Configuring TCP/IP on Windows Workstations

Configuring TCP/IP on Windows Workstations

Being able to configure your operating system to use TCP/IP is a must for any network administrator.
Because Microsoft Windows is the dominant operating system, we will show you how to configure a Windows client to use TCP/IP. The information in this section assumes that you already have Windows 2000 running on the client.
Because you are likely using Plug and Play network interface cards, Microsoft Windows 2000 automatically installs TCP/IP on your machine. In this case, you can skip ahead to the discussion
in Chapter 4 on how to use the TCP/IP utilities to confirm that your system is up and running properly.
       If, however, you want to look at or change some of the configuration settings or if TCP/IP

doesn’t seem to be installed on your system for whatever reason, stay with this chapter.

Note:

There is very little difference between configuring TCP/IP on a Windows 2000
device regardless of the exact version or function, such as Server or Professional.
The dialog boxes you use are virtually identical. Windows 2000 Professional
is used in the discussion that follows. Windows XP and 2003 are slightly
different in appearance, but still very similar.

 To begin configuring TCP/IP, follow these steps:

1. Choose Start Settings Control Panel Network and Dial-Up Connections to open the Network and Dial-Up Connections dialog box, which lists all of the currently installed network components.
2. Right-click one of your network adapters and select Properties to open the Properties dialog box for your adapter.
3. If you do not see Internet Protocol (TCP/IP) in the scrolling list (assuming you have enough entries to scroll), follow the next three steps. If you do see it, skip to step 7.

4.  Click the Install button, which brings up the Select Network Component Type window.

5. Click Protocol in the list and click the Add button to bring up the Select Network Protocol dialog box.

6.  Select Microsoft from the left frame and Internet Protocol (TCP/IP) from the right frame and click the OK button. This will take you back to the Properties dialog box for your adapter. Now Internet Protocol (TCP/IP) should appear in the scrolling list.

7.  Click Internet Protocol (TCP/IP) and click the Properties button, which brings up the Internet Protocol (TCP/IP) Properties window.

8. Initially, you see the General tab, which is set to obtain your IP address, subnet mask, default gateway, and DNS server(s) via DHCP. You may select the alternate radio buttons to manually enter this information.

9. Click the Advanced button, which brings up the Advanced TCP/IP Settings dialog box.

10. Notice the IP Settings, DNS, WINS, and Options tabs along the top of the Advanced TCP/IP Settings dialog box (shown in Figure 3.7 in the next section).

In the following sections, we will look at these four tabs. In addition, we will cover key information regarding the configuration database of Windows, known as the Registry, and the open

set of protocols, known as ZeroConf, designed to reduce the amount of manual TCP/IP configuration necessary to bring up a small network.

Read More

Using WINS

Using WINS

WINS, or Windows Internet Naming Service, is an essential part of the Microsoft networking topology as long as NetBIOS is still in use. But before we get into the discussion of WINS, we must define a few terms, including these two protocols—NetBIOS and NetBEUI. 
NetBIOS NetBIOS (pronounced “net-bye-ose”) is an acronym formed from network basic input/output system, a Session layer network protocol originally developed by IBM and Sytek to manage data exchange and network access. NetBIOS provides an application programming interface (API) with a consistent set of commands for requesting lower-level network services to transmit information from node to node, thus separating the applications from the underlying network operating system. Many vendors once provided either their own version of NetBIOS or an emulation of its communications services in their products.

NetBEUI NetBEUI (pronounced “net-boo-ee”) is an acronym formed from NetBIOS Extended User Interface, an implementation and extension of IBM’s NetBIOS transport protocol from Microsoft. NetBEUI communicates with the network through Microsoft’s Network Driver Interface Specification (NDIS). NetBEUI was once shipped with all versions of Microsoft’s operating systems and is generally considered to have a lot of overhead. It also has no structure to its addressing format, which does not allow determination of a network and therefore means it has no routing capability, making it suitable only for small networks; you cannot build internetworks with NetBEUI, and so it is often replaced with TCP/IP. Microsoft added extensions to NetBEUI in Windows NT to remove the limitation of 254 sessions per node. This extended version of Net- BEUI is called the NetBIOS Frame (NBF).


