CHAPTER 2
IMPLEMENTING TCP/IP
Lesson 1:
TCP/IP Overview
TCP/IP is an industry-standard suite of protocols designed for wide area networks (WANs).
Benefits of TCP/IP
All modern operating systems offer TCP/IP support, and most large networks rely on TCP/IP for
much of their network traffic. TCP/IP is also the protocol standard for the Internet.
Several of these standard utilities, such as File Transfer Protocol (FTP) and Telnet, are included with
Windows 2000 Server. Adding TCP/IP to a Windows 2000 configuration offers the following
advantages:
If offers a technology for connecting dissimilar systems. TCP/IP is routable and can be connected to
different networks through gateways.
It allows for a robust, scalable, cross-platform client/server framework.
It provides a method of gaining access to the Internet. By connecting to the Internet, a virtual private
network (VPN) or extranet can be established, allowing for inexpensive remote access.
In addition, Macintosh clients can now use the TCP/IP protocol to access shares on a Windows 2000
server that is running File Services for Macintosh (AFP [AppleShare File Server] over IP), making it
easier to network with Macintosh computers.
Windows 2000 TCP/IP communication Protocols
A significant feature of Windows 2000 is the ability to connect to the Internet and to dissimilar
systems. Windows 2000 also has advanced security features that can be implemented when
connecting to a system across a network.
IP Security. IP Security (IPSec) is a technology used to encrypt TCP/IP network traffic. IPSec
enables secure data transfer between remote clients and private enterprise servers through a virtual
private network (VPN).
Point-to-Point Tunneling Protocol. The PPTP provides VPN functionality similar to that which
IPSec provides. PPTP also supports multiple network protocols such as IP, Internetwork Packet
Exchange (IPX), and NetBIOS Enhanced User Interface (NetBEUI).
=====================================================================
wininf2.html PAGE
2 2002/03/20
Layer Two Tunneling Protocol. The Layer Two Tunneling Protocol (L2TP) is a combination of
PPTP and L2F. L2F is a transmission protocol that allows dial-up access servers to frame dial-up
traffic to PPP and transmit it over WAN links to an L2F server (a router).
Windows continues to support:
· AppleTalk
· IPX/SPX (Internetwork Packet Exchange/Sequenced Packet Exchange
· NetBEUI
TCP/IP Stack Enhancements
Windows 2000 includes several TCP/IP stack enhancements including:
- Large window support that improves performance when many packets are in transit for
long periods of time.
- Selective acknowledgements that allow a system to recover from congestion quickly.
- The ability to better estimate round-trip time.
- The ability to better prioritize traffic for demanding applications.
TCP/IP Utilities
Data transfer utilities. Windows 2000 provides support for several different IP-based data
transfer protocols. There include FTP (File Transfer Protocol), HTTP (HyperText Transfer
Protocol) and the Common Internet File System (CIFS).
Telnet. UNIX hosts have traditionally been managed using Telnet a text interface similar to a
command prompt that can be accessed across the IP network. Windows 2000 provides both a
Telnet client and server.
Printing Utilities. Windows 200 can print directly to IP-based printers. LPR prints a file to
a host running the Line Printing Daemon (LPD) service. LPQ obtains the status of a print queue
on a host running the LPD service.
Diagnostics Utilities. Windows 2000 provides several utilities for diagnosing TCP/IP-related
problems including PING, Ipconfig, Nslookup and Tracert.
=====================================================================
wininf2.html PAGE
3 2002/03/20
Architectural Overview of the TCP/IP Protocol Suite
TCP/IP protocols provide networking support to connect all hosts and sites, and follow a set of standards
for how computers communicate and how networks are interconnected. TCP/IP protocols follow a four
layer conceptual model known as the DOD or Department of Defense. Application, Transport, Internet,
and Network Interface.
Application Layer
The Application layer is at the top of the four-layer conceptual TCP/IP model, and is where software
programs gain access to the network. This layer corresponds roughly to the Session/Presentation and
Application Layers of the OSI. These utilities and services run at the application layer:
HyperText Transfer Protocol (HTTP). HTTP is the protocol used for the majority of the WWW
communications. Windows 2000 includes Internet Explorer as an HTTP client, and Internet Information
Server (IIS) as a HTTP server.
