configuring tcp_ip in networking

7/31/2019 Configuring TCP_IP in Networking

1/9


2/9

Tcp/IP configuration By Chandan Sharma 2 |P a g e

3. Click the Add button. NT will build a list of all available network protocols and display these in a newwindow, shown in Figure 11.3.4. Select the TCP/IP Protocol and click OK. 5. You will now be asked if there is a DHCP server on yournetwork and you want toget your TCP/IP address automatically from this server. This message is shown in Figure 11.4.

In this example, you should choose No. If, however, you were configuring an NT Server and you did wantit to dynamically obtain its IP address from a DHCP server, you would choose Yes. For more informationon setting up a DHCP server, see Chapter 12.6. You might be required to provide a path to the Windows NT Server distribution media so NT can installthe necessary software components. If you are using a local CD-ROM, indicate the drive letter and path.Or if you are installing from a network, indicate the UNC location (for example, \\NTSERVER1\NT40INST\i386) ofthe NT Server distribution files. Click OK once you have identified a valid NT distribution media set. NT will copy files from the distribution media to the local system directory. 7. You will be returned to theProtocols tab of the Network window. You should seeTCP/IP Protocol listed in the Network Protocols list, as shown in Figure 11.5. 8. Click the Close button atthe bottom of the Network window.NT will go through an automatic process to review the bindings on the network adapter. NT will display theMicrosoft TCP/IP Properties window so you can provide specific TCP/IP configuration information, whichis necessary to complete the binding. The Microsoft TCP/IP Properties window is shown in Figure 11.6. 9. If your system is physically multihomed (you have more than one network adapter in your system), youcan use the Adapter pick list to select the adapter you want to configure.If you chose to use a DHCP server to acquire your TCP/IP information, back in step 6, the Obtain an IP

address from a DHCP Server option will be selected and the IP Address, Subnet Mask, and Default

Gateway textboxes will be grayed out.


3/9


10. You should enter the IP address, subnet mask, and default gateway for your network card into theappropriate textboxes.11. This is the minimal amount of information you need to provide to get your system up and running with

TCP/IP. Click OK at the bottom of the Microsoft TCP/IP Properties window. NT will complete the adapter

binding process and tell you that you need to restart your computer before your changes can take effect.

Advanced TCP/IP OptionsThe Advanced TCP/IP settings option under the Microsoft TCP/IP Properties window allows you toconfigure your multiple IP addresses for a single network card, or to specify multiple IP gateways for eachnetwork card in your system.Logically Multihomed AdapterConfiguring more than one IP address for a single network card is known as configuring a logicallymultihomed network adapter. Windows NT allows you to assign up to five IP addresses to a singlenetwork adapter. This is known as a logically multihomed network adapter. Compare this to what istraditionally called a multihomed system, where you have multiple network interfaces on a system, eachwith its own unique IP address. There are advantages and disadvantages to a logically multihomed

configuration.One of the advantages of a logically multihomed system is very apparent when used in conjunction withthe new Internet Information Server (IIS) that is included with NT Server 4. IIS can be configured torespond to a default hypertext transport protocol (http) request in different ways depending on which oneof the logically multihomed IP addresses is accessed. If you want to run three Web sites from your server,logical multihoming makes this easier and cleaner. For instance, if you wanted to host xyzcorp.com,USAcollege.edu, and greenfood.com from your server, you would simply designate a different IP address for eachsite and then bind all three IP addresses to your network adapter. Then when someone uses a Webbrowser to connect to


4/9


xyzcorp.com, he or she will get the home page for xyzcorp; if connecting to USAcollege.edu, the user will get thedefault page for USAcollege. For more information about using a multihomed system with IIS, see Chapter28, Using Windows NT as an Internet Server, which includes additional coverage of IIS. One thing to be aware of with logical multihomed adapters is that NetBIOS over TCP/IP (NetBT) will only

be bound to the first IP address of a logically mulithomed adapter. If you want multihomed support with

NetBT, you need to install multiple network adapters with a single IP address bound to each adapter.

