Designing a Name Resolution Structure | 297
• Pay attention to physical security of DNS servers. As with domain control-
lers, DNS servers should also be out of reach of unauthorized internal or
Remember the most important factors in deciding the placement of
DNS servers. These are availability, performance, fault-tolerance,
and security. When DNS servers are needed across WAN links,
make sure that DNS traffic does not consume much of the avail-
able WAN bandwidth.
Designing a WINS Structure
Windows Internet Name System (WINS) is used to resolve NetBIOS names to IP
addresses. WINS service is needed in those networks where legacy operating
systems and applications are still in use. As long as you have computers running
operating systems such as Windows NT 4.0 or older in your network, you will
need WINS to resolve NetBIOS names. This section discusses some fundamen-
tals of WINS, its components, and planning a secure WINS structure.
NetBIOS name resolution
Before WINS, the NetBIOS name resolution was mainly dependent on broadcast
transmissions and LMHOSTS files. NetBIOS clients used to broadcast the local
network to locate other clients. Administrators used to create LMHOSTS files on
every computer that contained a mapping of NetBIOS names to IP addresses in
the network. These methods became obsolete when small networks started to
grow into larger routed networks. The limitations of broadcasts and LMHOSTS
files started surfacing, and Microsoft came up with a solution known as WINS
In a routed network, broadcast traffic is not allowed to pass routers because it
causes too much traffic. LMHOSTS files are difficult to maintain because these
are text files and must be created and updated manually on each computer.
Neither of these solutions are acceptable in larger networks where network traffic
must be kept to a minimum and administration must be simplified.
WINS should be implemented in your network for the following reasons:
• To enable NetBIOS name resolution across routed networks
• To reduce broadcast traffic on local network segments
• To simplify and centralize administration of resources that use NetBIOS
Components of WINS structure
WINS structure is basically made up of WINS servers, WINS Proxies, and WINS
clients. The functions of each of these are explained in the following sections.
The WINS server is the core of a WINS structure. A WINS server
enables clients to register, release, and renew their NetBIOS names and IP
addresses dynamically as well as resolve NetBIOS name resolution queries. When
NetBIOS clients start, they register their names and IP addresses with the WINS