An algorithm used in implementations of TCP/IP that controls traffic congestion on a network. Nagle’s algorithm limits transmission of small datagrams and controls the size of the Transmission Control Protocol (TCP) sending window. The algorithm increases the efficiency of routers by reducing the latency of the routing process. It is also an important mechanism for enabling large internetworks such as the Internet to handle TCP/IP applications (such as Telnet applications) that communicate using large numbers of small Internet Protocol (IP) packets.
For example, consider a Telnet client communicating with a Telnet server. When a user types a single character in the Telnet client window, TCP packages the character and sends it to the server as a very small packet. It would be highly inefficient if each character typed into a Telnet window were sent as an individual packet. In fact, when the user types the next character, one of two things can happen:
If an acknowledgment has been received for the first packet sent, TCP packages the second character into a second small packet and sends it immediately to prevent delay.
If an acknowledgment has not been received for the first packet, TCP buffers the second character, then the third, and so on until the acknowledgment is received or the buffer has reached a certain size, triggering TCP to package the buffered characters and send them. This is a result of Nagle’s algorithm being implemented on the client TCP/IP protocol stack. The process of buffering the TCP send buffer is sometimes called “nagling.”
Another part of Nagle’s algorithm addresses the problem of a network system getting bogged down when a large datagram is sent over and over again because it takes too long to fill a sending window (the receiving buffer) with the data from the datagram. According to the algorithm, when a client receives a message that datagrams are being dropped because of congestion at a particular host, the client responds by temporarily acting as if the host’s window size has been reduced. This “throttles back” the amount of information sent to the host and enables the host to catch up.
NOTE
Nagle’s algorithm is defined in Request for Comments (RFC) 896. It is implemented in the TCP/IP protocol stack of the Microsoft Windows NT and Windows 2000 operating systems. Proposals have been put forth for improving this algorithm because it does not produce optimal results with certain kinds of TCP/IP interactions, such as those based on HTTP 1.1.
An interprocess communication (IPC) mechanism that provides reliable, connection-oriented, two-way communication between processes on two computers. Named pipes are one form of client/server communication in Microsoft Windows operating systems and applications.
How It Works
A pipe is a portion of memory reserved for one process to pass information to another. Named pipes are implemented as file system drivers and therefore are opened by requests made from the redirector. They take full advantage of the features of file system drivers, such as security and validation.
Developed originally for Microsoft OS/2 LAN Manager and maintained in recent versions of Windows for backward compatibility, named pipes provide guaranteed delivery of data between computers for distributed applications in a client/server environment. They provide a reliable, one-to-one, bidirectional, connection-oriented form of communication between a client process running on one machine and a server process (service) running on a different machine.
Named pipes are used in the WinLogon process on Windows NT and in client/server applications that use Microsoft SQL Server.
NOTE
Windows 98 supports client-side named pipes communication for backward compatibility with OS/2 LAN Manager and other applications, but it does not support server-side named pipes. Named pipes consume more server-side memory than other IPC mechanisms (such as Windows Sockets) and generate a bit more network traffic.
In the Domain Name System (DNS), the process of a resolver sending a request to a name server. The resolver sends the host name of a TCP/IP host on the internetwork, and the name server returns the host’s IP address. The name server is said to “resolve” the name of the host into its associated IP address.
The query sent by the resolver to the name server is most often a recursive query, which returns either the expected IP address or an error. This type of query makes it possible for a name server to forward the request on to other name servers if it can’t resolve the name and then return the result of that request to the resolver. If the queried name server is configured to forward requests, it can perform an iterative query, querying several name servers in succession until it resolves the name or runs out of name servers to query.
See also Domain Name System (DNS), host name resolution
The process of resolving the name of a computer on a network into its network address. Name resolution is an important part of network communication because the logical names of hosts on the network must be resolved into their network addresses before communication can take place.
TCP/IP networks running Microsoft Windows operating systems support two name resolution methods:
NetBIOS name resolution to resolve NetBIOS names into IP addresses. This is performed by using broadcasts or by querying a Windows Internet Name Service (WINS) server.
Host name resolution to resolve fully qualified domain names (FQDNs) into IP addresses. This is performed by using a local Hosts file or by querying a Domain Name System (DNS) server.
In addition, once the name of a host is resolved into its IP address, the TCP/IP protocol called Address Resolution Protocol (ARP) resolves the host’s IP address into its physical layer or MAC address. Once the name resolution process is complete, you can place frames on the network with appropriate destination MAC addresses so that they can be received by their destination host.
See also host name resolution, NetBIOS name resolution
A host on the Internet or on a TCP/IP internetwork that can be used to resolve host names into IP addresses. Name servers are an essential component of the Domain Name System (DNS), which provides the namespace of all hosts on the Internet or on a private TCP/IP internetwork. Because of name servers, when you want to access or reference a host on a TCP/IP network, you can use its friendly DNS name instead of its IP address, which is generally harder to remember.
How It Works
The DNS functions as a client/server-based system, with name servers forming the server part and resolvers forming the client part. Each name server has authority over a portion of the DNS namespace called a zone, which means that it should be able to resolve name lookups for hosts located within that zone. Resolvers send name lookups to name servers by passing them the name of a host. The name server performs name resolution by determining which IP address corresponds to the requested host’s name. Name servers can also query each other, so a typical name lookup from a resolver might involve several name servers.
This distributed system of name servers makes it possible to share the load of name resolution among many computers. Just imagine if one machine had to track the name of every host on the Internet!
Within a zone you can have two types of name servers, which allows for fault tolerance and a further sharing of the load:
Primary name servers: These name servers keep a local file of the information relating to their zone. This local file or DNS database contains resource records, which are mappings of host names to IP addresses for hosts in that zone. A DNS administrator must manually create and maintain the DNS database on a primary name server.
Secondary name servers: These name servers obtain their database of resource records from a master name server, which can be either a primary name server or another secondary name server. The process by which the DNS database is transferred from a master name server to a secondary name server is known as zone transfer.
The collection of all name servers on the Internet is used to manage and maintain the DNS namespace of host name to IP address mappings. Name servers can also be used on private TCP/IP internetworks to facilitate network communication.
NOTE
Microsoft’s implementation of a name server in Windows NT, the Microsoft DNS Service, is fully compliant with related Requests for Comments (RFCs) describing the implementation and working of the DNS.
Windows 2000 supports the industry’s extension to DNS with the DNS dynamic update protocol. This protocol is integrated into Active Directory on Windows 2000–based networks and enables the dynamic updating of DNS name servers.
See also Domain Name System (DNS)
A type of Domain Name System (DNS) resource record that identifies the specific host as a name server. For each zone governing a portion of the DNS namespace, there should be one name server (NS) record for each name server in the zone. Each NS record also requires an associated address record that resolves the host name of the name server into its IP address. The syntax for the NS record is specified in Request for Comments (RFC) 1035.
Here is an example of an NS record:
microsoft.com. IN NS nameserver2.microsoft.com.
In this example, the domain microsoft.com is within the zone of authority of the name server named nameserver2. IN stands for Internet, and NS stands for name server.
See also Domain Name System (DNS)
The abstract space or collection of all possible addresses, names, or identifiers of objects on a network, internetwork, or the Internet. A namespace is “the space of all names” for a given type of network name.
A simple example of a namespace is an IP address space, which consists of the space of all possible IP addresses. This space is divided into class A, class B, and so on, which represent disjoint subgroups of the IP address space. Generally, every node on a TCP/IP network, internetwork, or the Internet must occupy a unique point in the IP address space—that is, it must have a unique IP address. This ensures that a packet directed to a particular node (such as a computer, network printer, or router interface) can be addressed with the IP address of that node. If two nodes on a network were to have the same IP address number, a packet intended for one might end up at the other. The exception is when you have a private network connected to the Internet through a firewall that uses network address translation (NAT) or some other scheme to hide the addresses of nodes in the private network from the Internet. In this case, if no direct communication is expected between nodes in the two networks (except through the firewall), nodes in the private network can be assigned arbitrary IP addresses such as 10.x.y.z.
Another common example of a namespace is the DNS namespace of the Internet. Unlike the space of IPv4 addresses just described, the DNS namespace is hierarchical in structure and arbitrarily scalable (except so far as a node in DNS namespace must generally map to some specific IP address). It also has the advantage of being a logical naming scheme, in contrast to a physical naming scheme such as IP addresses, which are bound to the particular network structure being used.
The root of the DNS namespace branches out to a relatively small number of top-level domains such as .com, .org, and .edu. Private companies can register a domain name in one of these top-level domains and then subdivide their branch of the DNS namespace as they desire. For example, a company named Carpoint Traders might register the domain name carpoint.com and then create three new subdomains under it named sales.carpoint.com, support.carpoint.com, and hq.carpoint.com. Specific servers and router interfaces exposed to the Internet might then be given specific DNS addresses to uniquely identify them in the DNS namespace. An address in the DNS namespace, called a fully qualified domain name (FQDN), maps to a unique node on the Internet. An example might be widgets.support.carpoint.com, which might map to the address 10.15.6.133. Names of domains, subdomains, and individual hosts are maintained on name servers located at various points across the Internet or within large private internetworks. If you want to locate a particular node in the DNS namespace, you query a name server. The process of locating a particular DNS node and resolving its FQDN into its associated IP address is called name resolution.
Another namespace used in Microsoft Windows NT–based and Windows 2000–based networks is the NetBIOS namespace, which is the space of all NetBIOS names (computer names) of Windows machines on the network. Unlike the hierarchical tree structure of the DNS namespace, the NetBIOS namespace is flat and is managed using the Windows Internet Name Service (WINS), which runs on WINS servers in the network. Because the NetBIOS namespace is flat, it is not as scalable as DNS. For example, say that you query a name server to resolve an FQDN such as widgets.support.carpoint.com into its associated IP address. The name server might first have to find another name server that is authoritative in the carpoint.com domain. Next, the name server must find a name server that is authoritative in the support.carpoint.com subdomain whose database contains a record for the widgets.support.carpoint.com host. Finally, the name server must resolve the information in the record into an IP address. The whole process might take only several referrals and a short inspection of a relatively small database of resource records because each name server on the Internet is authoritative over only a small portion of the DNS namespace. Once you locate the correct name server through a series of hierarchical queries, the final name lookup deals with only a small number of records. The NetBIOS namespace is different, however, because each WINS server maintains a database of records for all NetBIOS names on the network. So if you were to use WINS to manage a network the size of the Internet with its millions of hosts, each WINS server would have a flat-file database containing millions of records, which would need to be searched from top to bottom each time a query was issued against it.
Because of the flexibility and scalability of DNS and its association with the Internet, DNS is the primary naming system used by Windows 2000. Support for WINS is included only for backward compatibility with downlevel Windows NT stations and legacy Windows stations. Active Directory in Windows 2000 uses DNS as the service for name resolution (for locating users, groups, computers, shared folders, printers, and other objects on the network). The namespace of Active Directory represents a bounded area within which the DNS name of the root of Active Directory is translated to all the objects within the directory. Within Active Directory, a domain tree represents a contiguous namespace of connected objects, while a domain forest is a disjointed namespace formed from two or more domain trees. Companies with Windows 2000–based networks can use the same DNS namespace for both internal and external network connections, or they can use separate DNS names for the network from an internal or an external perspective.
See also Domain Name System (DNS), IP address
A contiguous subtree or branch of Active Directory in Microsoft Windows 2000. Naming contexts are used to partition the Active Directory namespace into sections, each with its own security boundary. You use naming contexts during the process of directory replication to form the basic unit of the replication process.
