Microsoft KB Archive/304210

= A Description About the Use of the Windows Internet Name Service Forward Lookup Option in DNS =

PSS ID Number: 304210

Article Last Modified on 10/21/2003

-

The information in this article applies to:


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q304210



SUMMARY
This article describes the use of the WINS forward lookup option in DNS.



WINS Lookup Integration
You can use the Windows Internet Name Service (WINS) to look up DNS names that cannot be resolved by querying the DNS domain namespace. To use WINS lookup, you can use two specific resource record types that can be enabled for any zones that are loaded by the DNS service:
 * The WINS resource record that can be enabled to integrate WINS lookup into forward lookup zones.
 * The WINS-R resource record that can be enabled to integrate WINS reverse lookup for reverse lookup zones.

The WINS and DNS services are used to provide name resolution for the network basic input/output system (NetBIOS) namespace and the DNS domain namespace, respectively. Even though both DNS and WINS can provide a separate and useful name service to client computers, WINS is mainly needed to provide support for earlier clients and programs that require support for NetBIOS naming.

However, the DNS service can work with WINS to provide combined name searches in both namespaces when resolving a DNS domain name that is not found in zone information. To provide this interoperability, a new record (the WINS record) has been defined as part of the zone database file.

The WINS resource record is specific to Windows 2000 Server and earlier versions of Microsoft Windows NT Server, and can be attached only to the domain of origin for a zone. The presence of a WINS resource record can instruct the DNS service to use WINS to look up any forward queries for host names or names that are not found in the zone database. This functionality is particularly useful for the name resolution process that is needed by clients that are not WINS-aware (for example, UNIX) for the names of computers that are not registered with DNS, such as, Microsoft Windows 95-based or Microsoft Windows 98-based computers.

How WINS Lookup Works
The following example is an example of a DNS client (&quot;host-b&quot;) that queries its DNS server in an attempt to look up the address for another computer that is named &quot;host-a.example.microsoft.com&quot;:
 * 1) The client queries its preferred DNS server and the normal recursion process proceeds as the preferred DNS server queries other DNS servers in succession on behalf of the client.
 * 2) The DNS server for the &quot;example.microsoft.com&quot; zone is located by means of the previous chain of referral answers. At this point in the process, the server that is contacted is a Windows DNS server either running Windows NT Server 4.0 or Windows 2000 Server.
 * 3) When the Windows DNS server for the &quot;example.microsoft.com&quot; zone receives the query for &quot;host-a&quot;, the server examines its configured zone to locate a matching address (A) resource record.
 * 4) If an A record is not found and the zone is enabled to use WINS lookup, the server separates the host part of the name (host-a) from the fully qualified domain name (FQDN) that is contained in the DNS query. The host part of the name is the first label in the queried DNS domain name before a period is used in the name.
 * 5) The server sends a NetBIOS name request to the WINS server by using the host name, &quot;host-a&quot;.
 * 6) If the WINS server can resolve the name, the server returns the Internet Protocol (IP) address to the DNS server.
 * 7) The Windows DNS server returns this IP address information to the original preferred DNS server that had been queried by the requesting client, &quot;host-b&quot;.
 * 8) The preferred DNS server transfers the query answer back to the requesting client.

How WINS Reverse Lookup Works
There is also a WINS-R record or WINS reverse lookup entry that can be enabled and added to reverse lookup zones. However, because the WINS database is not indexed by IP address, the DNS service cannot send a reverse name lookup to WINS to obtain the name of a computer by using its IP address.

Because WINS does not provide reverse lookup capability, the DNS service sends a node adapter status request directly to the IP address that is implied in the DNS reverse query. When the DNS server obtains the NetBIOS name from the node status response, the server attaches the DNS domain name back onto the NetBIOS name that is provided in the node status response, and then forwards the result to the requesting client.

