Chapter_5_Network Management (1).pdf

Full Transcript

Chapter -Five

Network Management
 TCP/IP Networking Basics
There are a large number of different protocols that operate at different layers
of the OSI model, This protocol is known as the Transmission Control
Protocol/Internet Protocol (TCP/IP).

TCP/IP has become the standard protocol used for interoperability among many
different types of computers.

Interoperability simply means different types of computers being able to
communicate with each other.
 Cont…
TCP/IP is not actually a single protocol, but a set of protocols that operate at different
levels.
The levels involved in TCP/IP do not exactly match those of the OSI reference model.
Instead of seven layers, TCP/IP specifies only four: OSI Layers TCP/IP Layers

Application Application

1. Application layer
Presentation Application

2. Transport layer
Session Application

3. Internet layer
Transport Transport
4. Network interface layer
Network Internet

Data-link Network interface

Physical Network interface

Each of these layers corresponds to one or more layers of the OSI reference model.
 Internet Protocol
The internet layer is equivalent to the network layer in OSI layered architecture
Some of protocol under in internet TCP/IP suite protocol are:

IP (Internetworking Protocol )
ICMP (Internet Control Message Protocol)
IGMP(Internet Group Message Protocol)
ARP (Address Resolution Protocol)
RARP (Reverse Address Resolution Protocol)
 Internet Protocols(IP)
This is used at the Internet layer of TCP/IP and is used to attach network addresses to
packets.
In IPv4 an IP address consists of 4 octets between 0 and 255 separated by dots.

For example, 146.23.0.194 is a valid IP address.
When you surf the Internet and type a URL into your browser (e.g. www.yahoo.com) you
are actually using IP addresses.

Every Internet domain such as Yahoo or Google has at least one IP address on the
Internet.

Using the 4 octets (or 32 bit) IP addresses makes it relatively easy to segment the task of
managing computer networks.
 ICMP(Internet Message Control Protocol)
ICMP is used to transmit status and error messages between network stations. used for
reporting errors and performing network diagnostics.
For example, whenever you type a URL into Internet Explorer and you get the message
“Page cannot be displayed”, it is an ICMP packet that is responsible.

Five types of errors are handled: in ICMP
1.Destination unreachable
2.Source quench
3.Time exceeded
4.Parameter problems
5. Redirection
 Cont…
1. Destination Unreachable
When a router cannot route a datagram, the datagram is discarded and the router send a
destination-unreachable message back to the source host that initiated the datagram.

2. Source Quench
 IP does not have a flow control mechanism embedded in the protocol, because of that,
congestion occur.
 A router has a limited-size queue (buffer) for incoming datagrams waiting to be forwarded
or to be processed.

 If the datagrams received more than queue (buffer) capacity the queue become overflow
and some datagram will be discarded.
 When a router or host discards a datagram due to congestion, it sends a source-quench
message to the sender of the datagram.
3. Time Exceeded
 The time-exceeded message is generated in two cases:
I. Routers use routing tables to find the next hop (next router) that must receive the packet.
 If there are errors in one or more routing tables, a packet can travel in a loop or a cycle.

 Each datagram contains a field called time to live(TTL) that controls this situation.

 When a datagram visits a router, the value of this field is decremented by 1. When the
time-to-live value reaches 0, the router discards the datagram.
 However, when the datagram is discarded, a time-exceeded message must be sent by the
router to the original source.

II. Second, a time-exceeded message is also generated when not all fragments that make up
a message arrive at the destination host within a certain time limit.
 Cont…
4. Parameter Problem
If a router or the destination host discovers an ambiguous or missing value in any field
of the datagram, it discards the datagram and sends a parameter-problem message
back to the source.

5. Redirection
The router may receives datagram to forward to another router, if the address is not
available in the routing table it send redirection message to host to update routing table.
 The Internet Group Management Protocol (IGMP)
The Internet Group Management Protocol (IGMP) is one of the necessary, protocols that is
involved in multicasting.

In any network, there are one or more multicast routers that distribute multicast packets to
hosts or other routers.

A list of host can be cerate for the multicast router, IGMP helps the creation and updating
of this list.

IGMP is not a multicasting routing protocol; it is a protocol that manages group
membership
 ARP
 Mapping Logical to Physical Address.

A host or a router has an IP datagram to send to another host or router, it has the logical (IP)
address of the receiver.
The sender needs the physical address of the receiver.

