DNS, NETBIOS, DHCP and WINS

[Guest]

I am new to networking, although i am helping administer a network and would
like someone to explain the following to me:

I believe the following to be an accurate picture of Windows networks.

NETBIOS - Is the Name of the PC e.g. (PC1)

DNS resolves the IP address of the PC against a pc's name, therefore if i
ping PC1 it will return reply from PC1 and give me its IP address.

Reverse DNS resolves the IP address of a PC to the NETBIOS/DNS name,
therefore if i ping 10.1.1.1 it will return the name of the PC e.g. PC1.

WINS resolves the name of the PC for older pc's like Win NT and Windows 98
as DNS was not in play or DNS has since taken over WINS duites

DHCP assigns an available IP address to a PC which logs onto the network,
provided the pc has "obtain an IP address automatially" in its network TCP/IP
options.

Question 1 - Why not just do away with WINS as 98/NT have DNS options in
their network TCP/IP properties. Why did we need WINS?

Question 2 - On an NT/98 PC do i need to insert a DNS server address in
TCP/IP properties box if i have those PC's WINS server properties in netowrk
TP/IP pointing to the WINS server?

Quesrion 3 - Why is there an option saying use NETBIOS over TCP/IP in
network card properties?

Question 4 - Why do we require reverse DNS?

Question 5 - If the name of the PC sits on the DNS server do we still use
NETBIOS

Any help assistance greatly appreciated

 

[Amy L.]

NETBIOS - Is the Name of the PC e.g. (PC1)

Correct.

DNS resolves the IP address of the PC against a pc's name, therefore if i
ping PC1 it will return reply from PC1 and give me its IP address.

Yes and No. What you describe can also be considered netbios name
resolution. Simply put DNS resolution contains many facuets. One of those
are name to ip address resolution. Also, the DNS name does NOT have to be
the PC's name.

Reverse DNS resolves the IP address of a PC to the NETBIOS/DNS name,
therefore if i ping 10.1.1.1 it will return the name of the PC e.g. PC1.

Yes and no. Again yes DNS can resolve an IP address to a host name, but
that doesnt necessarily mean its the NETBIOS name of the PC.

WINS resolves the name of the PC for older pc's like Win NT and Windows 98
as DNS was not in play or DNS has since taken over WINS duites Yes.

DHCP assigns an available IP address to a PC which logs onto the network,
provided the pc has "obtain an IP address automatially" in its network TCP/IP
options.

DHCP will assign an IP address to a machine that requests one. The machine
does not have to be logged on to the network.

Question 1 - Why not just do away with WINS as 98/NT have DNS options in
their network TCP/IP properties. Why did we need WINS?

Because applications wrote a long time ago depended on NETBIOS name
resolution. When you have a fully XP/2000+ network with no legacy apps WINS
is not needed.

Question 2 - On an NT/98 PC do i need to insert a DNS server address in
TCP/IP properties box if i have those PC's WINS server properties in netowrk
TP/IP pointing to the WINS server?

Because you still need Internet name resolution. How else would you get to
google.com.

Quesrion 3 - Why is there an option saying use NETBIOS over TCP/IP in
network card properties?

To give you the option of NETBIOS over TCP/IP. I beleive a long time ago
Netbios resolution worked hand in hand with a protocol called netbeui.

Question 4 - Why do we require reverse DNS?

Most of the time its used for validation - for example if I connect to you
and say I am xxxx.yyyyy.com and I am coming from 1.1.1.1 you might want to
verify that 1.1.1.1 is xxxx.yyyyy.com.

Question 5 - If the name of the PC sits on the DNS server do we still use
NETBIOS

Depends on if you need Netbios support.

Hope this helps.
Amy.

 

[Steven L Umbach]

There are two types of computer names in the Windows world - netbios "flat"
names and dns "host" names. Netbios names are single words such as
computer1. Host names are computers that are a member of a domain as in
computer1.mydomain.corp. Now usually the netbios name of a computer in a
Windows domain is the first name in the FQDN.

