//SS IV Connectivity
//S12 Internetwork Browsing
Exam Objectives
1) Configuring and supporting browsing on multi-domain network
Revise:
• Various roles assumed by browsers
• Differences between master, domain master, and preferred master browser
• Which computer will win election
• How and where configured
• Configuring multi domain routed remote subnet browsing
• Browsing methods of remote subnet
browse lists of all domains and servers
• Not every computer has to maintain a browse list
• List is maintained by most reliable machines
• Network browsing traffic is minimized
• Master Browser
• Preferred Master Browser
• Domain master browsers
• Backup browsers
• Potential browsers - default
• Non browsers
[know the defaults]
Master copy
Creates, maintains and distributes to backup browsers
Listens to clients, for server announcement packets, and adds them to browse list
Informs potential browsers to startup if number of browsers is low
One master browser per subnet
Reports to Domain master browser
Ensures a particular server is always master
Election forces if master already exists
List of domains resources
Recieves browse announcements from masters on remote subnets, every 15 minutes
PDC always becomes Master Domain Browser
Compiled domain resoures then passed back to remote masters [and thus back to backups and then to clients]
Receives copy of browse list from master
Passes on to clients
*Client does not get list from master*
Has potential to browse, waits til instructed by master, if shortage.
DEFAULT
Never browser
•Client cant locate master - client initiates
• Preferred master comes on-line - preferred initiates
• Backup attempts to update browse list and cant locate master - backup initiates
• Configured master initializes on network with master (same as 2?) - master initiates
1. Browser recieves election packet, checks its own criteria
2. If own criteria are higher than election packet, sends another packet signifying election in progress state
3. All browsers check again
4. If no challenge, server becomes master browser [sends out another packet declaration]
1. OS
2. OS Version
3. Browse settings
1. PDC
2. Server
3. Workstation
4. NT 4
5. NT 3.51
6. NT 3.5
7. NT 3.1
8. Windows 95
9. Windows for Workgroups
1. Prefered master browser
2. Current master browser
3. Maintains server list
4. Running backup browser
Where
Regedit->My Computer\HKEY_LOCAL MACHINE\SYSTEM\ControlSet001\Services\Browser\Parameters\MaintainServerList [No/Yes/Auto = potential]
(Use find in regedit)
Regedit->My Computer\HKEY_LOCAL MACHINE\SYSTEM\ControlSet001\Services\Browser\Parameters\IsDomainMaster [YES/TRUE= prefered]
Master adds clents to list
Backup gives list to clients (prevents overloading of master)
• net view is run
• Network Neighbourhood
• Mapping a network drive
On first access, client must find backup browser, via QueryBrowserServers broadcast. Master returns lists of backup servers, for subsequent use.
Remote machines must be on browse list
Domain master browser sends this, which it builds via DomainAnnouncement datagram
DomainAnnouoncement Datagram containsname of workgroup/domain, name of master broweser, wwhether master is running server or workstation, and PDC
Master must recieve these for the workgroup or domain it represents
Every minute for five minutes then evey fifteen minutes
Workgroup/Domain that does not reply in three broadcasts is removed from browser list [ last 45 minutes]
Broadcast not possible through routers there use:
• WINS, or
• LMHOSTS
Doesnot help with browse lists
Transparently resolves NetBIOS names, and maintains list of available domains, which client uses to quiery remote master for remote resource list
WINS server or WINS proxy on each subnet
Map names and IPAs outside local network
#DOM (used with #PRE) places domain controllers in domain name cache, which processes domain requests(i.e. logon authentication, password change, and browsing).
