48 Chapter 1 • TCP/IP Overview new operating system is done in a well-organized fashion. Testing and prototyping, pilot programs, and a thoughtfully-planned rollout strategy will go a long way toward reducing the incidence of troubleshooting that will be required later on. FAQs Q: Why do some books specify that certain software components, such as redirectors, operate at the Application layer, while others say that redirectors work at the Presentation layer? A: There are a few reasons for the discrepancy. First, there are many different types of network redirectors, some of which are part of the operating system, and others (such as the Novell Client 32 software for connecting a Windows machine to a NetWare network) made by third parties. Additionally, some books reference the OSI networking model, which consists of seven layers, while others are basing their statements on the DoD model, which only has four. A component that operates at the Presentation layer of the OSI model would be operating at the Application (or Application/Process) layer of the DoD model. Q: It’s called TCP/IP. What are all those other protocols, and what are they for? A: TCP and IP are the “core” protocols (sometimes called the “protocol stack”), but an entire suite of useful protocols has grown up around them. Some of these provide for basic functionality in performing such common network tasks as transferring files between two computers (FTP) or running applications on a remote computer (Telnet). Others are used for information gathering (SNMP, NETSTAT, IPCONFIG), and many are troubleshooting tools that also allow you to perform basic configuration tasks (ARP, ROUTE). Q: What is the difference between TCP and UDP if they both operate at the Transport layer? A: Although both TCP and UDP are Transport layer protocols and provide the same basic function, TCP is a connection-oriented protocol, which means a session is established before data is transmitted, and acknowledgments are sent back to the sending computer to verify that the data did arrive and was accurate and complete. UDP is connectionless; no session or one-to-one connection is established prior to data transmission. This makes UDP the faster of the two, and TCP the more reliable. 91_tcpip_01.qx 2/25/00 12:26 PM Page 48 TCP/IP Overview• Chapter 1 49 Q: What is the purpose of a networking model? How will knowing this theoretical stuff help me in administering my TCP/IP network? A: The models give us a way to understand the process that takes place when computers communicate with each other across the network, the order in which tasks are processed, and which protocols are responsible for handling which duties. Understanding the models will help you to narrow down the source of your TCP/IP connectivity problems. For example, if you know that the data is being sent but is not arriving at the correct destination, you will know to start troubleshooting by examining what is happening at the Network layer, since that’s where addressing and routing takes place. Q: Why do we need three different networking models? Why can’t everyone use the same one? A: Actually, that was the plan when the ISO developed the Open Systems Interconnection model. It was to be the common standard used by all vendors and software developers in describing the network communication process. The DoD model actually predates the OSI, and the seven-layer OSI model builds on (and further breaks down) the components of the DoD model. However, individual vendors such as Microsoft still use their own models, which map more closely to their software (such as the Windows NT/2000 model), although they also use the OSI model as a guideline. Q: What is a gateway, and why would I need one? A: The word gateway has many different meanings in the IT world. A protocol translating gateway translates between different protocols. Think of it as the United Nations interpreter of the networking world. If the president of the United States needs to exchange information with the president of France, but neither speaks the other’s language, they can call in someone who is fluent in both to help them get their messages across. Similarly, if a mainframe system and a Windows 2000 computer need to communicate with one another—perhaps the mainframe has important files that need to be accessed by the PC— but they don’t know how to “talk” to each other, you can install a gateway to clear up the confusion. The gateway is even more skilled than the interpreter is; it actually fools the mainframe into believing it’s communicating with another mainframe, and makes the PC think it is having a “conversation” with a fellow PC. Gateway is also the term used to refer to the address of a router that connects your network to another, acting as the gateway to the “outside world.” 