hands-on microsoft windows server 2003 administration chapter 8 administering tcp/ip
Post on 20-Dec-2015
219 Views
Preview:
TRANSCRIPT
Hands-On Microsoft Windows Server 2003
Administration
Chapter 8
Administering TCP/IP
2
Objectives
• Understand basic concepts about TCP/IP• Configure TCP/IP on Windows Server 2003• Troubleshoot TCP/IP and network connectivity
using various utilities• Administer Dynamic Host Configuration Protocol
(DHCP) in Windows Server 2003
3
Understanding TCP/IP
• Transmission Control Protocol/Internet Protocol (TCP/IP)– Suite of protocols and utilities used for
• Network communication• Troubleshooting on local networks and the Internet
4
Understanding TCP/IP (Continued)
• TCP/IP has become the most popular network protocol in use today, because– It is the protocol suite used for Internet-based
communications
– It is an open-standard, vendor-independent protocol
• In Windows Server 2003 environments, Active Directory depends on TCP/IP and related services to function
5
Four layers of the TCP/IP model
6
The TCP/IP Protocol Stack
• Transmission Control Protocol (TCP)– Operates at the transport layer– Responsible for the reliable transmission of data
on a TCP/IP network– A connection-based protocol
• User Datagram Protocol (UDP)– Functions at the transport layer– A connectionless protocol
• Provides no guarantee of packet delivery– Provides speed advantages in the form of lower
overhead
7
The TCP/IP Protocol Stack (Continued)• Address Resolution Protocol (ARP)
– Works at the Internet layer– Responsible for mapping IP addresses to
hardware media access control (MAC) addresses• Every Windows Server 2003 computer has an ARP
cache that stores both dynamic and static entries
• Internet Control Message Protocol (ICMP)– Operates at the network layer– Used to exchange network status and error
information between two hosts
8
The TCP/IP Protocol Stack (Continued)
• Internet Group Management Protocol (IGMP)– Operates at the network layer
– Used to manage network and host information when a network application requires the use of multicasts to communicate
• Internet Protocol (IP)– Operates at the Internet layer
– Responsible for addressing and routing packets so that they are delivered to the correct host
– A connectionless protocol
9
The TCP/IP Protocol Stack (Continued)
• IPv4– The current version of IP
– Uses a 32-bit addressing scheme
– IP addresses are generally represented using dotted-decimal notation
• For example: 192.168.1.1
• A subnet mask– Used to determine which portion of an address
represents the network and which portion represents a unique host on that network
10
Installing TCP/IP
• TCP/IP is installed by default if– The network adapter is automatically detected
during the installation of Windows Server 2003
• If TCP/IP is not installed during setup, it can be added afterward
• Once TCP/IP has been installed, the network administrator can either– Manually configure addressing parameters, or
– Implement dynamic addressing using DHCP
11
Configuring TCP/IP on Windows Server 2003 Computers
• All hosts on a TCP/IP network require– An IP address
– A subnet mask
• Options for configuring IP addresses on workstations and servers– Configure each one manually with a static IP
address
– Configure computers to obtain an IP address automatically
• Requires a DHCP server on the network
12
Configuring Static IP Addresses
• The decision on whether to use a static or dynamic IP-addressing method is often a function of the size of the network
• For each network card configured to use TCP/IP, you must configure– An IP address
– A subnet mask
• TCP/IP Properties dialog box– Can be used to configure an IP address and a
subnet mask
13
Manually Configuring TCP/IP Properties
14
TCP/IP Options
15
Configuring IP Addresses Dynamically• Dynamic IP addressing
– Possible if there is a server on the network running DHCP
– Advantages• Can eliminate some administrative problems
associated with configuring static IP addresses, such as
– The chance of human error– IP address duplication
• A DHCP server is configured with a range of IP addresses that will be assigned to clients on the network
16
Automatic Private IP Addressing
• Automatic private IP addressing (APIPA)– Allows DHCP-enabled clients to assign
themselves an IP address and subnet mask in the event that a DHCP server is unavailable
– Provides a client with limited functionality on the network
17
Configuring TCP/IP properties dynamically using DHCP
18
Troubleshooting TCP/IP and Network Connectivity
• TCP/IP comes with several command-line utilities that can be used to– Test network connectivity to make sure that
computers can properly communicate over the network
– Troubleshoot network connectivity problems
19
Verifying TCP/IP Configurations
• ipconfig command– Can be used to verify the addressing parameters
assigned to a host– Several parameters can be used with this
command• winipcfg command
– Used by Windows 9x machines to display the TCP/IP configuration settings
– Very similar to the ipconfig utility used in Windows NT/2000/XP and Windows Server 2003
20
Ipconfig parameters
21
Verifying TCP/IP Configurations (Continued)
• Information displayed using ipconfig or winipcfg can assist in determining whether the computer is using the correct – IP address
– Subnet mask
– Default gateway configuration
22
Verifying Network Connectivity
• Windows Server 2003 provides a variety of TCP/IP utilities to troubleshoot connectivity problems
• ping command– Tests network connectivity with other hosts on the
network by sending ICMP packets to a remote computer and then listening for an echo reply from the remote host
23
Ping parameters
24
Verifying Network Connectivity (Continued)• tracert command
– Displays all the routers a packet must pass through in the journey to the remote host
– Helps a network administrator better understand the true nature of a TCP/IP network communication issue
25
Verifying Network Connectivity (Continued)• pathping command
– Combines the functions of both the ping and tracert commands
– Sends echo request messages to each router between a source and destination host
– Once complete, it• Computes results based on the packets returned
from each router• Displays the degree of packet loss at each router
– Can help a network administrator determine which routers are experiencing network problems or congestion
