listen for session request traffic on specific ports and therefore cannot make use of port address translation technology. Recall from previous curriculum that UDP and TCP have roughly 65,535 associated ports each. It is highly unlikely that a single client host accessing network resources will legitimately need to use all of these ports at the same time. Typically, a single host being used for normal Internet activities will maintain around a dozen sessions through a NAT router at any given time. Consider these typical Internet browsing activities:

• How many web pages are open at the same time?
• Is email or newsgroup software updating messages in the background?
• How many file download sessions are active?
• Are any IM applications running in the background?
• What background processes, like DNS, are supporting other applications?

Because a single inside host does not require all of the ports available on an outside address, NAT overload allows multiple inside hosts to make use of the unused ports on a common outside address. It does this by including the port numbers for a given session in the translation table. Recall that a single entry in a normal static or dynamic NAT table represents a single host inside the network. In a table for NAT with overload, a single entry now represents a single transport-layer session. Figure shows a translation table with entries for NAT with overload.

---

Content 6.1 Characteristics of Transport Layer Technologies 6.1.8 NetBIOS and NetBEUI NetBIOS and NetBEUI are a pair of protocols that work together to provide easily configured, broadcast-based networking service for computers running the Microsoft Windows family of operating systems. NetBIOS supports the following network services:

• Network name registration and verification
• Session establishment, termination, and management
• Reliable session data transfer (connection-oriented)
• Unreliable datagram data transfer (connectionless)
• Monitoring and management of network interfaces and lower-layer protocols

One of the main advantages of using NetBIOS and NetBEUI is that they are simple to configure. The main failing of NetBIOS is that it uses a broadcast-based non-hierarchical namespace, forcing it to rely on other network layer protocols if used over a routed network. NetBIOS Names
The NetBIOS name space is 16 bytes long. The first 15 characters are the computer name defined by the user during configuration. The last character is a hexadecimal digit representing the type of data in the NetBIOS name and network service using that data on a given machine. NetBIOS computers advertise this information to show what services they can offer to the remainder of the network. NetBIOS names can also be used to identify a machine as being part of a workgroup or domain. The 16th character is also used to identify a NetBIOS name as being either unique as in a computer or user name, or group such as a Microsoft Windows Workgroup or Domain name. Figure shows the common suffixes for NetBIOS names and the Microsoft networking services that use them. NetBIOS in Operation
There are three main stages in the operation of NetBIOS:

• Name registration
• Name discovery
• Name release

When a Windows NT computer starts up, the various services running on the machine register themselves using the unique NetBIOS name of the machine and the appropriate hexadecimal character at the 16th byte position. This process is called NetBIOS name registration and uses either a broadcast to the local network or a unicast to a local NetBIOS name server if one has been configured for the computer. When one NetBIOS host needs to communicate with another, it needs the NetBIOS name of the remote machine. This name can either be input by the user or can be obtained from a network browse list. The browse list is a list of network names and services available on the network that is maintained by a master browser machine. The browse list is built from the NetBIOS information broadcast during the NetBIOS name registration process during the start up of a machine. This list is maintained by the master browser and is sent to one or more backup browsers in the network. Opening Network Neighborhood in Windows displays the browse list for the network. Periodically, the NetBIOS host computer contacts the master browser for a list of backup browsers from which one is selected. The host computer then contacts the backup browser, retrieves the browse list, and displays it to the user. If the client cannot locate a master browser on the network, it initiates a browser election to ensure a master browser and at least one backup browser is elected in the network. The computer browser service only supplies NetBIOS name information. The NetBIOS name discovery process is what occurs when a NetBIOS name needs to be resolved to a lower-level network address. On a local network, this process is completed using either broadcasts to the local network or using a unicast message to a NetBIOS name server if present. The NetBIOS name resolution process is discussed later in this section When an application or networking service on a host is stopped, the NetBIOS name for that service on that host is available for use by another host. This process is called “NetBIOS Name Release” and is the process that is used to remove services from the network when a network host is shut down. NetBIOS Name Discovery and Resolution
The operation of NetBIOS-based networks is dependent on resolving NetBIOS names to lower-layer addresses. Because resolving names to addresses is so important, Windows computers use the following process to efficiently check up to six sources of information when attempting to connect to another computer:

1. Check the local NetBIOS name cache
2. Contact a NetBIOS name server
3. Broadcast the name resolution request locally
4. Check the locally stored LMHOSTS file (Windows only)
5. Check the locally stored HOSTS file (Windows only)
6. Contact a Domain Name System server (Windows only)

1. Windows computers maintain a local cache of recently resolved NetBIOS names. This speeds up resolution of names for computers that are connected to regularly.
2. A NetBIOS Name Server (NBNS), normally a Microsoft Windows NT server running the Windows Internet Name Service (WINS) service, maintains name and address information for all computers on the network. Windows computers configured to use a NBNS server do a number of things during startup and shutdown.

During startup, the client computer requests its own name from the name server to check that no other computer on the network has the same computer name. Recall that NetBIOS names must be unique on the network. If the client computer is already registered in the network, the name address currently being used by the client computer is returned. If the client computer is new to the network, the server returns a message indicating that the requested information is not found, and the client computer registers its own name, address, and services provided in the WINS database. This information remains in the database until the machine is shut down when the client computer requests its registration be released from the database.

1. If the NBNS does not contain name resolution information for the requested machine name, the Windows client sends a local broadcast in an attempt to contact the remote host directly. If there is no response, the Windows computer checks locally stored files.
2. Administrators of Windows computers can configure them with files containing hard-coded name-to-address resolution information. The first of these files is called LMHOSTS (LAN manager hosts) and is a remnant of older implementations of Windows networking.
3. If a suitable entry is not found in the LMHOSTS file, another locally stored file called HOSTS is checked. The HOSTS file is similar to the LMHOSTS file and is a remnant of older