CHAPTER 9
NETWORK PROTOCOLS AND SERVICES
Lesson 1:
Network Protocols
Protocols are specifications for standardized packets of data that make it possible for networks
to share information. The packets of information are moved up and down the protocol stack and
across the transmission media.
Introduction to Network Protocols
A protocol is a set of rules and conventions or standards for sending information over a network.
In addition to TCP/IP, the primary network protocols that Windows 2000 supports include the
following:
NOTE: Systems Network Architecture (SNA) protocols are not included in Windows 2000.
SNA protocols are available through Microsoft SNA Server. SNA Server is a separate product
that supports interoperability with IBM midrange and mainframe computers.
Protocol Binding Order
Protocols can be added or deleted at will and selectively bound to all network interfaces that are
present in the server. Protocol binding order is determined by the order in which the protocols
were initially installed, although it can be changed at any time on a per-interface basis, allowing
a greater degree of control.
TCP/IP
The TCP/IP suite of protocols has been adopted by Microsoft as a strategic enterprise
transport protocol for Windows 2000.
======================================================================
winser9.html PAGE
2 2002/01/19
ATM
The Asynchronous Transfer Mode protocol is an advanced implementation of packet switching
that is ideal for voice, video and data communications. ATM is a high-speed networking
technology that transmits data in cells of fixed length.
Since the number of bytes and consequently the transit time, of a cell is constant, cells can be
switched at a constant interval.
An ATM endpoint establishes a connection or virtual circuit before sending any data on the
network. It then sends cells along this path toward the destination.
LAN Emulation
LAN emulation is a method by which protocols that understand only connectionless media
can communicate over ATM. It allows ATM to utilize both legacy networks and applications.
LANE consists of two primary components: The LAN client (Atmlane.sys) and the LANE
services. The LANE client is located in the %systemroot%\system32\drivers folder.
IP or ATM
IP over ATM is a group of services that is used for communicating over an ATM network
and which can be used as an alternative to LAN emulation.
In effect, IP or ATM is a small layer between the ATM protocol and the TCP/IP protocols.
The client emulated standard IP to the TCP/IP protocol at its top edge and uses native ATM
commands to the ATM protocol layers underneath.
ATM over xDSL
Digital subscriber line (xDSL) technology is a means by which plain old telephone service
(POTS) can be used to send digital data over a pair of copper wires to the central station
of a telephone company.
ATM over xDSL offers high-speed network access from the home and small office environment.
Many types of DSL, including asymmetric digital subscriber line (ADSL) and very high digital
subscriber line (VDSL), are being developed in these areas.
======================================================================
winser9.html PAGE
3 2002/01/19
ATM Access through Winsock 2.0 and Native ATM access
Applications that run TCP as their transport protocol can use Winsock 2.0 directly to gain
access to ATM-based networks.
NWLink
Connects NetWare clients and Microsoft clients back and forth each way.
To access files or printers on a NetWare server, the Client Service for NetWare (CSNW) in
Windows 2000 Professional or the Gateway Service for NetWare (GSNW) in Windows 2000
Server must be used.
GSNW acts as a redirector for a computer running Windows 2000 Server where it is installed
and as a gateway for other client computers.
NWLink is useful if there are NetWare client/server applications running that use Winsock or
Net BIOS over IPX/SPX protocols.
Setting Frame Types
The frame type defines the way in which the network adapter, in the computer is running
Windows 2000, formats data to be sent over a network. You will need Nwlink if you are
communicating between Novell and Microsoft Clients.
====================================================================
Topology Supported frame
type
====================================================================
Ethernet Ethernet II, 802.3, 802.2, and Sub Network Access
Protocol (SNAP), which defaults to 802.2.
Token Ring 802.5 and SNAP
Fiber Distributed 802.2 and 802.3
Data Interface (FDDI)
======================================================================
winser9.html PAGE
4 2002/01/19
On Ethernet networks, the standard frame type of NetWare 2.2 and NetWare 3.11 is 802.3.
Starting with NetWare 3.12, the default frame type was changed to 802.2.
You can choose to automatically or manually configure the frame type. However, the frame
type is automatically detected when NWLink is loaded. If multiple frame types are detected
in addition to the 802.2 frame type, NWLink defaults to the 802.2 frame type.
NetBEUI
NetBEUI is not
routable, because it does not have a
network layer.
NetBEUI provides compatibility with existing LANs that use the NetBEUI protocol.
NetBEUI provides computers running Windows 2000 with the following capabilities:
NOTE: A Windows 2000 network running Active Directory services cannot use NWLink or
NetBEUI as the primary protocol. Only TCP/IP is supported for access to Active Directory
services.
AppleTalk
AppleTalk protocol was developed to communicate with Macintosh computers.
Windows 2000 Server can communicate with a Macintosh computer to share files and printers.
AppleTalk also allows Windows 2000 to be a router and a dial-up server.
For the Windows 2000 Server to link to the Macintosh, the 2000 Server must be configured
with Windows 2000 Services for Macintosh, and must be available on the network.
======================================================================
winser9.html PAGE
5 2002/01/19
DLC
Developed for IBM mainframe communications. The usefulness of DLC is limited because it
doesn’t directly interface with the Transport Driver Interface Layer.
Clients sending print jobs to a network print device through a Windows 2000 print server do not
need the DLC protocol installed.
Only the print server communicating directly with the print device required the DLC protocol to the
installed. Then the printer server port will be available for configuration.
IrDA
They are a group of short-range, high-speed, bi-directional wireless infrared protocols. IrDA allows
a variety of devices to communicate with each other, such as cameras, printers, portable computers,
desktop computers and personal digital assistants PDAs.
The IrDA protocol stack is accessed by using NDIS connectionless drivers.
Lesson Summary:
======================================================================
winser9.html PAGE
6 2002/01/19
Lesson 2:
Transmission Control Protocol/Internet Protocol
TCP/IP is an industry-standard suite of protocols that enables enterprise networking and connectivity
on Windows 2000-based computers. It will offer the following advantages:
The TCP/IP suite of protocols provides a set of standards for how computers communicate and how
networks are interconnected. The TCP/IP suite of protocols maps to a four-layer conceptual model:
ATIN Network interface, Internet, Transport and Application.
Network Interface Layer
At the base of the model is the network interface layer. This layer puts frames on the wire and pulls
frames off the wire.
Internet Layer
Internet-layer protocol encapsulates packets Internet datagrams and run all the necessary routing
algorithms.
=====================================================================
Protocol Description
=====================================================================
IP Provides connectionless packet delivery for all other protocols in the
Suite. Does
not guarantee packet arrival.
ARP Provides IP address mapping to the MAC sublayer address to
Acquire the physical MAC control address of the destination.
IP broadcasts a special ARP inquiry packet containing the IP
address of the destination system. The system that owns the IP
replies by sending its physical address to the requester. The
MAC sublayer communicates directly with the adapter card and is
responsible for delivering error-free data between two computers
on a network.
======================================================================
winser9.html PAGE
7 2002/01/19
ICMP Provides special communication between hosts, allowing them to
share status and error information. Higher-level protocols use this
information to recover from transmission problems. Network
Administrators use this information to detect network trouble. The
ping utility uses ICMP packets to determine whether a particular
IP device on a network is functional.
IGMP Provides multicasting, which is a limited form of broadcasting, to
Communicate and manage information between all member devices
in a multicast group. IGMP informs neighboring multicast routers of
the host group memberships present on a particular network.
Windows 2000 supports multicast capabilities, such as Windows
2000 Server NetShow Services, that allow developers to create
multicast programs.
====================================================================
Transport layer
The Transport Layer protocols provide communication sessions between computers. The desired
method of data delivery determines the transport protocol. The two transport layer protocols are
Transmission Control Protocol (TCP) and UDP User Datagram Protocol.
====================================================================
Protocol Description
====================================================================
TCP Provides connection-oriented communications for applications
that typically transfer large amounts of data at one time or that
require an acknowledgement for data received. TCP guarantees
the delivery of packets, ensures proper sequencing of data, and
provides a checksum feature that validates both the packet
header and its data for accuracy.
UDP Provides connectionless communications and does not guarantee
that packets will be delivered. Applications that use UDP
typically transfer small amounts of data at one time. Reliable
delivery is the responsibility of the application.
====================================================================
Application Layer
At the top of the model is the application layer, in which applications gain access to the network.
There are many standard TCP/IP utilities and services in the application layer, such as FTP, Telnet,
Simple network Management Protocol (SNMP), DNS and so on.
======================================================================
winser9.html PAGE
8 2002/01/19
TCP/IP provides two interfaces for network applications to use the services of the TCP/IP protocol
stack: Winsock and the NetBIOS over TCP/IP (NetBT) interface.
=====================================================================
Interface Description
=====================================================================
Winsock Serves as the standard interface between socket-based applications
And TCP/IP protocols.
NetBT Serves as the standard interface for NetBIOS services, including
name, datagram, and session services. It also provides a standard
interface between NetBIOS-based applications and TCP/IP
protocols.
=====================================================================
Configuring TCP/IP to Use a Static IP Address
By default client computers running Microsoft Windows 2000, Windows NT, Windows 95 or
Windows 98 obtain the TCP/IP configuration information automatically from the Dynamic Host
Configuration Protocol (DHCP) Service. However, if the DHCP is enabled, you should assign a
static IP address.
Configuring Static TCP/IP addresses:
=====================================================================
Option Description
=====================================================================
IP Address A logical 32-bit address that identifies a
TCP/IP host. Each
network adapter card in
a computer running TCP/IP requires
a unique IP address,
such as 192.168.0.108.
Subnet Mask A
network in a multiple-network environment that uses IP
addresses derived from a
single network ID.
Default The intermediate device on a local network that stores
network
Gateway IDs
of other networks in the enterprise or on the Internet.
TCP/IP sends packets for
remote networks to the default gateway
(if no other route is
configured), which forwards the packets to
other gateways until the
packet is delivered to a gateway
connected to the
specified destination.
======================================================================
winser9.html PAGE
2 2002/01/19
You can
open the Internet Protocol (TCP/IP) Properties by going into My Network Places
Properties/
Local
Area Connection/Properites/TCP/IP Properties.
CAUTION
IP configuration can fail it you duplicate IP addresses exist on a network. Therefore, you
should
always check with the network administrator to obtain a valid static IP
address.
Configuring TCP/IP to Obtain an IP Address Automatically
If a server running the DHCP Service is available on the network, it can automatically assign TCP/IP
configuration information to the DHCP client. You can then configure any clients running MS-DOS,
Windows 3.x, Windows for Workgroups, Windows 98, Windows 95, Windows NT or Windows
2000 to obtain TCP/IP configuration information automatically from the DHCP Service.
You can configure the DHCP client by opening the properties for TCP/IP, and obtain an IP address
Automatically (DHCP).
Using Automatic Private IP Addressing
The Windows 2000 implementation of TCP/IP supports a new mechanism for automatic address
assignment of IP addresses for simple LAN-based network configurations. This addressing
mechanism is an extension of dynamic IP address assignment for LAN adapters, enabling
configuration of IP addresses without using static IP address assignment or installing the DHCP
Service.
Use the following steps to outline how APIPA assigns an IP
address:
obtain a dynamically assigned IP address.
maintenance or repairs), the client cannot obtain an IP address.
identifier) and a subnet mask of 255.255.0.0..
======================================================================
winser9.html PAGE
10 2002/01/19
NOTE: The Internet Assigned Numbers Authority (IANA) has reserved
169.254.0.0 – 169.254.255.255 for Automatic Private IP Addressing. As a result, APIPA
provides an address that is guaranteed not to conflict with routable addresses.
After the computer generates the address, it broadcasts to this address and then assigns the
address to itself if no other computer responds. The computer continues to use this address
until it detects and receives configuration information from a DHCP server. This allows two
computers to be plugged into a LAN hub, to restart without any IP address configuration, and
to use TCP/IP for local network access.
NOTE: Windows 98 also supports APIPA
Disabling Automatic Private IP Addressing
By default, the Automatic Private IP Addressing feature is enabled. You can disable it by adding
the IPAutoconfigurationEnabled value to the HKEY_LOCAL_MACHINE\SYSTEM\Current
ControlSet\Services\Tcpip\Parameters\Interface\Adapter_GUID.
Troubleshooting TCP/IP
Windows 2000 offers
several utilities to assist you in troubleshooting TCP/IP.
=======================================================================
Option Description
=======================================================================
Ping Verifies
configuration and tests connections
Arp Displays
locally resolved IP addresses as physical addresses
Ipconfig Displays
the current TCP/IP configuration
Nbtstat Displays statistics and connections
using NetBIOS over TCP/IP
Netstat Displays TCP/IP protocol statistics
and connections
Route Displays
or modifies the local routing table
Hostname Prints
the name of the host on which the command is issued
Tracert Checks the route to a remote system.
======================================================================
winser9.html PAGE
11 2002/01/19
Testing TCP/IP Connectivity
Windows 2000 also provides a number of common TCP/IP utilities. These tools are described
in the following table.
=====================================================================
Option Description
=====================================================================
FTP Bidirectional file transfer between computer running
Windows 2000 and any TCP/IP host
Trivial File Transfer Bidirectional file transfer between a computer running
Protocol (TFTP) Windows 2000 and a TCP/IP host running TFTP.
Telnet Provides terminal emulation to a TCP/IP host running
Telnet. Windows 2000 Server ships with a Telnet client.
Remote Copy Copies files between a client and a host that support
RCP Protocol (RCP) Possibly UNIX.
Remote Shell Runs commands on a UNIX host.
(RSH)
Remote execution Runs a process on a remote computer.
(REXEC)
Finger Retrieves system information from a remote computer
that supports TCP/IP and the finger utility.
====================================================================
After configuring TCP/IP and restarting the computer, you should use the ipconfig and ping
command-prompt utilities to test the configuration and connections to other TCP/IP hosts and
networks. Such testing helps to verify that TCP/IP is functioning properly.
Using Ipconfig
You can user the ipconfig to verify the TCP/IP configuration parameters on a host. This helps to
determine whether the configuration is initialized or whether a duplicate IP address exists. Use the
ipconfig command with the /all switch to verify all configuration information.
======================================================================
winser9.html PAGE
12 2002/01/19
TIP Type ipconfig/all|more to prevent the ipconfig output from scrolling off the screen; to scroll
down and view additional output, press the Spacebar. Type ipconfig/all>ipconfig.txt to write the
screen output to a file named ipconfig.txt. You can then view this file with an ASCII text editor
such as Notepad.
Executing the ipconfig/all command provides the following results:
·
If
a configuration has initialized, the ipconfig utility
displays the IP address and subnet mask,
·
and,
if it is assigned, the default gateway.
·
If
a duplicate IP address exists, the ipconfig utility
indicates that the IP address is configured;
·
however,
the subnet mask is 0.0.0.0.
·
If
the computer is unable to obtain an IP address from a server running the DHCP
Service on
·
the
network, the ipconfig utility displays the IP address
provided by APIPA.
Using
After you have verified the TCP/IP configuration, use the ping utility to test connectivity. The ping utility
is a diagnostic tool you can use to test TCP/IP configurations and diagnose connection failures. Use the
ping utility to determine whether a particular TCP/IP host is available and functional. To test connectivity,
use the ping command with the following syntax:
Using Ipconfig and Ping
You can use both to verify a computers connection and to test router connections:
correctly installed and bound to your network adapter card.
is not a duplicate of another IP address on the network.
gateway is operational and that the computer can communicate with the local network.
communicate through a router.
======================================================================
winser9.html PAGE
13 2002/01/19
NOTE: If you ping the remote host and the ping command is successful, steps 1-4 are successful by
default. If the ping command is not successful, ping the IP address of another remote host before
completing the entire diagnostic process because the current host might be turned off.
Lesson Summary:
Microsoft’s implementation of TCP/IP enables networking
and connectivity
application.
from DHCP, although some computers require a static IP address.
installing the DHCP Service.
service utilities.
Lesson 3:
Dynamic Host Configuration Protocol Service
The DHCP Service in Windows 2000 centralizes and manages the allocation of TCP/IP configuration
information by assigning IP addresses and other TCP/IP information automatically to computers that
are setup as DHCP clients.
This reduces problems with TCP/IP confict addresses, which can happen if they are manually setup.
Introduction to DHCP
DHCP is a TCP/IP standard for simplifying the management of IP configuration. DHCP is an extension
of the Bootstrap Protocol (BOOTP), which is based on the User Datagram Protocol/Internet Protocol
(UDP/IP). BOOTP enables a booting host to configure itself dynamically.
Each time the DHCP client starts it request IP addressing information form the DHCP server:
======================================================================
winser9.html PAGE
14 2002/01/19
When a DHCP server receives a request for an IP address, it selects IP addressing information from a
pool of addresses defined in its database and offers the IP addressing information to the DHCP client.
Manual versus automatic TCP/IP Configuration
To understand why the DHCP Service is beneficial for configuring TCP/IP on clients, contrast the manual
method of configuring TCP/IP with the automatic method using DHCP:
========================================================================
Configuring TCP/IP
manually Configuring
TCP/IP using DHCP
======================================================================
User picks random IP address, The DCHP service provides all the
therefore using an incorrect necessary information.
address can lead to network
problems.
If there are typing errors in Valid IP address ensure correct
any of the information such configuration.
as subnet mask or default
gateway, the connection
will not be made.
