MORE INFORMATION

To allow for interoperability between the DNS Server service and the WINS service, the following two new resource records were defined as part of the Microsoft Windows NT DNS implementation:

• WINS Lookup
• WINS-R Lookup (WINS Reverse Lookup)

WINS Lookup

One of the new resource records is called a WINS Lookup record. It can only be a part of the zone root domain. Any queries that cannot be resolved by the static entries in the DNS zone file will be forwarded to the WINS servers that are defined by the WINS Lookup record. This function is particularly useful for UNIX clients that may have to contact Dynamic Host Configuration Protocol (DHCP)/WINS-enabled clients through Internet Protocol (IP).

The process occurs as follows:

1. A client sends a fully qualified domain name (FQDN) query to the DNS server.
2. The DNS server cannot resolve the name locally. It truncates the domain name from the host name and forwards the query to the configured WINS servers. The DNS server uses a source port of UDP 53 (DNS) and a destination port of UDP 137 (NetBIOS Name Service). It also encrypts the name that it sends to the WINS server.
   
   For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

   160828 Network monitor parses DNS WINS Lookup queries as DNS packets

3. The WINS server responds to the DNS server with the resolved IP address, with a source port of UDP 137, and with a destination port of UDP 53.
4. The DNS server forwards the IP address in response to the client's original query.

Note For network administrators who are familiar with protocol analyzers, a sample of packets has been included at the end of this article to display the actual network data that is exchanged in the process that is described here.

WINS-R Lookup

There is also a WINS-R Lookup (WINS Reverse Lookup) resource record that can be added to the reverse zone. However, WINS does not have a reverse lookup capability. This record instructs the DNS server to perform a NetBIOS node adaptor status lookup or a name server (NS) query against the host.

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

Note The WINS Lookup and the WINS-R Lookup resource records are proprietary to the Microsoft NT DNS service. You will want to prevent the resource records from being propagated in a zone transfer to a non-Windows NT DNS server. To do this, use one of the following methods:

• Add the "LOCAL" flag to the WINS record in the zone file. To do this, follow these steps:
  1. At a command prompt, type net stop dns, and then press ENTER.
  2. Using a text editor, open your zone file. For example, if your zone is Domain.com, your default zone file name is Domain.com.dns.

  3. Locate the WINS record, and type LOCAL so that your WINS record looks similar to the following, where a.b.c.d is the IP address of your WINS Server.

              @   0   IN   WINS   LOCAL   a.b.c.d

  4. Save the file, and then exit the text editor.
  5. At a command prompt, type net start dns, and then press ENTER.
• Enable the Settings Only Affect Local Server option. To do this, follow these steps:
  1. Click Start, point to Programs, point to Administrative Tools, and then click DNS Manager.
  2. Double-click your DNS server, right-click the zone name that contains the WINS record, and then click Properties.
  3. In the Zone Properties dialog box, click the WINS Lookup tab, and then click the Settings Only Affect Local Server option to enable it.

Network Monitor trace information

Network Monitor is a protocol analyzer that is available with Microsoft Systems Management Server (SMS). The following four frames of data correspond to the four steps listed in the "WINS Lookup" section. These frames of data illustrate the process that is involved when a Windows NT DNS server forwards a query to a WINS server.

Frame 1

7.128 WIN95B  -->  DNS SERVER  DNS 0x1:Std Qry for thebunker.gotcha.com.
of type Host Addr on class INET addr. WIN95B  -->
157.54.51.20   IP

DNS: 0x1:Std Qry for thebunker.gotcha.com. of type Host Addr on class INET
addr.

    DNS: Query Identifier = 1 (0x1)
    DNS: DNS Flags = Query, OpCode - Std Qry, RD Bits Set, RCode - No error
        DNS: 0............... = Query
        DNS: .0000........... = Standard Query
        DNS: .....0.......... = Server not authority for domain
        DNS: ......0......... = Message complete
        DNS: .......1........ = Recursive query desired
        DNS: ........0....... = No recursive queries
        DNS: .........000.... = Reserved
        DNS: ............0000 = No error
    DNS: Question Entry Count = 1 (0x1)
    DNS: Answer Entry Count = 0 (0x0)
    DNS: Name Server Count = 0 (0x0)
    DNS: Additional Records Count = 0 (0x0)
    DNS: Question Section: thebunker.gotcha.com. of type Host Addr on class

INET addr.

        DNS: Question Name: thebunker.gotcha.com.
        DNS: Question Type = Host Address
        DNS: Question Class = Internet address class

Frame 2

7.129 DNS SERVER -->  WINS SERVER DNS 0x8008:Std Qry for
FEEIEFECFFEOELEFFCCACACACACACAAA. of type Unknown Type on class INET
addr. 157.54.51.20 --> 157.54.51.30 IP

UDP: Src Port: DNS, (53); Dst Port: NETBIOS Name Service (137); Length = 58
(0x3A)
UDP: Source Port = DNS
UDP: Destination Port = NETBIOS Name Service
UDP: Total length = 58 (0x3A) bytes
UDP: UDP Checksum = 0x70AB
UDP: Data: Number of data bytes remaining = 50 (0x0032)
DNS: 0x8008:Std Qry for FEEIEFECFFEOELEFFCCACACACACACAAA. of type Unknown
Type on class INET addr.

