Hands-On Microsoft
Windows Server 2003
Administration
Chapter 8
Administering TCP/IP
Objectives
• Understand basic concepts about TCP/IP
• Configure TCP/IP on Windows Server 2003
• Troubleshoot TCP/IP and network connectivity
using various utilities
• Administer Dynamic Host Configuration Protocol
(DHCP) in Windows Server 2003
2
Understanding TCP/IP
• Transmission Control Protocol/Internet Protocol
(TCP/IP)
– Suite of protocols and utilities used for
• Network communication
• Troubleshooting on local networks and the Internet
3
Understanding TCP/IP (Continued)
• TCP/IP has become the most popular network
protocol in use today, because
– It is the protocol suite used for Internet-based
communications
– It is an open-standard, vendor-independent
protocol
• In Windows Server 2003 environments, Active
Directory depends on TCP/IP and related
services to function
4
Four layers of the TCP/IP model
5
The TCP/IP Protocol Stack
• Transmission Control Protocol (TCP)
– Operates at the transport layer
– Responsible for the reliable transmission of data
on a TCP/IP network
– A connection-based protocol
• User Datagram Protocol (UDP)
– Functions at the transport layer
– A connectionless protocol
• Provides no guarantee of packet delivery
– Provides speed advantages in the form of lower
overhead
6
The TCP/IP Protocol Stack
(Continued)
• Address Resolution Protocol (ARP)
– Works at the Internet layer
– Responsible for mapping IP addresses to
hardware media access control (MAC) addresses
• Every Windows Server 2003 computer has an
ARP cache that stores both dynamic and static
entries
• Internet Control Message Protocol (ICMP)
– Operates at the network layer
– Used to exchange network status and error
information between two hosts
7
The TCP/IP Protocol Stack
(Continued)
• Internet Group Management Protocol (IGMP)
– Operates at the network layer
– Used to manage network and host information
when a network application requires the use of
multicasts to communicate
• Internet Protocol (IP)
– Operates at the Internet layer
– Responsible for addressing and routing packets
so that they are delivered to the correct host
– A connectionless protocol
8
The TCP/IP Protocol Stack
(Continued)
• IPv4
– The current version of IP
– Uses a 32-bit addressing scheme
– IP addresses are generally represented using
dotted-decimal notation
• For example: 192.168.1.1
• A subnet mask
– Used to determine which portion of an address
represents the network and which portion
represents a unique host on that network
9
Installing TCP/IP
• TCP/IP is installed by default if
– The network adapter is automatically detected
during the installation of Windows Server 2003
• If TCP/IP is not installed during setup, it can be
added afterward
• Once TCP/IP has been installed, the network
administrator can either
– Manually configure addressing parameters, or
– Implement dynamic addressing using DHCP
10
Configuring TCP/IP on Windows
Server 2003 Computers
• All hosts on a TCP/IP network require
– An IP address
– A subnet mask
• Options for configuring IP addresses on
workstations and servers
– Configure each one manually with a static IP
address
– Configure computers to obtain an IP address
automatically
• Requires a DHCP server on the network
11
Configuring Static IP Addresses
• The decision on whether to use a static or
dynamic IP-addressing method is often a
function of the size of the network
• For each network card configured to use
TCP/IP, you must configure
– An IP address
– A subnet mask
• TCP/IP Properties dialog box
– Can be used to configure an IP address and a
subnet mask
12
Manually Configuring TCP/IP
Properties
13
TCP/IP Options
14
Configuring IP Addresses
Dynamically
• Dynamic IP addressing
– Possible if there is a server on the network
running DHCP
– Advantages
• Can eliminate some administrative problems
associated with configuring static IP addresses,
such as
– The chance of human error
– IP address duplication
• A DHCP server is configured with a range of IP
addresses that will be assigned to clients on the
network
15
Automatic Private IP Addressing
• Automatic private IP addressing (APIPA)
– Allows DHCP-enabled clients to assign
themselves an IP address and subnet mask in
the event that a DHCP server is unavailable
– Provides a client with limited functionality on the
network
16
Configuring TCP/IP properties
dynamically using DHCP
17
Troubleshooting TCP/IP and
Network Connectivity
• TCP/IP comes with several command-line
utilities that can be used to
– Test network connectivity to make sure that
computers can properly communicate over the
network
– Troubleshoot network connectivity problems
18
Verifying TCP/IP Configurations
• ipconfig command
– Can be used to verify the addressing parameters
assigned to a host
– Several parameters can be used with this
command
• winipcfg command
– Used by Windows 9x machines to display the
TCP/IP configuration settings
– Very similar to the ipconfig utility used in
Windows NT/2000/XP and Windows Server 2003
19
Ipconfig parameters
20
Verifying TCP/IP Configurations
(Continued)
• Information displayed using ipconfig or winipcfg
can assist in determining whether the computer
is using the correct
– IP address
– Subnet mask
– Default gateway configuration
21
Verifying Network Connectivity
• Windows Server 2003 provides a variety of
TCP/IP utilities to troubleshoot connectivity
problems
• ping command
– Tests network connectivity with other hosts on the
network by sending ICMP packets to a remote
computer and then listening for an echo reply
from the remote host
22
Ping parameters
23
Verifying Network Connectivity
(Continued)
• tracert command
– Displays all the routers a packet must pass
through in the journey to the remote host
– Helps a network administrator better understand
the true nature of a TCP/IP network
communication issue
24
Verifying Network Connectivity
(Continued)
• pathping command
– Combines the functions of both the ping and
tracert commands
– Sends echo request messages to each router
between a source and destination host
– Once complete, it
• Computes results based on the packets returned
from each router
• Displays the degree of packet loss at each router
– Can help a network administrator determine
which routers are experiencing network problems
or congestion
25
Pathping parameters
26
