Advanced Windows Networking Using Internet Protocol

Windows Networking is the subsystem that lets you share files and printers, between computers running the various versions of Windows. Server Message Blocks, also called SMBs, are the foundation of Windows Networking. SMBs help the computers to share data, and let them know what data is available, to be shared.

SMBs are not transported directly over the various physical networking components, they use Internet Protocol, as well as alternate protocols like IPX/SPX or NetBEUI. Windows Networking has historically used NetBIOS Over TCP/IP (NetBT) as a transport for SMBs over IP. Windows 2000 and XP, however, will transport SMBs over IP, without NetBT, using directly hosted SMBs.

To remain compatible with the older versions of Windows, a Windows Networking client, running Windows 2000 or Windows XP, can use either directly hosted SMBs, or it can use NetBT. If any server supports directly hosted SMBs, the client computer in question will bypass NetBT, when communicating with that specific server.

This dual compatibility, which allows Windows 2000 / XP clients to communicate with computers running other editions of Windows, is not without cost. Trying for two communications channels, when establishing a connection with any server, increases program complexity and network traffic. In some cases, it may increase latency.

We need to resolve one major misconception. It may appear that when you Disable NetBT, you are disabling Windows Networking over IP. This is not correct. When you Disable NetBT, you are merely disabling hosting of SMBs over NetBT. You then end up with SMBs hosted directly over IP. But look at address resolution on your LAN, before trying this. Don’t make this change blindly.

If your LAN

  • Has a domain.
  • Has computers running only Windows 2000, Windows 2002 (aka Windows XP), and Windows 2003 (aka Server 2003).
  • Uses DNS, properly setup, for name resolution.

then you may wish to disable NetBT, and use directly hosted SMBs.

In the TCP/IP Properties – Advanced wizard, WINS, select Disable NetBIOS Over TCP/IP. Alternately, if you have the Default NetBIOS setting selected (instead of “Disable” or “Enable”) on your client computers, and you have a DHCP server (not a NAT router with DHCP), you can disable NetBT from a DHCP server setting.

If you use directly hosted SMBs, whether alternately or exclusively, be aware of the security implications.

  • NetBT uses TCP and UDP ports 137 – 139.
  • Direct hosted SMBs use TCP port 445.

Be sure that all personal firewalls have the proper ports opened.

Here are the relevant ports used by SMBs over NetBT, per IANA port number allocation:

netbios-ns 137/tcp NETBIOS Name Service
netbios-ns 137/udp NETBIOS Name Service
netbios-dgm 138/tcp NETBIOS Datagram Service
netbios-dgm 138/udp NETBIOS Datagram Service
netbios-ssn 139/tcp NETBIOS Session Service
netbios-ssn 139/udp NETBIOS Session Service

And the relevant ports used by directly hosted SMBs:

microsoft-ds 445/tcp Microsoft-DS
microsoft-ds 445/udp Microsoft-DS

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: