Professional Documents
Culture Documents
IBM Network Advanced Tutorial PDF
IBM Network Advanced Tutorial PDF
Lesson 6
Objectives
Skills/Concepts Objective Domain Objective Domain
Description Number
Setting up common Understanding network 3.5
networking services services
Defining more network Understanding network 3.5
services services
Defining Name Understand Name 3.4
Resolution Techniques Resolution
DHCP
• Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that
enables configured client computers to obtain IP addresses automatically
• The IP information obtained might include the following:
• IP addresses
• Subnet masks
• Gateway addresses
• DNS server addresses
• Other advanced options
• The DHCP Server service provides the following benefits:
• Reliable IP address configuration
• Reduced network administration
DHCP Server
• Before a DHCP server can start leasing IP addresses to client computers, the
following steps must be performed:
1. Install the DHCP service
2. Configure an IP scope
3. Activate the scope
4. Authorize the server
5. Configure advanced IP options (optional)
DEMO: Install and view the DHCP Service (and console)
DORA
• DHCP sessions use a four-step process known as DORA.
• Discovery: The client sends a broadcast to the network to find a DHCP server
• Offer: The DHCP server sends a unicast “offering” of an IP address to the client
• Request: The client broadcasts to all servers that it has accepted the offer
• Acknowledge: The DHCP server sends a final unicast to the client that includes the
IP information the client will use
• DHCP utilizes ports 67 and 68
Hey, are there any DHCP
Servers here? (DHCPDiscover)
Yes, I am a DHCP Server, and here is
an IP Address for you (DHCPOffer)
Internet/ISP
DEMO: Install and view Routing and Remote Access
Internet Protocol Security (IPSec)
• Protocol within the TCP/IP suite that encrypts and authenticates IP packets
• Ensures private, secure communications over Internet Protocol (IP)
networks, through the use of cryptographic security services
• Designed to secure any application traffic because it resides on the
network layer (or Internet layer for the TCP/IP reference model)
• Used in conjunction with virtual private networks and is an integral part of
IPv6
• IPsec has been defined to work in two different modes:
• Tunnel mode is most often used for site-to-site VPN connections
• Transport mode is most often used for securing IP traffic on private networks
IPSec Protocol Types
Protocol Requirement Usage
Authentication The data and the header need to Use for data integrity in situations where data is not
Header (AH) be protected from modification secret but must be authenticated — for example, where
and authenticated, but remain access is enforced by IPSec to trusted computers only, or
readable. where network intrusion detection, QoS, or firewall
filtering requires traffic inspection.
Encapsulating Only the data needs to be Use when data must be kept secret, such as file sharing,
Security Payload protected by encryption so it is database traffic, RADIUS protocol data, or internal Web
(ESP) unreadable, but the IP addressing applications that have not been adequately secured by
can be left unprotected SSL.
Both AH and The header and data, respectively, Use for the highest security. However, there are very few
ESP need to be protected while data is circumstances in which the packet must be so strongly
encrypted. protected. When possible, use ESP alone instead.
DNS
• Domain Name System (DNS) is a worldwide service that resolves host
names to IP addresses
• DNS architecture is a hierarchical distributed database and an
associated set of protocols that define:
• A mechanism for querying and updating the database
• A mechanism for replicating the information in the database among servers
• A schema of the database
• DNS is part of the application layer of the TCP/IP reference model
• DNS servers use inbound port 53 to accept name resolution requests
WINS
• Windows Internet Name Service (WINS) is a service that resolves
NetBIOS names to IP addresses
• WINS is required for any environment in which users access resources
that have NetBIOS names
• It is Microsoft’s version of the NetBIOS Name Service (NBNS)
combined with a name server
• If you do not use WINS in such a network, you cannot connect to a
remote network resource by using its NetBIOS name unless you use
Lmhosts files, and you might be unable to establish file and print
sharing connections
• WINS and DNS are both name resolution services for TCP/IP
networks
Summary
• Be able to install and configure DHCP to hand out IP addresses to
client computers.
• You have learned the four-step DHCP process known as DORA.
• Be able to install and configure Remote Desktop Services so that client
computers can connect remotely to a server.
• Understand how to install and configure Routing and Remote Access
Service (RRAS) as a LAN router.
• You have learned how to define IPsec and the various protocols that
can be used.
• Understand how DNS and WINS function, how the services are
installed and configured and when WINS is needed on your network.
Additional Resources & Next Steps
Instructor-Led Courses
• 40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
• 40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
• 40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
• 40366A: Networking Fundamentals: MTA Exam 98-
Books 366