      WINS is used in conjunction with TCP/IP and maps NetBIOS names to IP addresses. For example, you have a print server on your LAN that you have come to know as PrintServer1. In the past, to print to that server you needed only to remember its name and to select that name from a list. However, TCP/IP is a completely different protocol and doesn’t understand Net- BIOS names; it therefore has no way of knowing the location of those servers. That’s where WINS comes in.
      Each time you access a network resource on a Windows network using TCP/IP, your system needs to know the host name or IP address. If there are no routers in your network, NetBIOS speaking devices can simply broadcast their presence on the network and broadcast a request for the unknown MAC address of a known NetBIOS name, all without a WINS server. Once routers are introduced, however, the broadcasts that NetBIOS uses for resolution do not make it through the routers, so connectivity is lost to devices not on the same subnet as the requesting device. If WINS is installed in a routed environment, you can continue using the NetBIOS names that you have previously used to access the resources because WINS provides the cross-reference from NetBIOS name to IP address for you. Once the IP address is known, ARP can be used to obtain the MAC address after the packet has been routed to the proper IP subnet.

Note:

A NetBIOS name doesn’t always refer to just a machine. Several services on a machine can also have their own NetBIOS names.

When you install and configure TCP/IP, as described later in this chapter, you’ll see a place to specify the WINS server addresses. These addresses are stored with the configuration, and
TCP/IP uses them to query for host names and addresses when necessary. WINS is similar toDNS in that it cross-references host names to addresses; however, as mentioned earlier, WINS
resolves NetBIOS names to IP addresses, but DNS resolves TCP/IP FQDNs to IP addresses.
      Another major difference between WINS and DNS is that WINS builds its own reference tables dynamically but you have to configure DNS manually. Dynamic DNS (DDNS) does exist,

but it is not yet implemented on the Internet. When a workstation running TCP/IP is booted and attached to the network, it uses the WINS address settings in the TCP/IP configuration to communicate
with the WINS server. The workstation gives the WINS server various pieces of information about itself, such as the NetBIOS host name, the actual username logged on to the workstation, and the workstation’s IP address. WINS stores this information for use on the network and periodically refreshes it to maintain accuracy.
       Microsoft, however, has developed a new DNS record—called DNS Server—that allows the DNS server to work in perfect harmony with a WINS server. The Microsoft DNS Server software
was shipped with Windows NT and later server systems. Here’s how it works: The host name portion of the DNS FQDN can be looked up on the WINS server for hosts in the local domain. Thus, you need not build complex DNS tables to establish and configure name resolution on your server; Microsoft DNS relies entirely on WINS to tell it the addresses it needs to resolve. And because WINS builds its tables automatically, you don’t have to edit the DNS tables when addresses change; WINS takes care of this for you. This feature also is not available on the Internet.
      You can use both WINS and DNS on your network, or you can use one without the other. Your choice is determined by whether your network is connected to the Internet and whether your host addresses are dynamically assigned. When you are connected to the Internet, you must use DNS to resolve host names and addresses because TCP/IP depends on DNS service for address resolution. Addresses of both DNS and WINS servers can be supplied to a host with its Dynamic Host Configuration Protocol (DHCP) lease.

Using DHCP
The primary reason for using DHCP is to centralize the management of IP addresses. When the DHCP service is used, DHCP scopes include pools of IP addresses that are assigned for automatic distribution to client computers on an as-needed basis, in the form of leases, which are periods of time for which the DHCP client may keep the configuration assignment. Clients attempt to renew their lease at 50 percent of the lease duration. The address pools are centralized on the DHCP server, allowing all IP addresses on your network to be administered from a single server. It should be apparent that this saves loads of time when changing the IP
addresses on your network. Instead of running around to every workstation and server and resetting the IP address to a new address, you simply reset the IP address pool on the DHCP
server. The next time the client machines are rebooted, they are assigned new addresses.

    If the client workstation cannot locate the DHCP server on the network automatically, either you will see an error message to that effect when you restart the client workstation or Automatic Private IP Addressing (APIPA) running on the machine will assign itself an IP address in the 169.254.0.0/16 address range.

    More capable than RARP, DHCP is an update to the Bootstrap Protocol (BootP) and can manage much more than the IP addresses of client computers. It can also assign DNS servers, WINS servers, default gateway addresses, subnet masks, and many other options.

