NetBIOS

This article has multiple issues.Please helpimprove itor discuss these issues on thetalk page.(Learn how and when to remove these messages) This article includes a list ofgeneral references,butit lacks sufficient correspondinginline citations.Please help toimprovethis article byintroducingmore precise citations.(August 2012)(Learn how and when to remove this message) This articlemay be too technical for most readers to understand.Pleasehelp improve ittomake it understandable to non-experts,without removing the technical details.(September 2010)(Learn how and when to remove this message) (Learn how and when to remove this message)

NetBIOS(/ˈnɛtbaɪɒs/) is an acronym forNetwork Basic Input/Output System.It provides services related to thesession layerof theOSI modelallowing applications on separate computers to communicate over alocal area network.As strictly anAPI,NetBIOS is not anetworking protocol.Operating systemsof the 1980s (DOS and Novell Netware primarily) ran NetBIOS overIEEE 802.2andIPX/SPXusing theNetBIOS Frames(NBF) andNetBIOS over IPX/SPX(NBX) protocols, respectively. In modern networks, NetBIOS normally runs overTCP/IPvia theNetBIOS over TCP/IP(NBT) protocol. NetBIOS is also used for identifying system names in TCP/IP (Windows).

NetBIOS is an operating system-level API that allows applications on computers to communicate with one another over alocal area network(LAN). The API was created in 1983 bySytek Inc.for software communication overIBM PC NetworkLAN technology.^[1]OnIBM PC Network,as an API alone, NetBIOS relied on proprietary Sytek networking protocols for communication over the wire.^[2]

In 1985, IBM went forward with theToken Ringnetwork scheme and produced anemulatorof Sytek's NetBIOS API to allow NetBIOS-aware applications from the PC-Network era to work over IBM's new Token Ring hardware. This IBM emulator, named NetBIOS Extended User Interface (NetBEUI), expanded the base NetBIOS API created by Sytek with, among other things, the ability to deal with the greater node capacity of Token Ring. A new networking protocol,NBF,was simultaneously produced by IBM to allow its NetBEUI API (their enhanced NetBIOS API) to provide its services over Token Ring – specifically, at theIEEE 802.2Logical Link Controllayer.

In 1985,Microsoftcreated its own implementation of the NetBIOS API for itsMS-Netnetworking technology. As in the case of IBM's Token Ring, the services of Microsoft's NetBIOS implementation were provided over the IEEE 802.2 Logical Link Control layer by the NBF protocol.^[3]However, the MS-Net was only delivered toOEMs,and it was actually not a complete product, nor was it ready to communicate on the network in the form it was distributed. It lacked any implementation ofOSILayers 1 to 4 (Physical,Data link,NetworkandTransportLayers) and an OEM was expected to provide these implementations (in the form of a NetBIOS part) to make its version of MS-Net a complete and ready to use product. MS-Net accessed the network through the Microsoft's own variant of NetBIOS, which was split into two parts - the lower level part that OEMs had to provide implemented the NetBIOS calls that depended on layers 1-4, while the higher level part, provided by Microsoft, was hardware- and protocol-independent. This NetBIOS implementation supported the full NetBIOS API, but was called by invokingx86interrupt 0x2A, instead of IBM's standard interrupt 0x5C. The reliance on OEMs to implement parts of NetBIOS had the unfortunate side effect that different OEM versions of MS-Net and NetBIOS generally weren't able to communicate with one another.^[4]

In 1986,Novellreleased AdvancedNovell NetWare2.0 featuring the company's own emulation of the NetBIOS API. Its services were encapsulated within NetWare'sIPX/SPXprotocol using theNetBIOS over IPX/SPX(NBX) protocol.

In 1987, a method of encapsulating NetBIOS inTCPandUDPpackets,NetBIOS over TCP/IP(NBT), was published. It was described in RFC 1001 ( "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and Methods" ) and RFC 1002 ( "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Detailed Specifications" ). The NBT protocol was developed in order to "allow an implementation [of NetBIOS applications] to be built on virtually any type of system where the TCP/IP protocol suite is available," and to "allow NetBIOS interoperation in the Internet."

After thePS/2computer hit the market in 1987, IBM released the PC LAN Support Program, which included a driver offering the NetBIOS API.