26
Pathping parameters
27
Verifying Network Connectivity (Continued)
• route command– Used to view or modify the contents of a system’s
local routing table
28
Verifying Network Connectivity (Continued)• netdiag command
– Can be used to diagnose and troubleshoot a variety of network connectivity problems
– Some of the information provided includes• A list of installed hotfixes• IP address and DNS settings• Domain configuration information
29
Administering DHCP in Windows Server 2003
• To implement automatic IP addressing for network systems– Install a DHCP service on at least one server on
the network
• Dynamic Host Configuration Protocol (DHCP)– Used to
• Centralize the administration of IP addresses and other options
• Eliminate the administrative overhead of statically assigning the information to each network host
30
Administering DHCP in Windows Server 2003 (Continued)
• A DHCP scope– A range of IP addresses configured on a DHCP
server that can be handed out to network clients• When a client is configured to use DHCP, it
receives– An IP address– A subnet mask– Any other options that may have been configured
for the scope
31
Administering DHCP in Windows Server 2003 (Continued)
• A DHCP lease– An IP address that is assigned to a client from a
DHCP server
• A DHCP client attempts to lease an IP address in one of the following situations:– TCP/IP is installed and started for the first time
– The client releases its IP address and attempts to renew another one
– The client attempts to release a specific IP address and is denied
32
Installing a DHCP Server
• The DHCP server must be assigned– A static IP address
– A subnet mask
– A default gateway (if required on the network)
33
Configuring DHCP Scopes
• A DHCP scope– A range of IP addresses and associated settings
that can be handed out to network clients configured to use automatic addressing
– Configured using the DHCP MMC snap-in
34
The DHCP MMC snap-in
35
Configuring DHCP Scopes (Continued)
• Guidelines for creating a DHCP scope– Each DHCP scope should include only unique
addresses to avoid duplicate IP addresses being handed out on the network
– Any IP addresses that have been statically assigned to clients should be excluded from a scope to avoid duplication
– DHCP servers can be configured with multiple scopes to assign IP addresses to hosts on different subnets
36
Configuring DHCP Scopes (Continued)
• Scope options– Examples: default gateway, DNS server
addresses– Must be configured before activating the scope
• Client reservation– Reserves an IP address within the scope for a
particular client so it is always reassigned the same address
37
Configuring DHCP Scopes (Continued)
• Superscope– Grouping of scopes created for multiple subnets
on a physical network
– Usually created to make the administration of multiple scopes easier
38
Configuring DHCP Scopes (Continued)
• Multicasting– Sending a message to a group of clients, but not
all clients, using a single destination address– Uses a special range of IP addresses known as
the Class D address range– DHCP servers in Windows Server 2003 can
assign multicast addresses to clients as well as traditional unicast addresses
39
Authorizing a DHCP Server
• Authorizing a DHCP server in Active Directory– The last step in installing a DHCP server
– Designed to increase security and stability on a network
• Only those Windows Server 2003 and Windows 2000 DHCP servers that have been authorized by an administrator are permitted to lease IP addresses
40
Using DHCP Options
• Besides an IP address and a subnet mask, a range of DHCP options can be assigned to clients
41
Using DHCP Options (Continued)
• Scope options can be configured at three levels– Server level
• Server options apply to all scopes configured on the DHCP server
– Scope level• Scope options only apply to a specific scope and
the clients that lease an IP address from that scope
– Client level• Client options apply to the specified client
reservation
42
Configuring DHCP in a Routed Network
• Options for implemented DHCP in a routed network– Install and configure a DHCP server on each
subnet– Configure network routers to forward DHCP
broadcast traffic
43
Configuring DHCP in a Routed Network (Continued)
– Configure a DHCP relay agent on each of the subnets
• The DHCP relay agent included with Windows Server 2003
– Relays DHCP broadcast messages between DHCP clients and DHCP servers across a routed network
– Configured using the Routing and Remote Access tool
44
Routing and Remote Access console
45
DHCP and DNS Integration
• Dynamic DNS (DDNS)– Allows name servers and clients to automatically
update the DNS database• Options for DNS registration
– Dynamically update DNS A and PTR records only if requested by the DHCP clients
• Selected by default– Always dynamically update DNS A and PTR
records– Discard A and PTR records when lease is deleted– Dynamically update DNS A and PTR records for
DHCP clients that do not request updates
46
DHCP and DNS integration properties
47
Maintaining DHCP Services
• Ways to monitor DHCP servers– Periodically look at the Event Viewer system log
for any DHCP-related events
– Use DHCP audit logging• Enabled by default in the DHCP MMC snap-in• Forces the DHCP server to place detailed event
logs in the DHCP database directory
48
DHCP service activity log
49
Summary (Continued)
• TCP/IP consists of a suite of protocols that can be used to configure, manage, and troubleshoot network connectivity– The protocols include TCP, UDP, ARP, IP
• All hosts on a TCP/IP network require an IP address and a subnet mask
• A default gateway is needed to communicate outside of the local subnet
• IP addresses can be assigned to a host– Statically– Dynamically by using a DHCP server
50
Summary (Continued)
• Several utilities, such as ipconfig and ping, can be used to verify and troubleshoot TCP/IP
• Once the DHCP service is installed, you must– Create and activate a unique scope
– Authorize the DHCP server in Active Directory
• You can also add various scope options, such as the IP address of the default gateway
51
Summary (Continued)
• Windows 2000 and XP DHCP clients automatically update resource records with the DNS server
• The DHCP server can be configured to perform all updates and perform updates on behalf of legacy clients
top related