Scientists say that even though our DNA is composed of billions of genes, less than 1 percent of those genes are active and make us human. The rest are just legacies, left over from billions of years of evolution. Windows 2000 is set up much the same way. Even though Microsoft hasn’t had billions of years to evolve Windows 2000, there are lots of legacy code and features lingering around inside of it leftover from Windows NT, Windows 9x, and even Windows 3.1 and DOS.

One of the best ways to optimize your Windows 2000 server is by eliminating some of those legacy features. NetBIOS is an example of a leftover feature that can slow down your server. In this Daily Drill Down, I’ll show you what NetBIOS is, why it slows your server down, and how to eliminate it from your server.

What’s NetBIOS?
Network Basic Input Output System (NetBIOS) was created by IBM in the early days of network systems to allow computers on LANs to communicate with one another. In the early 80s, when Microsoft and IBM were still on speaking terms, Microsoft adapted this technology to its Windows operating systems. As the years went on, NetBIOS became the de facto standard for name resolution in the Windows operating systems.

NetBIOS serves as a name resolution scheme much the same way DNS does. NetBIOS allows you to use friendly names to describe computers. If you’ve ever dealt with WINS on an old Windows NT server or entered a name for a workstation in the Identification field, you’ve set a NetBIOS name.

With the introduction of Windows 2000 and Active Directory, new tools and methods have been introduced to resolve network resources and friendly names. “New” of course is a relative term. Rather than relying on NetBIOS for name resolution, Windows 2000 and Active Directory can now rely on DNS, an old Internet technology put to new use in Windows 2000.

What’s wrong with NetBIOS?
Because NetBIOS has been around for almost 20 years, I’m sure that you’re wondering what’s wrong with it and why you should consider removing it from your Windows 2000 environment. The answer is that NetBIOS has two major deficits: routability and efficiency.

First off, NetBIOS is nonroutable. This means that without some serious help from another protocol or server, NetBIOS will not carry between domains and is completely useless if you have a router on your network. NetBIOS can only operate on a per-segment basis. In a small network with one server, a couple of laser printers, and a few dozen workstations in one office, NetBIOS works just fine.

However, in a network environment containing multiple interoperable domains in different parts of the world where routers are involved, NetBIOS becomes useless. It also become useless in a medium-size network where you have multiple segments on one domain. NetBIOS’s inherent routability limitations are what cause you to have to deal with WINS and all of the headaches that WINS can cause.

Another reason to eliminate NetBIOS in a network environment is network overhead. Optimizing bandwidth is not necessarily the only way for you to decrease network overhead. Because NetBIOS is a broadcast-based protocol, it has to send its information to every client on a network segment. As you can probably guess, this produces excessive overhead on the network because NetBIOS communicates with every other system on the network in order to pass each packet of information. As thousands of packets cross your network, a great many of them wind up being tossed aside because they’re heading to workstations that aren’t intended to receive the data within the packets.

With the use of Active Directory and its requirement for DNS on your network, there’s no reason to use two services (DNS for TCP/IP traffic and WINS for NetBIOS traffic) to resolve host names. In a Windows 2000 environment, you can eliminate NetBIOS and WINS, allowing TCP/IP and DNS to do all of the name resolution and packet passing for you.

Administrator caveat
When you eliminate NetBIOS on your Windows 2000 network, only Active Directory-enabled workstations that are connected and authenticated to Active Directory and your Windows 2000 servers will be able to find network resources. This can help increase security, but it can also cause headaches if you’re still running Windows 9x or Windows NT workstation clients on your network. These clients will not be able to find network resources on your Windows 2000 servers after removing NetBIOS. Other client operating systems that can be affected by the elimination of NetBIOS include Linux workstations using Samba and OS/2 workstations.

Before you remove NetBIOS from your network, make sure that none of your applications require NetBIOS for proper operation. Don’t be surprised if, after you remove NetBIOS, My Network Places no longer displays workstations on your network, because it relies on NetBIOS. Likewise, system applications like NET VIEW won’t display available resources. Once you’re sure your applications will survive without NetBIOS and you’ve eliminated all non-Active-Directory-enabled clients, you can go on with the business of eliminating NetBIOS.

