If it does match, the matching host then sends a UDP
packet back with its IP address.
Since LLMNR is specialized, it can respond only to requests where a single hostname
is entered. If you enter a fully qualified domain name (FQDN), LLMNR will not resolve
it. LLMNR is also responsible for making sure that its hostname is unique in its segment.
This ensures that requests for name resolution don??™t result in duplicate matches. If the
LLMNR-enabled host receives a request for name resolution and it has not yet checked
whether the name is unique, it marks its response back to the requesting host of its address
but also sends an indication of this particular condition??”that is, the requesting
host receives two replies. The host that has performed a uniqueness check gets accepted
and the one that hasn??™t performed the check does not (even though there is in fact a
conflict).
LLMNR is enabled by default on all Windows Server 2008 installations. On some occasions,
you or your security policies might dictate that this functionality be disabled.
LLMNR can be disabled on all network interfaces or on a specific network interface. To
disable LLMNR on all network interfaces, create and set the following registry value to 0
(zero):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DnsCache\Parameters\
EnableMulticast
To disable LLMNR on a specific network interface, create and set the following registry
value to 0 (zero):
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\
\EnableMulticast
Note that every network adapter is assigned its own unique GUID.
Pages:
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376