Using WINS Lookup
To use the WINS Lookup Integration feature, you must enable and add two special resource record types, the WINS and WINS-R resource records, to a zone. When the WINS resource record is used, any DNS queries that cannot find a matched host A resource record in the zone are forwarded to WINS servers that are configured in the WINS resource record. For reverse lookup zones, you can enable and use the WINS-R resource record to provide a similar benefit to further resolve a reverse query that is not answerable in the reverse in-addr.arpa domain. For more information, refer to the WINS Lookup Integration feature.

As an example, you can use WINS lookup when you use a mixed-mode client environment that consists of UNIX-based clients that use only DNS name resolution and earlier-version Microsoft clients that require NetBIOS naming. In these environments, WINS lookup provides a method for permitting UNIX DNS clients to locate your WINS clients by extending DNS host name resolution into the WINS-managed NetBIOS namespace.

The WINS Lookup Integration feature is only supported by Windows DNS servers. If you use a mixture of Windows and other DNS servers to host a zone, you must click to select the Do not replicate this record check box for any primary zones when you use the WINS lookup record. This option prevents the WINS lookup record from being included in zone transfers to other DNS servers that do not support or recognize this record. If you do not enable the WINS lookup record to be used only on the local server, you can cause data errors or failed zone transfers at servers that are running other DNS server implementations that replicate the zone.

WINS Lookup Interoperability
Typically, WINS lookup provides the best and most predictable results if you use only Windows DNS servers, and WINS lookup is only available directly for use with Windows DNS servers. However, you can use and benefit from WINS lookup by using other methods when other DNS servers are used.

For example, you can add a Windows DNS server that hosts a new WINS lookup-enabled zone. When you create and name the zone, you can use a subdomain that is added to your existing DNS namespace that is used only for WINS-specific referrals that are added to your DNS domain namespace.

For example, in &quot;example.microsoft.com&quot;, call the zone &quot;wins.example.microsoft.com&quot; when you create it. Then, you can use this new WINS referral zone as the root zone for any of your WINS-aware computers with names that are not found in your other traditional DNS zones.

To use the WINS referral zone, you need to specify its domain name (wins.example.microsoft.com) in a DNS suffix search list for your clients. The suffix list can be configured as part of the Transmission Control Protocol/Internet Protocol (TCP/IP) properties for a client connection. If the name of the WINS referral zone is included in the domain suffix list, any DNS names that are not resolved in traditional zones can be resolved by using the WINS referral subdomain.

Under normal conditions, this behavior results in recursion from your other DNS servers to the Windows DNS servers that host the WINS-enabled zone. If the queried host names match the NetBIOS computer names that are found in the WINS database, the names are resolved to the IP addresses that are mapped in the WINS data.

Because the WINS-enabled zone is only used for WINS lookup, you do not have to add any additional resource records to the zone.

By using a specific subdomain only for WINS lookup and by specifying a static DNS suffix list to be used in resolving and searching for names, you can prevent unusual situations in which DNS queries for different FQDNs resolve to the same WINS client name and IP address. This behavior may easily occur if you add and configure many zones at each level of your namespace and enable each of them to use WINS lookup integration.

For example, if you have two zones that are both configured to use WINS lookup. The zones are rooted and originate at the following DNS domain names:

example1.microsoft.com.

example2.microsoft.com.

Given this configuration, a WINS client that is named HOST-A can be unintentionally resolved by using either of the following FQDNs:

host-a.example1.microsoft.com.

host-a.example2.microsoft.com.