Active Directory always includes at least three naming contexts:
Configuration: Contains information about sites, services, partitions, and the Active Directory schema
Domain naming: Contains information relating to directory data for the domain in which the Active Directory domain controller resides
Schema: Contains the schema information that defines the classes, objects, and attributes used in Active Directory
During multimaster replication of Active Directory, any naming context that has been updated is replicated to other domain controllers. For example, if the schema is modified on one domain controller, the schema naming context is replicated to all other domain controllers in Active Directory and also to the global catalog server. Only those portions of the naming context that have changed are actually replicated.
A boundary for permissions inheritance. Microsoft Exchange Server has three levels of naming context:
Organization container
Site container
Configuration container
If permissions are assigned to a user or a group on the site container, those permissions are inherited by everything in the Exchange directory hierarchy beneath the site container until the configuration container is encountered. Similarly, if an object in the configuration container has permissions assigned to it, those permissions are inherited by all objects beneath it.
A rule to ensure that users on a network have their own unique username so that they can be owners of their own resources (such as their personal folders). A simple and consistent naming convention for users on your network is an important part of network administration. Examples of naming conventions applied to the user Jeff Smith might include the following:
jsmith—the first letter of the user’s first name concatenated with the user’s full last name
jeffs—the user’s first name concatenated with the first letter of the user’s last name
Two users on a network might have the same first or last name, so your naming convention should include a rule to break ties. For example, if Jeff Smith is “jsmith,” James Smith might be “jsmith2.” You might also want to establish a rule for easily identifying temporary employees, such as “T-jsmith” or “jsmith(temp).”
NOTE
On Microsoft Windows 2000–based networks, usernames of domain user accounts must be unique within the given organizational unit (OU) in which they are created in Active Directory. Usernames can be more than 20 characters long, but only the first 20 characters are used as logon credentials.
See Network Access Point (NAP)
See network access server (NAS)
See network address translation (NAT)
A series of specifications for protecting commercial and residential buildings from electrical hazards. The National Electric Code (NEC) is published by the National Fire Protection Association (NFPA), an international organization that advocates standards for fire safety and related issues. The NEC is one of hundreds of standards documents produced by the NFPA. The NEC, which is NFPA standard number 70, deals with how to properly install and maintain electrical and electronic equipment in order to minimize fire hazards. In the area of computer networking, the NEC covers the proper installation and construction of copper cabling and fiber-optic cabling, as well as issues relating to the powering of network devices, such as proper grounding.
The NEC is legally enforced in every state in the United States and in a number of other countries. Most U.S. municipalities have adopted NEC recommendations in local building codes. Testing of electrical equipment for compliance with NEC standards is performed by Underwriters Laboratories (UL).
On the Web
•
NFPA home page : www.nfpa.org
A government organization that provides services and programs to help U.S. industries commercialize new technologies and compete internationally. National Institute of Standards and Technology (NIST) certification identifies technologies as meeting federal government requirements.
In the area of relational database management systems (RDBMS’s), NIST administers a test named Federal Information Processing Standard (FIPS) 127-2. FIPS 127-2 is based on the broader American National Standards Institute (ANSI) SQL92 standard, which ensures portability across heterogeneous RDBMS’s by establishing a common set of structured query language (SQL) commands. There is no higher standard for SQL database languages than FIPS 127-2.
Microsoft SQL Server 6.5 was the first RDBMS to pass the NIST version 5.1 validation tests for Entry Level FIPS 127-2. SQL Server 6.5 complies with both the ANSI SQL92 standard and the FIPS standards.
A domain mode for running Microsoft Windows 2000 domain controllers that is incompatible with domain controllers running the earlier Windows NT operating system. You can use domain controllers running in native mode only to authenticate users on a pure Windows 2000–based network. If your network contains a mixture of Windows 2000 and Windows NT computers, you should configure your Windows 2000 domain controllers to run in mixed mode so that they can interoperate with Windows NT domain controllers. If you plan to use native mode, all domain controllers must be running Windows 2000 and must be configured to run in native mode, but member servers and client workstations can run either Windows 2000 or Windows NT.
NOTE
Native mode gives you more options than mixed mode regarding types of groups. Specifically, you can use global groups, domain local groups, and universal groups, and you can nest them to any degree. Running in mixed mode means that universal groups are not available, and you can nest global groups only in domain local groups and only to one level of nesting.
TIP
Windows 2000 domain controllers install in mixed mode by default. You can use the administrative tool Active Directory Domains and Trusts to change your domain controllers from mixed mode to native mode. If you change a domain controller to native mode, you cannot change it back to mixed mode, so don’t make the change until all your domain controllers are running Windows 2000.
See also domain modes
See NetBEUI Frame (NBF)
See NetBIOS Name Server (NBNS)
A TCP/IP utility that displays current TCP/IP connections and statistics using NetBIOS over TCP/IP (NetBT). Nbtstat is installed on a computer running Microsoft Windows when the TCP/IP protocol stack is installed. You can run nbtstat from the command prompt to view NetBT statistics on the computer and determine the status of connections formed to the machine. You can also use nbtstat to preload #PRE entries in an Lmhosts file into the NetBIOS name cache and view the NetBIOS name and NetBIOS scope ID of a machine.
Example
nbtstat -n shows the NetBIOS names of the host that have been registered on the system; nbtstat -c displays the current contents of the NetBIOS name cache, which contains NetBIOS name to IP address mappings for other hosts on the network.
TIP
Nbtstat is useful for troubleshooting NetBIOS name resolution problems. You can run nbtstat -a < ComputerName > to obtain the local NetBIOS name table on <ComputerName> and its MAC address.
See network driver interface specification (NDIS)
See Novell Directory Services (NDS)
A measurement of the ability of cabling to reject crosstalk. Crosstalk is an undesirable condition in which the signals traveling through adjacent pairs of wire in twisted-pair cabling interfere with each other. Near-end crosstalk (NEXT) measures the ability of a cable to reject crosstalk between pairs of wire at the near end of the circuit. The pair causing the interference is called the “disturbing pair,” while the pair experiencing the interference is the “disturbed pair.” Channel NEXT is the NEXT value measured between one wire pair and another in the same cable; it is measured at both ends of the wire.
The NEXT value for a given cable type is typically expressed in decibels per 1000 feet and varies with the frequency of transmission. The higher the NEXT value, the greater the cable’s ability to reject crosstalk at its local connection. For example, the specifications for category 5 cabling include the minimum NEXT values shown in the following table. Note that the NEXT value generally decreases with increasing frequency, indicating increasing interference due to crosstalk at higher frequencies.
Graphic N-1. Near-end crosstalk (NEXT).
The NEXT types are as follows:
Pair-to-Pair NEXT: NEXT between adjacent pairs of wire in a twisted-pair cable. A typical four-pair (eight-wire) unshielded twisted-pair (UTP) cable has six possible values for pair-to-pair NEXT, which are then averaged. This simple measurement is not adequate, however, because every pair of wire generates crosstalk with every other pair in the cable.
Power Sum NEXT (PS NEXT): A more rigorous way of rating a cable’s crosstalk that measures the total amount of crosstalk between one wire pair and all its neighboring pairs in the same cable. PS NEXT is particularly important for cabling used in high-speed networks such as Gigabit Ethernet and Asynchronous Transfer Mode (ATM) networks.
Far-End Crosstalk (FEXT): A measurement of how the far end of one wire pair affects the near end of another pair.
Desired Data Rate and the Cable’s Minimum NEXT Value
| Frequency | Minimum NEXT Value |
| 4 MHz | 53 dB/1000 feet |
| 10 MHz | 47 dB/1000 feet |
| 20 MHz | 42 dB/1000 feet |
| 1000 MHz | 32 dB/1000 feet |
TIP
To minimize NEXT in installations of category 5 cabling, do not expose more than 2 inches of wire pairs at the termination point of the cable (the patch panel, wall plate, or RJ-45 connector). Also, do not untwist the wire pairs more than half an inch.
See National Electric Code (NEC)
Stands for NetBIOS Extended User Interface, a networking protocol developed by IBM and Microsoft in 1985 that is used for workgroup-size local area networks (LANs) with up to 200 stations. NetBEUI is an extension of the NetBIOS protocol.
NetBEUI was the primary protocol for LAN Manager and Windows for Workgroups. It is a fast and efficient protocol with low overhead that supports both connection-oriented communication (such as communication for mapping drives using the Net Use command and starting services remotely using the Net Start command) and connectionless communication (such as communication for sending datagrams, registering NetBIOS names, and performing NetBIOS name resolution).
NetBEUI is also self-tuning and implements flow control and error detection. It defines a framing mechanism at the transport layer and implements the LLC2 protocol of the Open Systems Interconnection (OSI) reference model for networking.
NOTE
NetBEUI is supported by all Microsoft Windows network operating systems; its implementation on Windows NT is called the NetBEUI Frame (NBF) protocol.
TIP
NetBEUI relies more heavily on broadcast packets than do the TCP/IP and NWLink IPX/SPX-Compatible Transport protocols; you should therefore use it only on smaller networks sized for workgroups. Because NetBEUI is a single-part naming scheme, it is a nonroutable protocol and is generally unsuitable for wide area networks (WANs).
An enhanced implementation of the NetBEUI protocol that is available on Microsoft Windows NT operating systems. Some of the enhancements and special features of NetBEUI Frame (NBF) include the following:
Support for network driver interface specification (NDIS) version 3 for full 32-bit asynchronous transport layer communication using the transport driver interface (TDI) layer as a NetBIOS emulator
Support for automatic memory tuning through dynamic memory allocation
Support for dial-up clients through the Remote Access Service (RAS)
An extension of NetBEUI’s limit of 256 concurrent NetBIOS sessions to more than 1000 sessions
NOTE
Although NetBEUI is essentially a nonroutable protocol, NBF supports Token Ring Source Routing on IBM Token Ring networks.
See also NetBEUI
Stands for Network Basic Input/Output System, a specification created by IBM and Microsoft that allows distributed applications to access each other’s network services independent of the transport protocol used.
NetBIOS provides network input/output services to support client/server applications on a network. From an architectural viewpoint, the NetBIOS specification defines two things:
An interprocess communication (IPC) mechanism or application programming interface (API) that allows applications that are NetBIOS-enabled to communicate remotely over a network and request services from lower levels of the protocol stack. This is the primary and original definition of NetBIOS.
A protocol operating at the session and transport layers of the Open Systems Interconnection (OSI) reference model that enables functions such as session establishment and termination as well as name registration, renewal, and resolution.
NetBIOS has more overhead than other IPC mechanisms. NetBIOS can take different forms depending on the network protocol on which it is running. The following table lists some common network protocols and the form that NetBIOS takes on each.
NetBIOS Protocol Stacks
| Network Protocol | Name When Combined with NetBIOS |
| NetBEUI | NBF (NetBEUI Frame protocol) |
| NWLink IPX/SPX-Compatible Transport | NWLink NetBIOS |
| TCP/IP | NetBT (NetBIOS over TCP/IP) |
See also NetBIOS name resolution, P-node, Windows Internet Name Service (WINS)
A 16-byte name for a networking service or function on a machine running Microsoft Windows NT. NetBIOS names are a more friendly way of identifying computers on a network than network numbers and are used by NetBIOS-enabled services and applications. NetBIOS names are used by Windows NT applications such as Windows Explorer and Network Neighborhood as well as by the Windows NT net commands.