There is administrative O/H If a server is running DHCP on each
if you are moving computers subnet eliminates the overhead
from one subnet to another, you with the manual configuration.
must change the IP address and
the gateway for the user to
communicate.
=======================================================================
The DHCP Lease Process
The allocation of IP addresses from the DHCP is called a DHCP lease. The lease process occurs when
one of the following events occurs:
dropped the lease.
one. A DHCP lease can be manually released by typing ipconfig/release at a command prompt.
======================================================================
winser9.html PAGE
15 2002/01/19
DHCP uses a four-phase process to lease IP addressing : DHCPDISCOVER, DHCPOFFER,
DHCPREQUEST, and DHCPACK.
DHCPDISCOVER
The first step in the lease process is the DHCPDISCOVER. To begin the DHCP lease process, a
client initialized a limited version of TCP/IP and broadcasts a DHCPDISCOVER message requesting
the location of a DHCP server and IP addressing information. Since the client does not know the
DHCP address the client uses 0.0.0.0 as the source address and 255.255.255.255 as the destination
address. The DHCP DISCOVER message contains the client’s hardware address and computer
name so that the DHCP servers can determine which client sent the request.
DHCPOFFER
This is the second step. All DHCP servers that receive the IP lease request and have a valid client
configuration broadcast a DHCPOFFER message that includes the following information:
·
The
client’s hardware address
·
An
offered IP address
·
A
subnet mask
·
The
length of the lease
·
A
server identifier (the IP address of the offering DHCP server)
DHCP
server sends a broadcast message because the client does not yet have an IP
address. The
DHCP
client selects the IP address from the first offer that it receives. Then
the address is
reserved, so that it
cannot be given to another client.
DCHPREQUEST
The client broadcasts a DHCPREQUEST message to all DHCP servers, indicating that it has
accepted an offer. The DHCPREQUEST message includes the server identifier (IP address) of
the server whose offer is accepted. All other DHCP servers then retract their offers and retain
their IP addresses for the next IP request.
======================================================================
winser9.html PAGE
16 2002/01/19
DHCPACK
The final step in a successful DHCP lease process occurs when the DHCP server issuing the
accepted offer broadcasts a successful acknowledgement to the client in the form of a DHCPACK
message.
When the DHCP client receives the acknowledgement, TCP/IP is completely initialized and the client
is considered a bound DHCP client. Once bound, the client can use TCP/IP to communicate on the
network.
DHCPNACK
(negative)
If the DHCPREQUEST is not successful, the DHCP server broadcasts a negative acknowledgement
(DHCPNACK). A DHCP server broadcasts a DHCPNACK if one of the following happens:
The client is trying to lease its previous IP address, and the IP address is no longer available.
The IP address is invalid because the client computer has been moved to a different subnet.
If the client receives a DHCPNACK, or negative response, it will resume the DHCP lease process.
NOTE: If a computer has multiple network adapters bound to TCP/IP, the DHCP process occurs
separately over each adapter. The DHCP Service assigns a unique and valid IP address to each
adapter in the computer bound to TCP/IP.
IP Lease Renewal and Release
All DHCP clients attempt to renew their lease when 50% of the lease time has expired. The DHCP
client sends a DHCPREQUEST message directly to the DHCP server to renew the lease. If the
DHCP is available it renews and sends the client a DHCPACK message with the new lease time and
updated information.
NOTE: Each time a DHCP client restarts, it attempts to lease the same IP address from the original
DHCP server. If the lease request is unsuccessful and lease time is still available, the DHCP client
continues to use the same IP address until the next attempt to renew the lease.
======================================================================
winser9.html PAGE
17 2002/01/19
If the DHCP client cannot reach the original DHCP server at the 50% interval it looks for another
server when 87.5% of the lease time has expired.
If the lease expires or a DHCPNACK message is received, the DHCP client must immediately
discontinue using the IP address. The DHCP client then begins the DHCP lease process to lease
a new IP address.
Using Ipconfig and Renew to Lease
You use the ipconfig with the /renew to send a DHCPREQUEST message to the DHCP server to
update the lease. If the DHCP is unavailable, the client continues searching.
Using Ipconfig to Release a Lease
You can use the ipconfig command with the /release switch to cause a DHCP client to send a
DHCPRELEASE message to the DHCP server and to release its lease. This is useful if you are
moving a client on the network.
Microsoft DHCP clients do not initiate DHCPRELEASE messages when shutting down. If a client
remains shut down for the length of its lease (and the lease is not renewed), the DHCP server might
assign that client’s IP address to a different client after the lease expires. A client has a better change
or receiving the same IP address during initialization if it does not send a DHCPRELEASE message.
Installing and Configuring the DHCP Service
To implement DHCP, you must install and configure the DHCP Service on at least one computer
running Windows 200 Server within the TCP/IP network.
Requirements for a Server Running the DHCP Service
======================================================================
winser9.html PAGE
18 2002/01/19
Requirements for DHCP Clients
A DHCP client requires a computer that is DHCP-enabled and running any of the following
supported operating systems:
TCP/IP driver.
not supported.)
Installing the DHCP Service
Initially you should specify a static IP address, subnet mask and default gateway address for the
network adapter bound to the TCP/IP in the computer that is the DHCP server.
Use Add/Remove Programs utility in Control Panel.
The DHCP Snap-in
Provides access to detailed information about DHCP scopes and options. You can view, create
and modify client reservations if required. You can access the DHCP snap-in in the mmc.
Creating a DHCP Scope
The scope is a pool of valid IP addresses available for lease to DHCP clients:
assign
======================================================================
winser9.html PAGE
19 2002/01/19
** See the chart
488****
NOTE: You must delete and re-create a scope to specify a new subnet mask or range of IP
addresses.
Configuring a DHCP Scope
Once you have created the DHCP scope, you can configure options for DHCP clients. There are
three levels of scope options: server, scope, and client.
