Home > Articles

Managing Name Resolution

  • Print
  • + Share This
This chapter is from the book

Terms you'll need to understand:

U2713.GIF

Windows Internet Naming Service (WINS)

U2713.GIF

WINS Proxy Agent

U2713.GIF

LMHOSTS

U2713.GIF

Tombstoning

U2713.GIF

Persistent Connections

U2713.GIF

Push/pull partner

U2713.GIF

Hostnames

U2713.GIF

Domain name system (DNS)

U2713.GIF

Recursive and iterative queries

U2713.GIF

Primary, secondary, and stub zones

U2713.GIF

Dynamic update

U2713.GIF

Delegation

U2713.GIF

Caching-only server

U2713.GIF

Root name server

U2713.GIF

Resource records

Techniques you'll need to master:

U2713.GIF

Understanding NetBIOS name resolution methods

U2713.GIF

Installing and configuring WINS

U2713.GIF

Configuring a WINS proxy agent

U2713.GIF

Configuring replication between WINS servers

U2713.GIF

Managing and monitoring a WINS server

U2713.GIF

Installing and configuring the DNS Server service

U2713.GIF

Configuring zones

U2713.GIF

Understanding a caching-only server

U2713.GIF

Understanding DNS zone types

U2713.GIF

Managing zones and resource records

U2713.GIF

Implementing a delegated zone for DNS

U2713.GIF

Monitoring a DNS server

Each machine on a computer network is assigned a unique network address. Computers communicate with one another across networks by connecting to these network addresses. These numbers, also known as Internet Protocol (IP) addresses, consist of four groups of numbers, or octets, and can be difficult for people to remember. To solve this dilemma, a system was developed whereby people can use "friendly" names that are then translated automatically into IP addresses that computers use to locate each other and to communicate. These friendly names are called hostnames, and each machine is assigned one. Groups of these hosts form a domain. The software that translates these names to network addresses is called the Domain Name System (DNS).

Before the advent of DNS, HOSTS files were used for name resolution, but as the Internet quickly grew in size and popularity, HOSTS files became impossible to maintain and keep current. When the Internet community realized there was a need for a more manageable, scalable, and efficient name-resolution system, DNS was created. Since that time, DNS servers have been used on the Internet almost exclusively.

Before the introduction of Windows 2000, Network Basic Input/Output System (NetBIOS) names were used to identify computers, services, and other resources on Windows-based machines. In the early days of Windows networks, LMHOSTS files were used for NetBIOS name resolution. Later, these names were often resolved to IP addresses using a NetBIOS Name Server (NBNS). Microsoft's version of the NBNS was called Windows Internet Naming Service (WINS). With Windows 2000 and Windows Server 2003, hostnames are used instead of NetBIOS names. In a Windows Server 2003 domain, DNS is used to resolve hostnames and locate resources such as network services.

This chapter introduces the Windows Server 2003 implementation of WINS and DNS. You'll learn how to install and configure both name resolution services, as well as how to maintain and monitor them. Having a thorough understanding of the topics presented here is important to both the exam and on-the-job success.

Introduction to NetBIOS Name Resolution

Some clients still rely on NetBIOS names to communicate with other hosts on a network. A NetBIOS name is a 16-character name where the first 15 characters identify a unique host and the 16th character identifies a service or application running on the host such as the Workstation or Server service. Table 3.1 outlines common hexadecimal values used to identify services running on a computer.

Table 3.1. Node Types

Node Type

Description

<OOH>

Registered by the Workstation service

<1CH>

Indicates a domain name that can be used to locate domain controllers

<O6H>

Registered by a computer running Routing and Remote Access

<1BH>

Registered by each domain controller functioning as the domain master browser

<20H>

Registered by a WINS client running the Server service

<21H>

Registered by the RAS client running on a WINS client

As with domain names, NetBIOS names must be resolved to an IP address before two hosts can communicate. There are a number of different methods available for name resolution and the method employed will depend on the environment.

Name Resolution Methods

The three standard ways of resolving NetBIOS names to IP addresses are through a local broadcast, using the local cache, or by using a NetBIOS name server.

With a local broadcast, a broadcast is sent out on the network requesting the IP address of a specific host. The obvious disadvantage to this method is the increase in traffic.

All hosts maintain a local cache that can be used for name resolution. Each time a host resolves a NetBIOS name to an IP address, the record is added to the local cache and remains valid for 10 minutes. By default, all clients will check their local cache before using any of the other resolution methods available.

The third option is to use a NetBIOS name server (such as a WINS server) to resolve names to IP addresses.

In a Microsoft environment, several other methods for resolving names are also available such as DNS servers, HOSTS files, and LMHOSTS files.

Depending on the requirements of an environment, clients can be configured to use a single method for name resolution or they can use a combination of methods. The exact method a client uses to resolve NetBIOS names is determined by their node type. For example, if a client is configured as an M-Node, it will attempt to resolve a NetBIOS name by first performing a local broadcast. If this is unsuccessful, it will then try to resolve the name using a NetBIOS name server. You can check the node type a client is configured for by typing ipconfig/all at the command prompt. The node type can be changed within the local Registry. Table 3.2 summarizes the four different node types.

Table 3.2. Node Types

Node Type

Description

B-Node

A broadcast is used for NetBIOS name registration and resolution.

P-Node

A NetBIOS name server is used for name registration and resolution.

M-Node

A broadcast is attempted first for name resolution. If this method fails, a NetBIOS name server is contacted.

H-Node

A NetBIOS name server is attempted first for name resolution. If this fails a broadcast is used.

LMHOSTS Files

As already mentioned, one of the ways in which NetBIOS names can be resolved is through the use of a text file known as an LMHOSTS file. One of the benefits of using an LMHOSTS file is that entries from the file can be preloaded into the local cache to facilitate name resolution (because this is the method a client will use to resolve a NetBIOS name). So if a client cannot resolve a NetBIOS name using any of the methods described previously, it can parse the LMHOSTS file to see whether a record exists.

The LMHOSTS file can be found in the %systemroot%\system32\drivers\etc directory. When configuring records within the file, there are several directives that can be used which are outlined in Table 3.3.

Table 3.3. Predefined Directives That Can Be Used Within an LMHOSTS File

Predefined Keyword

Description

#Pre

Defines which entries within the file should be loaded into the local cache.

#DOM: domain_name

Indicates the record is for a domain controller.

#Begin_Alternate

Specifies a list of other locations for an LMHOSTS file.

#End_Alternate

#inlcude

Loads entries from a separate LMHOSTS file separate from the default file on the local computer. This option is most often used to specify a centrally located LMHOSTS file.

#MH

Adds multiple entries for a multihomed computer.

  • + Share This
  • 🔖 Save To Your Account