Eliminating NetBIOS
Because you’ll be using Active Directory and DNS to eliminate NetBIOS, your first step is to deploy Windows 2000 on your servers, removing all of your old Windows NT servers in the process. You should remove any old Windows NT servers from your network because they can’t fully support Active Directory and won’t be able to share resources after you eliminate NetBIOS. You should also make sure your Windows 2000 servers are running in native mode. To learn the difference between mixed mode and native mode, see the Daily Feature “Understanding the difference between mixed mode and native mode in Windows 2000.”

Next, check which protocols are running on your server. To do so, right-click My Network Places and choose Properties. When you see the Network And Dialup Connections window, right-click Local Area Connection and select Properties. You’ll then see the Local Area Connection Properties menu as shown in Figure A.

Figure A
Remove unnecessary protocols from your server.

Check the installed protocols on the Properties menu. If you’ve upgraded to Windows 2000 from Windows NT, you may notice that you’re running multiple protocols including IPX, NetBEUI, and TCP/IP. You should remove all of these protocols except for TCP/IP. You only need IPX if you’re running NetWare servers as well as Windows 2000 servers on your network. NetBEUI is the main transport protocol for NetBIOS, so you should remove this as well. To remove the unnecessary protocols, select them one a time in the Properties menu and click Uninstall.

Removing NetBEUI by itself isn’t enough to eradicate NetBIOS from your network. That’s because Windows 2000 also encapsulates NetBIOS within TCP/IP. The version of NetBIOS that runs over TCP/IP is called NetBT. To remove NetBT, select TCP/IP in the Properties page mentioned above and click Properties. When the TCP/IP Properties page appears, click Advanced. You’ll then see the TCP/IP Advanced Properties page.

Next, click the WINS tab. Select the Disable NetBIOS Over TCP/IP radio button. You should also uncheck the Enable LMHosts Option. You won’t need LMHosts anymore because you are removing WINS as your resolution protocol. Therefore, you will not need to use LMHosts to resolve host names and/or IP addresses on your network. Click OK to close the Properties screens.

After you’ve closed all of the Properties menus, you will have turned NetBIOS off on your Windows server. To complete the task of removing NetBIOS from your network, you’ll have to follow the exact same procedure on all of your Windows 2000 Professional workstations. If you use DHCP to allocate TCP/IP addresses, you’re in luck because you don’t have to physically visit each workstation on your network. Instead, you can prevent workstations from enabling NetBIOS Over TCP/IP by reconfiguring Scope information on your DHCP server.

Configuring DHCP to kill NetBIOS on workstations
Don’t forget that when you use DHCP, it does more than just assign TCP/IP addresses to remote workstations. It also completely configures TCP/IP for the workstation, giving it information about such things as DNS servers, default gateways, and NetBIOS Over TCP/IP. This is a good thing for you as a network administrator, because it saves you the trouble of having to personally visit every Windows 2000 Professional workstation on your network to make the changes I discussed in the previous section.

To configure DHCP to block NetBIOS, start the DHCP MMC on your Windows 2000 server. You’ll start the DHCP MMC by clicking Start | Programs | Administrative Tools | DHCP. When the DHCP MMC opens, open the DHCP branch in the left pane that leads to your DHCP server by clicking server | Scope | Scope Options, where server is your DHCP server.

Right-click Scope Options and select Configure Options. When the Scope Options screen appears, click the Advanced Tab. Select Microsoft Windows 2000 Options from the Vendor Class drop-down list box. Make sure that the value of the User Class field is set to Default User Class. Select the 001 Microsoft Disable NetBIOS Option check box. When the Data Entry pane becomes available, set the value of the Long field to 2 as shown in Figure B.

Figure B
You can remove NetBIOS on clients by configuring DHCP.

Click OK to save your changes and close the Scope Options window. You should also close the DHCP MMC. To ensure that the DHCP changes you’ve made have taken effect, restart your Windows 2000 server or, at minimum, stop and restart the DHCP service. The next time your Windows 2000 Professional workstations obtain a TCP/IP address from your DHCP server, NetBIOS will be disabled on the workstation.

Rest in peace, NetBIOS
After NetBIOS is gone, you’ll notice that your network runs a little faster. You will, however, need a new way to allow clients to find network resources. Fortunately, you can publish the resources in Active Directory. To find out how to do this, see the Daily Feature “Publishing resources using Active Directory.” After you do that, you can rest comfortably with the knowledge that you’ve removed leftover technology from the 80s and improved your network at the same time.