Our next topic requires a short detour into the world of Microsoft networking. Networks based on NetBT (NetBIOS over TCP) need to perform name resolution, too: hosts need a way to map NetBIOS names  to IP addresses. The way this name resolution works has evolved over time. In the early days, hosts broadcasted a query on the LAN to resolve a NetBIOS name. This forced all hosts to listen to every broadcast. Since broadcasts don't leave the local LAN, this method didn't allow name resolution beyond the local subnet. The next evolutionary step was the LMHOSTS file, which is just a list of NetBIOS names and IP addresses. Every host needed an LMHOSTS file to resolve names beyond the local subnet. This model didn't scale very well, either: it was tough to keep the LMHOSTS files up-to-date and distribute them. And the introduction of the Dynamic Host Configuration Protocol (DHCP) essentially made basing a network's NetBIOS name resolution on LMHOSTS files impossible .
 A host's NetBIOS name is simply the name by which it's known for NetBT networking purposes. NetBIOS names are limited to one label of up to 15 octets (that is, no multiple-label names like DNS domain names). On Windows 2000 systems the NetBIOS name is set in the System Properties window's Network Identification tab (choose Control Panel System ). A host's NetBIOS name need not be the same as the hostname portion of its fully qualified domain name in DNS.
A detailed description of DHCP is beyond the scope of this book,  but suffice it to say that DHCP eliminates the requirement of configuring a static IP address on every one of your hosts. If those hosts support DHCP, they can contact a DHCP server when they boot to obtain an IP address and other configuration parameters, such as the IP addresses of the default router, name servers, and WINS servers.
 But see another book from O'Reilly & Associates, TCP/IP Network Administration by Craig Hunt.
WINS, which stands for Windows Internet Naming Service, is a Microsoft invention introduced in Windows NT 3.5. The server component of WINS is an implementation of a NetBIOS Name Server as described in RFCs 1001 and 1002. The idea is nothing new; the RFCs date from early 1987. The function of a NetBIOS Name Server is simple: it maps NetBIOS names to IP addresses.
The name and IP address information in a WINS server comes from the various hosts on the network. Once a host sets its IP address using the value sent by a DHCP server, the host registers its name with the WINS server the DHCP server told it about. Actually, any modern NetBT host registers its name with a WINS server, regardless of how it obtained its IP address (e.g., dynamically from a DHCP server or statically from a user -input configuration). Modern NetBT hosts also know to contact a WINS server for NetBIOS name resolution, rather than relying solely on broadcasting or an LMHOSTS file.
So where does DNS fit in to all this? Before Windows 2000, it wasn't possible to make the new name-to-IP address mappings generated by the DHCP server visible to DNS. Microsoft realized there would be some value to enabling a DNS server to query a WINS server, which knows about names for dynamically assigned IP addresses. After all, a NetBIOS name in the WINS server is usually the same as a machine's hostname (the first label of its fully qualified domain name in DNS), which is what it would be in the DNS server if there were an easy way to get it there. (Remember, we're talking about the days before Windows 2000 with its improved integration with DNS.) So a Microsoft DNS Server can be configured to ask a WINS server when it receives a query for a domain name that's not in its zone data.
You may be thinking that a name server contacting a WINS server is kind of silly; isn't there a way for name servers to know what the DHCP servers are doing directly? There is. In a Windows 2000 network, DHCP servers can update name servers after every assignment using the DNS Dynamic Update protocol. We cover this new functionality in Chapter 11. The importance of WINS in Windows 2000 is greatly reduced, too. Windows 2000 hosts can resolve NetBIOS names with DNS rather than WINS, although WINS is still required to support older, legacy clients . You can find more information about how Windows 2000 hosts use DNS for hostname lookups in Chapter 6.
10.2.1 Configuring WINS Lookup
WINS lookup, as it's called, is enabled on a zone-by-zone basis using the WINS tab of the zone properties window. When the DNS server receives an address (A) record query for which it doesn't know the answer, if the zone where the record will exist has WINS lookup enabled, the DNS server queries a WINS server. The NetBIOS name sent to the WINS server is the first label of the domain name in the A record query. For example, if the domain name in the A record query is terminator.movie.edu , the NetBIOS name queried is terminator . If the WINS server responds with an IP address for terminator , the DNS server synthesizes an A record for terminator.movie.edu and returns it to the original querier.
The WINS lookup configuration for the movie.edu zone on the zone's primary master, terminator , is shown in Figure 10-5.
Figure 10-5. WINS lookup settings for movie.edu
WINS lookup is enabled by checking the Use WINS forward lookup box. You can specify the IP addresses of up to five WINS servers, and the DNS server will try them in the order listed.
By default, the WINS lookup configuration you establish on the primary master takes effect on the slaves as well. The primary master inserts a special WINS record that gets transferred with the rest of the zone to the slaves. If the slaves are Microsoft DNS Servers, they understand the WINS record and perform WINS lookups accordingly . If the slaves are BIND name servers, they complain about the unknown WINS record. You can suppress sending this WINS record to the slaves by checking Do not replicate this record .