Before Windows 2000 all the Windows operating systems used the netbios names
to locate computers in the Windows domain. Windows 200o still usually does
in a workgroup. However in an Active Directory domain, all W2K/XP Pro/W2003
domain computers always try to resolve a computer name using host name/dns
name resolution first. If a computer is referred to by it's netbios name,
the W2K domain computer will append the domain name to the computer name and
send it off to the dns server for name resolution. If that fails it will
still try netbios name resolution asking first the wins server [if used]
and then if that fails it will resort to broadcasting. Hosts and lmhosts
files can also be used in the name resolution process.

NT4.0/W9X computers will only use netbios name resolution for a netbios
name. They will however use host name/dns if they receive a FQDN that has a
period in it [as all FQDN do] such as for a website. However in an AD domain
NT4.0/W9X computers still refer to all Windows computers by their netbios
names including domain controllers which is why wins is needed for those
computers. Wins is used to dynamically register netbios names of wins
clients and make them available to wins clients for netbios name resolution
rather that broadcasting. Wins also is used by W2K/XP Pro computers in
network browsing [My Network Places] , so they can benefit from wins also
and it is necessary for browsing the network across subnets including VPN.

To answer your questions.

1. You can not do away with wins for W9X as they still need it to find
computers on the network via netbios name resolution, including domain
controllers. If you look in the wins database you will see many different
records to help wins clients not only resolve netbios computer names but
locate records for domain controllers and master browsers. While W2K/XP
Pro/W2003 computers can locate domain controllers via dns, W9X computers are
not capable of reading the _srv records that are used to locate them.

2. You should also configure W9X computers with a dns server so they can
resolve FQDN such as websites.

3. Netbios over tcp/ip is necessary for netbios name resolution. If you do
not want to use it for some reason you can disable it. Usually this is done
on W2K/XP Pro/W2003 computers that have no need to use netbios name
resolution and are using strictly dns and port 445 for file and print
sharing.

4. Reverse dns is used to resolve IP addresses to domain names. This can be
for convenience or security in some cases to help determine more information
about an IP address possibly in case a user is trying to bypass a domain
name/url restriction by using IP address instead of name.

5. Again netbios name resolution is needed for W9X/NT4.0 computers anytime
they are referring to a computer by their netbios name rather than FQDN.

Steve

 

[John Wunderlich]

I am new to networking, although i am helping administer a network
and would like someone to explain the following to me:

I believe the following to be an accurate picture of Windows
networks.

NETBIOS - Is the Name of the PC e.g. (PC1)

NetBIOS is a protocol used to communicate between two Microsoft
Networking devices. It is Microsoft's equivalent to a TCP/IP which is
also a protocol. NetBIOS can work without TCP/IP installed on a small
local network.
NetBIOS cannot work through routers whereas TCP/IP can.
NetBT is NetBIOS-over-TCP/IP which uses TCP/IP to allow NetBIOS to work
through routers. For this to work through routers, a WINS server (or
a complete LMHOSTS file) is required.
You do not need NetBIOS or NetBT to do anything you normally do on the
internet (you need TCP/IP instead).
NetBIOS or NetBT is needed to do Microsoft Network File and Printer
Sharing and not much else.

DNS resolves the IP address of the PC against a pc's name,
therefore if i ping PC1 it will return reply from PC1 and give me
its IP address.

DNS will give you the IP address of a machine given its TCP/IP domain
name (not necessarily the same as the PC's name). With some network
configurations of Windows, if a name can't be found in the DNS, then it
will look for it in WINS before giving up. Therefore, sometimes
pinging to a NetBios name will work even though "ping" is a technically
a TCP/IP function.

Reverse DNS resolves the IP address of a PC to the NETBIOS/DNS
name, therefore if i ping 10.1.1.1 it will return the name of the
PC e.g. PC1.