Server Options
Available to all DHCP Clients. Use this when all clients on all subnets require the same configuration
information. To configure server options, select Server Options and then select Configure Options
from the Action menu.
Scope Options
Scope Options are available only to clients who lease and address from the specific scope. For
example, if you have a different scope for each subnet, you can define a unique default gateway
address for each subnet.
Client Options
Client options are available to specific clients with reserved DHCP address leases. Client
options are always used before scope or server options.
Configuring DHCP
Options
====================================================================
Options Description
====================================================================
003 Router The IP address of a router, such as the default gateway
address.
006 DNS The IP address of a DNS server.
Server
015 DNS The
DNS domain name for client resolutions.
Domain
Name
======================================================================
winser9.html PAGE
20 2002/01/19
044 WINS/NBNS The
IP address of WINS/NBNS server available
Server to clients.
066 WINS/NBT Node The
input/output, NetBIOS or TCP/IP used by
Type the
client. Options are 1 = B-node
(broadcast),
2
= P-node (peer), 4 = M-node (mixed), and
8
= H-node (hybrid).
047 NetBIOS Scope ID The
local NetBIOS over TCP/IP scope ID.
NetBIOS
over TCP/IP communicate only with other
NetBIOS
hosts that are using the same scope ID.
Configuring a Client Reservation
For some DHCP clients, it is important that the same IP address be reassigned when their lease
expires. For example, client computers that run TCP/IP server services might rely on a static IP
address configuration to be identified by other clients on the network.
Clients using static host name resolution might also require that critical servers maintain their IP
address configuration. For example, if a server with a host name of SRV187 is on a network
containing clients that accomplish name resolution using a static HOSTS or LMHOSTS file,
SRV187 should be set up with a client reservation. Setting up the reservation ensures that
SRV187 always leases the same IP address from the DHCP server.
Authorizing the DHCP Server
The DHCP server must be authorized in Active Directory services before it can assign IP
addresses. Authorization is a security precaution that ensures that only authorized DHCP servers
run on your network. To authorize a DHCP server, select the domain from the DHCP snap-in tree
and then select Authorize from the Action menu.
======================================================================
winser9.html PAGE
21 2002/01/19
Backing Up and Restoring the DHCP Database
You can edit the registry to specify the interval at which Windows 2000 backs up the DHCP database.
In addition, you can manually restore the DHCP database by editing the registry.
Backup the DHCP Database
By default, Windows 2000 backs up the DHCP database every 60 minutes.
Windows 2000 stores the backup copies of the file in the %system%\System32\Dhcp\Backup\
Jet\new folder.
You can change the default by changing the value.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\ Parameters
Restoring the DHCP Database:
By default, the DHCP service restores a corrupt DHCP database automatically when you restart the
DHCP service. You can also manually restore the DHCP database file.
NOTE: After the DHCP service successfully restores the database, the server automatically changes
the RestoreFlag parameter to the default value of 0.
This table describes some of the files stored in %systemroot%\System32\dhcp directory:
=====================================================================
File Description
=====================================================================
Dhcp.mdb The DHCP database file.
Tmp.edb A Temporary file the DHCP Service creates for temporary
Database information while the DHCP service is running.
J50.lob and J50*.log Log Files, including all transactions done wit the database.
The DHCP Service uses these files to recover data if
Necessary.
======================================================================
winser9.html PAGE
22 2002/01/19
NOTE: Do not tamper with or remove these files
Lesson Summary:
information by assigning IP addresses automatically to computers configured as DHCP clients.
database. In addition you can manually restore the DHCP database by editing the registry.
Lesson 4:
Windows Internet Naming Service
In a mixed network environment, down-level clients, such as computers running Windows 98 or
Windows NT 4.0 use Network Basic Input/Output System (NetBIOS) names to communicate.
As a result, a Microsoft Windows 2000 network with down-level clients requires a means of
resolving NetBIOS names to IP addresses. WINS
is an enhanced NetBIOS name server
that registers NetBIOS computer names and resolves them to IP addresses. WINS also
provides a dynamic database that maintains mapping of computer names to IP addresses.
A way to resolve a NetBIOS name is to broadcast, but broadcasts
are not routable, to avoid this use a WINS Server.
The WINS Name Resolution Process
The WINS name resolution process allows WINS clients to register their name and IP address with
WINS servers. WINS clients can query the WINS servers to locate and communicate with other
resources on the network.
======================================================================
winser9.html PAGE
23 2002/01/19
The following steps outline the WINS name resolution process:
Every time a WINS client starts, it registers it NetBIOS name/IP address mapping with a
designated WINS server. It then queries the WINS server for computer name resolution.
NOTE: A WINS client automatically updates the WINS database whenever its IP addressing
information changes, for example, when dynamic addressing through the DHCP Service results
in a new IP address for a computer that moved from one subnet to another.
When a WINS client initiates a NetBIOS command to communicate with another network
resource, it sends the name query request directly to the WINS server instead of broadcasting
the request on the local network.
The WINS server finds a NetBIOS name IP address mapping for the destination resource in this
database, and it returns the IP address to the WINS client.
WINS helps resolve name resolution from different subnets. Better to have one WINS, therefore
only a single database. But, it you want to have redundancy you should have multiple WINS.
DO NOT put 1 WINS/Subnet.
Enable the WIN proxy in the Registry. Verify these points:
Name Registration
Each WINS client is configured with the IP address of a primary WINS server and optionally, a
secondary WINS server.
If the WINS server is available and another WINS client has not registered the name already, the
WINS server returns a successful registration message to the client. This message includes the
amount of time that the NetBIOS name is registered to the client, specified as the Time to Live
(TTL). In addition, the WINS server stores the client’s NetBIOS name/IP address mapping in
its database.
======================================================================
winser9.html PAGE
24 2002/01/19
When a Name is Already Registered
When a name is already registered in the WINS database, the WINS server sends a name
query request to the currently registered owner of the name. The WINS server sends the
request three times at 500-millisecond intervals. If the registered computer is a multihomed
ies each IP address it has for the computer until it receives a response or until it has tried all
the IP addresses.