There is some confusion between the names NetBIOS and NetBEUI. NetBEUI originated strictly as themonikerfor IBM's enhanced 1985 NetBIOS emulator for Token Ring. The name NetBEUI should have died there, considering that at the time, the NetBIOS implementations by other companies were known simply as NetBIOS regardless of whether they incorporated the API extensions found in Token Ring's emulator. For MS-Net, however, Microsoft elected to name its implementation of the NBF protocol "NetBEUI" – naming its implementation of the transport protocol after IBM's enhanced version of the API.^{[citation needed]}Consequently Microsoft file and printer sharing overEthernetoften continues to be called NetBEUI, with the name NetBIOS commonly used only in reference to file and printer sharing overTCP/IP.More accurately, the former isNetBIOS Frames(NBF), and the latter isNetBIOS over TCP/IP(NBT).

Since its original publication in a technical reference book from IBM, the NetBIOS API specification has become ade factostandardin the industry despite originally supporting a maximum of only 80 PCs in a LAN. This limitation was generally overcome industry-wide through the transition from NBF to NBT, under which, for example, Microsoft was able to switch toDomain Name System(DNS) for resolution of NetBIOShostnames,having formerly used the LAN segment-compartmentalized NBF protocol itself to resolve such names in Windowsclient-server networks.^[1]

NetBIOS provides three distinct services:

• Name service (NetBIOS-NS) for name registration andresolution.
• Datagramdistribution service (NetBIOS-DGM) for connectionless communication.
• Sessionservice (NetBIOS-SSN) forconnection-oriented communication.

(Note:SMB,an upper layer, is a service that runs on top of the Session Service and the Datagram service, and is not to be confused as a necessary and integral part of NetBIOS itself. It can now run atop TCP with a small adaptation layer that adds a length field to each SMB message; this is necessary because TCP only provides a byte-stream service with no notion of message boundaries.)

In order to start sessions or distribute datagrams, an application must register its NetBIOS name using the name service. NetBIOS names are 16 octets in length and vary based on the particular implementation. Frequently, the 16th octet, called the NetBIOS Suffix, designates the type of resource, and can be used to tell other applications what type of services the system offers.^{[citation needed]}InNBT,the name service operates on UDP port 137 (TCP port 137 can also be used, but rarely is).

The name service primitives offered by NetBIOS are:

• Add name – registers a NetBIOS name.
• Add group name – registers a NetBIOS "group" name.
• Delete name – un-registers a NetBIOS name or group name.
• Find name – looks up a NetBIOS name on the network.

Internet Protocol Version 6 (IPv6)are not supported by the NetBIOS name resolution protocol.^[5]

Datagram mode isconnectionless;the application is responsible for error detection and recovery. InNBT,the datagram service runs on UDP port 138.

The datagram service primitives offered by NetBIOS are:

• Send Datagram – send a datagram to a remote NetBIOS name.
• Send Broadcast Datagram – send a datagram to all NetBIOS names on the network.
• Receive Datagram – wait for a packet to arrive from a Send Datagram operation.
• Receive Broadcast Datagram – wait for a packet to arrive from a Send Broadcast Datagram operation.

Session mode lets two computers establish a connection, allows messages to span multiple packets, and provides error detection and recovery. InNBT,the session service runs on TCP port 139.

The session service primitives offered by NetBIOS are:

• Call – opens a session to a remote NetBIOS name.
• Listen – listen for attempts to open a session to a NetBIOS name.
• Hang Up – close a session.
• Send – sends a packet to the computer on the other end of a session.
• Send No Ack – like Send, but doesn't require an acknowledgment.
• Receive – wait for a packet to arrive from a Send on the other end of a session.

In the original protocol used to implement NetBIOS services on PC-Network, to establish a session, the initiating computer sends an Open request which is answered by an Open acknowledgment. The computer that started the session will then send a Session Request packet which will prompt either a Session Accept or Session Reject packet.

During an established session, each transmitted packet is answered by either a positive-acknowledgment (ACK) or negative-acknowledgment (NAK) response. A NAK will prompt retransmission of the data. Sessions are closed by the non-initiating computer by sending a close request. The computer that started the session will reply with a close response which prompts the final session closed packet.

When NetBIOS is run in conjunction withInternet protocols(e.g., NBT), each computer may have multiple names: one or more NetBIOS name service names and one or more Internet host names.

The NetBIOS name is 16 ASCII characters, however Microsoft limits the host name to 15 characters and reserves the 16th character as a NetBIOS Suffix.^[6]This suffix describes the service or name record type such as host record, master browser record, or domain controller record or other services. The host name (or short host name) is specified when Windows networking is installed/configured, the suffixes registered are determined by the individual services supplied by the host. In order to connect to a computer running TCP/IP via its NetBIOS name, the name must be resolved to anetwork address.Today this is usually anIP address(the NetBIOS name to IP address resolution is often done by either broadcasts or aWINSServer – NetBIOS Name Server). A computer's NetBIOS name is often the same as that computer's host name (see below), although truncated to 15 characters, but it may also be completely different.