File Transfer Protocol (FTP). FTP is an Internet service that transfers files from one computer to another.
Internet Explorer and the command-line utility FTP both act as FTP clients. IIS includes an FTP server.
Simple Mail Transfer Protocol (SMTP). SMTP is a protocol that mail servers use to transfer e-mail. IIS
can send messages using the SMTP protocol.
Telnet. Telnet is a terminal emulation protocol that can be used to log on to remote network hosts. Telnet
offers users the capability of running programs remotely and facilitates remote administration.
Domain Name System (DNS). DNS is a set of protocols and services on a TCP/IP network that allows
users of the network to utilize hierarchical user friendly names when locating hosts instead of having to
remember and use their IP address.
Simple Network Management Protocol (SNMP). SNMP allows you to manage network nodes such as
servers, workstations, routers, bridges, and hubs from a central host. SNMP can also be used to configure
remote devices, monitor network performance, detect network faults or inappropriate access, and audit
network usage.
Network Application APIs
Microsoft TCP/IP provides two interfaces for network applications to use the
services of the TCP/IP protocol stack:
=====================================================================
wininf2.html PAGE
4 2002/03/20
WinSock. The Sockets API is the standard mechanism for accessing datagram and session services
over TCP/IP.
NetBIOS. A standard API used as an inter-process communication (IPC0 mechanism in the Windows
environment. Although NetBIOS can be used to provide a standard connection to protocols that
support the NetBIOS naming and messaging services, such as TCP/IP and NetBEUI, it is included
with Window 2000 mainly to support legacy applications.
Transport Layer
Transport protocols provide communication sessions between computers and define the type of
transport service as either connection-oriented (TCP) or connectionless datagram-oriented (UDP).
TCP provides connection-oriented, reliable communications for applications that typically tr4ansfer
large amounts of data at one time. UDP, however, provides connectionless communications and
does not guarantee to deliver packets. Applications that use UDP typically transfer small amounts
of data at one time. Reliable delivery of data is the responsibility of the application.
Internet Layer
Internet protocols encapsulates packets into Internet datagrams and run all of the necessary routing
algorithms. Five protocols are implemented at this layer:
Address Resolution Protocol (ARP), which determines the hardware addresses of the hosts.
Reverse Address Resolution Protocol (RARP), which provides reverse address resolution at the
receiving host.
Internet Control Message Protocol (ICMP), which sends error messages to IP when problems
crop up.
Internet Group Management Protocol (IGMP), which informs routers of the availability of members
of multicast groups.
Internet Protocol (IP), which addresses and routes packets.
Network Interface Layer
Each of the local area network (LAN), metropolitan area network (MAN), WAN, and dial-up
types, such as Ethernet, Token Ring, Fiber Distributed Data Interface (FDDI), and ARCnet, have
different requirements for cables, signaling, and data encoding.
=====================================================================
wininf2.html PAGE
5 2002/03/20
The Network Interface layer is responsible for sending and receiving frames, which are packets of
information transmitted on a network as a single unit. The Network Interface Layer puts frames on
the network, and pulls frames off the network.
TCP/IP WAN Technologies
There are two major categories of WAN technologies supported by TCP/IP:
Serial lines, which include dial-up analog, digital lines, and leased lines.
TCP/IP is typically transported across a serial line using
either SLIP or PPP.
Windows 2000 Server supports both protocols with the Routing and Remote Access Service.
Because PPP provides greater security, configuration handling, and error detection than SLIP, it
is the recommended protocol for serial line communication.
Packet-switched networks, which includes X.25, frame relay, and asynchronous transfer mode
(ATM).
Transmission Control Protocol
TCP is a reliable, connection-oriented delivery service, for the 50th time, I hope I know it by know.
Oh, it is also routable!!!! TCP data is transmitted in segments, and a session must be established
before hosts can exchange data. TCP uses byte-stream communications, which means that the
data is treated as a sequence of bytes.
TCP achieves reliability by assigning a sequence number of each segment transmitted. If a segment
is broken into smaller pieces, the receiving host knows whether all pieces have been received. For
each segment sent, the receiving host must return an acknowledgment (ACK) within a specified
period. If the sender does not receive an ACK, then the data is retransmitted. If the segment is
received damaged, the receiving host discards it. Because in this case an ACK is not sent, the
sender retransmits the segment.
