Description of the Microsoft Computer Browser Service

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article was previously published under Q188001
This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft Active Directory services in Windows 2000 and Windows XP replace the computer browser service used in earlier versions of Windows to providethe network basic input/output system (NetBIOS) name resolution. Thebrowser service in Windows 2000 is provided for backwards compatibilitywith client computers that are running earlier versions of Windows.

This article describes the basic methods by which a server computerprovides browse list functionality to client computers on the network.For a more detailed explanation of the browser components, see thefollowing documents:
  • Microsoft Windows NT 4.0 Resource Kit, Chapter 3, "Windows NT 4.0 Browser Service."
  • The "CIFS/E Browser Protocol" document availableat the following Microsoft Web site:
  • The browser registry settings described in the Microsoft Windows NT 4.0 Resource Kit Regentry.hlp file.
The primary function of the browser service is to provide a list ofcomputers sharing resources in a client's domain along with a list ofother domain and workgroup names across the wide-area network (WAN). Thislist is provided to clients that view network resources with NetworkNeighborhood or the NET VIEW command.
The browser service maintains a list of the domain name or workgroup namethe computer is in, and the protocol being used for each computer on thenetwork segment being served by the computer running the browser service.On each network segment, a master browser is elected from the group ofcomputers located on the segment that are running the browser service.

The master browser is responsible for collecting host or serverannouncements, which are sent as datagrams every 12 minutes by eachserver on the network segment of the master browser. The master browserinstructs the potential browsers for each network segment to becomebackup browsers. The backup browser on a given network segment provides abrowse list to the client computers located in the same segment.

NOTE: In a Windows NT domain structure, the primary domain controller(PDC) is always selected as the domain master browser. Only the PDC canbe a domain master browser. If a PDC is not present, a domain masterbrowser is not available and you are unable to obtain browse lists fromworkgroups other than the workgroup you are located in.

On a given network segment, there is only one master browser. All domaincontrollers other than the PDC are designated as backup browsers.Additionally, one backup browser is allocated for every 32 computers onthe network segment.

In a workgroup configuration containing Windows NT Workstation-basedcomputers, there is always one master browser. If there are at least twoWindows NT Workstation-based computers in the workgroup, there is alsoone backup browser. For every 32 Windows NT Workstation-based computersin the workgroup, there is another backup browser.

If there is not a domain controller present on a given network segment,then an election process is started that chooses a master browser andbackup browser from the computers on the segment using the followingorder of priority:

Windows 2000 Server
Windows 2000 Professional
Microsoft Windows NT 4.0 Server Enterprise Edition
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Workstation
Microsoft Windows 98
Microsoft Windows 95
Microsoft Windows for Workgroups 3.11

Domain Master Browser Role

Because the browser service is bound by broadcast segments and eachmaster browser maintains its own separate list, there must be a way tomerge these lists into a single domain-wide list. This functionality isprovided by the domain master browser that is the PDC for the domain.This functionality is not required for network protocols other thanTransmission Control Protocol/Internet Protocol (TCP/IP).

The PDC has is also responsible for connecting to its primary WindowsInternet Name Service (WINS) server every 12 minutes to obtain a list ofall the DomainName type <1b> entries that are registered by the PDCsthroughout the enterprise. This is done by issuing an MSRPCR_WinsGetBrowserNames request. These names, along with the workgroupannouncement datagrams collected by the master browsers throughout theWAN, build the full list of domain and workgroup names. The namesdiscovered by workgroup announcements take precedence over those obtainedfrom WINS. These domain and workgroup names also contain the name of theserver registering any given computer in the browse list. In the eventthat a WINS server is not available, or it is not registered, theclient's browser requests the list of servers from the computer thatregistered the name. This operation is done on behalf of the client byits browser and is called a double-hop.

The PDC merges all the lists gathered by the master browsers on eachsegment across the WAN. Every 12 minutes, the master browser connects tothe PDC to obtain the domain-wide list. The list is obtained by firstissuing a NetServerEnum request with a flag of 0xFFFFFFFF. This requestretrieves the complete list of servers within the domain. The masterbrowser then issues the same request with a flag of 0x8000000, whichrequests all of the domain and workgroup names.

