A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
In the early stages of PC and LAN development, Microsoft and IBM developed a NetBIOS protocol to implement network capabilities on PC, which is a set of call interfaces for network communication, the developer IBM believes that this protocol will become the most basic network access interface like the computer BIOS they designed, so the NetBIOS name is used. Microsoft uses the NetBIOS interface to develop network servers and corresponding customer software.
NetBIOS is actually a standard developed independently from TCP/IP. Although it can use TCP/IP as the transmission protocol, it is conceptually different, it does not use all the capabilities provided by TCP/IP, but uses its own method to accomplish similar work. The biggest difference lies in the name resolution method. NetBIOS has its own independent name resolution concepts and capabilities, therefore, the name resolution method is different from the standard DNS method in TCP/IP. After the NetBIOS name resolution is required to obtain an IP address, the NetBIOS session can be established on the basis of a common TCP connection. Therefore, in NETBIOS, name resolution is the biggest difference between NetBIOS Sessions and common TCP connections.
NetBIOS name resolution
NetBIOS name resolution Method
The biggest difference between NetBIOS name resolution and DNS name resolution is that NetBIOS is dynamic. A computer needs to register its own name before resolving the name. Although dynamic resolution brings great convenience, it is complicated and inefficient. Therefore, it can only be used on a small range of LAN.
Each NetBIOS name can contain up to 16 characters and 16th characters to identify the program type used for name input. When a NetBIOS computer communicates, it must be based on the NetBIOS name, rather than the IP address. A NetBIOS service program must first register its own NetBIOS name, while an application needs to query the required NetBIOS name. For example, each Windows computer uses the configured computer name to initialize the NetBIOS name after it is started.
There are several different ways to find the corresponding node address (IP address in TCP/IP protocol) from NetBIOS name.
Based on these five NetBIOS recognition methods and different name registration methods, different combinations of methods constitute different name recognition policies. In the NetBIOS standard, the modes using different name recognition policies are called different NetBIOS node types.
In Windows, the actual name recognition method is the extension of the standard H-node method. Windows series computers will first check the content in the cache, then view the WINS server, and then broadcast, then, The LmHosts file will be searched, and through hosts and DNS. NetBIOS recognition is a complex process, mainly because NetBIOS is a dynamic name resolution method, and each computer must register itself.
Legend: wins Setting dialog box for NetBIOS host (Windows XP)
NetBIOS Name Recognition Process
Unlike DNS, NetBIOS names are dynamically managed. DNS data is static. To add or delete a DNS name, the administrator needs to manually change the configuration file. However, NetBIOS requires the computer to automatically register its name on the network. The name occupied after the computer is stopped will be released, and no administrator intervention is required for this process. Because it requires additional network data to complete name registration and other processes, it is not suitable for large networks such as the Internet. NetBIOS Name Recognition requires three steps:
By using NetBIOS Name and shared directory name, you can locate resources on a Windows computer. Microsoft uses u nc to determine the location of a network resource. a UNC starts with a double backslash and then provides the NetBIOS Name of the resource computer, the sharing name of the resources provided on the computer is followed by the following directory and file name. For example: // ntserver/share/files, the command to use a resource is:
C:/> net use f: //ntserver/shareC:/> f:F:/>
The net use command above maps the share resource on ntserver to F: disk.
Working principle of Name Server
Because B-node broadcast generates a large amount of information on the network, especially when the network is composed of multiple subnets, the router is used to isolate broadcast information, however, in order to resolve the name, we had to forward the B-node broadcast information package, which could not achieve the goal of reducing useless network traffic.
This problem can be avoided by parsing the name server. by querying the name server rather than broadcasting it, the information flow does not need to be transmitted to each subnet to reduce broadcast data, reduces the burden on the network, saves bandwidth, and effectively improves the speed and accuracy of name resolution.
In Windows, the name server is rarely used for name resolution, which makes the resolution of these network names very problematic. The network neighbor list of different computers is often different, the root cause is that the broadcast mode is not guaranteed. You must switch to the name server mode to resolve the name resolution problem.
