Professional Documents
Culture Documents
Chapter 2
Implementing TCP/IP
About This Chapter
This chapter gives you an overview of Transmission Control Protocol/Internet Protocol
(TCP/IP). The lessons provide a brief history of TCP/IP, discuss the Internet standards
process, and review TCP/IP utilities. You will learn how to assign Internet Protocol
(IP) addresses to multiple TCP/IP networks with a single network identifier (ID). The
lessons provide fundamental concepts and procedures for implementing subnetting and
supernetting. During the lessons, you learn when subnetting is necessary, how and
when to use a default subnet mask, how to define a custom subnet mask, and how to
create a range of valid IP addresses for each subnet.
[Previous] [Next]
Benefits of TCP/IP
All modern operating systems offer TCP/IP support, and most large networks rely on
TCP/IP for much of their network traffic. TCP/IP is also the protocol standard for the
Internet. In addition, many standard connectivity utilities are available to access and
transfer data between dissimilar systems. Several of these standard utilities, such as
File Transfer Protocol (FTP) and Telnet, are included with Windows 2000 Server.
TCP/IP networks can be easily integrated with the Internet. Because of its popularity,
TCP/IP is well developed and offers many utilities that improve usability, performance,
and security. Networks that are based on other transport protocols, such as ATM or
AppleTalk, can interface with TCP/IP networks through a device known as a gateway.
Adding TCP/IP to a Windows 2000 configuration offers the following advantages:
l
In addition, Macintosh clients can now use the TCP/IP protocol to access shares on a
Windows 2000 server that is running File Services for Macintosh (AFP [AppleShare
File Server] over IP), making it easier to network with Macintosh computers.
Layer Two Tunneling Protocol. The Layer Two Tunneling Protocol (L2TP) is
a combination of Point-to-Point Tunneling Protocol (PPTP) and Layer 2
Forwarding (L2F). L2F is a transmission protocol that allows dial-up access
servers to frame dial-up traffic in Point to Point Protocol (PPP) and transmit it
over WAN links to an L2F server (a router).
Finally, Microsoft continues to support legacy systems and protocols to preserve the
past investments of its customers and reduce the risk, pressure, and financial burden of
managing heterogeneous environments. For this reason Windows 2000 supports
l
AppleTalk
NetBEUI
Large window support that improves performance when many packets are in
transit for long periods of time.
TCP/IP Utilities
TCP/IP utilities in Windows 2000 include:
l
Data transfer utilities. Windows 2000 provides support for several different IPbased data transfer protocols. These include File Transfer Protocol (FTP),
HyperText Transfer Protocol (HTTP), and the Common Internet File System
(CIFS).
Telnet. UNIX hosts have traditionally been managed using Telneta text
interface similar to a command prompt that can be accessed across an IP
network. Windows 2000 provides both a Telnet client and server.
Application Layer
The Application layer is at the top of the four-layer conceptual TCP/IP model, and is
where software programs gain access to the network. This layer corresponds roughly to
the Session, Presentation, and Application Layers of the OSI model. Some TCP/IP
utilities and services run at the Application Layer. These utilities and services include:
l
HyperText Transfer Protocol (HTTP). HTTP is the protocol used for the
majority of World Wide Web communications. Windows 2000 includes Internet
Explorer as an HTTP client, and Internet Information Server (IIS) as an HTTP
server.
File Transfer Protocol (FTP). FTP is an Internet service that transfers files
from one computer to another. Internet Explorer and the command-line utility
FTP both act as FTP clients. IIS includes an FTP server.
Simple Mail Transfer Protocol (SMTP). SMTP is a protocol that mail servers
use to transfer e-mail. IIS can send messages using the SMTP protocol.
network nodes such as servers, workstations, routers, bridges, and hubs from a
central host. SNMP can also be used to configure remote devices, monitor
network performance, detect network faults or inappropriate access, and audit
network usage.
Network Application APIs
Microsoft TCP/IP provides two interfaces for network applications to use the services
of the TCP/IP protocol stack:
l
Transport Layer
Transport protocols provide communication sessions between computers and define the
type of transport service as either connection-oriented (TCP) or connectionless
datagram-oriented (UDP). TCP provides connection-oriented, reliable communications
for applications that typically transfer large amounts of data at one time. It is also used
for applications that require an acknowledgment for data received. UDP, however,
provides connectionless communications and does not guarantee to deliver packets.
Applications that use UDP typically transfer small amounts of data at one time.
Reliable delivery of data is the responsibility of the application. The Transport Layer in
the DOD model corresponds roughly to the Transport Layer in the OSI model.
