CHAPTER 9

IMPLEMENTATION WINDOWS INTERNET NAME

SERVICE (WINS)

Although Microsoft Windows Internet Name Service (WINS) servers are not needed to a

networking consisting entirely of Microsoft Windows 2000-based computers, they are crucial

in most Transmission Control Protocol/Internet Protocol (TCP/IP) networks containing

computers based on the older architectures of Windows NT 4.0, Windows 98, or Windows 95.

Lesson 1: Introduction to WINS

WINS provides a distributed database for registering and querying dynamic mappings of

NetBIOS names for computers and groups used on your network. WINS maps NetBIOS

names to IP addresses and was designed to solve the problems arising from NetBIOS name

resolution in routed environments. WINS is the best choice for NetBIOS name resolution in

routed networks that use NetBIOS over TCP/IP.

Name Resolution with NetBIOS

NetBIOS was developed for IBM in 1982 by Sytek Corporation to allow applications to

communicate over a network. NetBIOS defines two entities:

A session-level interface
A session management/data transport protocol

The NetBIOS interface is a presentation-layer application programming interface (API) for user

applications to submit network input/output (I/O) and control directives to underlying network

protocols.

Net BIOS provides commands and support for the following services:

Network name registration and verification
Session establishment and termination
Reliable connection-oriented session data transfer
Unreliable connectionless datagram data transfer
Support protocol (driver) and adapter monitoring and management

=====================================================================

wininf9.html PAGE 2 2002/03/29

NetBIOS Names

A NetBIOS name is a unique 16-byte address used to identify a NetBIOS resource on the

network. This name is either a unique (exclusive) or group (nonexclusive) name.

Group names are used to send information to multiple computers at one time. An example,

of a process that uses a NetBIOS name is the File and Printer Sharing for Microsoft Networks

service on a computer running Windows 2000. The exact name used by the service is the

15-character computer name plus a 16th character of 0X20. If the computer name is not

15 characters long, it is padded with spaces up to 15 characters.

NetBIOS name resolution is the process of mapping a computer’s NetBIOS name to an IP

address. A computer’s NetBIOS name must be resolved to an IP address before the IP address

can be resolved to a hardware address.

Microsoft TCP/IP uses several methods to resolve NetBIOS names; however, the exact

mechanism by which NetBIOS names are resolved to IP addresses depends on the NetBIOS

node type that is configured for the node.

Computers running Windows 2000 are B-node by default and become H-node when they are

configured with a WINS server. Windows 2000 can also use a local database file called

LMHOSTS to resolve remote NetBIOS names. The LMHOSTS file is stored in the

%systemroot%\System32\Drivers\Etc folder.

IN CLASSROOM NOTES:

WINS eliminates broadcasts by using NetBIOS names.
WINS has backward compatibility.
LMHOST file why do you put remote not local hosts. It omits broadcasts and will pick up

the remote host. Ignore the local ones, so specify remote in the LMHOSTS file.

#preloads, put them at the end of the LMHOSTS file, use the default LMHOSTS file

already on the system.

WINS links between clients, sent to name resolution sent directly to WINS server.
WINS and DNS taking over! DNS can be disabled in the binding order.
NetBT is NetBIOS over TCP/IP legacy operating systems!
WINS servers, multiple server for each scope! WINS works great internally but not on the Internet!
WIN Server on H-node.

=====================================================================

wininf9.html PAGE 3 2002/03/29

WINS must shut down properly, you will hold onto them as offline. You can manually

deregister the database. If you do not log on properly , it keeps the same IP address.

WINS try to give you the same one at the same time. (IP address)
Tombstone File – is like a dead file, keeps things for 30 days. DHCP and dynamic,

tombstone if it is stagnant too!

Page 213, WINS Server, 1500/name resolution/hr4500 name resolution/minute.
It dies at 10,000 if you have/minute. WINS server/1000 clients 2000 clients.
Your server should not be configured as a DHCP.
WINS does not worry about the date.
\\instructor9 -- Testmaster more help on subnetting.
WINS is best choice for NetBIOS name resolution in routed networks that use NetBIOS over

TCP/IP.

That is why in My Network Places/Local Area Connection/Properties/ TCP/IP/Properties/Advanced

/WINS tab you will see (enable NetBIOS over TCP/IP) and (disable NetBIOS over TCP/IP).

If you are using WINS you must “enable NetBIOS over TCP/IP

The LMHOSTS File

The LMHOSTS file is a static ASCII file used to resolve NetBIOS names to IP addresses of remote

computers running Windows NT and other NetBIOS-based hosts.