To signal the PDC to retrieve the list collected by this master browser,the master browser sends the PDC a directed master announcement frameover User Datagram Protocol (UDP) port 138. This signals the PDC toimmediately connect to the master browser and retrieve its list. Thiscommunication is also performed with two NetServerEnum requests. First, aNetServerEnum request with flag 0x40000000 is issued to request the locallist of servers collected by the master browser. Then, a NetServerEnumrequest with flag 0xC0000000 is sent to retrieve the local workgroupannouncement frames sent by the master browser of other domains orworkgroups on its segment. Each backup browser on the segment issues aNetServerEnum request with flags of 0xFFFFFFFF and x80000000 at 12-minuteintervals to obtain the complete list of servers, domains, and workgroupnames.

Registration And Propagation Time

Because the browser service relies on server broadcasts, itscommunication is connectionless and by definition unreliable. When aserver starts, it immediately sends a host announcement frame. Thisprocess is repeated at 4 minutes and again at 8 minutes. The process isthen repeated every 12 minutes thereafter.

Allowing for the loss of a few datagram frames, it is reasonable toexpect that the network segment's master browser will add a givencomputer's name to the browse list within 12 minutes after startup.Beyond this point, connection-oriented traffic is used and the sequencesare more deterministic. Within 12 minutes, the segment's master browserwill connect to the PDC to obtain the domain-wide list, and at the sametime the PDC will connect to the master browser and learn of the newserver.

Master browsers on remote segments also connect to the PDC at 12-minuteintervals and soon learn of a new server. Within 12 minutes of the remotemaster browser learning of a new computer's name, all the backup browsersconnect to their master browser. At this point, all browsers on a remotesegment know about the new server. In a multi-segment WAN environment,the maximum amount of time it should take for all clients within thedomain to see the new computer is 48 minutes (12 + 12 + 12 + 12). On anetwork on which broadcasts and network usage are well within safeparameters, this period should average approximately one-half as long (24minutes).

Removing computers from the browse list may take more time. To allow forlost datagram frames, the master browser does not remove a server fromits list until 3 announcement periods have passed. If the server is notshut down gracefully or if network connectivity is lost, the server canremain in the master browser's list for up to 36 minutes. After thistime, the PDC is notified to remove the server name. The samecommunication flow follows to remove a server's name. Within 12 minutes,a master browser on a remote segment obtains the domain-wide list fromthe PDC, and within 12 minutes each backup browser connects to the masterbrowser. This process can take as long as 72 minutes to finish (36 + 12 +12 + 12). If the server is shut down gracefully, the browser sends asingle Host Announcement frame indicating that it is no longer acting asa server. Upon receipt of this datagram, the master browser immediatelyremoves the server from its local list. On a network on which broadcastsand network usage are well within safe parameters, this period shouldaverage approximately one-half as long (36 minutes).

Because a server's browser role is defined dynamically with periodicelections, determining the flow of communication used to provide thebrowse list to a specific client computer can be difficult. If a masterbrowser is shut down gracefully, the master browser forces an electionfor a new master browser during shutdown. If the backup browser that winsthe election has been present on the network long enough to receive acomplete browse list, it starts as a master browser with a fullypopulated browse list, and browse functionality continues on the networksegment without interruption.

If a server that was acting as the master browser is not shut downgracefully or if the master browser's force election request datagram islost, there may be a delay before browse functionality is available onthe network segment. An election of a new master browser is caused if aclient computer requests a browse list and is unable to locate a masterbrowser. It may take up to 12 minutes for a backup browser to discoverthat no master browser is present, depending on network usage.

Name Resolution Requirements

Name resolution across the domain is critical for the distributedbrowsing model to operate. All computers across the WAN that arepotential master browsers must be able to resolve the DomainName type<1b> entry for the PDC. After a potential master browser receives apositive response to the query for a PDC, the master browser must also beable to resolve the computer name type <00> entry of the PDC. The PDCmust be able to resolve the names of all computers that are potentialmaster browsers in order to be able to connect to them. The PDC listensfor directed master announcements from the master browsers on UDP port

This announcement triggers the PDC to resolve the computer name type<00> of the master browser, and to request the browse list maintained by the master.

Once a browse list is presented to a client computer, the client computermust resolve the NetBIOS name entry of any computer listed in order toview shared resources. Therefore, all client computers must be able toresolve the Internet Protocol (IP) address of all computers in thedomain. In most networks configurations, this means that the distributedWINS infrastructure must be working properly.
browser browsing

Article ID: 188001 - Last Review: 12/05/2015 08:49:30 - Revision: 5.0

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional Edition, Microsoft Windows XP Home Edition, Microsoft Windows XP Professional

  • kbnosurvey kbarchive kbenv kbinfo KB188001