Communication between a common NetBIOS computer and an NBNS server involves four different communication processes:
In some cases, the customer does not set a name server or the customer software used does not support Name Server Resolution. You can set a WINS proxy, it converts broadcast data to query name servers. It helps customers register and respond to broadcast queries.
Netbeui, that is, NetBIOS enhanced user interface, or NetBIOS enhanced user interface. It is an enhanced version of the NetBIOS protocol and has been used by many operating systems, such as Windows for workgroup, Windows 9x series, and Windows NT. Netbeui is a non-routing protocol developed for IBM for carrying NetBIOS communications.
The netbeui protocol is useful in many cases. It is the default protocol of the operating system before Windows 98. In short, the netbeui protocol is a short and concise broadcast protocol with high communication efficiency. It does not need to be set after installation. It is especially suitable for transmitting data in "Network neighbors. In addition to the TCP/IP protocol, it is recommended that netbeui be installed on LAN computers.
Netbeui lacks the routing and network-layer addressing functions, which is both its biggest advantage and its biggest disadvantage. Because it does not require additional network addresses and network-layer headers and tails, it is fast and effective and suitable for small workgroup environments that only individual networks or the entire environment are bridging.
Because routing is not supported, netbeui will never become the main protocol of the enterprise network. The only address in the netbeui frame is the data link layer Media Access Control (MAC) address, which identifies the network adapter but does not identify the network. The vro forwards the frame to the final destination based on the network address, but the netbeui frame does not have this information.
The bridge is responsible for forwarding and communication between networks according to the data link layer address, but there are many disadvantages. Because all broadcast communication must be forwarded to each network, the scalability of the bridge is poor. Netbeui includes the recording of Broadcast Communication and relies on it to resolve naming conflicts. Generally, the number of netbeui bridging hosts is less than 100.
In recent years, networks dependent on second-layer switches have become more common. The entire conversion environment reduces the network utilization, even though the broadcast is still forwarded to each host in the network. In fact, the combined use of 350-BASE-T Ethernet allows the conversion of the NetBIOS network to expand to hosts, in order to prevent Broadcast Communication from becoming a serious problem.
After NetBIOS appeared, Microsoft implemented a network file/print service system using NetBIOS. This system sets a file sharing protocol based on NETBIOS, which Microsoft calls Server Message Block (SMB) protocol. This protocol is used by Microsoft in their LAN Manager and Windows NT Server systems, and Windows systems all include client software for this Protocol, thus this Protocol has a great impact on LAN systems.
With the popularity of the Internet, Microsoft wants to extend this Protocol to the Internet, which is a standard for computers on the Internet to share data with each other. Therefore, it sorts out the existing SMB protocol with few technical documents, renames it CIFS (Common Internet File System), and intends to disassociate it from netbios, try to make it a standard protocol on the Internet.
Therefore, to integrate windows and Unix computers, the best way is to install software that supports SMB/CIFS in UNIX, so that Windows customers do not need to change the settings, you can use resources on UNIX computers just like using Windows NT servers. (Kincorn Press: in fact, Microsoft has succeeded, and a samba suite Based on SMB/CIFS protocol has quickly appeared in the open-source community .)
Unlike other standard TCP/IP protocols, SMB is a complex protocol, because with the development of Windows computers, more and more functions are added to the Protocol, it is difficult to distinguish which concepts and functions should belong to the Windows operating system and which concepts should belong to the SMB protocol. Because other network protocols have protocols to implement related software, the structure is clear and concise, while SMB has been developed along with Microsoft's operating system, therefore, the Protocol contains a large number of windows concepts.1. Browse
In the SMB protocol, to access network resources, computers need to know the list of resources on the network (for example, using network neighbors in Windows to view accessible computers ), this mechanism is called browsing ). Although the SMB protocol often uses the broadcast method, if you use the broadcast method every time to understand the current network resources (including the computers providing services and the service resources on each computer ), this requires a lot of network resources and a long time to search. Therefore, it is best to maintain a list of network resources in the network to facilitate searching for network resources. You can search for resources only when necessary, for example, using the search computer function in windows.
However, it is not necessary for each computer to maintain the entire resource list. The task of maintaining the current resource list in the network is completed by several special computers on the network. These computers are called browser, these browsers record broadcast data or query name servers to record various resources on the network.