*** See the predefined keywords on page 203 ***

WINS Overview

WINS eliminates the need for broadcasts to resolve computer names to IP addresses and provides

a dynamic database that maintains mappings of computer names to IP addresses. WINS is an

enhanced NetBIOS name server (NBNS) designed by Microsoft to eliminate broadcast traffic

associated with the B-node implementation of NetBT.

The primary advantage of WINS is that client requests for computer name resolution are sent

directly to a WINS server. If the WINS server can resolve the name, it sends the IP address

directly to the client.

=====================================================================

wininf9.html PAGE 4 2002/03/29

WINS and Windows 2000

Prior to Windows 2000, all MS-DOS and Windows-based operating systems required the

NetBIOS naming interface to support network capabilities. With the release of Windows 2000,

support for the NetBIOS naming interface is no longer required for networking computers because

you can disable NetBT for each network connection.

Another example is an environment consisting of host computers and programs that support the

use of DNS that could be built to run using Windows 2000 and other operating systems not

requiring NetBIOS names, such as some versions of UNIX. However, most networks still

need to integrate legacy operating systems that require NetBIOS network names with computers

running Windows 2000. For this reason, Microsoft has continued to provide default support for

NetBIOS names with Windows 2000 to ease interoperability with legacy operating systems that

require their use. This support is provided mainly in two ways:

By default, all computers running Windows 2000 that use TCP/IP are enabled to provide client-

side support for registering and resolving NetBIOS names.

This support is provided through NetBT and can, if desired, be manually disabled.

Windows 2000 Server continues to provide server-side support through WINS. WINS can

be used to effectively manage NetBT-based networks.

Lesson Summary:

Some applications and previous versions of Windows use NetBIOS names to identify network

resources.

WINS is an enhanced NBNS designed by Microsoft to eliminate broadcast traffic associated

with the B-node implementation of NetBT.

Lesson 2: The WINS Resolution Process

Wins uses standard methods of name registration, name renewal, and name release.

=====================================================================

wininf9.html PAGE 5 2002/03/29

Resolving NetBIOS Names with WINS

When a client needs to contact another host on the network, it first contacts the WINS server

to resolve the IP address using mapping information from the database of the server. The

relational database engine of the WINS server accesses an indexed sequential access method

(ISAM) database.

The process WINS uses to resolve and maintain NetBIOS names is similar to the B-node

implementation. The method used to renew a name is unique to NetBIOS node types that

use a NetBIOS name server. WINS is an extension of RFCs 1001 and 1002.

Name Registration

Each WINS client is configured with the IP address of a primary WINS server and optionally,

a secondary WINS server. When a client starts, it registers its NetBIOS name and IP address

with the configured WINS server.

Name Renewal

All BetBIOIS names are registered on a temporary basis, which means that the same name can

be used later by a different host if the original owner stops using it.

Name Release

Each WINS client is responsible for maintaining the lease on its registered name. When the

name will no longer be used, such as when the computer is shut down, the WINS client sends

a message to the WINS server to release it.

Name Query and Name Resolution

After a WINS client has registered its NetBIOS name and IP address with a WINS server,

it can communicate with other hosts by obtaining the IP address of other NetBIOS-based

computers from a WINS server. All WINS communications are done using datagrams over

UDP port 137 (NBNS).

=====================================================================

wininf9.html PAGE 6 2002/03/29

Name Registration

Unlike the B-node implementation of NetBT, which broadcasts its name registration, WINS

clients register their NetBIOS names with WINS servers.

If the WINS server is available and the name is not already registered by another WINS client,

a successful registration message is returned to the client. This message contains the amount of

time the NetBIOS name is registered to the client as a TTL or time to live.

When a Duplicate Name is Found

If there is a duplicate name registered in the WINS database, the WINS server sends a challenge

to the currently registered owner of the name.

If the registered computer is a multihomed computer, the WINS server tries each IP address it

has for the computer until it receives a response or until all or the IP addresses has been tried.

When the WINS Server is unavailable

A WINS client will make three attempts to find the primary WINS server. If it fails after the

third attempt, the name registration request is sent to the secondary WINS server, if configured.

Name Renewal

To continue using the same NetBIOS name, a client must renew its lease before it expires. If a

client does not renew the lease, the WINS server makes it available for another WINS client.

=====================================================================

wininf9.html PAGE 7 2002/03/29

Name Refresh Request

WINS clients must renew their name registrations before the renewal interval expires. When a

WINS client refreshes its name, it performs the following steps:

When a client has consumed 1/8^TH renewal interval, it sends a name refresh request

to the primary WINS server.

If its name is not refreshed by the Primary WINS server, the WINS client tries to

refresh again in 10 minutes and continues repeatedly every 10 minutes for a total of 1 hour.

If it is not refreshed by the secondary WINS server, the WINS client tries to refresh its

name again using the secondary WINS server in 10 minutes, then tries in 10 minute

intervals for up to an hour.