In Windows 2000, NetLogon and other networking services now register in DNS, but legacy network command-line applications still use NetBIOS names to access these services.
How It Works
Each service that is NetBIOS-enabled requires a unique NetBIOS name to identify it on the network. This NetBIOS name consists of a name assigned to the computer during installation, which can be up to 15 characters, along with a 1-byte hexadecimal sixteenth character that identifies the type of service or function. The 15-character name can be the computer name, the domain name, or the name of the user who is logged on.
For example, the sixteenth character identifying the Windows NT Messenger service has the 1-byte hexadecimal identifier 03h. On a computer running Windows NT named SERVER12, the Messenger service would be uniquely identified on the network with the NetBIOS name SERVER12[03h]. NetBIOS names are also distinguished by whether they are
A unique name, which applies to a single IP address
A group name, which applies to a subnet group of IP addresses
A multihomed name, which applies to a multicast group of IP addresses
The following table shows some of the more common suffixes that constitute the hidden sixteenth character of a NetBIOS name and the networking service with which they are associated.
Common Suffixes for NetBIOS Names
| Suffix (Hex) | First 15 Characters | Networking Service |
| 00 | Computer name | Workstation service |
| 00 | Domain name | Domain name |
| 03 | Computer name | Messenger service |
| 03 | User name | Messenger service |
| 06 | Computer name | RAS Server service |
| 20 | Computer name | File Server service |
| 21 | Computer name | RAS Client service |
| 1B | Domain name | Domain master browser |
| 1C | Domain name | Domain controllers |
| 1D | Domain name | Master browser |
| 1E | Domain name | Browser service election |
TIP
To view the NetBIOS names registered for your computer, use the nbtstat command.
On TCP/IP internetworks, the process by which the NetBIOS name of a computer is resolved to its IP address. NetBIOS name resolution enables NetBIOS hosts to communicate with each other using TCP/IP. Once a host’s name has been resolved to its IP address, the address resolution protocol (ARP) can then be used to resolve the IP address into its corresponding physical layer or MAC address. Once the physical address of a host is known, frames may be placed on the wire and targeted to this address.
How It Works
When you go to the command prompt of a machine running Microsoft Windows and type a Net Use command to map a drive to a network share, you type the NetBIOS name of the target host in the command (for example, net use x: \\server7\pub ). For this command to be fulfilled, the NetBIOS name of the remote host must first be resolved into its IP address so that it can be contacted on the network. This process is called NetBIOS name resolution.
You can use a number of different methods to perform NetBIOS name resolution. The following table shows the order in which these are attempted when the hosts are H-node types. Each method is successively tried until the name is resolved into its IP address or name resolution fails. Some methods will not be available—for example, if there is no NetBIOS Name Server (NBNS) or DNS server on the network.
NetBIOS Name Resolution Methods
| Method (in the Order Applied) | Comments |
| Check local NetBIOS name cache | The cache contains recently resolved NetBIOS names. |
| Contact NBNS | This method works only if NBNS is configured. The name server is usually a Windows Internet Name Service (WINS) server on a Microsoft network. The requestor tries three times to contact the name server, and then tries to contact a secondary WINS server three times (if configured with secondary servers). |
| Perform local broadcast | The requestor broadcasts a NetBIOS name query request packet. The requestor tries three times before giving an error. |
| Check local lmhosts file (Unique to Microsoft networks. If all methods fail, an error message states that the computer could not be found on the network.) | The requestor checks if an Lmhosts file exists. |
| Check local hosts file (Unique to Microsoft networks. If all methods fail, an error message states that the computer could not be found on the network.) | On Windows NT the requestor checks the Hosts file if Enable DNS For Windows Resolution is selected on the WINS Address tab of the TCP/IP property sheet. This option is not available for Windows 2000. |
| Contact DNS server (Unique to Microsoft networks. If all methods fail, an error message states that the computer could not be found on the network.) | The requestor contacts the DNS server if Enable DNS For Windows Resolution is selected on the WINS Address tab of the TCP/IP property sheet and the DNS tab has a DNS server specified on it. The requestor also tries 5, 10, 20, and 40 seconds later. |
NOTE
A separate series of steps is used to resolve host names on a network that uses the Domain Name System (DNS). On IPX/SPX networks, NetBIOS over IPX (NBIPX) resolves NetBIOS names to Internetwork Packet Exchange (IPX) addresses.
See also host name resolution, NetBIOS, NetBIOS name, NetBIOS over TCP/IP node types
A server responsible for maintaining a list of mappings between NetBIOS computer names and network addresses for a network that uses NetBIOS as its naming service. A computer registers itself with the NetBIOS name server upon startup by providing the name server with its computer name and network address. When the computer needs to communicate with a remote machine, it queries the name server for the network address of the remote machine. Names can also be resolved by using broadcasts, but this is more wasteful of network bandwidth than use of a dedicated name server.
NOTE
On a Windows NT–based network, an enhanced form of NetBIOS name servers called Windows Internet Name Service (WINS) servers are used. WINS is a NetBIOS over TCP/IP (NetBT) mode of operation defined in Request for Comments (RFC) numbers 1001 and 1002 as p-node. WINS servers can also be used on Windows 2000–based networks, but the primary mode of name resolution for Windows 2000 is the Domain Name System (DNS).
See also Windows Internet Name Service (WINS), WINS server
The NetBIOS session-layer protocol and application programming interfaces (APIs) running on top of the TCP/IP network protocol. NetBIOS over TCP/IP (NetBT) supports NetBIOS session and naming functions such as the discovery, resolution, and release of NetBIOS names on a TCP/IP network, which allows the NetBIOS interface and client/server protocol to be extended over wide area networks (WANs). This can be done effectively only if you manage name processes such as NetBIOS name registration centrally using the Windows Internet Name Service (WINS) on Microsoft Windows NT. Broadcast-based name registrations usually don’t work over an internetwork because routers are typically configured not to forward broadcast packets to remote subnets.
The Server, Workstation, NetLogon, Browser, and Messenger services on Windows NT interact with NetBT by using the Transport Driver Interface (TDI) networking component.
Different configurations or node types of NetBIOS over TCP/IP (NetBT) hosts. The node type determines how the NetBIOS naming functions are performed. For example, the naming functions can be performed by broadcast, by a NetBIOS Name Server (NBNS) such as a Windows Internet Name Service (WINS) server, or by both. The node type also determines the order in which the functions are performed. The following list describes the NetBIOS naming functions (name resolution, name registration, and name release):
NetBIOS name discovery: NetBT hosts that want to communicate with similar hosts must issue a NetBIOS name query request to resolve the NetBIOS name of the target server into its IP address.
NetBIOS name registration: NetBT hosts must register their NetBIOS name when they are initialized on a network to ensure that there are no duplicate names on the network. NetBIOS name registration can be done either by broadcasts or by directed packets sent to a WINS server. Either or both methods can be used in either order, depending on the NetBT node type of the host.
NetBIOS name release: NetBT hosts must release their NetBIOS names when they are shut down or when a particular NetBIOS-enabled service is stopped on the server. This enables the released name to be used by another host. NetBIOS name release can be done by broadcasts or by directed packets sent to a WINS server. Either or both methods can be used in either order, depending on the NetBT node type of the host.
The NetBIOS over TCP/IP node types are listed in the following table.
NetBIOS over TCP/IP Node Types
| Node Type | Method (in the Order Applied) | Comments |
| B-node (broadcast) | Broadcast only | Uses NetBIOS name queries for name registration and name resolution. Typically not forwarded by routers, so limited to local subnet. Can create excessive traffic in large networks. |
| P-node (peer-to-peer) | NBNS only | Uses NBNS, which is a single point of failure for NetBIOS naming functions. |
| M-node (mixed) | Broadcast NBNS | A combination of B-node and P-node. Uses broadcast by default. If unable to resolve, uses NBNS. |
| H-node (hybrid) | NBNS Broadcast | A combination of P-node and B-node. Uses NBNS by default. Default node type for Microsoft clients if an NBNS is configured on the network. |
| Microsoft enhanced B-node | NetBIOS name cache Broadcast Lmhosts file | An enhanced broadcast that utilizes the Lmhosts file. Default node type for Microsoft clients if no NBNS is configured on the network. |
TIP
You can configure the NetBIOS node type directly on a Microsoft Windows NT client by using the registry, but the preferred way is to configure DHCP scope option number 46 on the DHCP server and configure the clients as DHCP clients.
See also NetBIOS name resolution
A character string appended to a NetBIOS name of a host that identifies the host as belonging to a specific group. You can use NetBIOS scope IDs to segment the flat NetBIOS namespace into a series of subspaces. Two hosts can communicate only if they have the same NetBIOS scope ID and belong to the same subspace. The total length of a NetBIOS name plus scope ID cannot exceed 256 characters.
NOTE
The topology of NetBIOS subspaces does not have to match the physical topology of the network or the logical topology of subnets on a TCP/IP internetwork.
TIP
Using NetBIOS scope IDs is no longer recommended, especially if you are also using the Domain Name System (DNS) for naming hosts on your network. You should configure NetBIOS scope IDs only if you want to isolate a particular subset of computers on your network from the rest of the network and allow them to communicate only among themselves. (You configure a NetBIOS scope ID on a computer running Microsoft Windows NT 4 by using the WINS Address tab of the TCP/IP property sheet. In Windows 2000, you must manually modify an entry in the registry.)
If trust relationships are configured between several Windows NT domains on your network, using NetBIOS scope IDs can break the effect of these trust relationships by preventing pass-through authentication between trusted domain controllers that have different scope IDs. Furthermore, in a single-domain environment, if the scope ID of a workstation is different from that of the domain controllers, users will not be able to log on to the network at that workstation.
See NetBIOS over TCP/IP (NetBT)
A group of commands that can be used at the command prompt for managing certain aspects of networking on Microsoft Windows platforms. These commands are summarized in the following tables. For more information about a specific command (such as net accounts), type net accounts /? or net help accounts at the command prompt. For additional information on the net commands for Windows NT and Windows 2000, refer to Windows Help.
Net Commands for Windows NT and Windows 2000
| Command | Description |
| Net Accounts | Update the accounts database, modify account and password settings, or display account information. |
| Net Computer | Add or remove computers from the domain. |
| Net Config | Display or change the setting for the Server or Workstation service. |
| Net Continue | Restart a paused Windows service. |
| Net File | Display a list of open shared files and file locks; this command can be used to close a shared file and remove a file lock. |
| Net Group | Add, modify, delete, or display global group account information in the domain directory database. |
| Net Help | Obtain a list of net commands or get help for a specific net command. |
| Net Helpmsg | Obtain further information about Windows network messages. |
| Net Localgroup | Add, modify, delete, or display local group account information in the local or domain directory database. |
| Net Name | Add, delete, or display the names or aliases that the Messenger service recognizes as representing your computer. |
| Net Pause | Pause a Windows service to allow users to disconnect before stopping it. |
| Net Print | Display and manage jobs in a print queue. |
| Net Send | Send a message to a user or computer over the network. |
| Net Session | Display the list of currently connected sessions on the local computer. |
| Net Share | Create, delete, or display shared resources. |
| Net Start | Display a list of running services or start a specific stopped service. |
| Net Statistics | Display statistics about the Server and Workstation services. |
| Net Stop | Stop a specified Windows service that is currently running. |
| Net Time | Synchronize the computer’s clock with that of another computer or domain, or display the time for a computer or domain. |
| Net Use | Connect or disconnect to shared resources or display information about connections. |
| Net User | Add, modify, delete, or display user account information in the local or domain directory database. |
| Net View | Display a list of computers in the domain or display the shared resources available on a specific computer. |
Net Commands for Windows 95 and Windows 98
| Command | Description |
| Net Config | Display current computer settings. |
| Net Diag | Run the Microsoft Network Diagnostic program to display diagnostic information about a computer. |
| Net Help | Obtain a list of net commands or get help for a specific net command or error message. |
| Net Init | Load protocol and network-adapter drivers without binding them to Protocol Manager. |
| Net Logoff | Break connections to network resources. |
| Net Logon | Log on to a domain. |
| Net Password | Change logon password. |
| Net Print | Display and manage jobs in a print queue. |
| Net Start | Start services. |
| Net Stop | Stop services. |
| Net Time | Synchronize the computer’s clock with that of another computer or workgroup, or display the time for a computer or workgroup. |
| Net Use | Connect or disconnect to shared resources or display information about connections. |
| Net Ver | Display information about workgroup redirector. |
| Net View | Display a list of computers in the workgroup or display the shared resources available on a specific computer. |
Example
Some of the commands produce more than one screen of output at the command prompt. To prevent information from scrolling off the screen, pipe the output through More (for net help accounts | more).
