NetBEUI

In order to properly describe NetBEUI, the transport protocol sometimes used for Microsoft networking, it is necessary to describe Microsoft networking in some detail and the various protocols used and what network layers they support.

NetBIOS, NetBEUI, and SMB are Microsoft Protocols used to support Microsoft Networking. The NetBIOS stack includes SMB, NetBIOS, and NetBEUI which are described in the table below. The following are parts of the Microsoft networking stack:

  

Name	Network Layer	Description
		Directs requests for network resources to the appropriate
Redirector	Application	server and makes network resources seem to be local
		resources.
SMB	Presentation	Server Message Block provides redirector client to server
		communication
NetBIOS	Session	Controls the sessions between computers and maintains
		connections.
		Provides data transportation. It is not a routable transport
		protocol which is why NBT exists on large networks to use
NetBEUI	Transport, Network routable TCP protocol on large networks. This                                            protocol may  sometimes be called the                                             NetBIOS frame (NBF) protocol.
		NDIS allows several adapter drivers to use any number of
NDIS and NIC driver Data Link		transport protocols. The NIC driver is the driver software for
		the network card.

NetBIOS Extended User Interface (NetBEUI)

This is a separate protocol from NetBIOS. It supports small to medium networks providing transport and network layer support. It is fast and small and works well for the DOS operating system but NetBEUI is not a routable protocol.

Name Resolution

There are three methods of mapping NetBIOS names to IP addresses on small networks that don't perform routing:

1.     IP broadcasting - A data packet with the NetBIOS computer name is broadcast when an associated address is not in the local cache. The host who has that name returns its address.

2.    The lmhosts file - This is a file that maps IP addresses and NetBIOS computer names.

3.    NBNS - NetBIOS Name Server. A server that maps NetBIOS names to IP addresses. This service is provided by the nmbd daemon on Linux.

System wide methods of resolving NetBIOS names to IP addresses are:

1.    b-node - Broadcast node

2.    p-node - Point-to-point node queries an NBNS name server to resolve addresses.

3.    m-node - First uses broadcasts, then falls back to querying an NBNS name server.

4.    h-node - The system first attempts to query an NBNS name server, then falls back to broadcasts if the nameserver fails. As a last resort, it will look for the lmhosts file locally.

NetBIOS name services use port 137 and NetBIOS session services use port 139. NetBIOS datagram service uses port 138.

To resolve addresses from names, a computer on a Microsoft network will check its cache to see if the address of the computer it wants to connect to is listed there. If not it sends a NetBIOS broadcast requesting the computer with the name to respond with its hardware address. When the address is received, NetBIOS will start a session between the computers. On larger networks that use routers, this is a problem since routers do not forward broadcasts, nor is NetBEUI a routable protocol. Therefore Microsoft implemented another method of resolving names with the Windows Internet Name Service (WINS). The following steps are taken to resolve NetBIOS names to IP addresses for H-node resolution on larger networks using TCP/IP (NBT):

1.    NetBIOS name cache

2.    WINS Server

3.    NetBIOS broadcast

4.    lmhosts file

5.    hosts file

6.    DNS server

For a more complete explanation of NetBIOS name resolution, WINS, and Windows networking in general, see the manuals in the Windows operating system section such as the "Windows TCP/IP Reference." Also a Windows Networking manual will be written for this section.

NetBIOS over TCP/IP (NBT)

Since NetBEUI is not a routable protocol, Microsoft implemented NBT for larger networks. NetBIOS messages are normally encapsulated in NetBEUI datagrams, but when using NBT, they are encapsulated in TCP/IP datagrams. The NBT protocol is defined by RFC 1001 and RFC 1002.

NWLink

NWLink is Microsoft's implementation of IPX/SPX. NWLink will act as a transport mechanism for NetBIOS similar to the use of TCP/IP described in the NBT section above. NWLink is normally used to support medium networks and may be used where NetWare servers are present.

Windows Internet Name Service (WINS)

WINS is the Microsoft implementation of NetBIOS name service. Samba on Linux can be used as a WINS server.

Computers configured to use WINS, when booted, contact the WINS name server and give the server their NetBIOS name and IP address. The WINS server adds the information to its database and it may send the information to other WINS servers on your network. When a computer that is configured to use WINS needs to get an address of another computer, it will contact the WINS server for the information. Without the use of a WINS server, NetBIOS will only be able to see computers on the unrouted sections of the local network. Does this mean a WINS server must exist in each routed section of the network? The answer is no. This is because WINS uses TCP/IP which is routable. Only one WINS server needs to exist on the network.

The Windows Networking Environment

A domain in a Microsoft networking environment refers to a collection of computers using user level security. It is not the same as the term domain used with regard to the domain name system (DNS). Domain related terms are:

●     BDC - Backup Domain Controller is a backup for a PDC

●     TLD - Top Level domain

●     PDC - Primary Domain Controller is an NT server providing central control of user access permissions and accounts on a network.