If the WINS client succeeds in refreshing its name, the renewal interval is reset on the WINS

server.

5. If the WINS client fails to register during the renewal interval on either the primary or

secondary WINS server, the name is released.

Name Release

When a WINS client is properly shut down, it sends a name release request directly to the

WINS server for each registered name.

When the WINS server receives the name release request, it checks it database for the

specified name. If the WINS server encounters a database error or if a different IP address

maps the registered name, it sends a negative name release to the WINS client. The name

release response contains the released NetBIOS name and a TTL value of zero.

Name Query and Name Response

A common method of resolving NetBIOS names to IP addresses is with an NBNS, such as

WINS. When a WINS client is configured, by default, the H-node type of NetBT is used.

When a user initiates a Windows NT command, such as net use, the NetBIOS name cache is

checked for the NetBIOS name/IP address mapping of the destination host.

If the name is not resolved from cache, a name query request is sent directly to the client’s

primary WINS server.

If no WINS server can resolve the name, a name query response is send back to the WINS

client with the message “Requested name does not exits,” and broadcast is implemented.

=====================================================================

wininf9.html PAGE 8 2002/03/29

Lesson Summary:

WINS uses standard name registration, name renewal, and name release methods.

To continue using the same NetBIOS name, a client must renew its lease before it expires.

When a WINS client is shut down, it notifies the WINS server that is no longer needs its

NetBIOS name.

Lesson 3: Implementing WINS

For networks with servers running Windows 2000 Server and all other computers running

Windows 2000 Professional, NetBIOS is no longer required for TCP/IP-based networking.

When to Use WINS

When deciding whether you need to use WINS, you should first consider the following questions:

Do I have any legacy computers or applications on my network that require the use of NetBIOS

names?

Remember that all networked computers that run under any previously released Microsoft

operating system, such as versions of MS-DOS, Windows, or Windows NT, require NetBIOS

name support. Windows 2000 is the first Microsoft operating system that no longer requires

NetBIOS naming. Therefore, NetBIOS names can still be required on your network to provide

basic file and print services and support for many legacy applications used.

Are all computers on my network configured and able to support the use of another type of

network naming, such as DNS?

Network naming is still a vital service for locating computers and resources throughout your

network, even when NetBIOS names are not required. Before you decide to eliminate

WINS or NetBIOS name support, be sure that all computers and programs on your

network are able to function using another naming service, such as DNS.

=====================================================================

wininf9.html PAGE 9 2002/03/29

Is my network a single subnet or routed with multiple subnets?

If your entire network is a small local area network (LAN) that occupies one physical network

segment and has less than 50 clients, you can probably do without a WINS server.

Considerations for WINS Servers

Before you implement WINS in an internetwork, consider the number of WINS server you

will need. Two WINS servers ensure a backup system for fault tolerance. You should

also consider the following:

There is not built-in limit to the number of WINS requests that can be handled by a WINS

server, but typically it can handle 1500 name registrations and about 4500 name queries/minute.

One WINS server and a backup server for every 10,000 WINS clients.

Computers with multiple processors have demonstrated performance improvements of

approximately 25% for each additional processor, as a separate WINS thread is started

for each processor.

If logging of database changes is turned off, name resolution is much faster.

WINS Requirements

Before you install WINS, you should determine that your server and clients meet the

configuration requirements. The WINS service must be configured on at least one computer

within the TCP/IP internetwork running Windows NT Server or Windows 2000 Server

(it does not have to be a domain controller).

The Server must have an IP address
Subnet mask,
Default Gateway
And, other TCP/IP parameters. These parameters are assigned by a DHCP server, but
statically assigned parameters are recommended.

=====================================================================

wininf9.html PAGE 10 2002/03/29

A WINS client can be a computer running any of the following supported operating systems:

Windows 2000
Windows NT 3.5 and later
Windows 95 or Windows 98
Windows for Workgroups 3.11 running Microsoft TCP/IP-32
Microsoft Network Client 3.0 for MS-DOS
LAN Manager 2.2c for MS-DOS

The client must have an IP address of a WINS server configured for a primary WINS server

or for primary and secondary WINS servers.

Using Static mappings

Mapped name-to-address entries can be added to WINS in either of two ways:

Dynamically, by WINS-enabled clients directly contacting a WINS server to register, release,

or renew their NetBIOS names in the server database.

Manually, by an administrator using the WINS console or command-line tools to add or delete

statically mapped entries in the server database.

Troubleshooting WINS

The following conditions can indicate basic problems with WINS:

Administrator cannot connect to a WINS server using the WINS console.

(stop and restart the services).

TCP/IP NetBIOS Helper service on the WINS client is down and cannot be restarted.
WINS service is not running and cannot be restarted.
If the WINS server does not respond to a direct ping, the source of the problem is likely to be

a network connectivity problem between the client and the WINS server.