The Time to live (TTL) field in the lower left corner specifies the TTL for the special WINS record itself. We're not sure why anyone would ever care about this value: a record's TTL applies only to servers that cache it, and the WINS record is meaningful only on a zone's authoritative servers.
Pressing the Advanced... button yields a window like that in Figure 10-6. Cache time-out controls how long the DNS server will cache the synthesized A records. The default value is 15 minutes. That value may seem small, but it's a good choice: information in the WINS server is transient by nature, so you don't want the DNS server to hold on to it for a long time. If it needs a name again, the DNS server can just ask the WINS server for it. Lookup time-out controls how long the DNS server will wait after querying a WINS server. The default is 2 seconds.
Figure 10-6. Advanced WINS lookup settings
You can enable WINS lookup on in-addr.arpa zones, too. It's called WINS reverse lookup, and it's implemented differently than plain WINS lookup. When the name server receives a PTR query it can't answer and WINS reverse lookup is enabled for the zone, it sends a NetBIOS Adapter Status request directly to the IP address referenced by the PTR record. In other words, the name server asks the host directly what its name is. The name server can't ask a WINS server because lookups based on IP address aren't supported: you can't give a WINS server an IP address and get the corresponding NetBIOS name back. WINS servers have obviously never heard of Jeopardy! ("The host with IP address 220.127.116.11." "What is terminator ?")
WINS reverse lookup is configured similarly to WINS lookup: select the WINS-R tab of the zone properties window of any in-addr.arpa zone. The WINS reverse lookup configuration for the 249.249.192.in-addr.arpa zone on the zone's primary master, terminator , is shown in Figure 10-7.
Figure 10-7. WINS reverse lookup settings for 249.249.192.in-addr.arpa
Use WINS-R lookup enables the NetBIOS Adapter Status requests for unknown PTR records in this zone. Do not replicate this record has the same effect as its WINS forward-lookup counterpart . If you look in an in-addr.arpa zone data file, though, you'll see a WINS-R record instead of a WINS record. The Domain to append to returned name field takes a DNS domain name that will be appended to the NetBIOS name returned by the host to form a fully qualified domain name. The Advanced... button controls cache and lookup timeouts, just like its WINS forward-lookup counterpart.
10.2.2 Using WINS Lookup and WINS Reverse Lookup
What's WINS lookup good for? In most networks, not a lot. For one thing, Windows 2000 now integrates tightly with DNS so that in a properly configured network, all Windows 2000 hosts have forward- and reverse-mapping information in DNS. (More information about this new integration with DNS is found in Chapter 11.) But let's say you still have a lot of older Windows hosts on your network. Do you need WINS lookup? Well, we still can't get excited about it. Think about it this way: the names that get resolved the most are the servers, and they usually have fixed IP addresses and thus static DNS entries. They're resolved directly in DNS, not via the WINS lookup detour. Most networks don't have much peer-to-peer networking; your average desktop host usually doesn't offer network services, such as a web server, name server, and so on. It's the need to reach those kinds of network services that require DNS name resolution to work for every host. (Sure, there's a lot of NetBIOS-based file and print sharing among desktop hosts, but that process uses WINS natively.)
If you do need to support WINS lookup in your network, a big problem with it is that the standard BIND name server doesn't support it.  Many people find that they need WINS lookup after they have a DNS infrastructure in place using BIND name servers. One option is to replace all those name servers with the Microsoft DNS Server and enable WINS lookup. That's not realistic for most people. A better, but not perfect, option is to create a new subdomain for DHCP clients resolvable via WINS lookup and delegate the subdomain to a set of Microsoft DNS Servers.
 Check Point has ported BIND to Windows 2000 and added WINS lookup and WINS reverse lookup. See http://www.checkpoint.com/products/metaip/index.html.
For example, let's say the folks running the domain acme.com suddenly find themselves with dozens of PCs doing peer-to-peer networking with DHCP-assigned IP addresses. Since they've already got a BIND infrastructure in place, they decide to create the domain pcs.acme.com for these PCs. (The domain name could be anything: dhcp.acme.com , wins.acme.com , whatever.) They configure a couple of Microsoft DNS Servers for this zone and enable WINS lookup. Finally, they delegate to the pcs.acme.com zone from the acme.com zone.
In practice, we find WINS reverse lookup is much more useful. It's really nice to have complete reverse-mapping information for your network in DNS. Network-management applications can report names rather than IP addresses. Web servers can log usage statistics by name and make named-based authorization decisions, such as giving access only to hosts in the movie.edu domain. Troubleshooting is easier as well. Without WINS reverse lookup, the name server can't reverse map dynamically assigned IP addresses in networks with older Windows hosts. Of course, for you to be able to use WINS reverse lookup in your network, all the name servers for your in-addr.arpa zones need to support it.