Browser is not a computer specified in advance, but generated between normal computers through automatic recommendations. Different computers can set different weights for recommendations based on their ability to provide services. To ensure that the network browsing is still normal when a browser is down, there are often multiple browsers in the network, one for the master browser and the other for the backup browser.2. Working Groups and Domains
The concepts of working groups and domains are equally useful in browsing. They are used to differentiate and maintain multiple computers that browse data in the same group. In fact, their difference lies in the authentication method. Each computer in the Working Group is basically independent and authenticates the client access independently, and one or more domain controllers exist in the domain, stores authentication information that is valid for the entire domain, including user authentication information and authentication information of the member computers in the domain. When you browse data, you do not need to authenticate the information. Microsoft extends the workgroup to a domain to form a hierarchical directory structure that combines the original browsing and directory services, A strategy to expand the scope of Mircrosoft network services.
Both the workgroup and domain can span multiple subnets. Therefore, there are two types of browsers in the Network: domain master browser, which is used to maintain the browsing data of the entire workgroup or domain, the other is the local master browser, which is used to maintain the browsing data in the subnetwork. It communicates with the domain master browser to obtain all the browsing data. The division of the two browser types is mainly because the browsing data relies on gossip network broadcast to obtain the resource list. different subnets can exchange resource lists only through the communication capability between browsers.
However, to browse resources of multiple subnets, you must use the DNS resolution method of the NBNS name server. Without the help of NBNS, the computer cannot obtain the NetBIOS Name of a computer outside the subnet. The local master browser also needs to query the NetBIOS name server to obtain the domain master browser name to exchange network resource information.
Due to the special nature of the domain controller in the domain, the domain controller tends to be used as the browser, and the master Domain Controller should be used as the domain master browser. They set a large weight during the recommendation.3. Authentication Method
In Windows 9x systems, shared-level authentication is used to share resources with each other, mainly because these windows systems cannot provide real multi-user capabilities. A shared-level authentication resource is associated with only one password without user data. This idea is suitable for a group of people sharing a small amount of file resources with each other. Once the resources to be shared increase, the restrictions to be imposed are complicated, therefore, it is no longer appropriate to set a password for each shared resource.
Therefore, for large networks, a user-level authentication method is more suitable to distinguish and authenticate each accessed user and share resources by assigning permissions to different users. For computers in the working group mode, the user is authenticated by the local machine, while the computers in the domain can be authenticated by the domain controller. When a Windows computer passes Domain Controller Authentication, it can execute the logon script of the corresponding user on the domain controller and the desktop environment description file according to the settings.4. Share resources
Each SMB server can provide external file or print services, and each shared resource needs to be assigned a sharing name, which will be displayed in the server's resource list. However, if the last letter of a resource name is $, the name is hidden and cannot be displayed directly in the browsing list, instead, you can only access this name directly.
In the SMB protocol, to obtain the list of resources provided by the server, you must use a hidden Resource Name IPC $ to access the server. Otherwise, you cannot obtain the list of system resources.
Samba is a free software that implements the SMB/CIFS protocol on Linux and UNIX systems. It consists of servers and client programs.
Samba is the implementation of many services and protocols, including NetBIOS (NBT), SMB, and CIFS (enhanced version of SMB) on TCP/IP) DCE/RPC or, more specifically, MSRPC (Network Neighbor protocol suite), a WINS Server (also known as NetBIOS Name Server (NBNS )) NT domain protocol suite (including NT domain logons, secure accounts manager (SAM) database, Local Security Authority (LSA) service, NT-style printing service (SPOOLSS), NTLM, and recent Active Directory logon services, including improved Kerberos protocol and improved Lightweight Directory Access Protocol (LDAP ). These services and protocols are often incorrectly classified as NetBIOS or SMB. Samba can also be used to share a printer.
Samba can create network sharing for the selected Linux/Unix directories (including all subdirectories. This feature allows Windows users to access these UNIX directories over the network as they access folders in normal windows.
This document is taken from the network and the reference list is as follows:
Start building with 50+ products and up to 12 months usage for Elastic Compute Service