The most common WINS server problem is the inability to resolve names for clients. When a

server fails to resolve a name for its clients, the failure most often is discovered by clients in one

of two ways:

=====================================================================

wininf9.html PAGE 11 2002/03/29

The server sends a negative query response back to the client, such as an error message

indicating “Name not found”.

The server sends a positive response back to the client, but the information contained in the

response is incorrect.

Managing and Monitoring WINS

The WINS console is fully integrated with the Microsoft Management Console (MMC), a

powerful and more user-friendly environment you can customize for your efficiency.

Lesson Summary:

To implement WINS, both the server and client require configuration.

Configuring a static mapping for non-WINS clients allows WINS clients on remote networks

to communicate with them.

When troubleshooting WINS, the first action you should take is to verify that the appropriate

services are running.

Lesson 4: Configuring WINS Replication

All WINS servers on an internetwork can be configured to fully replicate database entries

with other WINS servers. This ensures that a name registered with one WINS server is

eventually replicated to all other WINS servers.

Replication Overview

Database replication occurs whenever the database changes, including when a name is

released. Replicating databases enables a WINS server to resolve NetBIOS names of

hosts registered with another WINS server.

To replicate database entries, each WINS server must be configured as either a pull or

push partner with at lease one other WINS server. A push partner is a WINS server that

sends a message to its pull partners notifying them when its WINS database has changed.

When a WINS server’s pull partners respond to the message with a replication request, the

WINS server sends a copy of its new database entries (replicas) to its pull partners.

NOTE: WINS servers replicate only new entries in their database. The entire WINS

database is not replicated each time replication occurs.

=====================================================================

wininf9.html PAGE 12 2002/03/29

Configuring a WINS Server as a Push or Pull Partner

Determining whether to configure a WINS server as a pull or push depends on your

network environment.

Push. When servers are connected by fast links, because push replication occurs when the

configured number of updated WINS database entries is reached.

Pull. Between sites, especially across slow links, because pull replication can be configured

to occur at specific intervals.

Push/Pull. Configure each server to be both a push and pull partner to replicate database

entries between them.

NOTE: You configure a WINS server as a push or pull partner with the WINS

administration tool.

In both Sydney and Seattle, all WINS servers at each site push their new database entries

to a single server at their site.

The servers that receive the push replication are configured for pull replication between

each other because the network link between Sydney and Seattle is relatively slow.

Replication should occur when the link is the lease used, such as late at night.

WINS Automatic Replication Partners

If your network supports multicasting, the WINS server can be configured to automatically

find other WINS servers on the network by multicasting to the IP address 224.0.1.24.

This multicasting occurs by default every 40 minutes. The routers must support this, and

hey must be set up in the registry.

Backing up the WINS Database

The WINS console provides backup tools so that you can back up and restore the WINS

database. When WINS backs up the server database, it creates a \Wins_bak\New folder

under the backup folder you have specified as the Default backup path in Server Properties.

Actual backups of the WINS database (WINS.MDB) are stored in this folder. By default,

the backup path is the root folder on your system partition, such as C:\. After you specify a

backup folder for the database, WINS performs complete database backup every three

hours using the specified folder.

IMPORTANT: Do not specify a network drive as the backup location. In addition, if you

change the WINS backup or database path in server properties, perform new backups to

ensure successful future restorations of the WINS database. This is the only way for the

active WINS database to be backed up, because the database is locked open while the

WINS server is running.

=====================================================================

wininf9.html PAGE 13 2002/03/29

Lesson Summary:

All of the WINS servers on a given network can be configured to communicate with each

other so that a name registered with one WINS server will eventually be known by all

WINS servers.

CLASSROOM NOTES: *** IMPORTANT ***

Why do we use a DHCP on the other side of the router.

DHCP uses a relay agent to go past the router client subnet A will not go past router.

*** BROADCASTS DO NOT GO PAST ROUTERS ****

WINS

WINS proxy is similar to a DHCP relay agent for DHCP.
Push/pull replication between 2 sites and 2 WINS
You can control the replication traffic.
Use a static entry and put in non-wins or reserve address with the DHCP.
Regedit at the run command

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Paramenters

“enable proxy = 1 (hexadecimal)

DO NOT CHANGE JUST VIEW SETTINGS.

IP filter is used to ensure that only people who are supposed to dial in are using this service.

Protocol is based on applications used.

Dial-in can be controlled.

PPTP and L2TP prevents being hacked into.

P294. RAS goes to DHCP grabs bank of 10 addresses.

IAS is 2000 version of RADIUS.

RADIUS is used for user authentications

4As, Authentication, accounting, auditing and authorization.