Verifying Network Connectivity
(Continued)
• route command
– Used to view or modify the contents of a system’s
local routing table
27
Verifying Network Connectivity
(Continued)
• netdiag command
– Can be used to diagnose and troubleshoot a
variety of network connectivity problems
– Some of the information provided includes
• A list of installed hotfixes
• IP address and DNS settings
• Domain configuration information
28
Administering DHCP in Windows
Server 2003
• To implement automatic IP addressing for
network systems
– Install a DHCP service on at least one server on
the network
• Dynamic Host Configuration Protocol (DHCP)
– Used to
• Centralize the administration of IP addresses and
other options
• Eliminate the administrative overhead of statically
assigning the information to each network host
29
Administering DHCP in Windows
Server 2003 (Continued)
• A DHCP scope
– A range of IP addresses configured on a DHCP
server that can be handed out to network clients
• When a client is configured to use DHCP, it
receives
– An IP address
– A subnet mask
– Any other options that may have been configured
for the scope
30
Administering DHCP in Windows
Server 2003 (Continued)
• A DHCP lease
– An IP address that is assigned to a client from a
DHCP server
• A DHCP client attempts to lease an IP address
in one of the following situations:
– TCP/IP is installed and started for the first time
– The client releases its IP address and attempts to
renew another one
– The client attempts to release a specific IP
address and is denied
31
32
Installing a DHCP Server
• The DHCP server must be assigned
– A static IP address
– A subnet mask
– A default gateway (if required on the network)
33
Configuring DHCP Scopes
• A DHCP scope
– A range of IP addresses and associated settings
that can be handed out to network clients
configured to use automatic addressing
– Configured using the DHCP MMC snap-in
34
The DHCP MMC snap-in
35
Configuring DHCP Scopes
(Continued)
• Guidelines for creating a DHCP scope
– Each DHCP scope should include only unique
addresses to avoid duplicate IP addresses being
handed out on the network
– Any IP addresses that have been statically
assigned to clients should be excluded from a
scope to avoid duplication
– DHCP servers can be configured with multiple
scopes to assign IP addresses to hosts on
different subnets
36
Configuring DHCP Scopes
(Continued)
• Scope options
– Examples: default gateway, DNS server
addresses
– Must be configured before activating the scope
• Client reservation
– Reserves an IP address within the scope for a
particular client so it is always reassigned the
same address
37
Configuring DHCP Scopes
(Continued)
• Superscope
– Grouping of scopes created for multiple subnets
on a physical network
– Usually created to make the administration of
multiple scopes easier
38
Configuring DHCP Scopes
(Continued)
• Multicasting
– Sending a message to a group of clients, but not
all clients, using a single destination address
– Uses a special range of IP addresses known as
the Class D address range
– DHCP servers in Windows Server 2003 can
assign multicast addresses to clients as well as
traditional unicast addresses
39
Authorizing a DHCP Server
• Authorizing a DHCP server in Active Directory
– The last step in installing a DHCP server
– Designed to increase security and stability on a
network
• Only those Windows Server 2003 and Windows
2000 DHCP servers that have been authorized by
an administrator are permitted to lease IP
addresses
40
Using DHCP Options
• Besides an IP address and a subnet mask, a
range of DHCP options can be assigned to
clients
41
Using DHCP Options (Continued)
• Scope options can be configured at three levels
– Server level
• Server options apply to all scopes configured on
the DHCP server
– Scope level
• Scope options only apply to a specific scope and
the clients that lease an IP address from that
scope
– Client level
• Client options apply to the specified client
reservation
42
Configuring DHCP in a Routed
Network
• Options for implemented DHCP in a routed
network
– Install and configure a DHCP server on each
subnet
– Configure network routers to forward DHCP
broadcast traffic
43
Configuring DHCP in a Routed
Network (Continued)
– Configure a DHCP relay agent on each of the
subnets
• The DHCP relay agent included with Windows
Server 2003
– Relays DHCP broadcast messages between DHCP
clients and DHCP servers across a routed network
– Configured using the Routing and Remote Access
tool
44
Routing and Remote Access
console
45
DHCP and DNS Integration
• Dynamic DNS (DDNS)
– Allows name servers and clients to automatically
update the DNS database
• Options for DNS registration
– Dynamically update DNS A and PTR records only
if requested by the DHCP clients
• Selected by default
– Always dynamically update DNS A and PTR
records
– Discard A and PTR records when lease is deleted
– Dynamically update DNS A and PTR records for
DHCP clients that do not request updates
46
DHCP and DNS integration
properties
47
Maintaining DHCP Services
• Ways to monitor DHCP servers
– Periodically look at the Event Viewer system log
for any DHCP-related events
– Use DHCP audit logging
• Enabled by default in the DHCP MMC snap-in
• Forces the DHCP server to place detailed event
logs in the DHCP database directory
48
DHCP service activity log
49
Summary (Continued)
• TCP/IP consists of a suite of protocols that can
be used to configure, manage, and troubleshoot
network connectivity
– The protocols include TCP, UDP, ARP, IP
• All hosts on a TCP/IP network require an IP
address and a subnet mask
• A default gateway is needed to communicate
outside of the local subnet
• IP addresses can be assigned to a host
– Statically
– Dynamically by using a DHCP server
50
Summary (Continued)
• Several utilities, such as ipconfig and ping, can
be used to verify and troubleshoot TCP/IP
• Once the DHCP service is installed, you must
– Create and activate a unique scope
– Authorize the DHCP server in Active Directory
• You can also add various scope options, such
as the IP address of the default gateway
51
Summary (Continued)
• Windows 2000 and XP DHCP clients
automatically update resource records with the
DNS server
• The DHCP server can be configured to perform
all updates and perform updates on behalf of
legacy clients
52