    DNS: Query Identifier = 32776 (0x8008)
    DNS: DNS Flags = Query, OpCode - Std Qry, RD Bits Set, RCode - No error
        DNS: 0............... = Query
        DNS: .0000........... = Standard Query
        DNS: .....0.......... = Server not authority for domain
        DNS: ......0......... = Message complete
        DNS: .......1........ = Recursive query desired
        DNS: ........0....... = No recursive queries
        DNS: .........000.... = Reserved
        DNS: ............0000 = No error
    DNS: Question Entry Count = 1 (0x1)
    DNS: Answer Entry Count = 0 (0x0)
    DNS: Name Server Count = 0 (0x0)
    DNS: Additional Records Count = 0 (0x0)
    DNS: Question Section: FEEIEFECFFEOELEFFCCACACACACACAAA. of type

Unknown Type on class INET addr.

        DNS: Question Name: FEEIEFECFFEOELEFFCCACACACACACAAA.
        DNS: Question Type = 0x0020
        DNS: Question Class = Internet address class

Frame 3

7.133 WINS SERVER -->  DNS SERVER DNS 0x8008:Std Qry Resp. for
FEEIEFECFFEOELEFFCCACACACACACAAA. of type Unknown Type on class
INET addr. 157.54.51.30 -->  157.54.51.20 IP

UDP: Src Port: NETBIOS Name Service, (137); Dst Port: DNS (53); Length = 70
(0x46)

    UDP: Source Port = NETBIOS Name Service
    UDP: Destination Port = DNS
    UDP: Total length = 70 (0x46) bytes
    UDP: UDP Checksum = 0xBBB7
    UDP: Data: Number of data bytes remaining = 62 (0x003E)

DNS: 0x8008:Std Qry Resp. for FEEIEFECFFEOELEFFCCACACACACACAAA. of type
Unknown Type on class INET addr.

    DNS: Query Identifier = 32776 (0x8008)
    DNS: DNS Flags = Response, OpCode - Std Qry, AA RD RA Bits Set, RCode -

No error

        DNS: 1............... = Response
        DNS: .0000........... = Standard Query
        DNS: .....1.......... = Server authority for domain
        DNS: ......0......... = Message complete
        DNS: .......1........ = Recursive query desired
        DNS: ........1....... = Recursive queries supported by server
        DNS: .........000.... = Reserved
        DNS: ............0000 = No error
    DNS: Question Entry Count = 0 (0x0)
    DNS: Answer Entry Count = 1 (0x1)
    DNS: Name Server Count = 0 (0x0)
    DNS: Additional Records Count = 0 (0x0)
    DNS: Answer section: FEEIEFECFFEOELEFFCCACACACACACAAA. of type Unknown

Type on class INET addr.

        DNS: Resource Name: FEEIEFECFFEOELEFFCCACACACACACAAA.
        DNS: Resource Type = 0x0020
        DNS: Resource Class = Internet address class
        DNS: Time To Live = 0 (0x0)
        DNS: Resource Data Length = 6 (0x6)
        DNS: Additional Resource Data = 60 00 9D 36 33 1E

                

Frame 4

7.0134 WIN95B  -->  DNS SERVER  DNS 0x1:Std Qry Resp. for
thebunker.gotcha.com. of type Host Addr on class INET addr.
157.54.51.20 -->  WIN95B  IP

DNS: 0x1:Std Qry Resp. for thebunker.gotcha.com. of type Host Addr on class
INET addr.

    DNS: Query Identifier = 1 (0x1)
    DNS: DNS Flags = Response, OpCode - Std Qry, AA RD RA Bits Set, RCode -

No error

        DNS: 1............... = Response
        DNS: .0000........... = Standard Query
        DNS: .....1.......... = Server authority for domain
        DNS: ......0......... = Message complete
        DNS: .......1........ = Recursive query desired
        DNS: ........1....... = Recursive queries supported by server
        DNS: .........000.... = Reserved
        DNS: ............0000 = No error
    DNS: Question Entry Count = 1 (0x1)
    DNS: Answer Entry Count = 1 (0x1)
    DNS: Name Server Count = 0 (0x0)
    DNS: Additional Records Count = 0 (0x0)
    DNS: Question Section: thebunker.gotcha.com. of type Host Addr on class

INET addr.

        DNS: Question Name: thebunker.gotcha.com.
        DNS: Question Type = Host Address
        DNS: Question Class = Internet address class
    DNS: Answer section: thebunker.gotcha.com. of type Host Addr on class

INET addr.

        DNS: Resource Name: thebunker.gotcha.com.
        DNS: Resource Type = Host Address
        DNS: Resource Class = Internet address class
        DNS: Time To Live = 600 (0x258)
        DNS: Resource Data Length = 4 (0x4)
        DNS: IP address = 157.54.51.30