How to Implement Subnetting

Subnetting is implemented by assigning a subnet address to each machine on a given physical network. For example, in Figure 1.14, each machine on subnet 1 has a subnet address of 1. The default network portion of an IP address can't be altered without encroaching on another administrative domain's address space, unless you are assigned multiple consecutive classful addresses. In order to maximize efficient use of the assigned address space, machines on a particular network share the same...

Class A Networks

In a Class A network, the first byte is the network address, and the three remaining bytes are used for the node addresses. The Class A format is Network.Node.Node.Node. For example, in the IP address 49.22.102.70, 49 is the network address and 22.102.70 is the node address. Every machine on this particular network would have the distinctive network address of 49 within that network, though, you could have a large number of machines. The length of a Class A network address is a byte, and the...

Review Questions

You work on a network with four subnets whose addresses are 208.45.231.0, 208.45.232.0, 208.45.233.0, and 208.45.234.0. Your routers are configured with these IP addresses Router 1 208.45.231.1 and 208.45.232.1 Router 2 208.45.231.2 and 208.45.233.1 Router 3 208.45.232.2 and 208.45.234.1 Router 4 208.45.233.2 and 208.45.234.2 Router 2 is connected to the Internet. The connection between Router 2 and Router 4 is a very slow 56K dial-up line. Your computer's IP address is 208.45.231.25. Your...

Monitoring DNS with the DNS SnapIn

You can use the DNS snap-in to do some basic server testing and monitoring. More importantly, you use the snap-in to monitor and set logging options. On the Event Logging tab of the server Properties dialog box (Figure 6.13), you can pick which events you want logged. The more events you select, the more log information you'll get. This is useful when you're trying to track what's happening with your servers, but it can result in a very, very large log file if you're not careful. FIGURE 6.13...

Moving the DHCP Database Files

You may find that you need to dismantle or change the role of your DHCP server and offload the DHCP functions to another computer. Rather than spend the time re-creating the DHCP database on the new machine by hand, you can literally copy the database files and use them directly. This is especially helpful if you have a complicated DHCP database with lots of reservations and option assignments. You also minimize the amount of human error that could be introduced by reentering the information by...

Answers to Review Questions

Group Policy Refresh Intervals For Computers specifies the interval rate that will be used to update the computer's Group Policy. By default, this background operation occurs every 90 minutes. 2. A. The No Override option is used to specify that child containers can't override the policy settings of higher-level GPOs. In this case, the order of precedence would be that site settings override domain settings and domain settings override OU settings. The No Override option would be used if you...

An FQDN includes the trailing dot to indicate the root node but its commonly left off in practice

As previously stated, one of the strengths of DNS is the ability to delegate control over portions of the DNS namespace to multiple organizations. For example, the Internet Corporation for Assigned Names and Numbers (ICANN) assigns the control over the TLDs to one or more organizations. Those organizations in turn delegate a portion of the DNS namespace to other organizations. For example, when we register a domain name, call it example.com, we control the DNS for the portion of the DNS...

Managing Filter Lists and Actions

Although you can manage IP filter lists and filter actions from the Edit Rule Properties dialog box, it makes more sense to use the management tools provided in the snap-in. This is because the filter lists and actions are stored with the policy, not inside individual rules. The filter lists and actions you create in one policy scope (say, the default domain policy) are available to all policies within that scope. You can manage filter lists and filter actions using the corresponding tabs in...

The Hierarchical IP Addressing Scheme

An IP address is made up of 32 bits of information. These bits are divided into four sections (sometimes called octets or quads) containing 1 byte (8 bits) each. There are three common methods for specifying an IP address Dotted-decimal, as in 130.57.30.56 Binary, as in 10000010.00111001.00011110.00111000 Hexadecimal, as in 82 39 1E 38 All of these examples represent the same IP address. The 32-bit IP address is a structured address, or hierarchical address, as opposed to a flat address, or...

Manually Creating DNS Records

From time to time you may find it necessary to manually add resource records to your Windows Server 2003 DNS servers. Although Dynamic DNS will free you from the need to fiddle with A and PTR records for clients and other such entries, other resource types (including MX records, required for the proper flow of SMTP e-mail) still have to be created manually. You can manually create A, PTR, MX, SRV, and 15 other record types. There are only two important things to remember You must right-click...

Configuring Tcpip Packet Filters

One of the most useful features in RRAS is its ability to selectively filter TCP IP packets in both directions. You can construct filters that allow or deny traffic into or out of your network based on rules that specify source and destination addresses and ports. The basic idea behind packet filtering is simple You specify filter rules and incoming packets are measured against those rules. You have two choices Accept all packets except those prohibited by a rule or drop all packets except...