When a WINS Server is Unavailable
A WINS client makes three attempts to find the primary WINS server. After the third attempt,
it sends the name registration request to the secondary WINS server. If neither is available, the
client generates three B-node broadcasts on the local network. If the NetBIOS name is found
on the local network, the name is resolved to an IP address.
Name Renewal
A WINS server registers all NetBIOS names on a temporary basis so that other computers can
use the same name later if the original owner stops using it. Since client name registration with a
WINS server are temporary, a WINS client must renew its name or the lease will expire.
A WINS client first attempts to renew when 1/8th of the TTL interval has expired.
When ½ of TTL has expired, the WINS client attempts to refresh its lease with a secondary
WINS server, if one is configured.
When a WINS server receives the name refresh request, it sends the client a name refresh
response with a new TTL. After a client successfully refreshes its lease once, it attempts to
refresh its lease when half the TTL interval has expired.
Name Release
When a WINS client’s name is no longer in use, the client sends a message to the WINS server to
release the name. When you shut down a WINS client properly, the client sends a name release
request directly to the WINS server for each registered name. The name release response
contains the released NetBIOS
name and a TTL value of 0.
======================================================================
winser9.html PAGE
25 2002/01/19
Name Query
After a WINS client has registered its NetBIOS name and IP address with a WINS server, it
can communicate with other hosts by obtaining the IP address of other NetBIOS-based
computers from the WINS server.
By default, a WINS client attempts to resolve another host’s NetBIOS name to an IP address
in the following manner:
destination computer.
primary WINS server.
switching to the secondary WINS server.
with the IP address for the requested NetBIOS name.
name does not
exist and initiates a network broadcast.
NOTE: All WINS communications use directed datagrams over UDP port 137 (NetBIOS Name
Service).
Implementing WINS
You must install and configure WINS on a computer running Windows 2000 Server.
WINS Server Configuration
The server with WINS does not have to be a domain controller. Also, the server must be
configured with WINS and assigned a static IP address, subnet mask and default gateway.
WHY to avoid broadcasts.
The WINS server can also include the following configurations:
on a remote network.
======================================================================
winser9.html PAGE
26 2002/01/19
WINS Client Configuration
A WINS client must be running one of the following operating Systems:
TCP/IP driver.
OS/2 is not supported).
A WINS client also requires the IP address of a primary WINS server and optionally, the IP
address of a secondary WINS server.
WINS Installation *** IMPORTANT ***
Windows 2000 does not install WINS by default. You must add the service in the control panel,
under Add/Remove Programs Utility.
Next, once installed, you must configure the TCP/IP properties. You do this on the WINS
tab of the Advanced TCP/IP settings.
The WINS Snap-In
The WINS snap-in provides access to detailed information about the WINS servers on a
network. The snap-in also allows you to view the contents of the WINS database and search for
specific entries.
Support for Non-WINS Clients
On a network that includes non-WINS clients, you can configure a static NetBIOS name/IP
address mapping for each non-WINS client.
NOTE: If you have DHCP clients that require a static mapping, you must reserve an IP address
for the DHCP client so that an IP address is always the same.
======================================================================
winser9.html PAGE
27 2002/01/19
There are 5 types of static mappings:
=======================================================================
Option Description
=======================================================================
Unique A unique name that maps to a single IP address.
Group A name that maps to a group. When adding an entry to a group
By using the WINS snap-in, enter the computer name and IP
Address.
Domain A NetBIOS name/IP address mapping with 0x1C as the 16th
Name Byte.
Internet User-defined groups that you use to group resources, such as
Group printers, for reference and browsing. An Internet group can
Store up to 25 addresses fore members.
Multihomed A unique name that can have more than one address. Use this
for computers that have multiple NIC cards.
=======================================================================
NOTE: The WINS snap-in adds a static mapping to the WINS database when you click
OK. If you enter incorrect information for a static mapping, you must delete that mapping
and then create a new one.
Configuring a WINS Proxy Agent
A WINS proxy agent extends the name resolution capabilities of the WINS server to non-
WINS clients by listening for broadcast name registrations and broadcast resolution requests
and then forwarding them to a WINS server.
request,the WINS proxy agent forwards the request to the WINS server to verify that no
other WINS client has registered that name. The NetBIOS name does not get registered,
only verified.
broadcast, it checks its NetBIOS name cache and attempts to resolve the name. The
WINS server sends the WINS proxy agent the IP address for the requested NetBIOS
name. The WINS proxy agent returns this information to the non-WINS client.
======================================================================
winser9.html PAGE
28 2002/01/19
DHCP Server Configuration
If a computer is a DHCP client, you can configure WINS support by using the DHCP snap-in.
The snap-in allows you to add and configure the DHCP scope option 044 WINS/NBNS Servers
and configure the address of primary and secondary servers.
When the DHCP client leases or renews and address lease, it receives this DHCP scope option,
and the client is configured for WINS support.
NOTE: If you configure a client computer with IP addresses for a primary and secondary WINS
server, those values take precedence over the same parameters provided by a DHCP server.
Lesson Summary:
must renew its name or the lease will expire.
refresh response with a new TTL.
specified name. If the WINS server finds the correct NetBIOS name/IP address mapping
in its database, it sends a positive name release, and then the server designates the specified
name as released in its database.
network and allows you to view the contents of the WINs database and search for specific entries.
Lesson 5: Domain Name System
DNS is a distributed database used in TCP/IP networks to translate computer names (host names)
to IP addresses.
DNS is most commonly associated with the Internet. However, private networks use DNS
extensively to resolve computer host names and to locate computers within their local networks
and the Internet.
DNS name resolution is different than the name resolution provided by WINS. WINS resolves
NetBIOS names to IP addresses, while DNS resolves IP host names to IP addresses.
======================================================================
winser9.html PAGE
29 2002/01/19
change, but the server name remains the same.
convention as the Internet.