Internet Layer
Internet protocols encapsulate packets into Internet datagrams and run all of the
necessary routing algorithms. The routing functions that the Internet layer performs is
necessary to allow hosts to interoperate with other networks. The Internet Layer
corresponds roughly to the Network Layer in the OSI model. Five protocols are
implemented at this layer:
l
their delivery, IP does the actual delivery. At the IP Layer, each incoming or outgoing
packet is referred to as a datagram. The IP datagram fields in the following table are
added to the header when a packet is passed up from the Network Interface Layer.
Field
Function
Source IP
Address
Destination
IP Address
Protocol
Checksum
Time to Live
(TTL)
Lesson Summary
TCP/IP is an industry-standard suite of protocols designed for WANs. Adding TCP/IP
to a Windows 2000 configuration offers several advantages, including high
interoperability, reliability, scalability, and security. Windows 2000 supplies a number
of utilities that can help you connect to other TCP/IP-based hosts or help you
troubleshoot TCP/IP connection problems.
TCP/IP protocols use a four-layer conceptual model: Application, Transport, Internet,
and Network Interface. IP works at the Internet level and supports virtually all LAN
and WAN interface technologies, such as Ethernet, Token Ring, Frame Relay, and
ATM. IP is a connectionless protocol that addresses and routes packets between hosts.
IP is unreliable because delivery is not guaranteed.
At the Transport Layer, TCP provides IP with reliable, connection-oriented delivery.
Once a session is established, TCP delivers data through unique port numbers to
applications. UDP, an alternative transport protocol to TCP, is a connectionless
datagram service that does not guarantee delivery of packets. It is used by applications
that do not require an acknowledgment of data receipt.
[Previous] [Next]
The IP Address
An IP address is a 32-bit number that uniquely identifies a host (computer or other
device, such as a printer or router) on a TCP/IP network. IP addresses are normally
expressed in dotted-decimal format, with four numbers separated by periods, such as
192.168.123.132.
For a TCP/IP WAN to work efficiently as a collection of networks, the routers that pass
packets of data between networks do not need to know the exact location of a host for
which a packet of information is destined. Routers only know what network the host is
a member of and use information stored in their route table to determine how to get the
packet to the destination host's network. After the packet is delivered to the
destination's network, the packet is delivered to the appropriate host. For this process to
work, an IP address has two parts: a network ID and a host ID.
The Network ID
The network ID identifies the TCP/IP hosts that are located on the same physical
network. All hosts on the same physical network must be assigned the same network
ID to communicate with each other. If routers connect your networks, as illustrated in
Figure 2.2, a unique network ID is required for each wide area connection. For
example, in the following illustration:
l
Network 3 requires a network ID so that the interfaces between the two routers
The Host ID
The host ID identifies a host within a network. The host ID must be unique to the
network designated by the network ID. An IP address identifies a system's location on
the network in the same way a street address identifies a house on a city block, as
illustrated in Figure 2.3.
Bit Values
Decimal Value
00000000
00000001
00000011
1+2
00000111
1+2+4
00001111
1+2+4+8
15
00011111
1+2+4+8+16
31
00111111
1+2+4+8+16+32
63
01111111
1+2+4+8+16+32+64
127
11111111
1+2+4+8+16+32+64+128
255
Address Classes
Internet addresses are allocated by the InterNIC (http://www.internic.net), the
organization that administers the Internet. These IP addresses are divided into classes.
The most common of these are Classes A, B, and C. Classes D and E exist, but are not
generally used by end users. Each of the address classes has a different default subnet
mask. You can identify the class of an IP address by looking at its first octet. Following
are the ranges of Class A, B, and C Internet addresses, each with an example address:
l
Class A addresses are assigned to networks with a very large number of hosts.
Class A networks use a default subnet mask of 255.0.0.0 and have 0-126 as their
first octet. The address 10.52.36.11 is a Class A address. Its first octet is 10,
which is between 1 and 126, inclusive.
Class C addresses are used for small LANs. Class C networks use a default
subnet mask of 255.255.255.0 and have 192-223 as their first octet. The address
192.168.123.132 is a Class C address. Its first octet is 192, which is between 192
and 223, inclusive.
The class of address defines which bits are used for the network ID and which bits are
used for the host ID, as illustrated in Figure 2.6. The class also defines the possible
number of networks and the number of hosts per network.
Figure 2.6 How bits are set up for each IP address class
The differences between Class A, B, and C addresses are illustrated in Figure 2.7.
IP Address Guidelines
Although there are no rules for how to assign IP addresses, be sure to assign valid
network IDs and host IDs. There are several general guidelines you should follow
when assigning network IDs and host IDs:
l
The network ID cannot be 127. This ID is reserved for loopback and diagnostic
functions.
The network ID and host ID bits cannot all be "1"s. If all bits are set to 1, the
address is interpreted as a broadcast rather than a host ID.
