Solved

Name Resolution

Posted on 2003-12-08
25
1,575 Views
Last Modified: 2010-04-11
Will WINS work for name resolution of clients across a WAN?  Anything special to set up?

I've got about 6 sites that can't contact hosts by name, and we are currently using commercial DNS servers and I'm not authorized to add our own.  Just wondering if WINS would work for this.  Also, how resource intensive is it?  ~ 600 clients.
0
Comment
Question by:mynamebecory2
  • 6
  • 6
  • 5
  • +4
25 Comments
 
LVL 9

Expert Comment

by:drev001
Comment Utility
WINS will work fine for NETBIOS name resolution. Bear in mind that Windows 2000 and above depend heavily on DNS so if you're using AD over the link you'll need to do something with DNS.
0
 
LVL 12

Expert Comment

by:Scotty_cisco
Comment Utility
Don't know if I agree with drev001 NetBios is not routable and unless your WAN is bridged will not cross most routers.  There is a selection for NetBios over TCP is this enabled?  I would just use DNS and call it good it creates less headaches like this one.


Thanks
Scott
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Scotty -

NetBEUI isn't routable.
NetBIOS over IP is.  That's why Microsoft made the WINS kludge.

Some routers DO block the NetBIOS over IP unless you specify to allow it.
0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
Wrong Scotty,  You may be thinking of Netbuei which is not routable.     Netbios can be run over IPX or IP and can be used to communicate between subnets.    

To setup WINS across subnets, you need to have a server running the WINS service on each subnet.   Within WINS you setup a replication for PUSH and Pull depending on the number of sites, WAN link speed, number of hosts, etc....this is really up to you.    Each WINS Server would find each other via IP, so as long as you can ping back and forth, your WINS servers will replicate to each other and the whole WAN can resolve netbios names.   As long as the routers are set to pass ports 135 and 139, you should be good.  



0
 
LVL 9

Expert Comment

by:drev001
Comment Utility
I know NetBIOS broadcasts don't cross subnets, that's the whole idea of using WINS. DNS will be no use if the questioner's using NT4 anyway. Also, for functions like network browsing, NT4 trust relationships etc., netbios name resolution is essential.

 
0
 
LVL 12

Expert Comment

by:Scotty_cisco
Comment Utility
Ok OK I am talking native Netbios which is not routable if you read my coments you will see where I said this
>There is a selection for NetBios over TCP is this enabled<  
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Just for reference..

How Browsing a Wide Area Network Works:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q117633&

0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
And I forgot to include this link...

NetBIOS over TCP/IP Name Resolution and WINS
http://support.microsoft.com/default.aspx?scid=kb;EN-US;119493
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Scotty -

You are mixing protocols with transports here.  That's why we got confused and corrected you.

NetBEUI is the native, non-routable transport for NetBIOS.
NetBIOS can run on IP and on IPX as well, both of which are routable.
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
600 clients, they won't let you add dns...
golly

you could kludge it quickly by setting up a policy to have them import an lmhosts file from a central location
until you can make a case for DNS
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Yeah.  Are you on an NT base or a Win2K base or something else for your authentication and file/print?

If you are on NT, then WINS will be a good answer.  If I remember correctly, you can have WINS synchronization traffic scheduled to minimize the impact.  Each site's WINS server will synchronize its name resolution database with all of the others, so you only have to worry about the rare occasion when a new unit is added, where you might want to force a WINS update if it is important for ppl to access it across the WAN.

If you are on Win2K, and there is any thought at all of making use of Active Directory, then you must do some research so you can write up a proposal making the case for in-house DNS.  Active Directory REQUIRES Dynamic DNS, and prefers the DNS to be provided on the Win2K platform.  It can work with some versions of BIND, but it likes its own...

The quick LMHOSTS option would work, but I don't know that it would be all THAT quick (since you'd have to accurately populate an LMHOSTS file with all ~600 devices, and then keep it up-to-date) and pushing for in-house DNS would help because you could essentially let it populate and replicate itself.   WINS will work that way, too, but that is old technology.

If you are on another network platform, let us know.  There are always ways to make things work... ;)
0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
Or OSes are AIX4.3, NT, RHAT Valhalla, and Win2k.  We have a commercial DNS.  This is the first environment I've worked in with a commercial DNS, the reason I was thinking WINS, was to avoid any problem that may be caused by adding an Internal DNS server (by problem I mean having to change our primary and secondary DNS Server on clients to another server)
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
It would require changing the DNS servers the clients are using, but if you're using DHCP this is trivial.
If you're not... golly

another group policy - grab regfind from the resource kit and:
REM New DNS servers year-mo-da
regfind -p HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\parameters "Old DNS IP" -r "New DNS IP"







       
 
 
0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
We are getting way off subject.  DNS isn't a possiblity.  Believe me, I wish it was, cause I'd be done.  So is WINS a solution?
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
WINS is only a solution for Windows systems and potentially the RHAT with Samba, but not your other systems.