The host or the router sends(broadcast) an ARP query packet.
The response packet contains the recipient's IP and physical addresses.

The packet is unicast directly to the inquirer by using the physical address received in the
query packet.
 RARP
There are occasions in which a host knows its physical address, but needs to know its
logical address.
RARP request is created and broadcast on the local network.
Another machine on the local network that knows all the IP addresses will respond with a
RARP reply.
 Transport Layer Protocol

 Protocol that operate at transport layer are
1. UDP (User Datagram Protocol)

2. TCP (Transmission Control Protocol)
 TCP
TCP is a reliable, guaranteed-delivery protocol.
It creates a virtual connection between two TCPs to send data.

TCP specifies the methods hosts use to acknowledge the receipt of packets, and requires
the source host to resend packets that are not acknowledged.

Because of this, TCP is referred to as a connection-oriented protocol.

Before a TCP session can be used, the source and destination hosts exchange messages
to set up the connection over which data segments can be sent.
To set up connection TCP use a three step process.
 Cont…
This SYN, SYN-ACK, ACK activity between the TCP processes on the two hosts is called a
three-way handshake.
 UDP
UDP is a very simple, connectionless protocol. It has the advantage of providing for
low overhead data delivery.
UDP does not provide guaranteed data delivery or flow control.
There is no error control mechanism in UDP.
This means that the sender does not know if a message has been lost or duplicated.
Protocols that use UDP include:
 Domain Name System (DNS)
 Dynamic Host Configuration Protocol (DHCP)
 Routing Information Protocol (RIP)
 Application Layer protocols

Protocol under application layer are:-
1.SMTP
2.FTP
3.Telnet
4.DNS
5.DHCP
 SMTP
Email supports three separate protocols for operation: SMTP, POP3, and IMAP4.
Process that sends mail, implements the SMTP protocol.
A client retrieves email using one of two application layer protocols: POP3 or IMAP4.

SMTP message formats require a message header(contain recipient and sender mail
address) and a message body.
 Cont…
The structure of an email address includes the email account name, as well as the domain
name of the mail server.
e.g [email protected].
The Post Office Protocol - Version 3 (POP3) is used to enable a workstation to retrieve
mail from a mail server.

With POP3, mail is downloaded from the server to the client and then deleted on the
server.
Internet Message Access Protocol (IMAP4) is another protocol that describes a method
to retrieve email messages.

However, unlike POP3, IMAP4, copies of the messages are downloaded to the client
application, and will not deleted from server, until manually deleted.
Cont…
 Administrative Commands
Windows operating systems include a number of generic TCP/IP user commands that
may be used to display various network-related information, including the following:
hostname
Display the name of the local system
ipconfig
Display information about network interfaces (also configure them)
ping
Perform a simple network connectivity test
arp
Display or modify the IP-to-MAC address-translation tables
 Cont...
netstat
Display various network usage statistics
provide valuable insights into network activity, connections, and configurations.
route
 allows to view, add, modify, and delete routing table entries to control how network traffic is
routed within the network infrastructure.
Display or modify the static routing tables
traceroute
Determine the route to a specified target host. Including number of hops, round-trip times
(RTT) to each hop, and the IP addresses of intermediate routers along the route.
nslookup
Determine IP address-to-hostname and other translations produced by the Domain Name
Service
 Network File System
NFS, or Network File System, is a server-client protocol for sharing files between
computers on a common network.

The NFS server exports one or more directories to the client systems.
NFS is commonly used in environments where multiple users need to access shared
files and data such as in enterprise networks academic institutions, and research
facilities.
NFS enables multiple users and applications on different computers to access and
share files and storage resources across a network.
One advantage of NFS is that the client mounts the remote filesystem to a
directory thus allowing users to access it in the same method used to access local
files.
 DNS
To make it easier to remember and identify systems, each IP address can be resolved to a
hostname such as server.example.com, which must also be unique per network.

IP addresses can be translated, or resolved, to hostnames, and vice versa, via the Internet
Domain Name System, or DNS.

DNS is a set of distributed databases with a hierarchy that dictates which server is more
authoritative for a particular set of systems.

To set up a DNS server, also referred to as a name server, on Red Hat Enterprise Linux, use
BIND (Berkeley Internet Name Domain).
 Managing DNS Servers
The Domain Name System (DNS) is the facility that provides name resolution services.
The entire hostname with its domain such as cs.dbu.com is called a fully qualified domain
name (FQDN).