Internet Protocol (IP)
Although TCP separates data into discrete packets and is responsible for guaranteeing their delivery,
IP does the actual delivery. At the IP Layer, each incoming or outgoing packet is referred to as a
datagram. The IP datagram fields in the following table are added to the header when a packet is
passed up from the Network Interface Layer.
=====================================================================
wininf2.html PAGE
6 2002/03/20
======================================================================
Field Function
======================================================================
Source IP Address Identifies the sender of the datagram by the IP addresses.
Destination IP Identifies the destination of the datagram by the IP address.
Address
Protocol Informs IP at the destination host whether to pass the
Packet up to TCP or UDP.
Checksum A simple mathematical computation that is used to verify
That the packet arrived intact.
Time to Live (TTL) Designates the number of seconds a datagram is allowed to
Spend in transport before it’s discarded. This prevents
Packets from endlessly looping around an internetwork.
Each router that forwards the packet decrements the TTL by
One. The default TTL in Windows 2000 is 128 seconds.
=======================================================================
User Datagram Protocol
UDP offers a connectionless datagram service that does not guarantee delivery or sequencing of
delivered packets. UDP data checksums are optional, providing a way to exchange data over
highly reliable networks without unnecessarily consuming network resources or processing time.
UDP is used by applications that do not require an acknowledgement of data receipt. Examples
of services and applications tat use UDP are DNS, RIP, and SNMP.
Lesson Summary:
- TCP/IP is an industry-standard suite of protocols designed for WANs. Adding TCP/IP to a
- Windows configuration offers several advantages, including high interoperability, reliability,
scalability and security.
- TCP/IP
uses the four layer model (Application, Transport, Internet and Network.)
- At the Transport layer, TCP/IP provides IP with reliable, connection-oriented delivery.
- UDP, an alternative transport protocol to TCP, is a connectionless datagram service that does
not guarantee delivery of packets. It is used by applications that do not require an acknowledgment
of data receipt.
=====================================================================
wininf2.html PAGE
7 2002/03/20
Lesson 2:
Internet Protocol Addressing
A unique IP address is required for each host and network component that communicates using
TCP/IP. TCP/IP networks are usually categorized into three main classes that have predefined
sizes. Each network can be divided into smaller subnetworks by system administrators by using
a subnet mask to divide an IP address into two parts. One part identifies the host (computer),
and other part identifies the network to which it belongs. Each TCP/IP host is identified by a
logical IP address. The IP address is a network layer address and has no dependence on the
data-link layer address (such as a media access control address of a network Interface card.).
131.107 .3.24 (must be unique)
Network Host
ID ID
You must have the same Network ID for communication between networks.
The IP Address
An IP address is a 32-bit number that uniquely identifies a host (computer or other device, such
as a printer or router) on a TCP/IP network. IP addresses are normally expressed in dotted-
decimal format, with four numbers separated by periods, such as 192.168.123.132. Physical
address is the Mac Address which is burnt on the NIC card. You cannot change this address.
For TCP/IP WAN to work efficiently as a collection of networks, the routers that pass packets
of data between networks do not need to know the exact location of a host for which a packet
of information is destined. Routers only know what network the host is a member of and use
information stored in their route table to determine how to get the packet to the destination host’s
network. After the packet is delivered to the destination’s network, the packet is delivered to
the appropriate host. For this process to work, an IP address has
two parts: a network ID
and a host ID.
=====================================================================
wininf2.html PAGE
8 2002/03/20
The Network ID
The network ID identifies the TCP/IP hosts that are located on the same physical network.
All hosts on the same physical network must be assigned the same network ID to communicate
with each other.
*** see the diagram
on page 32 ***
The Host ID
The host ID identifies a host within a network. The host ID must be unique to the network
designated by the network ID. An IP address identifies a system’s location on the network
in the same way a street address identifies a house on a city block.
Dotted Decimal Notation
There are two formats for referencing an IP address, binary and dotted decimal notation. See
page 33, each IP address is 32 bits long and is composed of four 8-bit sections. These 8-bit
sections are known as octets. The example of IP address 192.168.123.132 becomes in
11000000.10101000.01111011.10000100 in binary format. The decimal numbers separated
by periods in the dotted decimal notation are the octets converted from binary to decimal
notation. The octets represent a decimal number ranging from zero to 255, and the entire 32
bits of the IP address are allocated to the network and host Ids as illustrated on page 33.
