Microsoft WINS Proxy
RFC 1001 recommends against using the B-node name resolution in a routed network—that is, relying on broadcasts for name queries. However, in practice, B-nodes are sometimes useful in routed networks, and sometimes B-nodes cannot be removed or updated. For this reason, Microsoft introduced WINS proxies. A WINS proxy is a WINS-enabled computer that helps resolve name queries for computers that are not WINS-enabled in routed TCP/IP networks.
By default, computers that are not WINS-enabled use B-node name resolution. The WINS proxy listens on the local subnet for B-node name service broadcasts (such as registration, refresh, release, query) and responds for those names that are not on the local network. A WINS proxy communicates with the WINS server with directed datagrams to retrieve the information necessary to respond to these broadcasts.
The WINS proxy resolves names for non-WINS clients in this way:
When a non-WINS client sends a name query broadcast, the WINS proxy accepts the broadcast and checks its cache for an IP address associated with the NetBIOS name.
If the WINS proxy has the IP address in its cache, the WINS proxy sends this information to the non-WINS computer as a NetBIOS name response.
If the IP address is not in cache, the WINS proxy queries a WINS server for the IP address associated with the requested name.
If a WINS server is not available on the local subnet, the WINS proxy can query a WINS server across a router, caching the NetBIOS names and IP addresses for subsequent queries.
The role of the WINS proxy is similar to that of the DHCP and BOOTP relay agents, which forward DHCP client requests across routers. Because the WINS server does not respond to broadcasts, a computer configured as a WINS proxy should always be installed on subnets containing computers that are not WINS-enabled.
The WINS proxy checks broadcast name registrations against the WINS database by sending name query requests to ensure that the names do not conflict with other names in the database. If a name exists in the WINS database, by default the WINS proxy might send a negative name registration response to the computer trying to register the name. In response to a name release request, the WINS proxy simply deletes the name from its cache of remote names.
When the WINS proxy receives a name query, it checks its remote name table. The WINS proxy always differentiates name queries for names on the local subnet from remote names elsewhere in the network. It compares the address of names it resolves to its own address using the subnet mask, and if the two match, the WINS proxy does not respond to the name query.
If the WINS proxy does not find the name in the remote name table, it queries the WINS server, and then enters the name into the remote name table in a "resolving" state. If the WINS proxy receives a query for the same name before the WINS server has responded, the WINS proxy does not query the WINS server again. When the WINS proxy receives the response from the WINS server, the WINS proxy updates the remote table entry with the correct address and changes the state to "resolved." The WINS proxy only sends a reply message to the client if the WINS proxy has the response already in its cache.
The behavior of a B-node client does not change when a WINS proxy is added to the local subnet. If the first name resolution query times out, the client tries again. If the WINS proxy has the answer cached by the time it intercepts the new query, the WINS proxy answers the client.
Only one computer should be configured as a WINS proxy on each subnet. Because each WINS proxy on a network relays every broadcast it hears, configuring more than one WINS proxy per subnet can overload the WINS servers.
When the WINS proxy receives the next name query for that name, it again sends a response to the client. NetBIOS contains no provision for a name server to "deliver" a name resolution to a client; a name is always resolved in response to a query. Therefore, computers using the WINS proxy for B-node name resolution must be configured to retry the name query. To reduce duplicate traffic, only one WINS proxy should be active on any given subnet.
The name–to–IP address mappings that the WINS proxy receives from the WINS server are stored in the WINS proxy cache for a limited time. By default, this value is 10 minutes; the minimum value is 1 minute.
To configure a computer as a WINS proxy server, you must edit the registry of that computer. The value of the EnableProxy registry entry must be set to 1 (REG_DWORD). This entry is located in the following registry subkey:
Do not use a registry editor to edit the registry directly unless you have no alternative. The registry editors bypass the standard safeguards provided by administrative tools. These safeguards prevent you from entering conflicting settings or settings that are likely to degrade performance or damage your system. Editing the registry directly can have serious, unexpected consequences that can prevent the system from starting and require that you reinstall Windows 2000. To configure or customize Windows 2000, use the programs in Microsoft Management Console (MMC) or Control Panel whenever possible.
Querying with a WINS Proxy
In Figure 7.6, a small broadcast-based LAN consisting of two clients (A and B) is connected to a larger network through a router. A NetBIOS application on client B wants to communicate with client C. Normally, this would not be possible because client C is on the other side of the router from client B. However, by configuring a computer running Windows 2000 Professional to act as a WINS proxy on the LAN, clients B and C can communicate.
Figure 7.6 Operation of a WINS Proxy Server
Client B broadcasts a name query request to obtain the IP address of client C. Client C does not receive the request because the router does not pass along the broadcast. The WINS proxy sees a name query request broadcast for a node on a different subnet and sends a name query request, a directed datagram, to the WINS server. The WINS server returns a positive name query response containing the IP address for client C to the WINS proxy, where it is cached for future queries. The WINS proxy also passes this information to client B.