Configuring the WSUS Clients

Prescriptions

There are two methods for configuring WSUS clients. The method you use depends on whether you use Active Directory in your network. In a non-enterprise network (not running Active Directory), you would configure Automatic Updates through Control Panel using the same process that was defined in the section Windows Automatic Updates earlier in this chapter. Each client's Registry would then be edited to reflect the location of the server that will provide the automatic updates. Within an...

Creating a New Multicast Scope

Open the DHCP snap-in by selecting Start gt Administrative Tools gt DHCP. 2. Right-click your DHCP server and choose New Multicast Scope. The New Multicast Scope Wizard appears. Click the Next button on the Welcome page. 3. In the Multicast Scope Name page, name your multicast scope and add a description if you'd like . Click the Next button. 4. The IP Address Range page appears. Enter a start IP address of 224.0.0.0 and an end IP address of 224.255.0.0. Adjust the TTL to 1 to make sure that...

The Host Record

A host record also called an address or A record is used to statically associate a host's name to its IP addresses. The format is pretty simple host_name optional_TTL IN A IP_Address Here's an example from our DNS database www IN A 192.168.0.204 smtp IN A 192.168.3.144 The A record ties a hostname which is part, you'll recall, of an FQDN to a specific IP address. This makes them suitable for use when you have devices with statically assigned IP addresses in that case, you'd create these records...

Understanding the Multicast Address Dynamic Client Allocation Protocol MADCAP

DHCP is normally used to assign IP configuration information for unicast or one-to-one network communications. With multicast, there's a separate type of address space assigned from 224.0.0.0-239.255.255.255 addresses in this space are known as Class D addresses or simply multicast addresses. However, multicast clients also need to have an ordinary IP address Clients can participate in a multicast just by knowing and using the multicast address for the content they want to receive. How do...

NWLink

NWLink IPX SPX is Microsoft's implementation of Novell's IPX SPX protocol stack, which is used in Novell NetWare. In fact, it's fair to say that NWLink IPX SPX is nothing more than IPX for Windows. FIGURE 1.13 The OSI protocol stack can be simplified by grouping its layers into three new categories. FIGURE 1.13 The OSI protocol stack can be simplified by grouping its layers into three new categories. NWLink IPX SPX is included with Windows Server 2003 primarily to allow Windows Server 2003 to...

Configure PPTP Packet Filters

Open the RRAS console by selecting Start gt Administrative Tools gt Routing And Remote Access and expand the server and IP Routing nodes to expose the General node of the server you're working on. Select the General node. 2. Right-click the appropriate interface and choose Properties. 3. In the General tab of the interface Properties dialog box, click the Inbound Filters button. The Inbound Filters dialog box appears. 4. Click the New button and the Add IP Filter dialog box appears. 5. Fill...

Dynamically Update Dns A And PTR Records Only If Requested By The DHCP Clients

This radio button which is on by default tells the DHCP server to register the update only if the DHCP client asks for DNS registration. When this button is active, DHCP clients that aren't hip to DDNS won't have their DNS records updated. However, Windows 2000, XP, and Server 2003 DHCP clients are smart enough to ask for the updates. Always Dynamically Update DNS A And PTR Records This radio button forces the DHCP server to register any client to which it issues a lease. This setting may add...

Installing and Configuring the WSUS Server

WSUS should run on a dedicated server, meaning the server will not run any other applications except IIS, which is required. Microsoft recommends that you install a clean or new version of Windows 2000 Server or Windows Server 2003 and apply any service packs or security-related patches. You should not have any virus-scanning software installed on the server. ING Virus scanners can mistake WSUS activity as a virus. The following steps are used to install the WSUS server 1. Download the WSUS...

Restricting a User Profile for DialIn Access

Log on to your computer using an account that has administrative privileges. 2. If you're using an RRAS server that's part of an AD domain, open the Active Directory Users and Computers snap-in by selecting Start gt Administrative Tools gt Active Directory Users And Computers. If not, open the Local Users and Groups snap-in by selecting Start gt Administrative Tools gt Computer Management gt Local Users And Groups. 3. Expand the tree to the Users folder. Right-click the Administrator account...

Integrating Dynamic DNS and DHCP

DHCP integration with Dynamic DNS is a simple concept but powerful in action. By setting up this integration, you can pass addresses to DHCP clients while still maintaining the integrity of your DNS services. There are actually two separate ways that the DNS server could potentially be updated. One way is for the DHCP client to tell the DNS server what its address is. Another is for the DHCP server to tell the DNS server when it registers a new client. However, neither of these updates will...