Read More

Using DNS

Using DNS

The abbreviation DNS stands for Domain Name Service. You use DNS to translate host names and domain names to IP addresses, and vice versa, by means of a standardized lookup table that
the network administrator defines and configures. The system works just like a giant telephone directory.
Suppose you are using your browser to surf the Web and you enter the URL http:// www.microsoft.com to go to the Microsoft home page. Your web browser then asks the TCP/IP protocol to ask the DNS server for the IP address of www.microsoft.com. When your web browser receives this address, it connects to the Microsoft web server and downloads the home page. DNS is an essential part of any TCP/IP network because it simplifies the task of remembering
addresses; all you have to do is simply remember the host name and domain name. A DNS zone is an administrative area or name space within a DNS domain. For example, sybex.com is a DNS domain, but there is a server that is authoritative over the sybex.com

name space, or zone. An additional level could be added to sybex.com, making, for instance, networkbooks.sybex.com. The networkbooks zone would be handled by a particular server.
The server holds the zone file, or DNS table, for that zone. DNS tables are composed of records. Most records are composed of a host name, a record type, and an IP address. There are several
record types, including the address record, the mail exchange record, the CNAME record, and the SOA record.
      There are primary DNS servers, which are authoritative for the zone for which they carry the zone file, and secondary DNS servers, which have a nonauthoritative copy of the zone file updated from the primary server. The DNS zone file must be changed only on the primary server that is authoritative for that zone. If changes are made to the secondary server, the changes will not be propagated elsewhere, and these changes will be lost during the next update from the primary server. What this means is that whenever a change to any record is required, even one as simple as adding the IP address of a new server or changing the IP address of an established one, the change must be performed by the administrator, ISP, or other entity that hosts and has write access to the primary DNS server that is authoritative for the domain/zone in which the change occurs.
        The address record, commonly known as the A record, maps a host name to an IP address. The following example shows the address record for a host called mail in the company.com domain:

mail.company.com.            IN              A              204.176.47.9

The mail exchange (MX) record points to the mail exchanger for a particular host. DNS is structured so that you can actually specify several mail exchangers for one host. This feature provides a higher probability that e-mail will actually arrive at its intended destination. The mail exchangers are listed in order in the record, with a priority code that indicates the order in which the mail exchangers should be accessed by other mail delivery systems.
        If the first priority doesn’t respond in a given amount of time, the mail delivery system tries the second one, and so on. Here are some sample mail exchange records:

hostname.company.com.    IN    MX    10    mail.company.com.
hostname.company.com.    IN    MX    20    mail2.company.com.

hostname.company.com.    IN    MX    30    mail3.company.com. 

In this example, if the first mail exchanger, mail.company.com, does not respond, the second one, mail2.company.com, is tried, and so on.
      The CNAME record, or canonical name record, is also commonly known as the alias record and allows hosts to have more than one name. For example, your web server has the host name
www, and you want that machine to also have the name ftp so that users can use FTP to access a different portion of the file system as an FTP root. You can accomplish this with a CNAME record. Given that you already have an address record established for the host name www, a CNAME record that adds ftp as a host name would look something like this:

www.company.com.       IN     A              204.176.47.2

ftp.company.com.          IN    CNAME      www.company.com.

When you put all these record types together in a zone file, or DNS table, it might look like this:
mail.company.com.           IN   A              204.176.47.9
mail2.company.com.         IN   A              204.176.47.21
mail3.company.com.         IN   A              204.176.47.89
yourhost.company.com.    IN   MX          10  mail.company.com.
yourhost.company.com.    IN   MX          20  mail2.company.com.
yourhost.company.com.    IN   MX          30  mail3.company.com.
www.company.com.          IN  A              204.176.47.2

ftp.company.com.              IN CNAME     www.company.com.

The SOA record, or start of authority record, contains global parameters for the zone and is easily the most crucial record in the zone file. There can be only one SOA per zone file. The SOA record might look something like this:

TABLE 3 . 6 Fields of the DNS SOA Record

TABLE 3 . 6 Fields of the DNS SOA Record (continued)

Note:

You can establish other types of records for specific purposes, but we won’t go into those in this book. DNS can become very complex very quickly, and entire books are dedicated to the DNS system.

The nslookup and dig commands are discussed further in Chapter 4, but a quick peek at a special function of the utility will help tie together the preceding material. The following output was generated by the nslookup utility. Notice the similarity to the actual SOA record shown earlier. Once nslookup is started, entering the command set type=SOA, followed by entering the domain for which you want to view the SOA information for that zone, will produce output similar to this:


C:\>nslookup
Default Server: ns.company.com

Address: 10.184.147.254


> set type=SOA
> company.com
Server: ns.company.com

Address: 10.184.147.254

Non-authoritative answer:
company.com
                primary name server = ns.company.com
               responsible mail addr = dns\.support.company.com
               serial = 55281
               refresh = 7200 (2 hours)
               retry = 3600 (1 hour)
               expire = 604800 (7 days)
               default TTL = 1800 (30 mins)
[output omitted]

>

Read More