Domain Namespace
Domain namespace is the naming scheme that provides the hierarchical structure for the DNS
database. Each node represents a partition of the DNS database. These nodes are referred to
as domains.
Each domain must have a name, and as you add domains, the parents name is appended to its
child domain.
*** See the chart
page 515 ***
NOTE: The term domain, in the context of DNS, has a slightly different meaning than it does
when used in the Microsoft Windows 2000 directory services. A Windows 2000 domain is a
grouping of computers and devices that are administered as a unit. In DNS, a domain is a node that
represents a partition in the DNS database.
Root Domain
The Root domain is at the top and is represented as a period. The Internet root domain is managed
by several organizations, including Network Solutions, Inc.
Top-Level Domains
Top-level domains are two-character or three-character name codes. Top-level domains are
categorized by organization type or geographic location. The following table provides some
examples of top-level domain names.
====================================================================
Top-level domain Description
====================================================================
gov Government organizations
com Commercial organizations
edu Educational institutions
org Noncommercial organizations
au Country
code of
======================================================================
winser9.html PAGE
30 2002/01/19
Top-level domains can contain second-level domains and host names.
Second-Level Domains
Organizations such as Network Solutions, Inc. assign and register second-level domains to
individuals and organizations for the Internet. A Second-level domain can contain both hosts
and subdomains. For example, Microsoft.com and contains computers such as ftp.microsoft.com
and subdomains such as dev.Microsoft.com. The subdomain dev.Microsoft.com can contain hosts
such as printerserver1.dev.Microsoft.com.
Host Names
Host names refer to specific computer on the Internet or a private network. A host name is the
leftmost portion of a fully qualified domain name (FQDN), which describes the exact position
of a host within the domain hierarchy.
Computer1.sales.Microsoft.com. (including the end period, which represents the root domain)
is an FQDN.
DNS uses a host’s FQDN to resolve a name to an IP address.
NOTE: The host name does not have to be the same as the computer name. By default,
TCP/IP Setup uses the computer name for the host name, replacing illegal characters, such as the
underscore (_), with a hyphen (-). For accepted domain naming conventions, see RFC 1035.
Domain Naming Guidelines
and no more than 5.
The total length of the FQDN cannot exceed 255 characters. Case-sensitive naming
is not supported.
======================================================================
winser9.html PAGE
31 2002/01/19
Zones
A zone represents a discrete portion of the domain namespace. Zones provide a way to partition the
domain namespace into manageable sections.
You can have multiple zones, to split up administrative duties.
** See page 518 **
A zone must encompass a contiguous domain namespace.
The name-to-IP-address mappings for a zone are stored in the zone database file. Each zone is
anchored to a specific domain, referred to as the zone’s root domain.
Name Servers
A DNS name server stores the zone database file. Name servers can store data for one zone or
multiple zones. A name server is said to have authority for the domain namespace that the zone
encompasses.
There must be at least one name server for a zone. There is a primary name server which has
the
master zone database
file.
Any other name servers associated with the zone act as a backup to the name server containing the
primary zone database file. These name servers contain a secondary zone database file.
Multiple name servers provide several advantages:
database file.
fails, the additional name servers can provide service.
locations, use additional name servers to reduce query traffic across slow WAN links.
containing the Primary zone database file.
======================================================================
winser9.html PAGE
32 2002/01/19
Overview of the Name Resolution Process
Name resolution is the process of resolving names to IP addresses. Name resolution is similar to
looking up a name in a telephone book, where the name is associated with a telephone number.
For example, when you connect to the Microsoft Web site, you use the name www.microsoft.com.
DNS resolves www.microsoft.com to its associated IP address. The mapping of names to IP
addresses is stored in the DNS distributed database.
Forward Lookup Query
The DNS Service uses a client/server model for name resolution. To resolve a forward lookup query,
a client passes a query to a local name server. The local name server either resolves the query or
queries another name server for resolution.
mapping for the client query. Because the local name server does not have authority for the
of the host name. The root name server sends back a referral to the com name servers.
Name Server Caching
When a name server is processing a query, it might be required to send out several queries to find the
answer. When a name server receives a query result, the following actions take place:
======================================================================
winser9.html PAGE
33 2002/01/19
The name server caches the query result for the TTL time. The default time is 60 minutes.
Once the name server caches the query result, TTL starts counting down from its original value.
When TTL expires, the name server deletes the query result from its cache.
Caching query results enable the name server to quickly resolve other queries to the same portion
of the domain namespace.
NOTE: Use shorter TTL values to help ensure that data about the domain namespace is more
current across the network. Although shorter TTL values increase the load on name servers and
longer TTL values decrease the time required to resolve information, the client will not receive the
updated information until the TTL expires and a new query to that portion of the domain
namespace is resolved.
Reverse Lookup Query
A reverse lookup query maps an IP address to a name. Troubleshooting tools, such as the
nslookup command-line utility, use reverse lookup queries to report back host names.
Because the DNS distributed database is indexed by name and not by IP address, a reverse
lookup query would require an exhaustive search for every domain name. To resolve this
problem, a special second-level domain called in-addr.arpa was created.
The in-addr.arpa domain follows the same hierarchical naming scheme as the rest of the
domain namespace; however, it is based on IP addresses, not domain names, using the
following guidelines:
addresses.
assigned IP addresses and subnet mask.
Installing the DNS Service
To implement DNS, you must configure the server and then install the DNS service. The DNS
server must be configured with a static IP address. Also, configure the TCP/IP properties for
the DNS server.
======================================================================
winser9.html PAGE
34 2002/01/19
The DNS installation process does the following:
Configuring the DNS Service
Once the DNS service is installed, you are ready to configure and manage the service.
The DNS Snap-in
The DNS snap-in allows you to configure forward lookup zones and reverse lookup zones,
add resource records to the zone database file, and configure the DNS service for Dynamic
DNS (DDNS), which enable automatic updates to your zone files by other servers or services.