The right-most part of the FQDN such as.com or.net is called the top level domain.
The remaining parts of the FQDN, sub-domains.

These sub-domains are used to divide FQDNs into zones.

The authoritative server also called primary, master server that contains the master zone file.
 Cont…
There are four basic types of DNS servers:
 A master DNS server, authoritative for one or more domains, includes host records for
that domain.

 A slave DNS server, which relies on a master DNS server for data, can be used in place of
that master DNS server.

 A caching-only DNS server stores recent requests like a proxy server. If configured with
forwarding features, it refers to other DNS servers for requests not in its current cache.

 A forwarding-only DNS server refers all requests to other DNS servers
 Cont…
 Allowing Connections

DNS servers use port 53 by default.
Incoming and outgoing packets should be allowed on port 53.

Also allow connections on port 921 if you configure a lightweight resolver server.

The DNS control utility, connects to the DNS server with TCP port by default.
 Dynamic Host Configuration Protocol (DHCP)

Each host must have an Internet Protocol (IP) address and a subnet mask, and if
communicating outside the local subnet, each must also have a default gateway.

Each IP address must be valid and unique within the host’s internetwork.

Manually managing IP addresses is a complex tedious task.

The Dynamic Host Configuration Protocol (DHCP) simplifies this process by
automating the assigning, tracking, and reassigning of IP addresses.
 Dynamic Host Configuration Protocol (DHCP)
DHCP is based heavily on BOOTP.

Bootstrap Protocol is used to establish a network connection during a computer's initial boot up during
the bootstrap process.

BOOTP is primarily used for diskless workstations and network devices to obtain an IP address and
basic network configuration during the bootstrap process.

DHCP can dynamically allocate an IP address from a pool of addresses and then reclaim it when it is no
longer needed.

Because this process is dynamic, no duplicate addresses are assigned by a properly configured DHCP
server, and administrators can move computers between subnets without manually configuring them.
 Dynamic Host Configuration Protocol (DHCP)
Each Microsoft Windows Server 2008 edition (the Standard Edition, Enterprise Edition, and
Datacenter Edition) include the DHCP Server service.

DHCP is an optional installation.

All Microsoft Windows clients automatically install the DHCP Client service as part of
TCP/IP, including Windows Server 2008, Windows Server 2016, Microsoft Windows Vista,
and Microsoft Windows XP.
 Dynamic Host Configuration Protocol (DHCP)
DHCP has largely replaced BOOTP due to its enhanced features and capabilities for
dynamic IP address assignment and network configuration.

Four Key benefits to DHCP:

– Centralized administration of IP configuration.

– Dynamic host configuration.

– Seamless IP host configuration.

– Flexibility and scalability.
 DHCP Terminology….
DHCP client - A computer that obtains its configuration information from DHCP.
DHCP server - A computer that provides DHCP configuration information to multiple
clients.
– The IP addresses and configuration information that the DHCP server makes available
to the client are defined by the DHCP administrator.
 DHCP Terminology….
DHCP lease - This defines the duration for which a DHCP server assigns an IP address to a
DHCP client.

– The lease duration can be any amount of time between 1 minute and 999 days, or it can be
unlimited.

– The default lease duration is eight days.
 DHCP Messages
All DHCP messages are carried in User Datagram Protocol (UDP) datagrams using the well-
known port numbers 67 (from the server) and 68 (to the client).

UDP operates at the Transport Layer of the OSI model and is a low-overhead protocol because
it does not use any type of packet acknowledgement.
Discovery: After joining the IP network, a client device such as a cellphone or laptop sends a
broadcast packet, DHCPDISCOVER, to track all the servers using DHCP protocol. This packet
holds the client computer’s name and MAC address, making request identification and
response straightforward for the server.
Offer: After receiving the broadcast message, the servers send individual DHCPOFFER
messages containing a specific IP address for the client. They select this proposed address from
the address pool.
 DHCP Messages….

Request: The client generally receives multiple offers from the different servers but accepts only
one typically the first offer. It then sends a DHCPREQUEST packet requesting the allocation of
the offered IP address.
Acknowledgment: The server whose offer was accepted then sends a DHCPACK packet to the
client to confirm the allocation of the requested IP.
 DHCP Lease Renewal
A DHCP renewal occurs when a DHCP lease expires. The DHCP host will contact the
original leasing DHCP server and request a new lease.
A rebinding is when a host will remove all network information it may have previously
obtained from a DHCP server and will begin from scratch.
 DHCP Relay Agent
DHCP relies heavily on broadcast messages.