Multiple IP GatewaysIf you need to use TCP/IP to communicate with a computer outside of your subnet, the communication

needs to be done through an IP gateway. Many smaller LANs include only a single gateway betweensubnets. However, for additional levels of fault tolerance, many larger and more stable networks aredesigned with multiple IP gateways between their major subnets.Windows NT enables you to take advantage of these multiple gateways to provide fault tolerance in casethe default gateway becomes unavailable. For each network card onto which you bind TCP/IP, you canalso specify as many backup gateways as you have available. When you specify additional IP gateways, ifthe default gateway fails, NT will automatically attempt to use each of the additional IP gateways, in theorder listed, until it can find a functioning gateway.PPTP FilteringWindows NT 4 includes a new technology called Point-to-Point Transfer Protocol (PPTP), which allowsyou to create multiprotocol virtual private networks (VPNs). PPTP takes advantage of Windows NTsRemote Access Service (RAS), but when you install PPTP, by default, you will be able to use your

network as normal, as well as take advantage of the VPN features provided by PPTP. However, you mightwant to prevent your system from responding to any non-PPTP traffic on the network, thus isolating it fromthe public network it is physically connected to. If you enable the PPTP Filtering, your NT Server will onlycommunicate with machines on its VPNs.For more information on PPTP, see Chapter 20, Using Remote Access Services.TCP/IP SecurityOne of the new features of Windows NT 4 is the ability to filter network traffic by TCP or UDP port number,as well as IP protocol value. This allows you to control the type of TCP/IP traffic that your server willrespond to, providing a higher level of security. For instance, if you were running a SQL server on yoursystem, you might want to permit access only to the ports your databases listen to.For more information on TCP/IP Security, see Chapter 25, Advanced Security Guidelines.

Configuring Advanced TCP/IP OptionsOnce TCP/IP is installed, if you need to configure additional IP addresses or IP gateways, use thefollowing procedure:1. Make sure you are logged on as an administrative user.2. Double-click the Network icon in the Control Panel. This will display the Network window.3. Click the Protocols tab and then double-click TCP/IP Protocol. This will display the Microsoft TCP/IP

Properties window.4. Click the Advanced button located in the bottom-right corner of the windows. This will display the

Advanced IP Addressing window, shown in Figure 11.7.5. If you have multiple physical network adapters, you can use the Adapter pick list to choose the adapter

you want to configure.

6. Use the Add button in the IP Addresses window to add additional IP address and subnet mask pairs forthe current network adapter. Remember, NT allows you to have up to five IP addresses per physicalnetwork adapter.7. Use the Add button in the Gateways group to add any additional IP gateways that are available on yournetwork.8. If you are using PPTP and want to restrict network access to PPTP, then select the Enable PPTPFiltering option.9. If you want to do IP or port-level filtering, select the Enable Security option, then click the Configurebutton. This will bring up the TCP/IP Security window as shown in Figure 11.8.


5/9


10. If you want to enable only certain TCP or UDP ports, select the Permit Only option above theappropriate field, then click the Add button to add the TCP or UDP port addresses you want to allow. ValidTCP and UDP port addresses are between 1 and 65535. 11. If you want to enable only certain IP protocol, select the Permit Only option above the IP Protocolsfield, then click the Add button to add the IP protocol values you want to allow. Valid IP protocol values arebetween 1 and 255.12. When you have completed entering the filtering information, click the OK button to return to theAdvanced IP Addressing window.13. Click OK to return to the Microsoft TCP/IP Properties window, then OK again to return to the NetworkControl Panel. Then click OK one more time to exit the Network Control Panel. You will be prompted to

restart the server.Once the system has restarted, the changes you made will take effect.

