Name Resolution

Name resolution in Windows 2000 differs significantly from name resolution in Windows NT 4.0. In Windows NT 4.0, the resolver generally tried NetBIOS name resolution first and then DNS name resolution. In Windows 2000, however, the resolver generally tries DNS name resolution first, and then it tries NetBIOS name resolution. Windows 2000 also includes improvements for multihomed computers.

When the GetHostByName API is used, the Windows 2000 resolver first submits the name query to DNS. If DNS name resolution fails, the resolver checks whether the name is longer than 15 bytes. If it is longer, resolution fails. If not, the resolver then checks whether NetBIOS is running. If it is not running, resolution fails. If it is running, the resolver then tries NetBIOS name resolution. For information about NetBIOS name resolution and flowcharts for NetBIOS name resolution, see "Windows 2000 TCP/IP" in this book.

Figure 6.2 shows an overview of the process.

Note

The flowchart in Figure 6.2 directs you to other flowcharts in other figures. To locate the correct flow chart, see the figure captions.

Enlarge figure

Figure 6.2 Overview of Name Resolution

DNS Name Resolution

When DNS name resolution begins, the resolver first checks what kind of name was submitted. Three types of names can be submitted:

• Fully qualified domain names

  These names are terminated with a period. For example:

  host.reskit.com.

• Single-label, unqualified domain names

  These names contain no periods. For example:

  host

• Multiple-label, unqualified domain names

  These names contain one or more periods but are not terminated with a period. For example:

  host.reskit.com

  – Or –

  host.reskit

When a user enters an FQDN, the resolver queries DNS using that name. Likewise, when a user enters a multiple-label, unqualified (not terminated with a period) name, the DNS resolver adds a terminating period and queries DNS using that name.

However, if the user enters a multiple-label, unqualified name and it fails to resolve as an FQDN, or if the user enters a single-label, unqualified name, the resolver systematically appends different DNS suffixes to the name that the user entered, adding periods to make them FQDNs, and resubmitting them to DNS.

If the user has not entered a domain suffix search list, the resolver appends the following names:

1. The primary DNS suffix, which is specified on the Network Identification tab of the System Properties dialog box in the properties for My Computer. Click the Properties button, and then click More.
2. If resolution is not successful, the resolver appends each connection-specific DNS suffix. This suffix can be dynamically assigned by the DHCP server. You can also specify suffixes on the DNS tab in the Advanced TCP/IP Settings dialog box for each connection. You open the Advanced TCP/IP Settings dialog box by right-clicking the connection and then clicking Properties to reach the properties from the connection, then double-clicking Internet Protocol (TCP/IP) to reach the Internet Protocol (TCP/IP) Properties dialog box, and then clicking Advanced.

If resolution is still not successful, the resolver devolves the FQDN by appending the parent suffix of the primary DNS suffix name, and the parent of that suffix, and so on, until only two labels are left. For example, if the user enters the name client and the primary DNS suffix is eu.reskit.com, the resolver will try client.eu.reskit.com and then client.reskit.com.

On the other hand, if the user has entered a domain suffix search list on the DNS tab in the Advanced TCP/IP Settings dialog box in the properties for the network connection, both the primary DNS suffix and the connection-specific domain name are ignored, and neither is appended to the host name before the FQDN is submitted to DNS. Instead, the resolver appends each suffix from the search list in order and submits it to the DNS server until it finds a match or reaches the end of the list.

Figures 6.3 and 6.4 show how FQDNs are formed. Figure 6.5 shows what happens when a name is submitted to DNS.

Note

The flowcharts in Figures 6.3 and 6.4 direct you to other flowcharts in other figures. To locate the correct flow chart, see the figure captions.

Enlarge figure

Figure 6.3 DNS Name Resolution, Part 1

Enlarge figure

Figure 6.4 DNS Name Resolution, Part 2

DNS Queries

When a name is submitted to DNS, if the resolver is caching names, the resolver first checks the cache. If the name is in the cache, the data is returned to the user. If the name is not in the cache, the resolver queries the DNS servers that are listed in the TCP/IP properties for each adapter.

The resolver can query through all adapters in the computer, including remote access adapters. In Windows NT 4.0, the resolver queried all servers through all adapters. In Windows 2000, however, you can specify a list of DNS servers to query for each adapter.

Figures 6.5, 6.6, and 6.7 illustrate the process by which the resolver queries the servers on each adapter.

Note

The flowcharts in Figures 6.5, 6.6, and 6.7 direct you to other flowcharts in other figures. To locate the correct flow chart, see the figure captions.

Enlarge figure

Figure 6.5 Querying the DNS Server, Part 1

Enlarge figure

Figure 6.6 Querying the DNS Server, Part 2

Enlarge figure

Figure 6.7 Querying the DNS Server, Part 3

The resolver queries the DNS servers in the following order:

1. The resolver sends the query to the first server on the preferred adapter's list of DNS servers and waits for one second for a response.
2. If the resolver does not receive a response from the first server within one second, it sends the query to the first DNS servers on all adapters that are still under consideration and waits two seconds for a response.
3. If the resolver does not receive a response from any server within two seconds, the resolver sends the query to all DNS servers on all adapters that are still under consideration and waits another two seconds for a response.
4. If the resolver still does not receive a response from any server, it sends the query to all DNS servers on all adapters that are still under consideration and waits four seconds for a response.
5. If it still does not receive a response from any server, the resolver sends the query to all DNS servers on all adapters that are still under consideration and waits eight seconds for a response.

If the resolver receives a positive response, it stops querying for the name, adds the response to the cache and returns the response to the client.

If the resolver has not received a response from any server by the end of the eight-second time period, the resolver responds with a time-out. Also, if it has not received a response from any server on a specified adapter, then for the next 30 seconds, the resolver responds to all queries destined for servers on that adapter with a time-out and does not query those servers. This time-out is sent only by computers running Windows 2000 Professional.

If at any point the resolver receives a negative response from a server, it removes every server on that adapter from consideration during this search. For example, if in step 2, the first server on Alternate Adapter A gave a negative response, the resolver would not send the query to any other server on the list for Alternate Adapter A.

The resolver keeps track of which servers answer queries more quickly, and it might move servers up or down on the list based on how quickly they reply to queries.

Figure 6.8 shows how the resolver queries each server on each adapter.

Enlarge figure

Figure 6.8 Multihomed Name Resolution

© 1985-2000 Microsoft Corporation. All rights reserved.