WINS Resource Record
You can use the WINS forward lookup resource record in a zone to provide further resolution of DNS queries for names that are not found in the zone by using a name query to WINS servers that are configured and listed with this record. However, the WINS record only applies to the upper level hierarchy in a zone, and not for subdomains that are used in the zone. The various fields that are used with the WINS resource record include the following fields:
 * Owner: Indicates the owner domain for this record. This field must always be set to &quot;@&quot; to indicate that the current domain is the same as the zone origin.
 * Class: Indicates the class for this record. This field must always be set to &quot;IN&quot; as the Internet class is the only supported class for Windows 2000 DNS servers.
 * Local: When this field is used, it indicates that the WINS resource record is to be used only locally at the DNS server and is not to be included during zone replication with other DNS servers. This field corresponds to whether or not the Do not replicate this record option had been selected when you configured WINS lookup at the DNS console. If this option had been selected, this resource record is not replicated to other DNS servers.
 * Lookup_timeout: Indicates the lookup time-out value that is to be applied for this record. For more information, refer to the following section that describes advanced parameters for WINS lookups.
 * Cache_timeout: Indicates the cache time-out value that is to be applied for this record. For more information, refer to the following section that describes advanced parameters for WINS lookups.
 * Wins_ip_addresses: This field is used to specify one or more IP addresses of WINS servers. At least one IP address of a valid WINS server is required.

Syntax: owner class WINS [LOCAL] [L lookup_timeout]

[C cache_timeout] wins_ip_addresses

For example:

@ IN WINS 10.0.0.1

@ IN WINS LOCAL L1 C10 10.10.10.1 10.10.10.2 10.10.10.3

NOTE: The zone root is assumed to be the current origin.

WINS-R Resource Record
You can use a WINS reverse lookup resource record in a reverse lookup zone to provide further resolving for reverse queries that are not found in the zone by using a NetBIOS adapter node status query in WINS for the queried IP addresses. You need to specify the parent domain to be attached to a NetBIOS computer name when a successful WINS reverse lookup occurs for an IP address that is contained in the reverse lookup zone. Any other fields that are used in the WINS-R record have a similar description and purpose, as described previously for their use in the WINS forward lookup record.

Syntax: owner class WINS [LOCAL] [L lookup_timeout]

[C cache_timeout] Domain_to_append_to_returned_NetBIOS_names

Example:

@ IN WINS-R LOCAL L1 C10 example.microsoft.com.

@ IN WINS-R wins.example.microsoft.com.

NOTE: The zone root is assumed to be the current origin.

Advanced Parameters for WINS Lookups
The following two advanced timing parameters are used with the WINS and WINS-R records:
 * The Cache timeout value indicates to a DNS server how long it must cache any of the information that is returned in a WINS lookup. By default, this value is set to 15 minutes.
 * The Lookup timeout value specifies the period of time to wait before timing out and expiring a WINS lookup that is performed by the DNS Server service. By default, this value is set to 2 seconds.

These parameters are configured by using the Advanced button in the Zone Properties dialog box when you configure the zone. This button is displayed on either the WINS or WINS-R tab, and depends upon whether the zone that you are configuring is being used for forward lookup or reverse lookup.

If you use either the WINS or WINS-R resource record, be aware that the minimum Time to Live (TTL) that is set in the start of authority (SOA) record for the zone is not the default TTL that is used with these records. Instead, when either an IP address or a host name is resolved with WINS lookup, the information is cached on the DNS server for the amount of time that is configured for the WINS cache time-out value. If this address is forwarded to another DNS server, the WINS cache time-out value for TTL is what is sent. If your WINS data rarely changes, you can increase the default TTL of 15 minutes.

Other Notes
If you have a zone that is configured for WINS lookup, all DNS servers that are authoritative for that zone need to be capable of WINS lookup or these servers can experience intermittent behavior. Because you can select to not replicate the WINS and WIN-R resource records to other DNS servers, you can selectively enable and configure WINS lookup at each of your secondary servers for zones where this feature is used. This procedure is not a standard practice for other types of resource records that are only to be configured at the primary server for the zone.

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

173161 How WINS Lookup Works from Windows NT DNS

Keywords: kbinfo KB304210

Technology: kbwin2000AdvServ kbwin2000AdvServSearch kbwin2000Search kbwin2000Serv kbwin2000ServSearch kbWinAdvServSearch

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© 2004 Microsoft Corporation. All rights reserved.