Add remote PDC mapping [also BDC for fault tolerence]
Example
Domain ControllerWINS is preferred: less work
nbtstat -R (reload LMHOST changes)
nbtstat -c (see the changes)
//E12 Internetwork Browsing
//S13 TCP/IP Utilities
Exam Objectives
1) Identify which utility to use to connect to UNIX
2) Configure NT to support TCP/IP printing
Revise:
• Purpose of connectivity utilities [ping, nbtstat]
• Purpose of LPD, LPQ, LPR
• Configuring NT client to print to UNIX printer, and UNIX host print to NT printserver
Same as UNIX
Pay attention to WINS and DHCP utilities
• ping
• tracert
• nbtstat
• netstat
• ipconfig
• ARP
• hostname
• route
• telnet
• ftp
• tftp
• rsh
• rexec
• rcp
• lpr
• lpq
Server is required by client.
For connecting to host running telnet service [telnet daemon].
On NT runs in graphical interface, not command line.
Valid user account required.
NT only provides client
• Can not connect with name, only IPA - name resolution problem (DNS and HOSTS)
• Telnet shows correct IPA but name is wrong - HOSTS or DNS badly configured, or machine with duplicate IPA
Download info from an ftp server
Valid logon account, or anonymous
• Can not connect with name, only IPA - name resolution problem (DNS and HOSTS)
Exam appears as : protocol, FTP client, FTP server
Download small info from an ftp server with no security
• No user authentication
• TFTP uses [connectionless] UDP, no connection is maintained
Run UNIX commands, at command prompt, on host running REXEC daemon [service]
Authentication is prompted with -l option (user other than that logged on), password required for execution of command
rexec <host> [-l <username>] <command>
Run UNIX commands, at command prompt, on host running RSH daemon [service]
No authentication
rsh <host> [-l <username>] <command>
-l for user in .rhosts file that specifies the permitted users
Copy files, at command prompt, on host running RSH daemon [service]
-l for user in .rhosts file that specifies the permitted users
Configure server to support Internetwork printing
Requires TCP/IP and MS TCP/IP printing service [LPD]
Where
control panel->network->services->MS TCP/IP printing service
control panel->services->MS TCP/IP printing service->start
printer - printer queue
printing device - printer
Connected
• serial COM or parallel LPT port
• printing device wtih network card
• printer connected to UNIX host running LPD daemon
Where printing device is located, and how printer server connunicates with printer is irrelevent to client
Exam concentrates on UNIX and LPD device
Learn:
• Servers use LPD
• Clients use LPR to print to LPD - specify printer name, NOT printer share name (used by windows clients)
• Monitor status of queue with LPQ utility
• LPD and LPR allow NT machine to print on UNIX host
• Receive TCP/IP print jobs from clients
Adding a LPD gives new LPD port when adding printer
Where
Start->Settings->Printers->Add Printers->Add port-> LPR Port->Name or IPA, and name of printer/printer queue
UNIX hosts can print to LPD server
Clients can print without setting up NT printer
Command Prompt
Must install MS TCP/IP printing service [LPD]
lpr -S <servername> -P <printqueue> [-o Options] [-J Jobname] <filename>
View contents of TCP/IP printer queue (similar to opening print queue in NT)
Must install MS TCP/IP printing service [LPD]
lpq gives options:
lpq -S <servername> -P <printqueue> -l
case sensitive, space between -S and <servername> (same for -P) optional
Returns: Owner; Status; Jobname; Job-Id; Size; Pages; Priority
//E13 TCP/IP Utilities
//S14 Non TCP/IP Utilities
Exam Objectives
1) Configure RAS and Dailup networking for TCP/IP
2) Identify which utility to use to monitor network traffic
Revise:
• Configure RAS
• NETSTAT and nbtstat
• Internet access restriction [IIS]
IIS - Web server [WWW, FTP, Gopher] - not to detailed
TCP/IP must be installed
Configured IPA, Subnet mask and Default Gateway (uses that of ISP router for internet traffic
ISM grants or denies internet [WWW/FTP/Gopher] access based on client IPA
Where
Double click icon in window->Advanced->[Web Site Properties] Directory Security->IPA and Domain name restrictions
Default Empty Restrictions: Can Grant all (and deny specific) or Deny all (and grant specific)
Where
->IPA and Domain name restrictions->Add->Deny/Grant Access on [if Grant/Deny All selected]
*Make exceptions of smallest group of clients
Deny/Grant access to Single IPA; Range of IPA (IPA &Subnet - 10.30.0.0 & 255.255.0.0); Domain Name
Remote Access Service provides remote networking for system administrators
NT with RAS can access remote network for file and data share, email etc.