No. DNS only works with TCP/IP. WINS only works with NetBIOS/NetBT.
Reverse DNS will give you the TCP/IP domain name of a machine given its
numeric TCP/IP address.

WINS resolves the name of the PC for older pc's like Win NT and
Windows 98 as DNS was not in play or DNS has since taken over WINS
duites

Given the NetBT (Windows) name of a machine, WINS will return the IP
address necessary to communicate with that machine. It is not limited
to Win98 or NT. It works for all current versions of Windows and is
most useful for finding what machines are out there.

DHCP assigns an available IP address to a PC which logs onto the
network, provided the pc has "obtain an IP address automatially"
in its network TCP/IP options.
Yes.

Question 1 - Why not just do away with WINS as 98/NT have DNS
options in their network TCP/IP properties. Why did we need WINS?

DNS will return a single address given its TCP/IP Domain name. It will
not answer the question "What computers are out there?" which WINS will
do. Your "Network Neighborhood" will not exist beyond your subnet
unless WINS is active.

Question 2 - On an NT/98 PC do i need to insert a DNS server
address in TCP/IP properties box if i have those PC's WINS server
properties in netowrk TP/IP pointing to the WINS server?

WINS will find properly configured machines that use NetBT protocol.
Your network can work fine without DNS servers as long as you only
want to use Microsoft Networking and don't care to connect to the
internet. If you want to go out to the internet and connect to
Yahoo.com, WINS won't help you here. You will need DNS for this.

Quesrion 3 - Why is there an option saying use NETBIOS over TCP/IP
in network card properties?

Because in some situations, the NetBIOS-over-TCP/IP protocol is not
needed and poses a security risk. Allowing NetBT on a single machine
connected to the internet (without a firewall) opens ports to your
shares and printers that you might not want exposed to the internet at
large.

Question 4 - Why do we require reverse DNS?

It is not required per se. It does help authenticate who you are
connecting to on the internet given only a raw numeric TCP/IP address.
There are many scams that persuade you to click on a link that claims
to be, say, a bank -- and you can't tell by looking at the numeric IP
address in the link who you are *really* connecting to. Reverse DNS
can tell you if that IP address belongs to you bank or not.

Question 5 - If the name of the PC sits on the DNS server do we
still use NETBIOS

Once again, your PC name registers with WINS and your TCP/IP Domain
name registers with DNS (not necessarily the same name). Your TCP/IP
Domain name is usually fixed by your ISP wheras your computer name can
be assigned by you. Some Dynamic DNS servers allow your computer host
name to self-register with the DNS -- but with a ISP-assigned domain
name suffix following it.

HTH,
John

 

[Guest]

Thanks for the replies, i asked a question in here a couple of days ago and
was wondering if any of you could possibly put your minds to it and see what
i am missing.

Problem i posted was as follows:

N'work was ok until today when we had to reboot the WINS srvr

Domain running NT & 2K servers only

We have a total of 18 srvs over multiple sites

10 srvs at HQ, including the DHCP, PDC

1 srv at each remote location (either NT or 2k srvs, which are used as BDC's
or trusts, not quite sure to be honest)

Since we rebooted the WINS srv, NT pc's at HQ have a problem accessing a
(Finance) 2k srv at a remote location.

Finance usrs at HQ want to save files to the finance srv. However, after the
reboot on the WINS srv they can no longer access the Finance srvr, though
they can see it in network n'hood.

Prob Description
-- -- --

When logged in as Dom ADMIN or a dom user on the problem NT PC's.

Users still have their mapped drives to N:\Finance and the mapped drives are
still mapping when you look under my computer but mapped drives are not
accessible by anyone including Domain Admins when they dbl click and try to
open N:\Finance

(Domain Admin gets the following dialog box
Login with the following credentials and a username and passowrd box pops up)

(Dom usrs get Access denied dialog box)

I can't access the Finance srv from N'work N'hood either, though i can see
it along with the rest of the PC's and srvs on the n'work.