91_tcpip_01.qx 2/25/00 12:26 PM Page 49 91_tcpip_01.qx 2/25/00 12:26 PM Page 50 Setting Up a Windows 2000 TCP/IP Network Solutions in this chapter: ■ Designing the Network ■ Migrating from Windows NT 4.0 ■ Migrating from Novell NetWare ■ Setting Up a Windows 2000 TCP/IP Network from Scratch Chapter 2 51 91_tcpip_02.qx 2/25/00 12:30 PM Page 51 52 Chapter 2 • Setting Up a Windows 2000 TCP/IP Network Introduction The process of setting up a new TCP/IP-based Windows 2000 network can be relatively simple or hopelessly complex. Whether you’re building a brand new network from scratch or migrating to Windows 2000 from another operating system(s), planning is the key. No set formula works in every situation. You may encounter issues in upgrading your NT 4.0 network that will be completely different from those involved in migrating from NetWare or UNIX. If you’re starting at ground zero, constructing a new network where there was none before, you’ll have more options, but that can make your job more challenging instead of less. Fortunately, even though every case is different, there are some gener- al guidelines that are common to all, and design checklists to get you started. Migrating or creating a network is a massive undertaking. A TCP/IP network will usually require more planning than one that runs on IPX or NetBEUI, due to the potential complexity of IP addressing issues. Likewise, planning a Windows 2000 network may require more (or a dif- ferent type of) planning than one based on NT servers due to the greater complexity of the directory services structure. If a functioning network is already in place and is running a different protocol stack or network operating system, you will face special challenges. Each migration sce- nario presents its own unique problems and opportunities. In this chapter, we will examine some of the more common situations you may encounter in setting up a new Windows 2000 TCP/IP network, either “from the ground up” or making the switch from another popular network operating system. Designing a New Windows 2000 TCP/IP Network Good network design is key in preventing later problems. As a network administrator, you may have come to the job too late to have much (or any) input into the design process. If the network infrastructure was already in place when you took on the position, you inherited the prob- lems of your predecessor. Your network may have been carefully and thoughtfully planned, with future upgrades in mind. If so, count yourself lucky. All too often, a net- work just “grows that way.” As the computing and connectivity needs of the organization expand, a server is added here, a router is installed there, and systems are upgraded in some departments but not in others. The result is a diversity of hardware and software configurations in place 91_tcpip_02.qx 2/25/00 12:30 PM Page 52 Setting Up a Windows 2000 TCP/IP Network • Chapter 2 53 throughout the network. This can make for many administrative headaches. In building a new network, you face a lot of hard work, but you have the chance to learn from past mistakes (both yours and those of others who came before you) and do it right. Patience is a virtue, and this is never truer than when planning the design of a new Windows 2000 TCP/IP network. The Planning Team Two or more heads are often better than one when it comes to putting together an upgrade plan. In all but the smallest organizations, you should first gather a planning team to share the multiplicity of tasks involved and to lend different perspectives in the important early design stages. Your team members should be well versed in the company’s unique needs, the Windows 2000 operating system, and how TCP/IP communication works. In some cases, it may be beneficial to hire outside consultants who are experienced in network design. However, those who will ultimately be responsible for administering the network should be heavily involved in the planning process from the beginning. Some companies make the mis- take of asking for a “turn key operation,” thinking this means that no one on staff has to bother with design and setup issues. You pay someone else (usually quite handsomely) to do it all, and a few months later they hand you a complete, ready-to-go-online enterprise-level network. The idea sounds attractive, but it can turn into a nightmare later on. Those who will be working with the hardware and software on a daily basis can give valuable input during the planning stages, which may prevent many common post-deployment problems. Whether you recruit and lead a planning team from within the organi- zation or work closely with an outside group, it’s important that you, the network administrator, be aware of some of the issues involved in estab- lishing a new Windows 2000 network. Planning the Hardware Configurations One of the strengths of the TCP/IP protocol stack is that it will run on almost any hardware platform. However, the Windows 2000 operating system has minimum hardware requirements that must be considered in planning any new installation, upgrade, or migration. Hardware-related problems can be mistaken for TCP/IP connectivity problems, so in order to reduce the time spent troubleshooting communication problems, start with the proper hardware. 91_tcpip_02.qx 2/25/00 12:30 PM Page 53 54 Chapter 2 • Setting Up a Windows 2000 TCP/IP Network You can avoid many problems by ensuring that your systems and their components meet the minimum requirements. Check the Hardware Compatibility List (HCL) on Microsoft’s Web site before implementing Windows 2000 on your network. Plan to upgrade hardware that does not meet the requirements, or alternately, to run so-called “down-level” oper- ating systems on those computers (Windows NT or Windows 9x) until they can be upgraded or replaced. Hardware Compatibility Lists for all current Windows operating systems can be found at www.microsoft.com/hwtest/hcl/. In general, Microsoft’s published minimum system requirements to run Windows 2000 include: ■ Pentium 133 or equivalent processor ■ 64MB RAM for Windows 2000 Professional; 128MB RAM for Windows 2000 