Two groups of settings
• TCP/IP settings for RAS server - static valid IPA, subnet mask and default gateway
• TCP/IP settings supplied to client
RAS Network Configuration dialog - configure RAS protocols and authentication
RAS Server TCP/IP Configuraton dialog - TCP/IP client settings. Can allow whole network access, or just to RAS server
Where
Control Panel->Network->Services->RAS->Properties->[Remote Access Setup dialog]Click Network icon->[Network Configuration dialog] Configure->RAS Server TCP/IP Configuraton dialog
Can use DHCP to assign RAS IPA, or RAS can assign from address pool. Advantages:
• RAS can work if DHCP is not available
• Can specify IPA to exclude for important servers, printers etc.
• Can use DHCP to assign IPA from its pool
• Clients can request specific IPA when connecting to RAS
• If RAS server uses WINS and DNS, then clients inherit server's WINS and DNS settings
• RAS clients can use LMHOSTS and HOSTS instead of WINS and DNS
• Clients use the first network card specified for WINS and DNS of multihomed RAS server
• RAS clients can specify own WINS and DNS servers: My Computer->Dial-up networking
• Broadcast name resolution not possible. Must use WINS and DNS, or properly configured LMHOSTS and HOSTS
DUN is client side, configure in PPP dialog.
Requires:
• Select the Server Assigned IPA/ Specifiy IPA
• Selct Server Assigned Name Server [DNS and WINS] settings/Specify DNS and WINS
• Use defualt gateway on remote network
Where
My Computer->Dial-up networking->New->Server tab->TCP/IP->Click TCP/IP settings->Specify IPA->Specify primary DNS and WINS
Multihome RAS can act as IP [internet] router
Requires:
• NT 3.51 with network card and dailup adapter
• PPP
• Valid IPA for clients and one for local machine
• Correct TCP/IIP configuration of router (IPA, subnet mask and default gateway)
Basically same configuration betweeen networks, except between LAN and Internet
Steps:
1) Install TCP/IP on NT router
2) Enable IP forwading on NT router
3) Configure LAN hosts with correct IPA. DHCP automatically does this.
4) Configure LAN hosts default gateway to LAN adapter of NT router
5) Properties->IPA page->IPA of NT router in Default Gateway in TCP/IP
6) Configure DNS on LAN Hosts [DNS Service Search Order]
7) Dial in to ISP from RAS client using DUN
Creates secure channel between remote client and an enterprise server
Virtual Private Network (VPN) tunnels encrypted information through public network
Used on all types of network LAN, WAN, dailup and Internet
Uses existing settings
Must configure RAS on both PPTP client and server and use PPP, which encrypts.
Where
Control Panel->Network->Services->PPTP
Real time, continually, or at specified intervals
• Performance Monitor
• Network Monitor
Upon opening in Chart Mode, X-Y axis display data at specified interval.
Monitor objects, counters and instances
Load/Save predefined charts
Can Save To File data at intervals, and log allerts when information exceeded specified threashold
Captures packets
Graphically display data or Save To File and examine later.
Exam asks only if netmon is appropriate
Use what when:
• Network Monitor - Data is required at Specific Intervals
• NETSTAT - Display protocol statistics since startup
• Performance Monitor - Monitor TCP/IP object continually
• Perforance/Network Monitor - log info in text file
• Perforance/Network Monitor - Configure alerts when threasholds reached
• nbtstat - Display current TCP/IP connections
//E14 Non TCP/IP Utilities
//ES IV Connectivity
This page was created by SimpleText2Html 1.0 on 19-Feb-100.