Installing Simple TCP/IP ServicesWindows NT includes an optional service called Simple TCP/IP Services. This service allows Windows NTto respond to a number of network utilities that are somewhat prevalent in the UNIX world. For mostenvironments, these utilities provide no real functionality.Simple TCP/IP services are all based on UDP and provide support for Chargen: When the chargen(character generator) service receives any input, itgenerates and returns a stream of data and sends it back to the sender. There is no relationship betweenthe data received by the chargen service and the data it returned to the sender, although the data isusually a recognizable pattern. Use of chargen is defined in RFC 864. Daytime: When it receives input, this service, defined in RFC 867, returns the current date and time. Discard: This service accepts any incoming data and then throws it away. It does not return anything tothe sender. Discard is defined in RFC 863. Echo: Echo is defined in RFC 862. It takes UDP packets directed at it and returns them to the sender.NOTE Although it might seem that the ping diagnostic utility would probably use the Echoservice, it does not. You do not need to install the Echo service to support ping. The echo service usesUDP packets and operates at a much higher level than ping, which uses ICMP packets. Quote: Quote is a quote-of-the-day service. When the quote service receives an incoming packet, it

discards this packet and then returns a quote from a predefined quote file. The default quote file is

installed in %SystemRoot%\system32\drivers\etc. This file can be modified to add new quotes so long as the quotesare less than 512 characters. The quote utility is defined in RFC 865.

Extra Notes:

Diagnostic UtilitiesMicrosoft has included a number of TCP/IP diagnostic utilities with Windows NT. Many of these utilities,such as ping and tracert, are functionally identical to common implementations on other platforms, includingmost UNIX systems. Other utilities, such as nbtstat, are more specific to Windows environments and do nothave direct analogues on non-Windows systems.All of the diagnostic utilities listed in this section are automatically installed when you install TCP/IP onyour system. They are all located in the %SystemRoot%\system32 directory.arp


6/9


The arp command is used to display or modify the IP address to the physical network address lookup tablemaintained by Windows NT. This table is called the address resolution protocol (ARP) table.The syntax for the arp command isarp -a [IP_addr] [-N [if_addr]]arp -d IP_addr [if_addr]arp -s IP_addr mac_addr [if_addr]-a displays the current ARP table. If inet_addr is included, the IP and physical addresses for only thespecified computer are displayed. If there is more than one network interface using TCP/IP, the ARP tablefor each is displayed.-Nif_addr displays the ARP entries for the network interface specified by if_addr.-d deletes the ARP entry specified by inet_addr.-s is used to manually add an entry in the ARP table. Typically, ARP entries age out of the table after aperiod of time. However, when you manually add an ARP entry, the entry will be permanent.mac_addrspecifies the physical address of the network adapter. It is represented as eight hexadecimal pairsseparated by dashes.IP_addr specifies an IP address.if_addr indicates the address of the network adapter on which the ARP table should be updated.hostnameThe hostname command returns the name of the computer as defined in the DNS tab of the TCP/IP

configuration window. There are no options to this command.

ipconfigThe ipconfigutility is useful for getting a quick look at a systems TCP/IP configuration. It is especially usefulwhen your system receives its IP configuration from a DHCP server.The syntax for the ipconfig command isipconfig [/all | /release [adapter] | renew [adapter]]If you run ipconfig without any switch options, it returns the IP address, subnet mask, and default gatewayfor all network adapters bound with TCP/IP.

/all causes ipconfig to return additional IP configuration information for all network adapters running TCP/IP.This information includes the TCP/IP hostname, list of all DNS servers, node type, NetBIOS scope ID,state of IP routing (IP forwarding) on your system, state of WINS proxy on your system, and if your systemwill use DNS to provide NetBIOS name resolution. Additionally, for each network adapter using TCP/IP, itwill provide the physical address of the adapter, whether or not it gets its information from a DHCP server,its IP address (or IP addresses if its logically multihomed), its subnet mask, default gateway, and any

WINS servers it uses.

/renew [adapter] is useful only when your system acquires its IP information dynamically from a DHCP server.If you use the switch without specifying an adapter, it will attempt to renew the DHCP lease for alladapters. If you only want to renew the lease for a specific network adapter, you can do that by typing itsname. If you do not get your IP information from a DHCP server but you use this switch, it will return anerror.