I can ping the Finance srvr by pinging the <Servername> or the <IP Address
of the Finance srvr> when logged in as Dom ADmin or Dom Usr and get a reply

I can connect to the srvr if i use Remote desktop Console from the problem
NT Pc's

When i RDC into the srvr i can open n'work places on the srvr and see in
n'work places the name of problem NT PC's (IT F34, etc, however when i right
click the NT pc's have no DNS name)

DNS & WINS settings look ok via IPconfig, now here's the catch
When i log onto a 2k or XP pc i have no problem at all with the ITFinance srvr

I am logging in with the same usrname and pass on the XP Pc's as i was with
the NT PC's.

What could my prob be?
Any help/Adive greatly appreciated

 

[Steven L Umbach]

Thanks for the replies, i asked a question in here a couple of days ago
and
was wondering if any of you could possibly put your minds to it and see
what
i am missing.

Problem i posted was as follows:

N'work was ok until today when we had to reboot the WINS srvr

Domain running NT & 2K servers only

We have a total of 18 srvs over multiple sites

10 srvs at HQ, including the DHCP, PDC

1 srv at each remote location (either NT or 2k srvs, which are used as
BDC's
or trusts, not quite sure to be honest)

Since we rebooted the WINS srv, NT pc's at HQ have a problem accessing a
(Finance) 2k srv at a remote location.

Finance usrs at HQ want to save files to the finance srv. However, after
the
reboot on the WINS srv they can no longer access the Finance srvr, though
they can see it in network n'hood.

Prob Description
-- -- --

When logged in as Dom ADMIN or a dom user on the problem NT PC's.

Users still have their mapped drives to N:\Finance and the mapped drives
are
still mapping when you look under my computer but mapped drives are not
accessible by anyone including Domain Admins when they dbl click and try
to
open N:\Finance

(Domain Admin gets the following dialog box
Login with the following credentials and a username and passowrd box pops
up)

(Dom usrs get Access denied dialog box)

I can't access the Finance srv from N'work N'hood either, though i can see
it along with the rest of the PC's and srvs on the n'work.

I can ping the Finance srvr by pinging the <Servername> or the <IP Address
of the Finance srvr> when logged in as Dom ADmin or Dom Usr and get a
reply

I can connect to the srvr if i use Remote desktop Console from the problem
NT Pc's

When i RDC into the srvr i can open n'work places on the srvr and see in
n'work places the name of problem NT PC's (IT F34, etc, however when i
right
click the NT pc's have no DNS name)

DNS & WINS settings look ok via IPconfig, now here's the catch
When i log onto a 2k or XP pc i have no problem at all with the ITFinance
srvr

I am logging in with the same usrname and pass on the XP Pc's as i was
with
the NT PC's.

What could my prob be?
Any help/Adive greatly appreciated

 

[Steven L Umbach]

Try this from one of the NT computers - map a share to the finance server
using \\xxx.xxx.xxx.xxx\sharename where xxx.xxx.xxx.xxx is the IP address of
the finance server. If that works there is a netbios name resolution
problem. I would check the wins database to see if the finance server shows
a current wins record with correct IP address and if it does not run
nbtstat -RR on the finance server. I would do it even if a wins record does
exist and you continue to have problems. Also check to see if it has a
static IP wins record with incorrect info. Verify that the finance server is
a wins client with the correct IP address of a wins server and that it can
ping that wins server. Also verify that the domain controllers are wins
clients with correct IP address for wins server and that they are registered
in the wins database correctly. Check that the NT computers are using the
correct IP address for the wins server and that they can ping it by IP
address and name. Check tcp/ip configuration of the wins server itself with
Ipconfig /all to make sure it is correct and is a wins client to itself and
that the wins service is running. Wins servers should be using static IP
address or if DHCP client it needs to have an IP reservation so that the IP
address does not change. --- Steve