Server/Advanced Server ■ Approximately 1GB hard disk space ■ VGA or better display; keyboard (mouse optional) These should be taken as absolute minimums, not as recommenda- tions. Optimum performance will require more memory and faster proces- sor(s), especially for heavily-used servers. A Windows 2000 server acting as a domain controller (DC), due to the high overhead required for the Active Directory, realistically requires a minimum of 128 to 256MB of RAM for minimally acceptable performance. Disk space requirements vary widely depending on whether you are installing to a clean drive or upgrading a previous operating system, what file system is being used, and other factors. It is important that you assess your needs carefully, in accordance with budgetary and other con- siderations. Planning the Physical Layout The physical layout, or topology, of the network will directly or indirectly influence such things as the type of cabling to be used, the media access control method, the limitations on cable distance, number of nodes per segment, and other “rules and regulations” with which you must comply to meet standard specifications for Ethernet, Token Ring, or other net- work types. NOTE 91_tcpip_02.qx 2/25/00 12:30 PM Page 54 Setting Up a Windows 2000 TCP/IP Network • Chapter 2 55 Numerous excellent resources offer guidance in the implementation of the popular network topologies and architectures. In some cases, the net- work administrator will be directly involved in selecting cable types and choosing individual pieces of network hardware. In a large network envi- ronment, an outside firm may be hired and given an overall “mission,” and granted the authority to make most such decisions. Either way, it is important to ensure that the final implementation complies with ISO, IEEE, and other industry standards, and building codes and other local regulations. Diagramming the Network Layout One of your most important tasks in planning the physical layout is to diagram the network. There are many excellent software tools, such as Visio, that you can use to visually represent the layout and show the con- nections of servers, hubs, routers, workstations, and other network devices. See Figure 2.1 for an example of a Visio drawing using the net- work diagramming templates included with the software. Figure 2.1 A simplified sample network diagram. dev.tacteam.net federation.tacteam.net Proxy Server Internet tacteam.net Wkst1 WkstB Wkst2 Wkst3 WkstA WkstC Hub Hub Router 91_tcpip_02.qx 2/25/00 12:30 PM Page 55 56 Chapter 2 • Setting Up a Windows 2000 TCP/IP Network Whether you use diagramming software to construct a professional- looking diagram or simply sketch the network layout manually, how you do it is less important than getting it done. You may be tempted to skip this step if you’re on a tight schedule, thinking you can always come back and create this documentation after the fact. However, the network diagram, properly used, is more than just a record of the network’s design. It is also a planning tool. It is much easier to move devices around and reroute cabling on paper (or on the screen) than it is to lug those heavy pieces of equipment from place to place or manipulate lengths of twisted pair through crawlspaces to “try out” differ- ent configurations in the corporeal world. You can save much time, effort, and aggravation by considering different options during the diagramming stage. Remember that later changes to the infrastructure will be expensive and time-consuming, and may result in high indirect costs due to down- time. The physical aspects of the network are its foundation, so get that right from the beginning and you will automatically reduce the chances of problems in the future. Visio 2000 Enterprise edition will even discover and draw out the network for you! For more information, see www.visio.com/visio2000/enterprise/. Planning for Sites If you built or worked with wide area networks (WANs) based on NT 4.0 servers, you probably thought of each separate geographic location, such as a branch office, as a “site.” In Windows 2000 TCP/IP networking, the term “site” has a new and specific meaning, and site planning has taken on a new importance. What Is an Active Directory Site? According to Microsoft, in Windows 2000 a site is defined as “one or more well-connected (highly reliable and fast) TCP/IP subnets that allows administrators to configure Active Directory access and replication topolo- gy quickly and easily to take advantage of the physical network.” Sites are published to the Active Directory, which uses the site information in per- forming replication and responding to service requests. The goal is to improve the efficiency and performance of the WAN. TIP 91_tcpip_02.qx 2/25/00 12:30 PM Page 56 Setting Up a Windows 2000 TCP/IP Network • Chapter 2 57 Note that creating a site is a way of grouping together computers that have a fast connection. A site does not necessarily represent a group of computers that are at the same physical location. The site concept is independent of domain configuration. A site can span multiple domains, or one domain may include computers at different sites. In general, computers in the same TCP/IP subnet will share a fast connection (Microsoft documentation refers to them as “well connected”). Thus when you set up a new Windows 2000 network, subnetting deci- sions and site planning will go together. Sites are created and configured using the Sites and Services MMC. To access the MMC: Start | Programs | Administrative Tools | Active Directory Sites and Services. Figure 2.2 shows how a new site is created with this tool. Figure 2.2 Using the AD Sites and Services MMC to create a new site. With this tool, you can establish links between two or more sites, set up replication frequency, configure site link cost, create subnets and associate them with sites, force replication over a connection, and per- form many other tasks involved in using Active Directory sites. 