How to benefit from Link-Local Multicast Name Resolution.

How to benefit from Link-Local Multicast Name Resolution.

  • Comments 1
  • Likes

In a nutshell, Link-Local Multicast Name Resolution (LLMNR) resolves single label names (like: COMPUTER1), on the local subnet, when DNS devolution is unable to resolve the name.  This is helpful if you are in an Ad-Hoc network scenario, or in a scenario where DNS entries do not include hosts on the local subnet.

In order to benefit from LLMNR, you need to enable Network Discovery on all nodes on the local subnet.  In Microsoft operating systems, this option and LLMNR functionality are only included on Windows Vista and Windows Server 2008.

My testing of LLMNR has uncovered a couple of points of interest:

  • If Network Discovery is not enabled on a client, it will still send out an LLMNR request unless it has been disabled via group policy.  To disable LLMNR via group policy, set the following group policy value:

    Group Policy = Computer Configuration\Administrative Templates\Network\DNS Client\Turn off Multicast Name Resolution. (Enabled = Don't use LLMNR, Disabled = Use LLMNR)

  • However, a host will not respond to the LLMNR request if Network Discovery is not enabled. 

This limitation is important because, by default, a network where LLMNR is likely to be most useful is an Ad-Hoc network, such as a few friends at a coffee shop on a Wi-Fi network.  In these scenarios, Network and Sharing Center is most likely going to classify the network as a Public network.  This classification, in addition to enforcing the public firewall profile, will turn off Network Discovery, File Sharing, Public Folder Sharing and Printer Sharing.  Therefore, none of the hosts will respond to LLMNR requests since Network Discovery is turned off.

Network Discovery can be turned on in these scenarios by going to the Control Panel and double clicking Network and Sharing Center.  Then, under Sharing and Discovery, select Network Discovery.  Click the option Turn on Network Discovery and click Apply.  You will be prompted to accept the associated security risk of being discoverable on a public network.  After enabling Network Discovery on each host, they will respond to LLMNR requests and you will be able to resolve the IP of computers by single label name.

For a very good description of what Link-Local Multicast Name Resolution is, and how it works, see this article from The Cable Guy : http://technet.microsoft.com/en-us/library/bb878128.aspx