Post on 28-Dec-2015
transcript
TCP/IP, NetBIOS, and WINS 2
Objectives
• Discuss the history of NetBIOS
• Understand what NetBIOS is and its limitations
• Understand the role of NetBIOS in Windows 2000 and higher operating systems
• Understand the significance of NetBIOS over TCP/IP on your network
• Understand how NetBIOS works
TCP/IP, NetBIOS, and WINS 3
Objectives (continued)
• Explore NetBIOS names, including structure and types
• Explore the various ways of registering and resolving NetBIOS names
• Understand naming conventions associated with NetBIOS over TCP/IP
• Understand how NetBIOS names must change to work with DNS name resolution
TCP/IP, NetBIOS, and WINS 4
Objectives (continued)
• Set up a WINS server for your network
• Integrate WINS services with DNS
• Troubleshoot WINS and NetBIOS errors with commonly used tools
TCP/IP, NetBIOS, and WINS 5
History of NetBIOS
• NetBIOS – Developed by Sytek in 1983– Adopted by IBM and Microsoft for naming network
resources on small peer-to-peer networks– Original was an Application Programming Interface
(API) used to call network resources
• NetBIOS Extended User Interface (NetBEUI)– Extension of NetBIOS
TCP/IP, NetBIOS, and WINS 6
What is NetBIOS (and Why Do I care)
• NetBIOS operates by – Maintaining a list of unique names assigned to
network resources– Providing the services to establish, defend, and
resolve these names– Carrying the needed communications between
applications that make use of these network resources
TCP/IP, NetBIOS, and WINS 7
How Windows 2000, Windows XP, and Windows Server 2003 Work with
NetBIOS• Windows 2000
– First Microsoft operating system to use DNS
• When upgrading servers to Windows 2000 Server or Windows Server 2003– Determine if you will still need to support NetBIOS
names on your network
• If uncertain if your network requires NetBIOS support– You can use the WINS performance monitor counter
TCP/IP, NetBIOS, and WINS 8
NetBIOS and TCP/IP
• Using DNS Only– Preferred form of networking in an all-Windows 2000
and/or Windows XP environment• Direct hosting of the (SMB) protocol
• Using NBF Only– To deliberately restrict resource sharing only to the
local network segment• Bind Windows File and Print Sharing to NBF, but not
to TCP/IP
TCP/IP, NetBIOS, and WINS 9
Combining TCP/IP and NetBIOS
• NetBT or NBT– NetBIOS over TCP/IP
• NetBIOS names– Can be resolved by any of several combinations of
methods
• Default configuration for Windows 2000 and Windows XP machines – Have both NetBT and NBF enabled
TCP/IP, NetBIOS, and WINS 11
How Does NetBIOS Work?
• NetBIOS– Takes advantage of simple naming, address
handling, and message formatting conventions – Supports connectionless datagrams as well as
connection-oriented session frames– Supports simple name registration and challenge
mechanisms
TCP/IP, NetBIOS, and WINS 12
NetBIOS Traffic
• Consists of NetBIOS frames of one of two types – Datagrams or session frames
• NetBIOS sessions – Used in situations that require a reliable connection
• When NetBIOS is run over TCP/IP as NetBT– Datagrams are carried in UDP packets and session
frames are carried in TCP packets
TCP/IP, NetBIOS, and WINS 13
How Does NetBIOS Work?
• Registering and Challenging NetBIOS Names– Registration
• Process of asserting that a name exists and belongs to a particular computer, user, process, or group
• Categories of name resolution methods– Look up in a list of names on the local machine– Broadcast queries on the local subnet– Direct queries to name servers
TCP/IP, NetBIOS, and WINS 14
Other NetBIOS Services
• Name services– The most important NetBIOS services
• NetBIOS datagram and session services– Used by applications such as Applications such as
the Network Browser, LAN Manager
TCP/IP, NetBIOS, and WINS 16
NetBIOS Names
• Based on– User name during logon – Information configured for the specific computer in
the Network applet in Control Panel
• NetBIOS names are of two general types– Unique names and group names
• Unique names – Resolve to a single address
TCP/IP, NetBIOS, and WINS 17
Structure of NetBIOS Names
• Group names – May resolve to multiple addresses
• NetBIOS names – 16 characters long, divided into two parts– First 15 characters are the name itself– Last character is a code describing the class of
resource to which the name belongs
TCP/IP, NetBIOS, and WINS 20
NetBIOS Scope Identifier
• NetBIOS – Provides the NetBIOS scope identifier
• Scope identifier – Adds a character string to end of the name,
separated from rest of name by a period (.)