A network interface layer that Microsoft SQL Server uses to communicate with database client software.
How It Works
Net-Libraries are specific to each type of interprocess communication (IPC) mechanism. A Net-Library can be loaded for each IPC mechanism being used—for example, one Net-Library for named pipes communication and another for TCP/IP sockets. Net-Libraries are used at both the server and client levels. This allows clients on different networks to be supported simultaneously using the built-in Microsoft Windows NT and Windows 2000 support for running multiple network protocols simultaneously on one system.
Net-Libraries on SQL Server listen for incoming connection attempts from database clients. SQL Server has a multiprotocol networking library that listens using named pipes, TCP/IP ports, and Sequenced Packet Exchange (SPX) sockets.
NOTE
Be sure to distinguish between the particular IPC mechanism and its underlying network protocol. Some IPC mechanisms (such as named pipes) can function simultaneously over multiple network protocols such as NetBEUI, NWLink IPX/SPX, and TCP/IP.
A Microsoft Windows NT service that authenticates users who attempt to log on to the domain. For example, if a user attempts to log on interactively to a computer running Windows NT Workstation within the domain, the NetLogon service running on the workstation forwards the logon request to a domain controller within the domain using a process called pass-through authentication. The workstation knows how to contact the domain controller because during startup the workstation finds a domain controller through a process called discovery, after which an implicit trust relationship establishes a secure communication channel between the workstation and the domain controller.
The NetLogon service also ensures that all domain controllers within the domain are synchronized by having the primary domain controller (PDC) periodically notify groups of backup domain controllers (BDCs) that they should query the PDC for any updates to the Security Account Manager (SAM) database. The NetLogon service also enables and maintains trust relationships between domains on a multidomain deployment of Windows NT.
The administrative share for the scripts folder on Microsoft Windows NT domain controllers at %SystemRoot%\system32\repl\import\scripts. This share is used by the NetLogon service for the following purposes:
Storing a default user profile for users (which must be stored in a subdirectory called Default User). If a user without a local profile on his or her workstation or a server-based roaming profile logs on, the default user profile is used.
Storing logon scripts (for example, logon.bat).
Storing system policies (ntconfig.pol or config.pol files).
When a client logs on to a Windows NT domain and is authenticated, the final step in the logon process involves connecting to the NetLogon share and downloading or applying any of the items in the preceding list.
A TCP/IP utility that displays the current TCP/IP connectivity status and statistics. Netstat is available on a computer running Microsoft Windows if the TCP/IP protocol stack has been installed on that machine. You can run netstat from the command prompt to get current TCP/IP statistics and connections for the local machine. You can also view statistics on a per-protocol basis for Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Protocol (IP), or Internet Control Message Protocol (ICMP).
Netstat provides information on
IP addresses and port numbers of TCP/IP connections, including client and server connections. Either host names or IP addresses can be displayed. For example, netstat -a displays all connections and listening ports (for TCP and UDP).
Ethernet statistics, including bytes sent and received, directed and broadcast frames sent and received, discards, and errors.
The routing table for the local machine.
A network operating system from Novell that is widely used in local area networks (LANs). NetWare was created by Novell in the early 1980s.
NetWare versions 2 and 3 were essentially used for LAN-based file and print servers running the Internetwork Packet Exchange (IPX) protocol that were administered by menu-driven MS-DOS-based utilities such as syscon, filer, fconsole, pconsole, and monitor. NetWare 4 offers a more scalable solution by providing Novell Directory Services (NDS). The hierarchical NDS allows users to locate and access shared resources anywhere on the network regardless of their physical location. NDS supports the TCP/IP protocol and the Windows-based administration tool nwadmin, which replaced most of the menu-driven MS-DOS–based administration tools for managing an entire NetWare 4–based network from a single location. NetWare 4 also supports single-network logon, in which users log on once to the NDS tree, are authenticated, and can then find and access all resources on the network for which they have appropriate permissions. Other internal system enhancements enable NetWare 4 to provide improved performance for file and print services.
NetWare 5, the latest version, includes support for native Internet Protocol (IP), Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), and a new multiprocessing kernel with virtual memory support.
TIP
Microsoft Windows NT and Windows 2000 offer many services for interoperating with and migrating from NetWare servers and networks, including the following:
NWLink IPX/SPX-Compatible Transport
Gateway Service for NetWare (GSNW)
Client Services for NetWare (CSNW)
File and Print Services for NetWare (FPNW)
Migration Tool for NetWare
See Novell Directory Services (NDS)
The group of protocols developed for and specific to the Novell NetWare network operating system (NOS); popularized in NetWare versions 2 and 3. Some of the networking architecture of NetWare protocols evolved from the Xerox Network Systems (XNS) created in the late 1970s. The more important NetWare protocols that figure prominently in NetWare version 3 include the following:
Internetwork Packet Exchange (IPX): A network layer (layer 3) protocol that identifies stations and the networks they reside on and can be used to route packets from one network to another on an IPX internetwork.
Sequenced Packet Exchange (SPX): A transport layer (layer 4) protocol that provides reliable, connection-oriented communication sessions between hosts on a network.
NetWare Core Protocol (NCP): An upper-layer (layers 5 and 6) protocol that services requests from applications such as the NetWare shell. NCP supports file and print services, management of network and host names, and accounting and security functions.
NetBIOS: An upper-layer protocol that provides session-layer interoperability with other NetBIOS-enabled operating systems such as LAN Manager and Microsoft Windows NT.
Service Advertising Protocol (SAP): Enables NetWare servers to advertise themselves as present on the network and allows clients to find and access resources.
NOTE
In addition to these original NetWare protocols, NetWare version 4 also supports Internet Protocol (IP) encapsulation of IPX/SPX packets, which means that IPX datagrams can be encapsulated within User Datagram Protocol (UDP) packets for transmission over TCP/IP internetworks. NetWare 5 has native support for TCP/IP.
A system tool in Microsoft Windows 95 and Windows 98 for monitoring shared resources on other computers running Windows 95 and Windows 98. You must enable remote administration on the computers to be monitored using the Passwords utility in Control Panel. Net Watcher is the Windows 95 and Windows 98 equivalent of the more powerful Windows NT tool Server Manager and Windows 2000 tool Computer Management.
Net Watcher shows all current connections to a computer running Windows 95 or Windows 98, along with the names of the connected users, the files and printers that are in use, and the level of access granted. An administrator can use Net Watcher to disconnect users from shared resources, close files that are in use, create new shares, and stop sharing existing shares.
Graphic N-2. Net Watcher.
NOTE
Net Watcher cannot show hidden shares.
A point at which sections of the Internet’s high-speed backbone are connected. Internet service providers (ISPs) are connected at Network Access Points (NAPs) so that they can exchange packets.
How It Works
The backbone of the Internet actually consists of sections of high-speed fiber-optic cabling that are owned by different carriers (including AT&T, Sprint, and MCI WorldCom). NAPs are places at which these carriers interconnect their lines so that the Internet can function as a single entity. NAPs contain high-speed switching facilities for transferring traffic from one carrier’s lines to another’s.
The National Science Foundation originally established four different NAPs in Chicago, New York, San Francisco, and Washington, D.C., but with the growth of the Internet and the changing landscape of telecommunication carrier companies, more NAPs have been created. These include “MAE West” in San Jose and “MAE East” in Washington, D.C., both of which are operated by MCI WorldCom.
To lessen the traffic burden on the Internet’s backbone, major ISPs can connect their services directly to a NAP in the form of a “peering arrangement,” whereby traffic that needs to move between two ISPs connected to the same NAP can move directly from one ISP to the other instead of having to traverse the Internet’s backbone.
A general name for a server at an Internet service provider (ISP) that a dial-up client connects to in order to establish a Point-to-Point Protocol (PPP) connection. Network access servers (NAS’s) provide dial-up entry points for PPP clients to connect to the Internet. They can also be used to tunnel through the Internet to establish a virtual private network (VPN) using the Point-to-Point Tunneling Protocol (PPTP). Another name for a NAS is a point of presence (POP) server.
The NAS is typically responsible for authenticating the dial-up client’s credentials and negotiating flow control and error correction. NAS’s can be general-purpose server computers running specialized NAS software such as Internet Connection Services for Microsoft Remote Access Service (RAS), or they can simply be routers with support for a built-in PPP connection, which are often called “access servers.”
Graphic N-3. Network access server (NAS).
See network interface card (NIC)
A form of packet filtering used in firewall products that protects a network from outside intrusion by hackers. Network address translation (NAT) also eliminates the need for an organization to have a set of globally unique IP addresses, thus helping to conserve the available pool of IPv4 addresses for the Internet.
How It Works
NAT is essentially the translation of IP addresses in one network into those for a different network. NAT is usually implemented on firewalls in which one network (the private network) is hidden behind the firewall while the other network (the public network) represents distrusted users from whom the IP addresses of the private network must be hidden.
NAT replaces the internal network IP address for each Internet Protocol (IP) packet passing through the firewall with a dummy one from a fixed pool of addresses. The actual IP addresses of computers on the private network are thus hidden from users outside the firewall. All requests that pass through the firewall have their addresses translated on the way to the private network, and all responses returned to the unsecure public network have their addresses translated back on the way out of the private network.
Implementing NAT on a router or firewall essentially involves creating and configuring a NAT table containing the private/public IP address mappings. These mappings can be statically created or dynamically generated from a specified pool of IP addresses (either randomly or, more often, on a round-robin basis). A static NAT table essentially consists of a series of NAT rules that specify how IP addresses will be translated.
For example, a typical static NAT rule might be equivalent to the statement, “Translate all IP addresses belonging to the network 176.43.8.z to IP addresses in the form 145.5.133.z with the subnet mask 255.255.255.0 used for both networks.” This rule results in the address 176.43.8.1 being mapped to 145.5.133.1, 176.43.8.2 being mapped to 145.5.133.2, and so on.
A dynamic NAT rule might be used when the number of IP addresses that need to be translated is not equal to the number of NAT IP addresses that you can translate to. In this case, if all the NAT IP addresses are being used, external hosts trying to form new connections are rejected. Each time a connection is formed between the external and internal networks, a different NAT IP address is assigned to the internal host being connected to. This effectively hides the network identity of the hosts on the private network from hosts outside the firewall.
