XP utilize up to 11
  secondary WINS servers

14
DNS And HOSTS File

• HOSTS file lists IP name and IP address pairs
• Some applications or clients attempt to resolve
  names with the HOSTS file
• UNIX and Linux name resolution order
• Local host
• HOSTS file
• DNS
• NetBIOS

15
NetBIOS Over TCP/IP

• NetBIOS had to accommodate TCP/IPs conventions
• NetBIOS scope identifier was added
• A process was developed to make NetBIOS names and
  commands transportableand translatableover a
  TCP/IP connection

16
NetBIOS Modifications for DNS Name Resolution

• A usable host name from a NetBIOS name is needed
• An encoded NetBIOS name then is converted to a
  Fully Qualified Domain Name
• Domain portion of the name had to be added
• NetBIOS scope identifier not compatible with
  todays domain names

17
WINS

• How WINS works
• Registers NetBIOS names and IP addresses
• Can be configured to return the IP address
  associated with a resource name

18
Different WINS Configurations

• Three different WINS topologies
• Single WINS server
• WINS server with WINS proxy
• WINS server with WINS proxy and replicated WINS
  services

19
WINS Proxy

• WINS proxy
• WINS client attempts to resolve any b-node
  broadcasts on its own network segment by querying
  the WINS server(s) configured for it
• WINS proxy can resolve the name using WINS, or
  the local NetBIOS name cache
• WINS proxy will not attempt to register names

20
WINS Replication

• WINS replication
• Multiple WINS servers must be installed on
  multiple subnets
• Name resolution information can be transferred
  between servers using push/pull replication
• The most recent information resides on a RR with
  the highest version number

21
Integrating WINS With DNS

• An MS DNS
• can be configured to resolve NetBIOS names in the
  primary or zone root domain
• cannot resolve NetBIOS names that are not direct
  children of the zone root or primary DNS domain
• Options for Integrating WINS with DNS
• Delegate each subdomain as its own Start of
  Authority (SOA) with its own zone root DNS
• Create a special domain just for NetBIOS clients

22
Configuring DNS to Use WINS

• Use either the DSN console or Edit the Registry
• Entered the WINS server as an RR in the MS DNS
  database
• Schematic view of RR
• owner class WINS LOCAL Lltvaluegt Cltvaluegt
  ltwins_addressgt

23
Reverse DNS Lookup Using WINS

• Configure WINS-R for MS DNS servers in the
  reverse lookup zone root
• WINS-R information is entered as an RR in the MS
  DNS servers database
• owner class WINS-R LOCAL Lltvaluegt Cltvaluegt
  ltdomain_to_appendgt

24
Troubleshooting Tools

• NBTSTAT
• WINS and DNS Consoles
• SNMP for WINS
• Packet Analyzers

25
Typical Errors

• Misconfiguration of end nodes due to user error
• Incorrect network logon due to user error
• Wrong node type due to user error or
  misconfigured DHCP
• Timeouts set too low to allow for network latency
• Unwanted traffic due to misconfiguration of end
  nodes and/or servers, or client/server topology

26
Typical Errors Continued

• Malicious errors (intrusion, node masquerading,
  forced name releases)
• Unusual numbers of forced name releases due to
  incorrect end node shutdown
• Bogged-down servers due to incorrect
  configuration or topology
• Security flaws in NetBIOS

27
Chapter Summary

• NetBIOS the original Windows approach to
  networking
• NetBIOS is still virtually indispensable in the
  Windows environment
• NetBIOS and NetBEUI (NBF) use a flat namespace
  and are nonroutable
• NetBIOS must be bound to a routable network
  protocol such as TCP/IP (NetBT or NBT) to be used
  across network boundaries

28
Chapter Summary (cont.)

• A NetBIOS name resolution
• look it up in a locally held list
• ask the server (WINS, DNS, or Samba)
• ask the whole local network segment (broadcast)
• For a small network with static addresses and
  stable names, a list works well
• For small single segment networks, broadcast name
  resolution may work well
• On larger multi-segment networks, broadcasts do
  not work for sharing
• Resolution via a name server is the only solution
  for multi-segment larger networks

29
Chapter Summary (cont.)

• WINS is the Windows NetBIOS Name Server.
• Microsoft's version of DNS can use WINS to
  resolve NetBIOS names
• NetBIOS and WINS are typically used in a
  mixed-network environment
• Pre-Windows 2000 machines use NetBIOS name
  resolution to communicate with other computers
  and to browse for and identify services

30
Chapter Summary (cont.)

• Even in an exclusive Windows 2000/XP environment,
  NetBIOS and WINS might be needed for Network
  Browser, LAN Manager, Exchange, Systems
  Management Server (SMS), or Lotus Notes to use
  NetBIOS datagram and session services, as well as
  name services
• Windows networking clients can be configured to
  use one of four basic regimes of name
  registration and resolution
• WINS servers are like DNS servers designed to
  serve only the NetBIOS namespace

31
Chapter Summary (cont.)

• When Microsofts own DNS servers are configured
  to query WINS to resolve NetBIOS names, they
  begin to combine the best of both worlds
• MS DNS can only resolve NetBIOS names for the
  zone root