• NetBIOS scope– Identifies a logical community of network hosts
• DHCP scope– Identifies a range of IP addresses that a DHCP
server can assign to clients
TCP/IP, NetBIOS, and WINS 21
NetBIOS Name Registration and Resolution
• NetBIOS names are registered and resolved using– Node type– NetBIOS name cache and the LMHOSTS file– WINS servers configured as NetBIOS Name Servers– DNS and the HOSTS file
TCP/IP, NetBIOS, and WINS 22
Name Resolution Regimes by Node Type
• Four basic types of NetBIOS nodes– Broadcast node (b-node)– Peer node (p-node)– Mixed node (m-node)– Hybrid node (h-node)
TCP/IP, NetBIOS, and WINS 23
NetBIOS Name Cache and LMHOSTS File
• NetBIOS name cache – Temporary file that resides in memory, pairing
NetBIOS names and IP addresses
• Names in the NetBIOS name cache– Times out after 10 minutes, by default
• LMHOSTS file – Plain text file that resides in the <windows root>\
system32\drivers\etc directory
TCP/IP, NetBIOS, and WINS 24
WINS Name Registration and Resolution
• WINS servers – NetBIOS Name Servers that set up and maintain
database of NetBIOS names and their associated IP addresses
– Do not participate in broadcast or b-node name registration and resolution
• WINS servers – Support a special name registration regime called
burst mode
TCP/IP, NetBIOS, and WINS 25
DNS and The HOSTS File
• Preferred configuration for Windows 2000 and Windows XP clients– Is to use DNS for name resolution
• HOSTS file – Static list of IP name and address pairs, located in
the <windowsroot>\system32\driver\etc directory
TCP/IP, NetBIOS, and WINS 26
NetBIOS Over TCP/IP
• To coexist with TCP/IP, NetBIOS had to accommodate TCP/IP’s conventions– NetBIOS scope identifier was added as a sort of
analog of the TCP/IP domain– Set of steps created to make NetBIOS names and
commands transportable over a TCP/IP connection
TCP/IP, NetBIOS, and WINS 28
NetBIOS and DNS Name Resolution
• To convert NetBIOS name into name that is recognizable and routable by DNS– NetBIOS name had to become a usable host name– Domain portion of the name had to be added
TCP/IP, NetBIOS, and WINS 29
Creating a Usable Host Name from a NetBIOS Name
• NetBIOS name– Has to be restated in a way that replaces any
characters not recognizable by DNS
• DNS names must be printable
• In the ASCII code set– None of these characters is printable
TCP/IP, NetBIOS, and WINS 31
Converting an Encoded NetBIOS Name to a Fully Qualified Domain
Name• To convert the (translated) NetBIOS name into a
fully qualified domain name (FQDN)– Domain portion of name has to be added as well
• NetBIOS scope identifier – User-configurable string– Adds only one level of hierarchy
• Internet domain names– Regulated and restricted– Conform to a deeper and rigorously enforced
hierarchy
TCP/IP, NetBIOS, and WINS 33
WINS Servers
• WINS– A server service– Runs under Windows NT Server, Windows 2000
Server, or Windows Server 2003
• WINS server– Registers NetBIOS names and IP addresses– Can be configured to return the IP address
associated with a resource name or– The NetBIOS names associated with an IP address
TCP/IP, NetBIOS, and WINS 34
Different WINS Configurations
• WINS servers – Can be deployed in several different ways to meet
the needs of different networks
• Netsh command-line tool in Windows Server 2003 – Helpful for WINS servers over WAN links to better
manage slower network connections
TCP/IP, NetBIOS, and WINS 35
Different WINS Configurations (continued)
• Administrator-level access to the WINS server allows you to– Check server statistics– Check the database and version numbers for
consistency– Mark records for eventual deletion (called