The network ID and host ID bits cannot all be "0"s. If all bits are set to 0, the
address is interpreted to mean "this network only."
A unique network ID is required for each network and wide area connection. If
you are connecting to the public Internet, you are required to obtain a network
ID.
All TCP/IP hosts, including interfaces to routers, require unique host IDs. The
host ID of the router is the IP address configured as a workstation's default
gateway.
Lesson Summary
Each TCP/IP host is identified by a logical IP address, and a unique IP address is
required for each host and network component that communicates using TCP/IP. Each
IP address defines the network ID and host ID. An IP address is 32 bits long and is
composed of four 8-bit fields, called octets. There are five address classes. Microsoft
supports Class A, B, and C addresses assigned to hosts. Each address class can
accommodate networks of different sizes.
There are several guidelines you should follow to make sure you assign valid IP
addresses. All hosts on a given network must have the same network ID to
communicate with each other. All TCP/IP hosts, including interfaces to routers, require
unique host IDs.
[Previous] [Next]
Installing TCP/IP
TCP/IP can be used in network environments ranging from small LANs to the global
Internet. When you run Windows 2000 Setup, TCP/IP is installed as the default
network protocol if a network adapter is detected. Therefore, you only need to install
the TCP/IP protocol if the TCP/IP default protocol selection was overridden during
setup, or you have deleted it from a connection in Network and Dial-Up Connections.
Before you continue with the lesson, run the Ch02.exe demonstration file located in the
Media folder on the Supplemental Course Materials CD-ROM that accompanies this
book. The file provides an overview of installing the TCP/IP protocol.
l
Configuring TCP/IP
If you are implementing TCP/IP for the first time on your network, you should
construct a detailed plan for IP addressing on your network. Your TCP/IP network
addressing scheme can include either public or private addresses. You can use either
public or private addresses if your network is not connected to the Internet. However,
you will most likely implement some public IP addresses for Internet interconnectivity
support. This is because devices connected directly to the Internet require a public IP
address. InterNIC assigns public addresses to Internet service providers (ISPs). ISPs, in
turn, assign IP addresses to organizations when network connectivity is purchased. IP
addresses assigned this way are guaranteed to be unique and are programmed into
Internet routers in order for traffic to reach the destination host.
Furthermore, you can implement a private addressing scheme to shield your internal
addresses from the rest of the Internet by configuring private addresses on all the
computers on your private network (or intranet). Private addresses are not reachable on
the Internet because they are separate from public addresses, and they do not overlap.
You can assign IP addresses in Windows 2000 dynamically using Dynamic Host
Configuration Protocol (DHCP), and you can address assignment using Automatic
Private IP Addressing. You can also configure TCP/IP manually. You configure
TCP/IP on a computer based on its function. For example, servers in a client/server
relationship within an organization should be assigned an IP address manually.
However, you can configure TCP/IP dynamically through a DHCP server for the
majority of clients on a network.
Dynamic Configuration
Windows 2000 computers will attempt to obtain the TCP/IP configuration from a
DHCP server on your network by default, as illustrated in Figure 2.10. If a static
TCP/IP configuration is currently implemented on a computer, you can implement a
dynamic TCP/IP configuration.
l
Manual Configuration
Some servers, such as DHCP, DNS, and WINS servers, should be assigned an IP
address manually. If you do not have a DHCP server on your network, you must
configure TCP/IP computers manually to use a static IP address.
You will then have to type in an IP, subnet mask, and default gateway address. If your
network has a DNS server, you can set up your computer to use DNS.
l
For example, you can limit the type of access allowed to and from the network to
restrict traffic to desired systems. You should make sure that you do not configure
packet filters that are too restrictive, impairing the functionality of useful protocols on
the computer. For example, if a computer running Windows 2000 is also running
Internet Information Services (IIS) as a Web server, and packet filters are defined so
that only Web-based traffic is allowed, you cannot use PING (which uses ICMP Echo
Requests and Echo Replies) to perform basic IP troubleshooting.
You can configure the TCP/IP protocol to filter IP packets based on:
l
Enabling only TCP port 23, which filters all traffic except Telnet traffic
Figure 2.14 Setting TCP/IP packet filters in the TCP/IP Filtering dialog box
CAUTION
By enabling only TCP port 80, all network communications outside of port
80 will be disabled.
7. Click OK repeatedly to close all open dialog boxes.
Lesson Summary
By default, Windows 2000 installs the TCP/IP protocol if Setup detects a network
adapter. You can also manually install TCP/IP. After you install TCP/IP on a computer,
you can either configure it to obtain an IP address automatically, or set configuration
properties manually. You can also implement packet filters to limit the type of access
allowed to and from the network to restrict traffic to desired systems.