/release [adapter] is functionally the opposite of the /renew switch. If you use the switch without specifying anadapter, it will attempt to release the DHCP lease for all adapters. If you only want to release the lease fora specific network adapter, you can do that by typing its name.nbtstatThe nbtstat command is used to display the status of NetBIOS over TCP/IP (NetBT). The syntax for thenbtstat command isnbtstat [-a hostname] [-A IP_addr] [-c] [-n] [-R] [-r] [-S] [-s] [interval]-a displays the remote computers NetBIOS name table given its NetBIOS hostname. -Adisplays the remote computers NetBIOS name table given its IP address.-c displays the NetBIOS name cache of the local computer, including the name and IP address for eachentry.-n displays the NetBIOS names of the local computer.-R purges the NetBIOS name cache on the local computer and reloads theLMHOSTS file.


7/9


-r displays statistics for Windows name resolution. If you are using a WINS server for Windows nameresolution, this option returns the number of names resolved by broadcast and the number of namesresolved by a WINS server.-S displays statistics and session information for workstation and server services. This information is listedby IP address.-s displays statistics and session information for workstation and server services. It lists information byhostname if the IP address is listed in your HOSTS file. Otherwise, it is listed by IP address.interval, if specified, will result in nbtstat continuously redisplaying the statistics, pausing intervalsecondsbetween each update. If no interval is specified, the information will be displayed once. netstatnetstat can be used to examine the statistics for all TCP, IP, and UDP connections. The syntax for the netstatcommand isnetstat [-a] [-e] [-n] [-s] [-p protocol] [-r] [interval]If you run netstat without any switch options, it displays all active TCP connections.-a tells netstat to display all the current connections and listening ports.-e displays the network statistics. These statistics are cumulative since the last time the computer wasreset. Included are the total number of bytes, the number of unicast and non-unicast packets, the numberof discarded packets, and the number of errors.-n results in (by default) netstat displaying the IP hostname and port names. This switch causes netstat toinstead display the IP address and port number.-s displays the statistics for each of the protocols, TCP, IP, ICMP, and UDP. You can combine this with the-p protocol option if you only want the information for a single protocol.-p protocolspecifies that connections and statistics should be shown only for a specific protocol. Valid valuesfor protocolare TCP, UDP, IP, and ICMP.-r causes netstat to display the active routes from the routing table.interval results in netstat continuously updating the statistics, pausing intervalseconds between each update.If no interval is specified, the information will be displayed once.pingping is one of the fundamental diagnostic utilities. It can be used to verify if a host is reachable. Whentroubleshooting TCP/IP connectivity problems, ping should be the first tool to use. pinguses the Internet control message protocol (ICMP) echo packets to do its job.

The syntax for the ping command isping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [[-j host_list] | [-k host_list]] [-w timeout] destination_listBy default, ping will send four 64-byte ICMP packets with a one-second pause between each packet.-t indicates that ping should continuously send packets until you press Ctrl+C.-a is used to resolve the IP address to the DNS hostname. -n countindicates that ping should send countsICMP packets. The default is 4.-l length indicates the length of the ICMP packet. The contents of the ICMP packet is a periodic sequence ofalphabetic characters. The default packet size is 64 bytes, and the maximum is 8,192. However, Ethernetnetworks have a maximum data size of 1,512 bytes. Choosing a value larger than this will cause thepackets to become fragmented.-f sets the do-not-fragment flag on the packet. If you use the -l switch to indicate a packet size that is largerthan the maximum packet size of one of the routers the packet must pass through, the packet will bereturned with an error. You can use this switch along with the -l option to discover the largest packet youcan send from your computer to a remote host without it being fragmented.-i ttlsets the time to live (ttl) field on the packets. The ttl is the maximum number of router hops the packetcan go through before being discarded. Valid values are between 1 and 255. The default is 30. -v tossets the Type Of Service field to the value specified by tos.-r count records the route of the outgoing and returning ICMP packets in the Record Route field. A minimumof 1 to a maximum of 9 hosts must be specified by count.-s count specifies the time stamp for the number of hops specified by count.-j host_listroutes packets by means of the list of hosts specified by host_list. Consecutive hosts may beseparated by intermediate gateways (loose source routed). The maximum number of hosts allowed is 9.-k host_listroutes packets by means of the list of hosts specified by host_list. Consecutive hosts may not beseparated by intermediate gateways (strict source routed). The maximum number of hosts permitted is 9.-w timeoutspecifies a time-out interval in milliseconds.