32 bits
NOTE: The network ID cannot be 127. This ID is reserved for loopback and diagnostic
functions.
Reversed Addresses:
10.0.0.0 (use internally, not on the Internet).
127.x.x.x (Series)
168.254.0.0 (Auto Addressing)
172.16-31.0.0 (Private Addressing)
192.0.1-4.0
Routers are programmed to not use the Reserved Addresses.
=====================================================================
wininf2.html PAGE
9 2002/03/20
IP Address Conversion from Binary to Decimal
To administer TCP/IP on your network, you should be able to convert bit values to an octet from
binary code to a decimal format. In binary format, each bit in an octet has an assigned decimal
value. A bit that is set to 0 always has a zero value, and a bit that is set to 1 can be converted to
a decimal value. The low-order bit represents a decimal value of one. The high-order bit
represents a decimal value of 128. The highest decimal value of an octet is 255 – that is, when
all bits are set to 1, see page 33 bottom.
(local broadcast)
255.255.255.255 (Broadcast to all Networks)
IP address cannot be all zeros or all ones.
8 Bits
1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1
255 Decimal Value
The following table shows how the bits in one octet are converted from binary code to decimal value.
Binary Code Bit Values Decimal Value
00000000 0 0
00000001 1 1
00000011 1 + 2 3
00000111 1 + 2 + 4 7
00001111 1 + 2 + 4 + 8 15
00011111 1 + 2 + 4 + 8 + 16 31
00111111 1 + 2 + 4 + 8 + 16 + 32 63
01111111 1 + 2 + 4 + 8 + 16 + 32 + 64 127
11111111 1 + 2 + 4 + 8 + 16 + 32 + 64 + 128 255
=====================================================================
wininf2.html PAGE
10 2002/03/20
Address Classes
Internet addresses are allocated by the InterNIC organization that administers the Internet. These
IP addresses are divided into classes. The most common of these Classes A, B, and C. Classes
D and E exist, but are not generally used by end users. Each of the address classes has a different
default subnet mask. You can identify the class of an IP address by looking at its first octet.
Following are the ranges of Class A, B and C Internet addresses, each with an example address.
Class A addresses are assigned to networks with a very large number of hosts. Class A use a
default subnet mask of 255.0.0.0 and have 0-126 as their first octet. The address 10.52.35.11
is a Class A address. Its first octet is 10. which is between 1-126 inclusive.
Class B addresses are assigned to medium-sized to large-sized networks. Class B networks
use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. The addresses
172.16.52.63 is a Class B address. Its first octet is 172, which is between 128 and 191,
inclusive.
Class C addresses are used for small LANs. Class C networks use a default subnet mask of
255.255.255.0 and have 192-223 as their first octet. The address 192.168.123.132 is a Class
C address. Its first octet is 192, which is between 192 and 223, inclusive.
The class of address defines which bits are used for the network ID and which bits are used
for the host ID.
Number of Number of
Hosts Range of Network Ids
Networks per Network (first Octet)
NHHH CLASS A 126 16,777,214 1-126 (127 Loopback)
NNHH CLASS B 16,384 65,534 128-191
NNNH CLASS C 2,097,152 254 192-223
NNNN/H CLASS D Multicast 224-239
CLASS E Experimental 240-247
IP Address Guidelines
Although there are no rules for how to assign IP addresses, be sure to assign valid network IDs,
and host IDs. There are several general guidelines you should follow when assigning network IDs
and host IDs:
=====================================================================
wininf2.html PAGE
11 2002/03/20
- The network ID cannot be 127. This ID is reserved for loopback and diagnostic functions.
- The network ID and host ID bits cannot all be “1”. If all bits are sent to 1, the address is
interpreted as a broadcast rather than a host ID.
- The network ID and host ID bits cannot all be “0”. If all bits are sent to 0, the address is
interpreted to mean “this network only.”
- The host ID must be unique to the local network ID. A unique network ID is required for each
network and wide area connection. If you are connecting to the public Internet, you are required
to obtain a network ID.