Broadcast messages are generally limited to the subnet in which they originate and are not
forwarded to other subnets.

A DHCP relay agent is either a host or an IP router that listens for DHCP (and BOOTP) client
messages being broadcast on a subnet and then forwards those DHCP messages to a DHCP
server.

The DHCP server sends DHCP response messages back to the relay agent, which then
broadcasts them onto the subnet for the DHCP client.

Using DHCP relay agents eliminates the need to have a DHCP server on every subnet.
DHCP Relay Agent
 Automatic Private IP Addressing (APIPA)
If the DHCP client is unable to locate a DHCP server and is not configured with an
alternate configuration, the computer configures itself with a
169.254.0.0/255.255.0.0 address.

The auto-configured computer then tests to verify that the IP address it has
chosen is not already in use by using a gratuitous ARP broadcast.

If the chosen IP address is in use, the computer randomly selects another
address. The computer makes up to 10 attempts to find an available IP address.
 Installing the DHCP Server Role
Adding the DHCP server role is largely wizard-driven via the Server Manager console and
allows you to configure basic DHCP settings at the same time that you install the role.

To add DHCP Server Role on a Server Core Installation of Windows Server 2016, use the
following command:

Start /w ocsetup DHCPServerCore
 Authorizing a DHCP Server
In implementations of DHCP prior to Windows 2000, any user could create a DHCP
server on the network, an action that could lead to conflicts in IP address assignments.

In Windows Server 2000 and later, an unauthorized DHCP server (also referred to as a
rogue DHCP server) is simply a DHCP server that has not been explicitly listed in the
Active Directory Domain Service as an authorized server.

You must authorize a DHCP server in Active Directory before the server can issue leases
to DHCP clients.
 Authorizing a DHCP Server
Press Ctrl+Alt+Delete on the Windows Server 2016 computer.

In the DHCP console, right-click DHCP and then click Manage Authorized Servers.

In the Manage Authorized Servers dialog box, select Authorize.

In the Authorize DHCP Server dialog box, key the name or IP address of the DHCP server to
be authorized and then click OK.

The computer will list the IP and full computer name and then ask for confirmation.

– Click OK to continue.
 DHCP Scope
Determines which IP addresses are allocated to clients.

Defines a set of IP addresses and associated configuration information that can be supplied to a
DHCP client.

A scope must be defined and activated before DHCP clients can use the DHCP server for
dynamic TCP/IP configuration.

You can configure as many scopes on a DHCP server as needed for your network environment.
 DHCP Scope
The IP addresses defined in a DHCP scope must be contiguous and are associated with a subnet
mask.

– If the addresses you want to assign are not contiguous, you must create a scope
encompassing all the addresses you want to assign and then exclude specific addresses or
address ranges from the scope.

– You can create only one scope per subnet on a single DHCP server.
DHCP Scope
 Available Address Pool
Once a DHCP scope is defined and exclusion ranges are applied, the
remaining addresses form what is called an available address pool
within the scope.

Pooled addresses can then be dynamically assigned to DHCP clients on
the network.
 Superscope
A DHCP superscope is an administrative grouping of scopes that is used to support multinets,
or multiple logical subnets (subdivisions of an IP network) on a single network segment (a
portion of the IP internetwork bounded by IP routers).

Superscopes contain only a list of member scopes or child scopes that can be activated
together.
 DHCP Reservation
Network administrators can use DHCP reservations for DHCP-enabled
hosts that need to have static IP addresses on your network.
Reservations must be created within a scope and must not be excluded
from the scope.
An IP address is set aside, or reserved, for a specific network device that
has the Media Access Control (MAC) address (the hard-coded
hexadecimal hardware address associated with a Network Interface
Card) associated with that IP address.
 DHCP Reservation
You can find the MAC address with the ipconfig /all command.
DHCP Reservation
 DHCP Options
DHCP options are additional client-configuration parameters
that a DHCP server can assign when serving leases to DHCP
clients.
DHCP options are configured using the DHCP console and can
apply to scopes and reservations.
DHCP Options
 DHCP Options
DHCP options can be assigned to all scopes, one specific scope, or
to a specific machine reservation.
 DHCP Options
There are four types of DHCP options in Windows Server 2008:
– Server options apply to all clients of the DHCP server. Use these options for parameters
common across all scopes on the DHCP server.
– Scope options apply to all clients within a scope and are the most often used set of options.
Scope options override server options.
– Class options provide DHCP parameters to DHCP clients based on type — either vendor
classes or user classes.
– Client options apply to individual clients. Client options override all other options (server,
scope, and class).
 Backup and Restore the DHCP Database
Windows Server 2008 DHCP servers support automatic and manual
backups.
To provide fault tolerance in the case of a failure, it is important to back
up the DHCP database.
– This enables you to restore the database from the backup copy if the
hardware fails.
To backup, right-click the server in the DHCP console and click Backup.
To restore the DHCP database, right-click the server and click Restore.
 Implementing Microsoft Internet Information
Services
Web Server (IIS) role
– Contains the World Wide Web services which are vital for a Web site
File Transfer Protocol (FTP) service
– TCP/IP-based application protocol that handles file transfers over a
network
Simple Mail Transfer Protocol (SMTP)
– Works with e-mail services to accept incoming e-mail from the
Internet and forward it to the recipient