Another NAT technique that is frequently implemented on Linux machines is called masquerading. In this situation, all the IP addresses of the internal private network are hidden to outsiders, who can access only the single IP address of the interface exposed to the public network. An arbitrary number of Transmission Control Protocol (TCP) connections can be multiplexed through the single IP address by assigning each connection a different port number (chosen by default from the range 61,000 through 65,096, which allows up to 4096 simultaneous connections).
In addition to securing your private corporate network, NAT also reduces the need to get a block of unique IP addresses from your Internet service provider (ISP). Only the far side of your router or firewall server needs a unique IP address from your ISP—you can use any IP addresses within your network because your private network is securely hidden from the outside world behind your firewall. This reduces costs and helps extend the viability of the current IPv4 system by reducing the number of unique IP addresses required on the Internet. In fact, the original impetus for the development of NAT technologies was the fact that the available pool of unique IPv4 addresses was steadily running out. NAT was viewed as a temporary solution until IPv6 could be standardized and implemented, but the security advantages of using NAT in firewalls has revitalized IPv4 and made migration to IPv6 less urgent.
NAT is defined in Request for Comments (RFC) 1631.
A utility in Microsoft Windows 2000 that allows a client machine to connect to a remote access server or the Internet over a phone line or some other WAN link. (This utility is named Dial-Up Networking in Windows NT, Windows 95, and Windows 98.) In Windows 2000, you can use Network and Dial-up Connections to create
A dial-up connection to a Remote Access Service (RAS) server on a private network
A Virtual Private Network (VPN) connection over the Internet
A direct connection to a second computer using a serial, parallel, or infrared port
You can also use Network and Dial-up Connections to configure a stand-alone computer running Windows 2000 (one that is not part of a domain) to accept incoming connections from other computers.
NOTE
If your Windows 2000–based computer is part of a domain, use the Routing and Remote Access console to configure instead of Network and Dial-up Connections to accept incoming connections.
An umbrella term describing the topologies, access methods, protocols, and other technologies used for networking. The following are examples of network architectures for local area networks (LANs):
Ethernet: By far the most popular network architecture for LANs. Ethernet supports speeds of 10, 100, and 1000 Mbps and is based on the contention method of media access control.
Token Ring: An architecture developed by IBM. Legacy IBM networks support speeds of 4 and 16 Mbps, although vendors are working on standards for much higher speeds.
AppleTalk: An architecture developed by Apple for its Macintosh platform that is essentially a protocol suite that can run over Ethernet, Token Ring, or Fiber Distributed Data Interface (FDDI) networks.
ARCNET: An older LAN architecture developed by Datapoint for small bus topology networks.
Software that runs on a client computer and allows it to establish connectivity with services running on server computers. In Microsoft Windows 95 and Windows 98, the network client is one of several components that can be installed to provide connectivity with different kinds of networks. Without the appropriate client software, a workstation cannot access files and print resources or other resources on a network server.
Windows 95 and Windows 98 include several different network clients:
Client for Microsoft Networks, which allows a computer running Windows 95 or Windows 98 to participate in a Windows network and access file and print resources on Windows NT or LAN Manager servers
Client for NetWare Networks, which allows a computer running Windows 95 or Windows 98 to participate in a NetWare network and access file and print resources on NetWare servers
Clients for Novell, Banyan, and other networks
NOTE
To add or remove a network client, use the Network utility in Control Panel, select the Configuration tab, and click Add.
An add-on for MS-DOS that allows MS-DOS-based workstations to use resources such as shared folders, printers, and applications on a Microsoft network. Using Network Client, an MS-DOS-based workstation can participate in both workgroups and Windows NT domains.
Network Client must be installed on a machine that already has MS-DOS installed on it. Network Client has limited support for TCP/IP networking functionality such as Dynamic Host Configuration Protocol (DHCP), Windows Internet Name Service (WINS), and Domain Name System (DNS).
NOTE
You can create installation disks for Network Client using the Network Client Administrator tool in Windows NT.
TIP
If you can’t remember the syntax for Network Client commands when you use the MS-DOS command prompt, type net to load and open the Network Client pop-up command interface.
Network Client cannot function as a master browser, so if you want to browse network resources using Network Client, a master browser must already be installed on the network.
A Microsoft Windows NT administrative tool for installing client software on client machines. You can use Network Client Administrator to
Create network installation startup disks for booting a client machine, connecting to a distribution server, and installing a client operating system (such as Windows 95 or Microsoft Network Client 3.0 for MS-DOS). You must configure the disk for the particular network interface card (NIC) used by the client machine.
Create a set of installation disks to manually install Microsoft Network Client 3.0 for MS-DOS, Remote Access v1.1a for MS-DOS, TCP/IP-32 for Windows for Workgroups, or LAN Manager 2.2c on client machines.
Install tools for administering Windows NT–based servers on machines running Windows NT Workstation, Windows 95, and Windows 98.
Share the client-based network administration tools.
View remoteboot service information.
A standard or specification that simplifies the process of writing drivers for network interface cards (NICs) and enables them to interact transparently with various transport protocols. The network driver interface specification (NDIS) is also a library of routines (or “wrapper”) in Microsoft Windows NT that is implemented through the file ndis.sys, which provides a uniform programming interface between NIC drivers and network protocols. NDIS simplifies the development of drivers for NICs.
NDIS was developed jointly by Microsoft and 3Com in 1989 and has gone through a series of revisions, as shown in the following table. The most recent versions allow one NIC to be bound to many protocols (which is ideal for heterogeneous networks) or allow one protocol to run on a system with multiple NICs (which helps increase network bandwidth for heavily used servers).
NDIS Versions
| Version | Platform | 16-bit or 32-bit | Features |
| 2 | Windows for Workgroups and OS/2 | 16 | Real mode; each NIC must have its own driver. |
| 3 |
Windows NT 3.5 x | 32 | Unlimited number of NICs can be bound to an unlimited number of protocols. |
| 3.1 | Windows 95 | 32 | A superset of NDIS 3 with plug and play functionality and support for minidrivers. Windows 95 supports up to four NICs in a computer. |
| 4 | Windows NT 4 | 32 | Unlimited number of NICs can be bound to an unlimited number of protocols. Also allows capturing of all frames on local network segment without the need to switch the NIC to promiscuous mode. |
| 5 | Windows 98 and Windows 2000 | 32 | Adds support for connection-oriented networks such as Integrated Services Digital Network (ISDN) or Asynchronous Transfer Mode (ATM), including support for multiple virtual circuits on one network adapter. |
See also I/O Manager
A client/server distributed file system developed by Sun Microsystems that has become the standard file system for various implementations of the UNIX platform. Network File System (NFS) lets users transparently store and access information on both local and remote computers on a TCP/IP internetwork.
How It Works
NFS uses remote procedure calls (RPCs) running over User Datagram Protocol (UDP) on server port 2049 for stateless communication between clients and file servers on the network. NFS clients (client machines running NFS client software) import remote file systems from NFS servers, while the NFS servers export local file systems to clients.
Machines running the NFS client can connect to NFS servers and read, modify, copy, move, or delete files on the server using RPC requests such as READ, WRITE, CREATE, and MKDIR. To the user accessing the remote file system from the client, the files appear to be stored locally on his or her system.
Before a user can access files within the directory structure on the local UNIX file system of the NFS server, the administrator must mount the portions of the local UNIX file system that will be made accessible to clients and assign appropriate user privileges.
The portion of an IP address that identifies the TCP/IP network on which a host resides. The network ID portion of an IP address uniquely identifies the host’s network on an internetwork, while the host ID portion of the IP address identifies the host within its network. Together, the host ID and network ID, which make up the entire IP address of a host, uniquely identify the host on a TCP/IP internetwork.
How It Works
The network ID is found by logically ANDing the binary form of the IP address with the binary form of the subnet mask for the network. For example, if a host has an IP address of 172.16.8.55 on a network with a subnet mask of 255.255.0.0 (the default subnet mask), the network ID of the host is 172.16.0.0, or simply 172.16.
TIP
When you assign network IDs to local area networks (LANs) connected by routers, each LAN and each WAN link must have a unique network ID.
See also host ID
A client/server directory services application developed by Sun Microsystems for UNIX. Network Information System (NIS) acts as a kind of “yellow pages” for locating resources on a TCP/IP internetwork, enabling applications or users to locate and access files and applications anywhere in the network using only a single username and password.
How It Works
NIS uses remote procedure calls (RPCs) for communication between clients and servers. NIS client programs access NIS servers to locate resources and authenticate resource access.
A newer version called NIS+ includes additional security features. NIS is often used with the Network File System (NFS).
An adapter card that plugs into the system bus of a computer and allows the computer to send and receive signals on a network. A network interface card (NIC) is also known as a network adapter card or simply a network card.
How It Works
NICs can be legacy components that require manual configuration of interrupt request (IRQ) and base I/O port settings, or they can be plug and play components. NICs are available for any system bus type: Industry Standard Architecture (ISA), Extended Industry Standard Architecture (EISA), Micro Channel Architecture, and Peripheral Component Interconnect (PCI). PCI cards are 32-bit and give the best performance. They are available in various speeds, such as 10 Mbps for Ethernet and 10/100 Mbps for Fast Ethernet. Other cards are available for networking technologies such as Token Ring and Fiber Distributed Data Interface (FDDI).
A computer can communicate with the NIC using several methods, including memory-mapped I/O, direct memory access (DMA), or shared memory. A parallel stream of data is sent to the card and buffered before being packaged into discrete frames for serial transmission over the network. Framing adds headers and trailers to the data, which contains addressing, clocking, and error-checking information. The frames are then converted to electrical voltage pulses that drive an electrical signal over the wire. The receiving NIC processes the signal in the reverse order into a data stream for the receiving computer. Many of these functions are built into the network firmware, while others are governed by the NIC driver software installed on the computer.
NICs can have one or more connectors for cabling to be attached, such as
RJ-45 connector for twisted-pair cabling (the most common type)
BNC connector for thinnet cabling
DB15 connector for connecting drop cables to thicknet cabling
Layer 3 of the Open Systems Interconnection (OSI) reference model for networking. The network layer is responsible for functions such as the following:
Logical addressing and routing of packets over the network
Establishing and releasing connections and paths between two nodes on a network
Transferring data, generating and confirming receipts, and resetting connections
The network layer also supplies connectionless and connection-oriented services to the transport layer above it. The network layer functions closely with the physical layer (layer 1) and data-link layer (layer 2) in most real-world network protocol implementations.
On TCP/IP-based networks, IP addresses and network numbers are used at the network layer, and IP routers perform their routing functions at this layer. An example of an OSI model network layer protocol is the X.25 packet-switching network layer protocol, which is built on the X.21 physical layer protocol.
See also Open Systems Interconnection (OSI) reference model
A Microsoft Windows 2000 and Windows NT administrative tool that functions as a software-based network packet analyzer for troubleshooting network problems. You can use Network Monitor to
Capture data frames from a connected network
Display, filter, edit, and retransmit frames on the network
Monitor and display protocol statistics
Examine individual captured frames in detail
Graphic N-4. Network Monitor.
NOTE
The version of Network Monitor included with Windows NT is a simplified version that lacks some of the features in the full version included with Microsoft Systems Management Server (SMS). In particular, the simplified version can perform only local capturing of data to and from the computer running Network Monitor.
A Microsoft Windows NT service that allows a computer to capture all traffic on the local network segment, which it can then collect centrally and display on a computer running Network Monitor. Network Monitor Agent also provides the Network Segment object for Performance Monitor. You can install Network Monitor Agent in Windows NT, and you can install a similar service in Windows 95 and Windows 98, by using the Network utility in Control Panel. (See the Admin folder on the Windows 95 or Windows 98 CD.)