- All TCP/IP hosts, including interfaces to routers, require unique host IDs. The host ID of the
router is the IP address configured as a workstation’s default gateway.
- Each host on a TCP/IP
network requires a subnet mask, either a default subnet mask, which is used when a network is
not divided into subnets, or a custom subnet mask, which is used when a network is divided
into subnets. A subnet mask is a 32-bit address used to block or “mask” a portion of the IP
address to distinguish the network ID from the host ID.
Address Dotted Decimal
Class
Bits Used for Subnet Mask Notation
Class A 11111111 00000000 00000000 00000000 255.0.0.0
Class B 11111111 11111111 00000000 00000000 255.255.0.0
Class C 11111111 11111111 11111111 00000000 255.255.255.0
Lesson Summary:
- Each TCP/IP host is identified by a logical IP address, and a unique IP address is required for
each host and network component that communicates using TCP/IP.
- Each IP address defines the network ID and Host ID.
- An IP address is 32 bits long and is composed of four 8-bit fields called octets.
- There five address classes. Microsoft supports Class A, B and C. Each class supports
networks of different sizes.
=====================================================================
wininf2.html PAGE
12 2002/03/20
Lesson 3:
Microsoft TCP/IP Installation and Configuration
Installing TCP/IP
TCP/IP can be used in network environments ranging from small LANs to the global Internet.
When you run Windows 2000 Setup, TCP/IP is installed as the default network protocol if a
network adapter is detected. You can override the default protocol configuration in Network
and Dial-up Connections.
Configuring TCP/IP
If you are implementing TCP/IP for the first time on your network, you should construct a detailed
plan for IP addressing on your network. Your TCP/IP network addressing scheme can include
either public or private addresses. You usually use public IP address if you are on the Internet.
InterNIC assigns public addresses to Internet service providers (ISPs). ISPs in turn, assign IP
addresses to organizations when network connectivity is purchased. IP addresses assigned this
way are guaranteed to be unique and are programmed into Internet routers in order for traffic to
reach the destination host.
You can implement a private addressing scheme to shield your internal addresses from the rest
of the Internet by configuring private addresses on all the computers on your private network
(or intranet).
You can assign IP addresses in Windows 2000 dynamically using Dynamic Host Configuration
Protocol (DHCP), and you can address assignment using Automatic Private IP Addressing.
You can also configure TCP/IP manually. You configure TCP/IP on a computer based on its
function.
Dynamic Configuration
Windows 2000 computers will attempt to obtain the TCP/IP configuration from a DHCP server
on your network by default. If a static TCP/IP configuration is currently implemented on the
computer, you can implement a dynamic TCP/IP configuration.
=====================================================================
wininf2.html PAGE
13 2002/03/20
Automatic Private IP Address Assignment
Another TCP/IP address configuration option is to use Automatic Private IP Addressing when
DHCP is not available.
The Automatic Private IP addressing address is selected form the Microsoft-reserved address
block 169.254.0.0 with the subnet mask 255.255.0.0. When the Automatic Private IP
Addressing feature of Windows 2000 is used, an address in the Microsoft-reserved IP
addressing range from 169.254.0.1-169.254.255.254 is assigned to the client. The assigned
IP address is used until a DHCP server is located. The subnet mask 255.255.0.0 is automatically
used.
Testing TCP/IP with Ipconfig and
PING
You should always verify and test your TCP/IP configuration to make sure your computer can
connect to other TCP/IP hosts and networks. You can use the PING and Ipconfig utilities for
this.
Proper procedure to for Pinging:
(Shortcut,
then if all works for all the inbetween connections.
Regular Pinging
Procedure:
·
·
· Ping Local User
· Ping Gateway then remote Ping your IP name.
With Ipconfig, you verify the TCP/IP configuration parameters on a host, including the IP address,
ubnet mask and default gateway, from a command prompt. This is useful to check for duplicate
IP addresses.
TCP/IP configurations and diagnoses
connection failures.
messages to determine whether a particular TCP/IP host is available and functional. Like the
Ipconfig utility, the
=====================================================================
wininf2.html PAGE
14 2002/03/20
Configuring Packet Filters
You can use IP packet filtering to trigger security negotiations for a communication based on
the source, destination, and type of IP traffic. This allows you to define which specific IP and
IPX traffic triggers will be secured, blocked, or allowed to pass through unfiltered.