[Previous] [Next]
Overview of Routing
A router helps LANs and WANs achieve interoperability and connectivity, and can
link LANs that have different network topologies, such as Ethernet and Token Ring.
Each packet sent over a LAN has a packet header that contains source and destination
address fields. Routers match packet headers to a LAN segment and choose the best
path for the packet, optimizing network performance. For example, if a packet is sent
from Computer A to Computer C, as illustrated in Figure 2.15, the best route uses only
one hop. If Router 1 is the default router for Computer A, the packet will be rerouted
through Router 2. Computer A will be notified of the better route by which to send
packets to Computer C. As each route is found, the packet is sent to the next router,
called a hop, until finally delivered to the destination host. If a route is not found, an
error message is sent to the source host.
Function
Adds a route
Deletes a route
Modifies a route
route print
route -f
Routing Protocols
Dynamic routing is a function of routing protocols, such as the Routing Information
Protocol (RIP) and Open Shortest Path First (OSPF). Routing protocols periodically
exchange routes to known networks among dynamic routers. If a route changes, other
routers are automatically informed of the change. You must have multiple network
adapters (one per network) on a Windows 2000 Server or Windows 2000 Advanced
Server. In addition, you must install and configure Routing and Remote Access
because dynamic routing protocols are not installed by default when you install
Windows 2000. You will learn how to implement IP routing for remote users in
Chapter 11, "Providing Your Clients Remote Access Service (RAS)."
Windows 2000 offers two primary IP routing protocols that you can choose, depending
on factors such as network size and topology. These routing protocols are explained in
the next two sections.
Routing Information Protocol (RIP)
RIP is a distance-vector routing protocol provided for backwards-compatibility with
existing RIP networks. RIP allows a router to exchange routing information with other
RIP routers to make them aware of any change in the internetwork layout. RIP
broadcasts the information to neighboring routers, and sends periodic RIP broadcast
packets containing all routing information known to the router. These broadcasts keep
all internetwork routers synchronized.
Open Shortest Path First (OSPF)
OSPF is a link-state routing protocol that enables routers to exchange routing
information and create a map of the network that calculates the best possible path to
each network. Upon receiving changes to the link state database, the routing table is
recalculated. As the size of the link state database increases, memory requirements and
route computation times increase. To address this scaling problem, OSPF divides the
internetwork into collections of contiguous networks called areas. Areas are connected
to each other through a backbone area. A backbone router in OSPF is a router that is
connected to the backbone area. Backbone routers include routers that are connected to
more than one area. However, backbone routers do not have to be area border routers.
Routers that have all networks connected to the backbone are internal routers.
Each router only keeps a link state database for those areas that are connected to the
router. Area Border Routers (ABRs) connect the backbone area to other areas, as
illustrated in Figure 2.19.
Ensure that the ABRs for the area are configured with the proper pairs
(Destination, Network Mask) that summarize that area's routes.
Ensure that the source and route filtering configured on the ABR is not too
restrictive, preventing proper routes from being propagated to the OSPF
autonomous system. External source and route filtering is configured on the
External Routing tab in the OSPF Routing Protocol Properties dialog box.
Ensure that all ABRs are either physically connected to the backbone or logically
connected to the backbone by using a virtual link. There should not be backdoor
routers, which are routers that connect two areas without going through the
backbone.
To administer a router
1. Click Start, point to Programs, point to Administrative Tools, and then click
Routing And Remote Access.
2. In the console tree, right-click Server Status, then click Add Server.
3. In the Add Server dialog box, do one of the following:
Click The Following Computer, and type the computer name or IP address
of the server.
Click All Routing And Remote Access Servers In The Domain, and then
type the domain containing the server you want to administer. Click OK,
and then select the server.
Click Browse The Active Directory, click Next, and in the Find Routers Or
Remote Access Servers dialog box, select the check boxes next to the
types of servers that you want to search for. Click OK, and then select the
server.
4. You can administer a remote server once it appears as an item in the console tree.
Lesson Summary
Routers forward packets from one physical network to another. The IP layer consults a
routing table that is stored in memory. A routing table contains entries with the IP
addresses of router interfaces to other networks. Static routers require that routing
tables are built and updated manually. With dynamic routing, if a route changes, other
routers are automatically informed of the change.
[Previous] [Next]
Review
Answering the following questions will reinforce key information presented in this
chapter. If you are unable to answer a question, review the appropriate lesson and then
try the question again. Answers to the questions can be found in Appendix A,
"Questions and Answers."
1. What is TCP/IP?
2. Which TCP/IP utilities are used to verify and test a TCP/IP configuration?
3. What is the purpose of a subnet mask?
4. What is the minimum number of areas in an OSPF internetwork?
5. What is an internal router?
6. What is a border router?
7. What Windows 2000 administrative tool can you use to manage internal and
border routers?
Answers