LMHOSTS is only for Windows systems.

Hosts files are almost universal, used by NT/Win2k/XP, RHAT, and AIX

If you have a client PC at a remote site that needs to access an AIX server by name, about your only solution is a hosts file on the client PC.

Even though you can make manual entries to the WINS database, I'm not sure you can add an entry for a non-Netbios system such as AIX...


0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
You'll need to setup a wins server in every subnet as a start

0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
Ok, now we have 6 remote sites and then our main site.  Our main site I have a data warehouse with dual 1ghz procs we are about to retire, I was planning on using this for here (~400 clients)  My remote sites have anywhere from 3 to 100 users.  What kind of hardware do you think I'll need?  Could I put it on the same server that is for DHCP relay?
0
 
LVL 35

Accepted Solution

by:
ShineOn earned 50 total points
Comment Utility
WINS will ONLY work in a Lanman-type environment.  You have a multiplatform, heterogeneous enviromment with one definite in common - they all use IP.  WINS is Windows-specific.

All devices that you want to make "viewable" via a WINS-type name resolution scheme requires each device to respond to the WINS server in each subnet with a NetBIOS name and an address, meaning that SMB (Server Message Block) must be enabled and configured for all of your platforms.

How are your diverse platforms interconnected?  Is it with straight IP, as I suspect?  Are emulation programs being used?  Are your AIX and Linux boxes running Samba?

Your best solution may very well NOT be WINS, because only a Windows server can be a WINS server, AFAIK.  I woudn't thing you would want access to your AIX server to be dependent on whether or not your Win2K or WinNT server is available.

I must say that I don't fully understand why hosting your own DNS for your private LAN is out of the question.  That is how you resolve names in a multi-platform, IP-based network.  It is the *standard* for IP name resolution.  WINS is merely a kludge on top of IP to allow IP to carry NetBIOS information rather than having NetBIOS only carried on the non-routable NetBEUI.  It is NOT a "standard" but rather a proprietary-to-Windows workaround to enable NetBIOS name resolution to occur on an IP network.

Do the people that are saying "no" understand, and I MEAN do they UNDERSTAND how names are resolved in a heterogeneous, standards-based IP network?  Do they further understand that having your own DNS server does NOT mean that you are hosting DNS entries for the Internet, or that your private DNS name-resolution does NOT automatically grant access to all devices on your private network from anywhere on the Intertet?  Do they realize that they are asking the impossible (or at least unlikely) in expecting name-to-address resolution without DNS in a heterogeneous IP-based  environment?  Do they understand that having your own DNS server(s) for name resolution within your LAN and WAN is NOT a security concern, but rather is necessary to getting the functionality they want?

You COULD set up a massive HOSTS file, and then copy it to all of your servers and workstations, and keep doing that all over again any time a device's name or address changes.    I would walk straight out the door and keep on walking if I were told I had to do that just because the person or persons making this decision is ignorant of the facts and demand I provide them with an administrative nightmare.

I do not see how WINS can help you since you are NOT running an all-Windows environment.
0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
The reason I was thinking WINS is just so we could get Client name resolution for support, so we dont have to have a user check there IP addy everytime.  We are straight IP, no emulation, and Samba is being run from our linux boxes but not on AIX.  AIX is accessed via a hardcoded IP address in the software package we use (which was written in 1982).

No, they don't understand any of that.  And they lack the ability to understand it, its rather frustrating.

You do not know how many times I've said something similiar:
-Do they understand that having your own DNS server(s) for name resolution within your LAN and WAN is NOT a security concern, but rather is necessary to getting the functionality they want?
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
perhaps you should approach the situation in a more structured manner with management

prepare a brief:
problem statment
potential solution A - cost - efficacy - risk - extensibility (the value as it relates to you future plans)
potential solution B ...etc.
work-arounds (distributing host files - link/reference pages/cheatsheets)

Wins and DNS are similar in risk (null)
They are similar in function but WINS is specific to an environment which is not inclusive of your resources.
Good DNS practice is 2 resolvers in different subnets (cost)
Good WINS practice is one resolver in every subnet.
WINS is a depricated technology.
DNS is standard practice and forward looking (AD)

See if you can make a case with a quantitave analysis of implementation costs.

0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Good post, chicagoan.  I like your style :)
0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
Hey guys.  I won.
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
but you don't control the points!
BTW: ditto!
0
 
LVL 1

Author Comment

by:mynamebecory2
Comment Utility
No, I mean that I got them to let me do DNS.  (IT Director that is)  Isn't it funny when you get so administrative that you get out of touch with technology?  I explained to her that I'd just put a forwarder to our ISPs DNS server or we could BUY (magic word that changes minds) a server to set WINS up at each site.
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Congrats!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
MOVING OFFICE / SERVER 22 71
DNS A record 4 19
Extending  a subnet 9 34
W 10 Workstation can't join Win 2012 domain 12 23
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now