*** On Instructor 9, Proxy2, there is list of popular ports) ***
You can configure the TCP/IP protocol to filter IP packets based on:
· The TCP port number
· The UDP port number
· The IP protocol number
CAUTION: By enabling only TCP port 80, all network communications outside of port 80
will be disabled.
My Network Places/Right Click Properties/TCP/IP/Advanced/Options/Filtering (Not policy,
done machine by machine, so not very efficient).
Lesson Summary:
- By default, Windows 2000 installs the TCP/IP protocol if Setup detects a network adapter.
- You can set up TCP/IP manually if you want
- You can use the Ipconfig utility to check the network configuration
- You
can use the
Lesson 4:
Basic Concepts of IP Routing
Routing is the process of choosing a path over which to send packets, which is a primary function
of IP. A router (or gateway) is a device that forwards the packets from one physical network to
another. When a router receives a packet, the network adapter forwards the datagrams to the
IP Layer. IP examines the destination address on the datagram and then compares it to an IP
routing table.
Overview of Routing
A router helps LANs, and WANs achieve interoperability and connectivity, and can link LANs
that have different network topologies, such as Ethernet and Token Ring. Each packet sent over
a LAN has a packet header that contains source and destination address fields. Each time a
packet jumps from router to router it is called a hop. If a route is not found, an error message
is sent to the source host.
=====================================================================
wininf2.html PAGE
15 2002/03/20
A routing table contains entries with the IP addresses of router interfaces to other networks
that it can communicate with. A routing table is a series of entries, called routes, that contain
information on where the network IDs of the internetwork are located.
You can view a routing table type typing route print at the command prompt.
Static and Dynamic IP Routing
The process that routers use to obtain routing information is different based on whether the
router performs static or dynamic IP routing. Static routing is a function of IP that limits you to
fixed routing tables. Static routers require that routing tables are built and updated manually.
Using Dynamic Routing
If a route changes, static routers do not inform each other of the change, nor do static routers
exchange routes with dynamic routers.
Routing Protocols
Dynamic routing is a function of routing protocols, such as the Routing Information Protocol
(RIP) and Open Shortest Path First (OSPF). Routing protocols periodically exchange routes
to known networks among dynamic routers. Windows 2000 offers two primary Information
Protocols that you can choose, depending on factors such as network size and topology. RIP
and OSPF:
Routing Information Protocol (RIP)
Routing Information Protocol (RIP) is a distance-vector routing protocol provided for backwards-
compatibility with existing RIP networks. RIP allows a router to exchange routing information
with other RIP routers to make them aware of any change in the internetwork layout.
=====================================================================
wininf2.html PAGE
16 2002/03/20
Open Shortest Path First (OSPF)
OSPF is a link-state routing protocol that enables routers to exchange routing information and
create a map of the network that calculates the best possible path to each network.
To address this scaling problem, OSPF divides the internetwork into collections of contiguous
networks called areas. Areas are connected to each other through a backbone area. A
backbone router in OSPF is a router that is connected to the backbone area. Backbone
routers include routers that are connected to more than one area.
Each router only keeps a link state database for those areas that are connected to the router.
Area Border Routers (ABR) connect the backbone area to other areas. See page 49.
An OSPF-routed environment is best suited to a large-to-very large, multipath, dynamic IP
internetwork such as a corporate or institutional campus, or worldwide corporate or institutional
internetwork. To manage your internal and border routers:
Ensure that the ABRs for the area are configured with the proper pairs (Destination, Network
Mask) that summarize the area’s routes. Ensure that the source and route filtering configured
on the ABR is not too restrictive, preventing proper routes from being propagated to the OSPF
autonomous system.
Ensure that all ABRs are either physically connected to the backbone or logically connected to
the backbone by using a virtual link. There should not be backdoor routers, which are routers
that connect two areas without going through the backbone.
Click Browse The Active Directory, click Next, and in the Find Routers Or Remote Access
Servers, select the boxes next to the types of servers that you want to search for.
**** If the router is
down the entire network will go down.
Called a “single point of failure” ***
Lesson Summary:
- Routers forward packets from one physical network to another. The IP layer consults a routing
table that is stored in memory.
- Static routers require that routing tables are built and updated manually.