NOTE
To install Network Monitor Agent in Windows NT, use the Network utility in Control Panel. Then use the Network Monitor Agent utility in Control Panel to configure, capture, and display packets to prevent unauthorized monitoring of your server. Installing Network Monitor Agent also enables the Network Segment object in Performance Monitor.
A desktop icon in Microsoft Windows NT, Windows 95, and Windows 98 that allows users to browse shared network resources on their computers. Using Network Neighborhood, you can browse resources on the network in the same way that you use My Computer to browse the resources on your local machine. These two tools provide complementary views of system and network resources to those provided by Windows Explorer.
When you open Network Neighborhood to view the connected network, you see all the computers in your present domain or workgroup, plus an entity called Entire Network. You can open Entire Network to browse resources on all the connected networks that your computer is aware of.
TIP
If you know your network domain settings are correct and you try to browse Network Neighborhood but only the Entire Network icon is visible, and if when you double-click on the Entire Network icon you get an error message saying “Unable to browse the network,” your network cable might have come loose from its network interface card (NIC).
See also My Computer, My Network Places
An Internet standard protocol that governs the interaction between Network News Transfer Protocol (NNTP) servers (news servers) and NNTP clients (news readers). NNTP is the underlying protocol on which the Usenet Internet news system is built.
How It Works
NNTP is both a client/server protocol and a server/server protocol. It offers a set of simple text commands that
Enable NNTP clients such as Microsoft Outlook Express and Microsoft Internet Mail and News to use TCP port number 119 to connect to an NNTP service or daemon running on an NNTP server and download a list of newsgroups, read the messages in a newsgroup, or post a new message to a newsgroup.
Enable NNTP servers such as Internet Information Server (IIS) 4 running the NNTP Service or Microsoft Exchange Server 5.5 running the Microsoft Exchange Internet News Service to connect to other NNTP servers on the Internet and replicate newsgroups and their content among each other. This replication process between NNTP servers (or hosts, as they are called) forms the basis of the worldwide news system called Usenet.
NNTP connections between clients and servers and between servers and servers use Transmission Control Protocol (TCP) for reliable, guaranteed packet delivery. Clients connecting to servers might require authentication before their NNTP commands are accepted.
NNTP client commands include the following:
LIST: To obtain a list of newsgroups available on the server
GROUP: To select a specific newsgroup
ARTICLE: To display a selected message
POST: To post a new message or reply to an existing one
NNTP is defined in Request for Comments (RFC) 977.
Numbers that you must configure to ensure proper network communication when you configure the NWLink IPX/SPX-Compatible Transport protocol for Microsoft Windows NT and Windows 2000. You must configure two different network numbers to ensure proper network communication:
The Internetwork Packet Exchange (IPX) network number (also known as the external network number), a unique number assigned to all computers on the same network segment that are using the same NWLink frame type. In Windows 2000 Server, you configure this number by accessing the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol property sheet, selecting Manual Frame Type Detection, clicking Add, and entering the number.
The virtual network number (also known as the internal network number), a unique number assigned to a machine that enables it to be used in a multiple network environment. This number is hexadecimal 0 by default; in Windows 2000, you can configure it by specifying it on the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol property sheet.
NOTE
For the TCP/IP protocol for Windows NT and Windows 2000, the network number is usually referred to as the network ID.
TIP
To view the IPX network number of a computer running Windows NT or Windows 2000, type ipxroute config at the command prompt.
A group of computers connected in some fashion in order to share resources. Networks with enhanced storage and server-based processing power provide users with greater functionality and security than independent or stand-alone machines.
Networks can be classified based on
Physical size: They can be classified as local area networks (LANs), metropolitan area networks (MANs), or wide area networks (WANs).
Topology: Topologies (the manner and complexity of interconnections) include the bus topology, star topology, ring topology, and mesh topology.
Security: Networks can be based on workgroups, in which all machines control their own security, or they can be based on servers (such as domain-based Microsoft Windows 2000 networks).
Network architecture: For example, networks can be classified as Ethernet, Token Ring, or Fiber Distributed Data Interface (FDDI) networks.
Primary protocol: Networks can be classified as Internet Protocol (IP) networks, Internetwork Packet Exchange (IPX) networks, Systems Network Architecture (SNA) networks, and so on.
NOTE
In TCP/IP networking, a network is a group of hosts with the same network ID. Multiple networks can be combined using routers to form an internetwork. Each network in an internetwork can be referred to as a subnetwork.
Also called server operating system, a computer operating system that is network-aware. Network operating systems (NOS’s) typically provide support for features such as the following:
File and printer sharing
Data security and authentication
Distributed applications
Messaging
Centralized administration
You can use a NOS to create local area networks (LANs) that function as either peer-to-peer networks or server-based networks, depending on your needs and budget. Examples of NOS’s include Microsoft Windows NT, Novell NetWare, and Banyan VINES. Cisco’s Internetwork Operating System (IOS) is an example of a NOS that runs not on computers but on internetworking devices such as routers.
A protocol that operates at the network layer (layer 3) of the Open Systems Interconnection (OSI) reference model for networking. Common network protocols include the following:
Internet Protocol (IP): Part of the TCP/IP protocol suite for connectivity with the Internet
Internetwork Packet Exchange (IPX): A Novell NetWare protocol
NetBEUI: A protocol developed from NetBIOS that functions at both the network and transport layers
Microsoft 32-bit Windows operating systems are implemented in a layered fashion that allows multiple network protocols to be bound to multiple network interface cards (NICs) and allows multiple network clients and services to access these protocols. Windows computers can thus establish connectivity and interoperability with non-Microsoft operating system platforms such as UNIX and Novell NetWare.
See resource on a network
A text file that provides a local method of resolving network names into their network IDs on a TCP/IP network. The entries in the networks file are friendly names for TCP/IP networks; they can be used in TCP/IP commands such as the route command and for TCP/IP network management.
How It Works
The networks file is at the following location on computers running Microsoft Windows:
Windows NT and Windows 2000: %SystemRoot%\system32\drivers\etc
Windows 95 and Windows 98: \Windows
Each line in the networks file contains a friendly network name for the network, followed by the IP address of the network and an optional comment prefixed with a pound sign (#). The following example is from the sample networks file included with Windows 95 and Windows 98:
loopback 127 campus 284.122.107 london 284.122.108
See also hosts file, lmhosts file, protocol file, services file
A special identity or system group that exists on all servers and workstations running Microsoft Windows NT and Windows 2000. The Network group includes any user who has successfully connected to a shared resource on the computer from over the network. The group enables network users to access resources on the computer, in contrast to the Interactive group, which enables locally logged-on users to access resources on the machine.
Administrators cannot modify system groups. This means that they cannot directly modify membership in the Network group or the rights of the group.
See also built-in group
A device for connecting digital Integrated Services Digital Network (ISDN) customer premises equipment to ISDN lines. The Network Termination Unit (NTU) allows customer premises equipment to be connected to the switching equipment at the telco’s central office (CO).
How It Works
Digital ISDN customer premises equipment such as routers and ISDN phones usually have an ISDN S/T interface, while the ISDN termination at the customer end of the local loop usually has a U interface using an RJ-45 connector. The NTU converts the U termination of the ISDN line to one or more standard coding S/T interfaces that are suitable for connecting digital ISDN-ready phones, routers, and other devices to an ISDN line. NTUs work differently than ISDN terminal adapters, which allow you to connect analog telephones, faxes, and similar equipment to your ISDN line. NTUs typically support either point-to-point or multipoint connections over distances of up to 5.4 kilometers on 26 AWG copper twisted-pair cabling.
NOTE
Some newer ISDN-enabled devices have a built-in U interface, making an NTU unnecessary. The following table shows the differences between the Basic Rate ISDN U and S/T interfaces.
Basic Rate ISDN U Interfaces vs. Basic Rate ISDN S/T Interfaces
| Property | U Interface | S/T Interface |
| Number of wires | 2 | 4 |
| Connector | RJ-45 | RJ-45 |
| Zero-to-peak voltage | 2.5 V | 0.75 V |
| Line coding | 2B1Q (or 4B3T in Europe) | ASI (Alternate Space Inversion) |
See also Integrated Services Digital Network (ISDN)
The percentage of available bandwidth being used in a network. For Ethernet networks, a network utilization of 40 to 60 percent is normally the maximum; higher utilization results in more collisions and retransmissions. Another word that describes network utilization is “throughput,” which is typically measured in Mbps or MB/sec.
Information sent from one Usenet host to another to replicate newsgroup listings and content. Newsfeeds are an essential part of the Usenet architecture; they allow news servers all over the Internet to exchange lists of newsgroups and messages. Usenet newsfeeds come in two types:
Push feed: Initiated by the remote host. This type is usually used when the newsfeed is very large.
Pull feed: Initiated by the local host. This type gives the local host more control over what to download.
The host that provides the newsfeed is called the inbound host; the host that receives the newsfeed is called the outbound host.
NOTE
Microsoft Exchange Server supports downloading Usenet newsfeeds through the Internet News Service.
A collection of posted messages on a Network News Transfer Protocol (NNTP) server. Newsgroups contain postings on a particular topic, although they are often a prime target for spammers who post unsolicited advertisements. Newsgroups are defined hierarchically using a dotted notation. An example of a newsgroup is alt.books.computing, which is an “alternative” group that discusses books about computing. The dotted notation of the newsgroup name emphasizes the hierarchical structure of the Usenet system of newsgroups. For example,
alt is the root of the hierarchy of alternative newsgroups.
alt.books refers to either a newsgroup on alternative books or a collection of such newsgroups.
alt.books.cooking refers to either a newsgroup of alternative cookbooks or to a collection of such newsgroups.
Newsgroups can be either moderated or unmoderated. In moderated newsgroups, all messages posted to the newsgroup are first sent to the newsgroup moderator, who accepts or rejects messages depending on their relevance to the group’s focus. Unmoderated groups are generally a free-for-all, although politeness dictates that users post only messages related to the newsgroup’s focus.
TIP
When you first join a newsgroup, it’s a good idea to “lurk” in the background for a while and read the postings to understand the focus and tone of the group. Posting off the topic or at too low a level in an advanced group can lead a “newbie” to get flamed.
See also Usenet
See near-end crosstalk (NEXT)
A specification from the Next Generation I/O (NGIO) Forum that is designed to replace the Peripheral Component Interconnect (PCI) system bus. With today’s Pentium III processors and high-speed hard disks, the PCI bus is rapidly becoming the bottleneck that limits the performance of high-speed data center servers. The PCI bus is limited to about 500 Mbps of shared throughput. It lacks an error-detection mechanism and has relatively high latency. NGIO is intended to overcome these limitations. It uses a channel-based architecture that supports full-duplex transmission speeds of up to 2.5 Gbps.
NOTE
The NGIO Forum recently combined its efforts with a group called Future I/O, which was promoting a different standard. The combined standard will be called System I/O; its development group is headed by Intel and IBM and includes Microsoft, Sun Microsystems, Hewlett-Packard, and Dell. System I/O is expected to reach the server market in the year 2001. It will use a channel-based I/O architecture instead of a bus architecture and will use from 1 to 12 wires, each having a throughput of 2.5 Gbps. The channel-based architecture will allow different channels to carry different information to different components simultaneously, which will be a great improvement over parallel-transmission bus technologies. System I/O will also fully support hot-swapping of components.