56
 Implementing Microsoft Internet Information
Services (cont’d.)
Reasons Windows Server 2012 is a good candidate for a Web
server
– Privileged-mode architecture
– Fault-tolerance capabilities
– Compatible with small and large databases
– Users can log into a database through the IIS Open Database Connectivity
(ODBC) drivers
– Compatible with:
Microsoft Point-to-Point Encryption (MPPE) security
IP Security (IPsec)
Secure Sockets Layer (SSL) encryption technique

57
 Implementing Microsoft Internet Information
Services (cont’d.)
IIS newly designed for Windows Server 2012r2
– Broken into modules or features (role services)
– Install only the features you need
Smaller attack surface
More efficient

58
Implementing Microsoft Internet Information
Services (cont’d.)

Table 9-1 Internet Information Services features (role services)

59
 Installing a Web Server
Requirements
– Windows Server 2012 installed on the computer to host IIS
– TCP/IP installed on the IIS host
– Access to an Internet Service Provider (ISP)
– Sufficient disk space for IIS and for Web site files
– Method for resolving IP addresses to computer or domain names
DNS and WINS

60
 Installing a Web Server (cont’d.)
Activity 9-1: Installing IIS
– Objective: Learn how to install IIS

61
 Internet Information Services (IIS) Manager
Capabilities
– Connect to a Web server
– Manage a Web server
– Manage ASP.NET
– Manage authorization for users and for specific Web server roles
– Manage Web server logging
– Compress Web server files
– Manage code modules and worker processes
– Manage server certificates
– Troubleshoot a Web server

62
Internet Information Services (IIS) Manager (cont’d.)

Figure 9-1 Using IIS Manager
Courtesy Course Technology/Cengage Learning

63
 Creating a Virtual Directory
Virtual directory
– Physical folder or a redirection to a Uniform Resource Locator (URL)
that points to a folder
– Can be accessed over the Internet, an intranet, or VPN
Reason for creating a virtual directory
– Provide a shortcut path to specific IIS server content
Steps to set up a virtual directory

64
Creating a Virtual Directory (cont’d.)

Table 9-2 Virtual directory security options

65
Creating a Virtual Directory (cont’d.)

Figure 9-2 Properties of a virtual directory

66
 Creating a Virtual Directory (cont’d.)
Set up the virtual directory to be shared
– So that users who need access to add contents to the directory can
do this over the network
Activity 9-2: Create a Virtual Directory
– Objective: Set up a virtual directory

67
Creating a Virtual Directory (cont’d.)

Table 9-3 Virtual directory share permissions

68
Figure 9-3 Creating a virtual directory

69
 Managing and Configuring an IIS Web Server
Manage IIS components including:
– Application pools
Group similar Web applications for management
– Sites
Manage multiple Web sites from one administrative Web server
– SMTP E-mail
Manage Internet e-mail
– Certificates
Configure and monitor certificate security used with other Web sites

70
Managing and Configuring an IIS Web Server
(cont’d.)

Figure 9-5 Application Pools in IIS Manger

71
Managing and Configuring an IIS Web Server
(cont’d.)

Table 9-4 Web site features to configure

72
 Managing and Configuring an IIS Web Server
(cont’d.)
Activity 9-3: Configuring a Web Site
– Objective: Learn basic Web site configuration

Figure 9-6 Enabling directory browsing

73
Troubleshooting a Web Server

Table 9-5
Troubleshooting IIS

74