NetBIOS names are a sequence of alphanumeric characters. The following characters are explicitly not permitted:\/:*? "<>|.Since Windows 2000, NetBIOS names also had to comply with restrictions on DNS names: they cannot consist entirely of digits, and the hyphen ( "-" ) or full-stop ( "." ) characters may not appear as the first or last character. Since Windows 2000, Microsoft has advised against including any full-stop ( "." ) characters in NetBIOS names, such that applications can use the presence of a full-stop to distinguish domain names from NetBIOS names.^[6]

The WindowsLMHOSTSfile provides a NetBIOS name resolution method that can be used for small networks that do not use a WINS server.

A Windows machine's NetBIOS name is not to be confused with the computer's Internet host name (assuming that the computer is also an Internet host in addition to being a NetBIOS node, which need not necessarily be the case). Generally a computer running Internet protocols (whether it is a Windows machine or not) usually has a host name (also sometimes called a machine name). Originally these names were stored in and provided by ahosts filebut today most such names are part of the hierarchicalDomain Name System(DNS).

Generally the host name of a Windows computer is based on the NetBIOS name plus the Primary DNS Suffix, which are both set in the System Properties dialog box. There may also be connection-specific suffixes which can be viewed or changed on the DNS tab in Control Panel → Network → TCP/IP → Advanced Properties. Host names are used byapplicationssuch astelnet,ftp,web browsers,etc. To connect to a computer running the TCP/IP protocol using its name, the host name must be resolved into anIP address,typically by a DNS server. (It is also possible to operate many TCP/IP-based applications, including the three listed above, using only IP addresses, but this is not the norm.)

Under Windows, thenode typeof a networkedcomputerrelates to the way it resolves NetBIOS names toIP addresses.This assumes that there are any IP addresses for the NetBIOS nodes, which is assured only when NetBIOS operates over NBT; thus, node types are not a property of NetBIOS per se but of interaction between NetBIOS and TCP/IP in the Windows OS environment. There are four node types.

• B-node: 0x01 Broadcast
• P-node: 0x02 Peer (WINS only)
• M-node: 0x04 Mixed (broadcast, then WINS)
• H-node: 0x08 Hybrid (WINS, then broadcast)

The node type in use is displayed by opening acommand lineand typingipconfig /all. AWindowscomputer registry may also be configured in such a way as to display "unknown" for the node type.

The NetBIOS Suffix, alternately called the NetBIOS End Character (endchar), is the 16th character of a NetBIOS name and indicates service type for the registered name. The number of record types is limited to 255; some commonly used values are:

For unique names:

• 00: Workstation Service (workstation name)
• 03:Windows Messenger service
• 06:Remote Access Service
• 20:File Service(also called Host Record)
• 21:Remote Access Serviceclient
• 1B:DomainMasterBrowser– Primary Domain Controller for a domain
• 1D: Master Browser

For group names:

• 00: Workstation Service (workgroup/domain name)
• 1C:Domain Controllersfor a domain (group record with up to 25 IP addresses)
• 1E: Browser Service Elections

The following table shows a brief history of NetBIOS and its related protocols.SMBwas the main protocol that used NetBIOS. SMB enables Windows File and Printer Sharing.

• NetBIOS over TCP/IP(NBT)
• NetBIOS Frames(NBF)
• Server Message Block(SMB)

• Haugdahl, J. Scott (1990).Inside NetBIOS.Architecture Technology Corp.ISBN99914-57-34-8
• Silberschatz, Abraham; Galvin, Peter Baer; Gagne, Greg (2004).Operating System Concepts.(7th Ed.). John Wiley & Sons.ISBN0-471-69466-5
• Meyers, Michael (2004). "Managing and Troubleshooting Networks". McGraw-Hill.ISBN978-0-07-225665-9
• Tamara Dean.Network+ Guide to Networks,pg. 206 (NetBEUI)

• LAN Technical Reference: 802.2 and NetBIOS APIs
• Implementing CIFS(from theSambateam, published under theOpen Publication License)
• NetBIOS, NetBEUI, NBF, SMB, CIFS Networking
• Open Systems Interconnection (OSI) Reference Model for NBF, NBT, and NBX
• LMHOSTS File
• NETBIOS End Characters / Suffixes– Microsoft Knowledge Base article describing list of NetBIOS Suffixes.
• Windows 7 NetBIOS Library in Visual Basic - Coder Bliss – Jon Reedholm.
• Richard Sharpe (8 October 2002)."Just what is SMB?".Archived fromthe originalon 2 December 2009.Retrieved1 January2012.