reducing name resolution traffic

Some preliminary informatiion:
Mixed network with NT, 2003 AD, Citrix, Netware NDS, Unix in a 9 site wan connected with PtP T1's with [majority of] 9x and some 2k clients. Static ip addressing thruout.
NW is the primary DNS server with 2003 DNS forwarding any unknown requests to it.

I don't want to use dynamic DNS/dhcp due to traffic across the routers. Organization logs in at the same time spans each day. Part of my T1's are channelized for telephone voice traffic.

In reviewing documentation dealing with client b, p, m and h nodes name resolution techniques I find it amazing that DNS is used last. I know there is a reg hack in 9x to use DNS first. But it appears to me the best thing to do is have a lmhosts file on every pc. When booted the #pre loads these entries into the local netbios cache. This way name resolution [only to servers not doing any peer to peer networking] would be resolved at the local cache and never hit the wire.

Your thoughts and input? TIA

Im not really sure what you are looking for except that you want to eliminate traffic on the T1's. First make sure your novell servers are running IP with SLP enabled as well no IPX is enabled accross the T1's. SAP's such as GNS is a broadcast happy. next setup a wins server so your clients are not using broadcasts for netbios name resolution WINS is unicast, also place WINS servers at remote sites. make sure if using IP-helper on your routers they are directed at the specific host servers and not the whole subnet. all microsoft boxes you can change the name resolution order if you wish but should not be necessary. I would need to know the e-mail system you are using and where the servers are as there is plenty of ways to reduce WAN traffic by placing post offices at the remote locations as well as authentication servers there. what are you using for routing protocol? I would not use RIP either static routes or cisco ODR (on demand routing) this uses CDP and works great if you have a hub spoke topology, EIGRP works good as there are plenty of ways to reduce WAN traffic on small pipes if your network is more complex.

Hi Juniperr. I was hoping you were out there :-)

No ipx and using SLP. That was a project that took 2 1/2 years to complete with no downtime to the organization. I had to upgraded NW4x to 5x and replace 13 routers over the course of that time. Cisco 1750/1 routers thruout. Except for one site, that has servers, the rest are spokes on a hub. Too small of sites to justify wins servers. Central wins server seems to be working fine. Half of the pcs at the remote sites are running ICA clients on the Win95 boxes so no wins required.

I think my question really comes down to if each pc has a proper lmhosts file [easy to roll out via logon script] would any other name resolution have to take place? We aren't doing any peer to peer networking. Doing direct to ip port printing. Only the servers need to be resolved. My thought here is that with a lmhosts file on each pc no across-the-wire name resolution will have to take place.

This has not been a issue with the mixture of NW and MS. But we qualify for charity pricing from MS and this is making a migration to pure MS VERY attractive. Otherwise I have to go to NW6.5 and E-Directory which will keep the heterogeneous network but with single signon and single point of management for all servers. Tempting. But going to just MS and Unix is attactive also. Might be able to dump some old apps they keep hanging on to.

I just don't want to be in the middle of a upgrade project only to find Microsoft has more WAN overhead [they haven't been doing wan stuff as long as netware has - I would not classify NT as a wan product]. I can see name resolution as a traffic generator.

We aren't doing dynamic routing so all the routers have static tables. Email is Pegasus [cost $32 for the book and cd, nds aware and has spell checker - match that Exchange :-)]. But in the future maybe [can't educate my users - clinical people/minds] Exchange. We are a closed network with no internet to the network. Internet access is done by standalone kiosks. Perhaps when the present CEO retires in less than two years I can open up this aspect but patient record security is paramount. I don't want to take on any other security monitoring/maintenance tasks since I am limited to two staff.

So do you think a lmhosts file would eliminate name resolution broadcasts? Makes sense to me that it would. But if that were the case everyone would be doing it that way. Right? :-) OK so we know better then that.

Thanks again for your input.

If you have the PCs set to use WINS and told TCP/IP to use LMHOSTS and DNS then they use H-node by default, the resolution order is as follows...
To resolve a name, your PC will follow this sequence: NetBIOS name cache, WINS, broadcast, LMHOSTS, HOSTS, and Domain Name System (DNS).

The thing with lmhosts is that you would use the #PRE command which would pre load the entries into RAM meaning that when your PC whent to resolve it would find the #PRE in the Netbios name cache which it will look at first if not found then it will check WINS then broadcast then check lmhost standard entries ( the ones without #PRE ) then hosts, then DNS. so the answer to your question is no it would not broadcast if your lmhosts file uses #PRE. Hope this answers your question?

why this isnt used normally is because almost everyone uses DHCP even accross WAN links larger networks would place a WINS server and DHCP server at the remote sites allong with a post office. the gain of pre loading your servers would not be that benificial. for you to PRE load all workstations would be a administrative nightmare especialy when swapping or renaming machines.

It usualy comes down to money and Im pretty much against microsoft in this aspect. (have you ever tried putting exchange 2000 in a DMZ? hahaha costs you an arm and a leg as you have to buy two exchange licenses to have a front end server) compaired to novell groupwise where you would just put the GWIA and webaccess in the DMZ. novell 6.5 is very strong server apache web server is its default and is how you fully administrate the server using i-manager. also you should be using NDPS in your network especialy if there is only two of you its nice to just click on a user in NDS and say add that printer to there workststion at login. (nice for roaming users also). zenwork works nice for dynamic local users on the 2000 and xp workstations. another point is that you dont need a novell client on the PCs as it can enable CIFS and join the server to a microsoft domain. as well NFS can be enabled so unix can login directly as well as MACs using appletalk. Netware 7 that is to be released this winter will have a choice of linux kernal or Netware kernal already groupwise runs on pure linux as well as NDS. just something to chew on when pricing. you could also look into putting linux on desktops for cost savings depending on user needs ximian (novell linux desktop) comes with a e-mail connector that can connect to groupwise, exchange 2000/2003,smtp, or pop3. open office has been 100% office compatible for me so far. ( I run SuSE linux with ximian desktop on my laptop right now) . something to look into if you are looking at upgrading. Ive done probably 25 novell server upgrades in the last year to 6 and 6.5 and I really like the product unfortunately most clients are converting to microsoft because of app vendors pushing them or they get a new admin that only knows how to point and click in a GUI hehe. It is also notable that to perform the same functions in a all microsoft environment you depend heavily on 3rd party apps such as SPAM filtering it is built into groupwise GWIA and SMS is not nearly as robust as zenworks or altiris. firewall would rely on 3rd party (pix, firewall-1) as ISA is not as friendly, robust or secure as bordermanager. this is just my two cense. hehe studing CLE at the moment LOL see ya around.