91_tcpip_02.qx 2/25/00 12:30 PM Page 57 [...]... Luckily, Windows 20 00 provides a way for you to work around this problem by opening each Win 16 application in its own separate memory space OS /2 and POSIX Application Support in Windows 20 00 Windows NT included support for both OS /2 version 1.x programs and POSIX-compliant applications Windows 20 00 also provides limited support for these applications; however, in most cases, it would be beneficial to upgrade... add multiple IP addresses and gateways, fine-tune DNS and WINS settings, and enable and configure IP Security (IPSec) and TCP/IP filtering These issues will be discussed in later chapters in conjunction with troubleshooting addressing, name resolution, and security problems 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 67 Setting Up a Windows 20 00 TCP/IP Network • Chapter 2 Figure 2. 8 Use the TCP/IP Properties... 91_tcpip_ 02. qx 68 2/ 25/00 12: 30 PM Page 68 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network Upgrading to Windows 20 00 from Windows NT 4.0 Microsoft designed Windows 20 00 as the successor to Windows NT 4.0, thus some thought and planning were given to providing a viable upgrade path You may find, however, that restructuring your NT 4.0 network prior to the upgrade will make the transition to Windows. .. your computer, and will now show up in the list of protocols on the Properties sheet for the connection TIP Unlike Windows NT, Windows 20 00 will not display TCP/IP (or other components) in the list of available protocols to be installed if it is already installed, so you cannot install multiple instances of the protocol 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 65 Setting Up a Windows 20 00 TCP/IP Network... Chapter 2 65 Figure 2. 5 The Properties sheet for the local area connection shows which components and protocols are installed for this network adapter Figure 2. 6 The Select Network Component Type dialog box allows you to add client software, a network service, or a networking protocol 91_tcpip_ 02. qx 66 2/ 25/00 12: 30 PM Page 66 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network Figure 2. 7 Select TCP/IP... correctly with Windows 20 00 However, those that try to access the hardware directly, or that require the FAT file system, may not be usable on Windows 20 00 computers Upgrading the operating system may present a good opportunity to assess the viability of some of these older programs with a look 75 91_tcpip_ 02. qx 76 2/ 25/00 12: 30 PM Page 76 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network toward upgrading... 62 2 /25 /00 12: 30 PM Page 62 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network Network Design Checklist ❏ Put together a planning team of persons who are s s s Knowledgeable about how a TCP/IP network works Knowledgeable about the Windows 20 00 operating system Knowledgeable about the company’s unique needs ❏ Assess hardware s s Check the Hardware Compatibility List Upgrade if necessary ❏ Plan the physical... similar, but different, “flavors” of the operating system, which are not necessarily compatible with one another Microsoft has positioned Windows 20 00 as a more cost-effective and easier-to-use NOS that, with the enhancements that Windows 20 00 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 83 Setting Up a Windows 20 00 TCP/IP Network • Chapter 2 brings to its support of enterprise networking, can be a viable alternative... to keep each up to date Replication traffic can become a problem on a heavily-used network, so Microsoft uses the site concept to attempt to achieve a balance and reduce “traffic jams” caused by frequent replication across low-bandwidth links 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 59 Setting Up a Windows 20 00 TCP/IP Network • Chapter 2 Windows 20 00 allows the administrator to customize the replication... support for case-sensitive file names and hard links, are based on UNIX Many government agencies adopted software specifications that required adherence to the POSIX standards, which is the reason Microsoft included the subsystem in its operating systems As with OS /2 applications and many DOS and Win 16 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 77 Setting Up a Windows 20 00 TCP/IP Network • Chapter 2 applications, . ■ Setting Up a Windows 20 00 TCP/IP Network from Scratch Chapter 2 51 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 51 52 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network Introduction The process of. networking protocol. 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 65 66 Chapter 2 • Setting Up a Windows 20 00 TCP/IP Network Configuring TCP/IP The next step is to configure TCP/IP’s properties. To do so, select. install TCP/IP. TIP 91_tcpip_ 02. qx 2/ 25/00 12: 30 PM Page 64 Setting Up a Windows 20 00 TCP/IP Network • Chapter 2 65 Figure 2. 5 The Properties sheet for the local area connection shows which components