“tombstoning” the records)– Remove old records (scavenge the database)
TCP/IP, NetBIOS, and WINS 36
WINS Proxy
• WINS clients – Available for recent versions of DOS, OS/2, and all
versions of Windows– Available for Linux and UNIX machines running
Samba
• You can configure any Windows 2000, Windows Server 2003, or Windows XP computer to– Be a WINS proxy by setting the Enable Proxy
parameter in the Registry to 1
TCP/IP, NetBIOS, and WINS 38
Integrating WINS and DNS
• The Microsoft DNS server implementation (MS DNS)– Can be configured to use WINS to resolve NetBIOS
names in the primary or root zone domain
• MS DNS – Cannot resolve NetBIOS names that are not direct
children of the zone root or primary DNS domain
TCP/IP, NetBIOS, and WINS 41
Reverse DNS Lookup for NetBIOS Names
• MS DNS servers in the in-addr.arpa domain – Provide reverse lookup
• MS DNS servers in the reverse look-up zone root – Can be configured to use WINS-R to find NetBIOS
resources associated with an IP address
• WINS server – Uses a NetBIOS Adapter Status Query to find the
name(s) associated with a given IP address
TCP/IP, NetBIOS, and WINS 42
Windows Server 2003 WINS Improvements
• Two improvements in WINS have been added to Windows Server 2003– Filtering records– Accepting replication partners
• With improved filtering and search functions– You locate records by showing only the records
fitting the criteria you specify
TCP/IP, NetBIOS, and WINS 43
Troubleshooting WINS and NetBIOS
• Errors in Windows name resolution fall into two broad categories– Outright failure – Degradation of service
• Accumulation of several instances of degradation– Seldom leads to outright failure of the service
TCP/IP, NetBIOS, and WINS 44
NBTSTAT
• Command-line program that returns statistics on NetBIOS
• A fast way to check the status of a particular NetBIOS host, or– Get a quick snapshot of NetBIOS name resolution
activity on the local network segment
TCP/IP, NetBIOS, and WINS 45
WINS and DNS Consoles
• WINS Console– Can search for active registrants by name or owner
• DNS Console in Windows 2000 and Windows Server 2003 – More geared to monitoring and system diagnostics
than the WINS server
• WINS operating parameters– Are stored in a Management Information Base (MIB)
TCP/IP, NetBIOS, and WINS 46
Typical Errors in NetBIOS and WINS
• Misconfiguration of end nodes due to user error
• Incorrect network logon due to user error
• Wrong node type due to user error or misconfigured DHCP
• Timeouts set too low to allow for network latency
• Unwanted traffic due to misconfiguration of end nodes and/or servers, or client/server topology
TCP/IP, NetBIOS, and WINS 47
Security Flaw in NetBIOS
• Security Bulletin MS03-034– Details flaw in NetBIOS that could result in
disclosure of information from your computer
• Operating systems are affected– Windows NT 4.0– Windows NT 4.0 Terminal Server Edition– Windows 2000– Windows XP– Windows Server 2003
TCP/IP, NetBIOS, and WINS 48
Summary
• NetBIOS – Native Windows approach to networking
• NetBIOS and NetBEUI (NBF) – Use a flat namespace and are inherently non-
routable
• NetBIOS name can be resolved in three ways– Look it up in a locally held list– Ask the server (WINS, DNS, or Samba), or – Ask the whole local network segment
TCP/IP, NetBIOS, and WINS 49
Summary (continued)
• NetBIOS and WINS services – Typically used in a mixed-network environment
• Windows networking clients or end nodes – Can be configured to use one of four basic regimes
of name registration and resolution
• WINS servers – Are like DNS servers designed to serve only the
NetBIOS namespace