You can access the DNS snap-in as a stand-alone MMC console or through the Computer
Management snap-in under Services and Applications.
The DNS snap-in can be installed by running Adminpak.msi or by installing the DNS service.
Creating Forward Lookup Zones
A forward lookup zone enables forward lookup queries. On name servers, you must configure
at least one forward lookup zone for the DNS Service to work.
Zone Type
There are three types of zones that you can configure:
This option provides secure updates and integrated storage.
standard text file. You administer and maintain a primary zone on the computer at which you
create the zone. This option facilitates the exchange of DNS data with other DNS servers that
use text-based methods.
are stored in standard text files.
======================================================================
winser9.html PAGE
35 2002/01/19
Zone Name
Typically, a zone is named after the highest domain in the hierarchy that the zone encompasses,
that is the root domain for the zone.
Zone File
The zone file refers to the database file name, which defaults to the zone name with a .dns
extension. There are two zone transfer methods for zone transfer: full-zone (AXFR) and
incremental-zone transfer (IXFR). AXFR is the standard way of transferring zone information,
and is essentially a zone file copy. Windows 2000 supports AXFR, but is also supports IXFR,
which uses less bandwidth since only zone changes are replicated.
Creating Reverse Lookup Zones
A reverse lookup zone enables reverse lookup queries.
To create a new reverse lookup zone, select the Reverse Lookup Zones, folder and then select
New Zone. The New Zone wizard has options: Zone Type, Reverse Lookup Zone and Zone File.
Zone File
The zone types are the same as the zone type options available when creating a forward lookup
zone: Active Directory-integrated, standard primary and standard secondary.
Reverse Lookup Zone
Enter your network ID or the name of the reverse lookup zone.
Zone File
The network ID and subnet mask determine the default zone file name. DNS reverses the IP
octets and adds the in-addr.arpa suffix.
======================================================================
winser9.html PAGE
36 2002/01/19
Adding Resource Records
Once you create zones, you can use the DNS snap-in to add resource records. Resource
records are entries in the zone database file.
There are many types of resource records.
Configuring Dynamic DNS
The DNS Service includes a dynamic update capability called Dynamic DNS (DDNS).
With DNS, when there are changes to the domain for which a name server has authority,
you must manually update the zone database file on the primary name server.
Dynamic Updates
You can configure a list of authorized servers to initiate dynamic updates. This list can include
secondary name servers, domain controllers, and other servers that perform network
registration for clients, such as servers running the DHCP Service or WINS.
The update sequence consists of the following steps:
record to be registered.
an existing registration.
authoritative zone is multimaster.
Every computer running Windows 2000 attempts the registration of it’s A and PTR records. An
A record, also
known as the host record, provides the name-to-address mapping, and the PTR
record, also known as the pointer record provides the address-to-name mapping for the computer
sending the registration.
DDNS and DHCP
DDNS interacts with DHCP Service to maintain synchronized name-to-IP address mappings for
network hosts. By default, the DHCP service allows clients to add their own A (host) records to
the zone, and the DHCP
Service adds the PTR (pointer) record to the zone.
======================================================================
winser9.html PAGE
37 2002/01/19
To configure a zone for DDNS, use the DNS snap-in. Select the appropriate zone, and then select
Properties from the Action menu. On the General tab of the Properties dialog box, select Yes from
the Allow Dynamic Updates dropdown list.
Configuring a DNS Client
Once you install and configure the DNS service on computers running Windows 2000 Server,
you can configure your Windows 2000 DNS client. You must ensure that TCP/IP is installed on
the client before you can configure the client to use the DNS Service.
Once TCP/IP is installed on the client, open the Internet Protocol (TCP/IP) properties. Configure
the DNS or specify the IP address. From the Advanced TCP/IP settings click the DNS tab to
configure DNS settings. You will need to supply the IP address or addresses of the DNS server.
These should be listed in order of use.
You can also specify DNS settings that assist in resolving host names not specified by their FQDN,
and you can configure DDNS registration settings from this dialog box.
Troubleshooting the DNS Service
Use the nslookup command-line utility in the DNS snap-in.
Monitoring the DNS Server
name server.
another name server.
Setting Logging Options
You can select from 11 options: Query, Notify, Update, Questions, Answers, Send Receive, UDP,
TCP, Full Packets, and Write Through.
======================================================================
winser9.html PAGE
38 2002/01/19
Using Nslookup
It is the primary diagnostic tool for the DNS service, and it is installed when the TCP/IP protocol
is installed. Use nslookup to view any resource record and to direct queries to any name server,
including UNIX DNS implementations.
Nslookup has two modes: interactive
and noninteractive.
When you require more than one piece of data, use interactive mode. Just type nslookup at the
command prompt.
When you require a single piece of data, use noninteractive mode. Type the nslookup syntax at
the command line, and the data is returned.
*** See the chart on
page 535 ***
Lesson Summary:
addresses.
database. Root, Top-level domains, second-level domains and host names.
zones.
be selected in the Internet Protocol (TCP/IP) properties.
monitoring and logging options in the DNS snap-in and by using the nslookup command-line utility.
======================================================================
winser9.html PAGE
39 2002/01/19
IN CLASSROOM EXERCISE:
Logon Script @ Logon:
Make a batch file for this purpose.
D:\Assign2
Net^use^Q:^/delete
Net^use^Q:^\\srdvc04\instructor301
Net^use^Q:^\\Instructor301\ebook
D:\Assign\Monday.bat
Go into GPO window settings/scripts logon
Assign2 Folder (share it)
Works when you log on as a user, Jane Doe etc, it first deletes the Q, then
Re-establishes another one. NOTE: Check their logon rights, ensure they
Do not have any deny in their permissions.
SALES OU Properties/Friday2 (edit)/ scripts/logon/browse
Log on as other users Jane Doe, Bob_White, it works. Jane Doe had the wrong path?
*** Works ****