On the Web
•
NGIO Forum : http://www.ngioforum.org
See Network File System (NFS)
See Next Generation I/O (NGIO)
See network interface card (NIC)
See Network Information System (NIS)
See National Institute of Standards and Technology (NIST)
See Network News Transfer Protocol (NNTP)
A Microsoft Windows 2000 or Windows NT service that is installed on Windows 2000 Server by default and installed when Microsoft Internet Information Server (IIS) version 4 is set up on Windows NT. The NNTP service, which you manage using Microsoft Management Console (MMC), hosts Usenet-style newsgroups and allows news readers such as Microsoft Outlook Express and Microsoft Internet Mail and News to access those newsgroups and post messages to them.
Features of the NNTP service on IIS include the following:
Security that is based on access control lists (ACLs) and NTFS
Different methods of NNTP client authentication, including Basic Authentication, Anonymous Access, Challenge/Response (NTLM), Microsoft Commercial Internet System (MCIS), and Secure Sockets Layer (SSL) authentication
Integration with Event Viewer, Windows NT’s Performance Monitor, Windows 2000’s System Monitor, and other standard Windows NT and Windows 2000 monitoring and troubleshooting tools
Support for different content types, including text, HTML, GIF, JPEG, and MIME
Integration with Microsoft Indexing Service to enable searching of newsgroup message content
Management using MMC or from a Web browser
TIP
The NNTP service on IIS 4 can use virtual directories to make locating newsgroup content easier.
A general term for a device on a network that has a specific physical or logical address or can recognize addresses. Nodes can be computers, repeaters, bridges, or other devices on a network that can transmit, receive, or process signals. Another name for a node, especially on Ethernet networks, is a station.
Other common meanings of the term “node” include
A domain or subdomain in the namespace of the Domain Name System (DNS)
An object in the console hierarchy of Microsoft Management Console (MMC)
In Microsoft Cluster Server (MSCS) terminology, an independent computer system running Windows NT Server, Enterprise Edition, that is a member of a cluster
Undesirable random electrical transmission on network cabling that is generated by networking components such as network interface cards (NICs) or induced in cabling by proximity to electrical equipment that generates electromagnetic interference (EMI). Noise is generated by all electrical and electronic devices, including motors, fluorescent lamps, power lines, and office equipment, and it can interfere with the transmission of signals on a network. The better the signal-to-noise ratio of an electrical transmission system, the greater the throughput of information on the system.
TIP
You can generally reduce noise by using higher-quality components, lowering the temperature of components, or using shielded cabling. Be sure to locate sensitive networking components and cabling away from heavy machinery, generators, motors, and other equipment that can generate a lot of EMI. Also be sure to terminate cables properly at patch panels and wall plates to minimize noise due to crosstalk.
See also signal
A backup type in which all the selected files and folders are backed up. Also known as full backup, this is the most secure way of backing up files and folders to tape. In a normal backup, the archive attribute is marked for each file and folder that is backed up. If the file is later modified, the archive attribute is cleared, indicating that the file needs to be backed up again. Normal backups are the safest form of backup but take the longest and use the most tape. They are also the easiest form of backup to perform a restore from, because you generally need only one tape to perform the restore (unless the amount of information to be backed up exceeds the capacity of the tape).
TIP
A good backup plan consists of at least one normal backup each week, with either incremental or differential backups during the rest of the week.
See also backup, backup type
See network operating system (NOS)
A distributed network directory service for managing network resources such as users, servers, and peripherals that is loosely modeled after the X.500 specification. Novell Directory Services (NDS) was originally called NetWare Directory Services.
How It Works
The foundation of NDS is the directory tree, which provides a hierarchical view of all network resources. Resources in the network can be grouped logically according to their location, function, or the structure of the company. Objects in the tree can be either containers or leaf objects, with the root container being the name of the company or organization. Containers can be considered branches and can hold leaf objects or other containers. When a user is assigned access rights to a container, these rights flow down into any subcontainers within the container. Trees, subtrees, and containers can also be renamed and merged.
You can implement NDS directories as a distributed database that is partitioned among multiple NDS servers on the network to provide fault tolerance and load balancing. As a result, no single server contains or is responsible for the entire directory. The NDS servers replicate with each other to ensure that each server contains an up-to-date version of the directory for the portion of the directory that the server is responsible for. To locate an object such as a user, a group, a shared directory, or a printer on the network, an NDS client can access the directory on any NDS server.
NOTE
NDS was originally tied to the NetWare 4 operating system, but it is now available for other platforms, including UNIX and Microsoft Windows NT.
A TCP/IP utility on Microsoft Windows NT and Windows 2000 for diagnosing problems with name servers at the command prompt. Nslookup is installed on a computer running Windows NT or Windows 2000 when you install the TCP/IP protocol on the machine. You can use nslookup to manually display resource records in the zone files of DNS servers. The utility can operate in either an interactive or a noninteractive mode.
You enter interactive mode by typing nslookup at the command prompt. Once in the interactive running state, you can type ls -d microsoft.com to list all the resource records for the microsoft.com domain that are stored in the DNS database of the name server being queried.
See name server (NS) record
An advanced, high-performance file system designed for use with the Microsoft Windows NT and Windows 2000 operating systems. NTFS is superior to the file allocation table (FAT) file system in many respects, providing better performance, reliability, and compatibility. NTFS includes security features for data access control and ownership privileges that make it suitable for file servers, Web servers, and application servers in the corporate networking environment. The following table shows a comparison between the features of NTFS and FAT.
NTFS Compared with FAT
| Feature | NTFS | FAT |
| Local security | x | |
| File-level access permissions | x | |
| Automatic recoverability using lazy writes and transaction logging | x | Lazy writes only |
| File-level compression | x | |
| POSIX-compliant | x | |
| Supports Services for Macintosh | x | |
| Dual boot with Windows 95 and Windows 98 | x | |
| Maximum volume size | 232 = 4 GB | 264 = 32 EB (theoretical) 241 = 2 TB (practical) |
| Optimal volume size | Less efficient for volumes over ~500 MB | Less efficient for volumes under ~50 MB |
How It Works
Like FAT, NTFS uses the cluster as the fundamental unit of disk space allocation. The default size of the clusters for an NTFS volume depends on the size of the volume, as shown in the table. When you create a new NTFS volume by formatting a disk partition with NTFS, the master file table (MFT), which contains information concerning all the files and folders stored on the volume, is created. The MFT is located on the disk immediately after the partition boot sector, which contains the BIOS parameter block and the code that enables the operating system to find and load the startup files. After the MFT comes NTFS system files, which help implement NTFS by storing information such as the contents of the volume, volume name and version, table of attribute names and numbers, a list of transaction steps used for NTFS recoverability, the root folder, and so on. After the NTFS system files is the file area where user data can be stored. The total overhead of the MFT and NTFS system files is about 1 MB.
Graphic N-5. Structure of an NTFS volume.
Default Cluster Sizes for NTFS
| Volume Size | Sectors/Cluster | Cluster Size |
| 512 MB or less | 1 | 512 bytes |
| 513 KB–1024 MB | 2 | 1 KB |
| 1025 MB–2048 MB | 4 | 2 KB |
| 2049 MB–4096 MB | 8 | 4 KB |
| 4097 MB–8192 MB | 16 | 8 KB |
| 8193 MB–16384 MB | 32 | 16 KB |
| 16385 MB–32768 MB | 64 | 32 KB |
| 32769 MB or more | 128 | 64 KB |
NOTE
NTFS on Windows 2000 includes additional features not supported by NTFS on Windows NT. These features are used to provide greater manageability and enhanced security, and to support the new Active Directory of Windows 2000. They include the following:
Multiple data streams: Allow libraries of files to be defined as alternate streams
Reparse points: Alter the way NTFS resolves path names
Change journal: Provides a persistent log of all changes made to files on the volume
Encryption: Allows data to be stored in encrypted form
Sparse file support: Allows programs to create very large files while consuming disk space only as needed
Disk quotas: Allow administrators to control how much disk space users have access to
Note that Windows NT 4.0 systems must be running Service Pack 4 or later to read basic volumes formatted using the Windows 2000 version of NTFS. Also, because of the different disk structures, Windows NT 4 disk utilities such as autochk and chkdsk will not work on Windows 2000 NTFS volumes. Because of these incompatibilities, Microsoft does not recommend dual booting between Windows NT 4 and Windows 2000.
TIP
Here are some recommendations for installing Windows NT Server on a system:
Partition your hard disk into at least two volumes, or use two or more separate hard drives.
Your C volume, which contains the operating system, should be 250 to 500 MB in size and formatted with FAT. This gives you a back door for replacing missing or corrupt system files by using an MS-DOS boot disk. If you change your mind later and want to better secure C using NTFS, you can convert a FAT volume to NTFS by using the convert command.
Your other volumes, which contain your application files and data files, should be formatted in NTFS. This gives the files the greater protection that NTFS provides and offers you greater control over access to data shared over the network.
For installing Windows 2000 Server on a system, Microsoft recommends using NTFS for the C partition. You should have a minimum of 1.2 GB of free space on this partition, but at least 2 GB free is recommended.
A set of permissions used in Microsoft Windows 2000 to secure folders and files located on an NTFS file system partition or volume. NTFS permissions provide security for both local and network access to the file system. They are different from shared folder permissions, which can be applied only to folders and which secure the file system for network access only, not for local access.
How It Works
NTFS permissions in Windows 2000 differ depending on whether they are applied to files or to folders. The five standard file permissions and six standard folder permissions are listed in the following tables. These standard file and folder permissions are actually composed of various groupings of the 18 different special permissions—for more information, see the entry on NTFS special permissions (Windows 2000). These groupings simplify the job of securing files and folders on NTFS file system partitions and volumes.
Standard NTFS File Permissions in Windows 2000
| File Permission | User Access Granted |
| read | Open the file and view its permissions, attributes, and ownership |
| write | Modify the file, modify its attributes, and view its permissions, attributes, and ownership |
| read & execute | Delete the file and do everything read permission allows |
| modify | Delete the file and do everything read & execute and write permissions allow |
| full control | Take ownership, modify permissions, and do everything modify permission allows |
Standard NTFS Folder Permissions in Windows 2000
| Folder Permission | User Access Granted |
| read | View contents of folder and view its permissions, attributes, and ownership |
| write | Create new files and folders in the folder, modify its attributes, and view its permissions, attributes, and ownership |
| list folder contents | View contents of folder |
| read & execute | View subfolders within the folder and do everything read and list folder contents permissions allow |
| modify | Delete the folder and do everything read & execute and write permissions allow |
| full control | Take ownership, modify permissions, and do everything modify permission allows |
To use these standard permissions to secure a file or folder you must be the object's owner, have full control of the object, or be a member of the Administrators system group. You must explicitly assign a permission to a file or folder for the permission to be granted. If no permission is specified for a given user or group, the user or group has no access to the file or folder. When you explicitly assign a permission you can choose to either allow or deny the permission.
When you create a file or folder on an NTFS file system volume, it inherits the permissions of its parent folder or volume. When you assign a permission to a parent folder or volume, you have the option of propagating that permission to all of its child folders and files.
The following rules apply to assigning permissions for files and folders on NTFS file system volumes:
If a user belongs to two or more groups and the groups have different permissions on a given folder, the user’s effective permission is the least restrictive (most permissive) of the permissions. For example, if a user has read permission on a file and a group the user belongs to has modify permission, the effective permission is modify, which is the least restrictive of the two.
A permission explicitly denied overrides a similar permission explicitly allowed. For example, if a user has read permission on a file and a group the user belongs to has been denied read permission, the user cannot open and read the file.