8/9


destination_list specifies the remote hosts to ping.routeThe route command is used to manage the local TCP/IP route table.

The syntax for the route command isroute [-f] [print|add|delete|change [destination] [MASK netmask] [gateway]]-f flushes the routing table of all entries and resets it to its default values. If this option is not used alone,the route table is flushed before performing the other command.print, used without destination, displays the entire route table. When used withdestination prints the route table entry for that destination.add adds a permanent static route.delete deletes the route specified by destination.change modifies an existing route specified by destination.destination specifies the destination in the route table, and expressed in standard IP dot notation. MASKif present, specifies that the next parameter is the netmask parameter.netmask, when used with the add or modify command, specifies the subnet mask to use for the route entry.gateway, when used with the add or modify command, specifies the IP gateway to use when forwardingpackets to destination.tracerttracert is an extremely useful utility that determines the path taken between your system and a targetsystem. If you are experiencing connectivity problems, this can be useful for pinpointing the location of theproblem.tracert uses Internet Control Message Protocol (ICMP) echo packets to accomplish its job. First tracertdetermines the number of router hops to its destination. Then it sends a number of ICMP echo packetsequal to the hop count. On the first packet, tracert sets the time-tolive (TTL) to 1. On each successivepacket, tracert increments the TTL by 1. Each time a packet goes through a router, the router decrementsthe TTL by 1. When the TTL reaches 0, most routers send a message back to the sender indicating thepacket has been discarded. This means the first echo packet sent (with a TTL of 1) will be returned by thefirst router. The second echo packet (with a TTL of 2) will be returned by the second router, and so on. The syntax for the route command istracert [-d] [-h max_hops] [-j host_list] [-w timeout] destination-d specifies not to resolve IP addresses to host names, which is done by default.-h max_hopsspecifies the maximum number of hops to search for destination.-j host_listspecifies loose source route along host_list.

Connectivity UtilitiesMicrosoft included a couple of standard TCP/IP connectivity utilities with Windows NT. These utilitiesinclude Telnet, FTP, finger, and TFTP.TelnetWindows NT includes a graphical Telnet utility that can be used to connect to any system running astandard telnet server, as described in RFC 854. The Telnet utility can be found in the Accessoriesprogram group or can be started by typing telnet at the Run prompt.NOTE Windows NT Server does not include a Telnet server component. If you want to useTelnet to connect to your NT Server, there are a couple of third-party companies that make Telnet server

components.

The Telnet is fairly simple but does include features such as logging the Telnet session to file, vt-100/ansiemulation, and configurable screen settings.FTPWindows NT includes a relatively simple, command-line FTP client. This utility can be invoked from the Runprompt, or from the command line by typing FTP. Once in the FTP utility, you can get a simple level ofhelp by typing help or ? at the ftp> prompt. FTP file transfers are governed by standards defined in RFC 959.For information on installing the FTP server that comes with Windows NT, see Chapter 28. finger


9/9


Also included with Windows NT is a finger client utility. This command-line utility can be used to get userinformation from any system running a standard finger service.The finger command can be used in one of two ways: finger @hostname finger username@hostname

The first syntax usually returns a list of users logged onto the hostnames system. The second syntaxusually gives information about the specified user, such as full name, office phone number, or address.Additionally, many finger servers accept partial user names and will return all matches.NOTE Windows NT Server does not include a finger server service. A finger server servicefor NT is available from the European Microsoft Windows NT Academic Centre (EMWAC). EMWAC can

be contacted at http://www.emwac.ed.ac.uk.TFTPThe trivial file transfer protocol (TFTP) command allows you to transfer files to or from a computer runninga TFTP server, as defined in RFC 783.The syntax for the tftp command istftp [-i] host [GET | PUT] source [destination]-i indicates a binary file transfer. You must specify this switch when transferring binary files.host is the name of the remote machine.GET transfers the file from hostto the local machine.PUT transfers the file from the local machine to host.source is the full name of the file to be transferred.destination is the name the transferred file will have when the transfer is complete. If destination is not included, the destination filename will be the same as the source.

configuring tcp_ip in networking

Documents