A permission for a file overrides a similar permission for the folder containing the file. For example, if a user has modify permission on a file and read permission on the folder containing the file, the user can open, read, edit, and save changes to the file.
NOTE
The differences between NTFS standard permissions for Windows 2000 and for Windows NT include the following:
Windows 2000 has six folder permissions; Windows NT has seven.
Windows 2000 has five file permissions; Windows NT has four.
In Windows 2000 you can explicitly grant or explicitly deny any standard file or folder permission. In Windows NT you can only explicitly grant a permission (but you can explicitly grant no access as a permission).
TIP
When you format a partition or volume using NTFS, the Everyone system group is automatically assigned full control permission for the root of the volume. Any new files or folders you create on the volume inherit this permission. Be aware that leaving full control for everyone might create a security risk; you should replace it with more suitable permissions such as full control for the Authenticated Users special identity.
See also NTFS permissions (Windows NT), NTFS special permissions (Windows 2000), NTFS special permissions (Windows NT)
A set of permissions used in Microsoft Windows NT to secure folders and files on an NTFS file system partition. NTFS permissions provide security for both local and network access to the file system. They are different from shared folder permissions, which can be applied only to folders and which secure the file system for network access only, not for local access.
How It Works
NTFS permissions in Windows NT differ depending on whether they are applied to files or to folders. The four standard file permissions and seven standard folder permissions are listed in the following tables. These standard file and folder permissions are actually composed of various groupings of six NTFS special permissions:
read (R)
write (W)
execute (X)
delete (D)
change permission (P)
take ownership (O)
For more information on these special permissions, see the entry on NTFS special permissions (Windows NT).
Standard NTFS File Permissions in Windows NT
| File Permission | Special Permissions |
| full control | RWXDPO |
| change | RWXD |
| read | RX |
| no access | None |
Standard NTFS Folder Permissions in Windows NT
| Folder Permission | Special Permissions for Folders | Special Permissions for Files in a Folder |
| full control | RWXDPO | RWXDPO |
| change | RWXD | RWXD |
| add & read | RWX | RX |
| add | WX | Unspecified |
| read | RX | RX |
| list | RX | Unspecified |
| no access | None | None |
To use these standard permissions to secure a file or folder you must be the object’s owner, have full control of the object, or be a member of the Administrators system group. You must explicitly assign a permission to a file or folder for the permission to be granted. If no permission is specified for a given user or group, the user or group has no access to the file or folder.
When you create a file or folder on an NTFS file system partition, it inherits the permissions of its parent folder or partition. When you assign a permission to a parent folder or partition, you have the option of propagating that permission to all of its child folders and files.
The following rules apply to assigning permissions for files and folders on NTFS file system volumes:
If a user belongs to two or more groups and the groups have different permissions in a given folder, the user’s effective permission is the least restrictive (most permissive) of the permissions. For example, if a user has read permission on a file and a group the user belongs to has change permission, the effective permission is change, which is the least restrictive of the two.
The no access permission overrides all other permissions. For example, if a user has read permission on a file and a group the user belongs to has no access permission, the user cannot open and read the file.
A permission for a file overrides a similar permission for the folder containing the file. For example, if a user has change permission on a file and read permission on the folder containing the file, the user can open, read, edit, and save changes to the file.
NOTE
For a description of the differences between NTFS standard permissions for Windows 2000 and for Windows NT, see the entry on NTFS permissions (Windows 2000).
TIP
In most cases NTFS standard permissions are sufficient for controlling access to a file or folder. If standard permissions are not sufficiently granular for your purposes, you can use NTFS special permissions.
See also NTFS permissions (Windows 2000), NTFS special permissions (Windows 2000), NTFS special permissions (Windows NT)
Individual permissions granted or denied when NTFS file system standard permissions are not sufficiently granular for specific security purposes. The special permissions available depend on whether you are securing files or folders. In both cases, 14 special permissions are available; 10 of these are common to the two scenarios. The following tables list the various NTFS special permissions available in Microsoft Windows 2000.
NTFS Special Permissions for Both Files and Folders in Windows 2000
| Special Permission | User Access Granted |
| read attributes | View the attributes (including read-only, hidden, system, and archive) of the file or folder |
| read extended attributes | View custom attributes that can be defined by certain applications for the file or folder |
| write attributes | Modify the attributes of the file or folder |
| write extended attributes | Modify custom attributes that can be defined by certain applications for the file or folder |
| delete subfolders and files | Delete subfolders or files |
| delete | Delete the file or folder; however, even if this permission is denied on a file, you can delete it if its parent folder has been granted delete subfolders and files permission |
| read permissions | View the permissions on the file or folder |
| change permissions | Modify the permissions on the file or folder |
| take ownership | Take ownership of the file or folder |
| synchronize | Lets threads in multithreaded programs wait on the file or folder handle and synchronize with another thread that signals it |
NTFS Special Permissions Only for Files in Windows 2000
| Special Permission | User Access Granted |
| execute file | Execute the file |
| read data | Read the file |
| write data | Modify the file |
| append data | Append to the file (but not modify existing data) |
NTFS Special Permissions for Folders in Windows 2000
| Special Permission | User Access Granted |
| traverse folder | Drill down to other files and folders in the folder even if you have no permissions on intermediate subfolders |
| list folder | View the names of subfolders and files in the folder |
| create files | Create files in the folder |
| create folders | Create subfolders within the folder |
How It Works
You can grant or deny special permissions by using the Advanced button on the Security tab of a file’s or folder’s property sheet. You can select different combinations of special permissions to create custom sets of permissions for special purposes. In most cases, however, it is simplest to use NTFS standard permissions for securing files and folders. If you use special permissions, Windows 2000 gives you a lot of flexibility in how you can apply them, especially if you are applying them to a folder. For example, you can apply a custom set of special permissions to
The selected folder only
The selected folder, its subfolders, and files
The selected folder and its subfolders only
The selected folder and its files only
Subfolders and files of the selected folder but not the folder itself
Subfolders of the selected folder but not the folder itself
Files in the selected folder but not the folder itself
To use special permissions you must be the object’s owner, have full control of the object, or be a member of the Administrators group.
NOTE
There are significant differences between NTFS special permissions for Windows 2000 and for Windows NT. The most obvious difference is that in Windows 2000 you can assign any of 14 special permissions, but in Windows NT you have 6 special permissions to choose from: read (R), write (W), execute (X), delete (D), change permission (P), and take ownership (O). The reason for this difference is that in Windows NT much of the machinery of NTFS is hidden from the user interface, while in Windows 2000 this machinery is exposed in the user interface.
See also NTFS permissions (Windows 2000), NTFS permissions (Windows NT), NTFS special permissions (Windows NT)
Individual permissions granted or denied when NTFS file system standard permissions are not sufficiently granular for specific security purposes. The special permissions available are the same whether you are securing files or folders, with the exception that when you secure a directory you have the additional option of leaving access unspecified instead of assigning a specific set of special permissions. In both cases, six special permissions are available; these are listed in the following table.
NTFS Special Permissions in Windows NT
| Special Permission | Abbreviation | User Access When Applied to Files | User Access When Applied to Folders |
| read | R | View file owner and permissions Read the file | View contents of the folder View folder attributes View folder owner and permissions |
| write | W | View file owner and permissions Modify file attributes Edit the file | Add files to the folder Add subfolders Modify folder attributes View folder owner and permissions |
| execute | X | View file owner and permissions Modify file attributes Run the executable file | View folder attributes Browse folder hierarchy View folder owner and permissions |
| delete | D | Delete the file | Delete the folder |
| change permission | P | Change file permissions | Change folder permissions |
| take ownership | O | Take ownership of the file | Take ownership of the folder |
How It Works
By selecting different combinations of special permissions, you can create custom sets of permissions for special purposes. In most cases, however, NTFS standard permissions are sufficient for securing files and folders. To use special permissions you must be the object’s owner, have full control of the object, or be a member of the Administrators system group. For information on which sets of special permissions comprise the various standard permissions, see the entry on NTFS permissions (Windows NT).
NOTE
For a description of the differences between NTFS special permissions for Microsoft Windows NT and for Microsoft Windows 2000, see the entry on NTFS special permissions (Windows 2000).
See also NTFS permissions (Windows 2000), NTFS permissions (Windows NT), NTFS special permissions (Windows 2000)
See Windows NT Challenge/Response Authentication
See Network Termination Unit (NTU)
See NT Virtual DOS Machine (NTVDM)
A single-threaded Win32 application that simulates an MS-DOS environment on a Microsoft Windows NT system to enable the system to properly run MS-DOS and Windows 3.x applications. Each MS-DOS-based application running on Windows NT requires its own NT Virtual DOS Machine (NTVDM). As a result, if an MS-DOS-based application fails while running on Windows NT, it does not affect other MS-DOS-based applications.
How It Works
You can customize the NTVDM for an MS-DOS-based application by right-clicking on the application’s executable file and choosing Properties. The settings you can configure are similar to those available in the Windows 3.x tool PIF Editor.
A serial cable with cross-pinning that is used for file transfers and for other specialized communication between computers.
How It Works
Null modem cables, also known as file transfer cables, are used to directly connect two computers for transferring files between them—for example, by using the Direct Cable Connection accessory of Microsoft Windows 95 and Windows 98.
The most common form of null modem cable is based on the RS-232 serial transmission interface specifications. Pins 2 and 3 are crossed in a null modem cable to allow you to directly link two RS-232 serial ports on different computers. Other pins can also be crossed depending on the intended purpose of the cable. The most common forms of termination for these cables are DB9 and DB25 connectors.
Serial RS-232 null modem cables support distances of up to about 15 meters and can be used for any communication for which a direct DTE-to-DTE connection or DCE-to-DCE connection is required. If longer distances are needed in serial communication, you can use a line driver to amplify the signal up to several kilometers. A cable connecting two pieces of data terminal equipment (DTE) is specifically called a null modem cable, while a cable connecting two pieces of data communications equipment (DCE) is usually called a tail-circuit cable and has a different cross-pinning. You can obtain null modem cables for other serial interfaces such as V.35 and those with special types of pinning.
NOTE
Parallel data-transfer cables achieve faster data transfer rates for file transfer than serial null modem cables.
TIP
Use a shielded null modem cable to extend distances up to 30 meters without using line drivers.
See NWLink IPX/SPX-Compatible Transport
Commonly referred to as “NWLink,” a Windows NT networking protocol that is Microsoft’s version of IPX/SPX, the protocol used in Novell NetWare. NWLink is a 32-bit networking protocol for Windows NT. It is primarily used when
Microsoft clients such as Windows NT Workstation require access to NetWare file, print, and application servers. Windows NT Workstation clients can access NetWare file and print services directly using Client Services for NetWare (CSNW) or through a Windows NT–based server acting as a gateway using Gateway Service for NetWare (GSNW).
NetWare clients need access to Windows NT servers. NetWare clients can access file and print services on a Windows NT server by installing File and Print Services for NetWare (FPNW) on the Windows NT server.
NWLink includes the following features:
Compliance with Network Driver Interface Specification (NDIS) 4
Support for NetBIOS over NWLink (NWLink NetBIOS)
Support for the following IPC mechanisms: Windows Sockets, named pipes, and remote procedure calls (RPCs)
TIP
If a Windows NT server or client with NWLink installed is unable to communicate with NetWare clients or servers, check the properties of NWLink to make sure you are using the same frame type as the machines running NetWare. You must also configure network numbers when using NWLink.
