Configuring and Troubleshooting Tcp/Ip
Configuring and Troubleshooting Tcp/Ip
CertPrs8
Composite / MCSE
Default screenManaging a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Blind Folio 1:3
I
Configuring and
Troubleshooting
TCP/IP
CERTIFICATION OBJECTIVES
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:35 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
In this book, we’ll take it from the ground up, starting with basic TCP/IP
addressing in this chapter. We’ll look at the “rhyme and reason” behind TCP/IP,
as well as specific techniques for setting up, maintaining, and troubleshooting
TCP/IP networks. As with all chapters in this book, we’ll focus on the skills
and concepts you’re most likely to need to succeed on exam 70-218.
Hardware Addresses
To connect to a network, a host must have a network interface card (NIC) installed.
Every NIC that’s manufactured is given a unique 48-bit hardware address. The
hardware address is literally “burned into” the card during the manufacturing
process, and as a rule cannot be changed by the user. (Actually, some devices do
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:35 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
allow you to change a card’s hardware address, though it’s unlikely you’d ever want
to do this.)
The terms “Ethernet board” and “Ethernet card” are often used as synonyms
for “network interface card.”
Before we go any further, I need to point out that the term “hardware address”
could probably win some kind of award for having the most synonyms on the
planet. While I’ll stick to the term “hardware address” in this book, you may come
across any of the following terms used as a synonym:
IP Addresses
In addition to the hardware address that’s physically burned into each NIC, each
host on a TCP/IP network also has an IP address (sometimes called an Internet address).
Unlike the hardware address, the IP address is a logical address that’s assigned by
a network administrator, or by DHCP (Dynamic Host Configuration Protocol),
which can automatically assign an IP address when the host first connects to the
network. We’ll get into DHCP in detail in Chapter 4. For now, it’s sufficient to
keep in mind that the IP address is flexible in that it can be assigned or changed
at any time.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:36 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
FIGURE 1-1 The hardware address is listed as Physical Address in an ipconfig /all command’s output.
Subnet Masks
Every host that has an IP address also has a subnet mask. The name “subnet mask”
is a good one, because it “masks” the portion of the IP address that identifies the
network to which a host belongs. Like IP addresses, a subnet mask is a 32-bit
number. A series of 1’s are used to identify the network portion of the address. The
0’s are used to represent the host portion of the address. For example, Figure 1-2
shows an IP address expressed in binary format (1’s and 0’s). Beneath that is a
subnet mask, also expressed in binary. The 1’s “mask off” those digits in the IP
address that identify the network as a whole. The 0’s represent the portion of the
address that identifies the host.
It’s customary to display the subnet mask in dotted quad format, just as we
usually do with IP addresses. The binary octet 11111111, when converted to
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:36 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
FIGURE 1-2 An IP address and subnet mask in binary format, where 1’s “mask” the portion of
the address that identifies the network
decimal, is 255. The binary octet 00000000 is, of course, just 0 in decimal. Thus,
we can display an IP address/subnet mask pair in the following more “human
readable” format:
192.168.221.204
255.255.255.0
Getting IP Addresses
Just as a person’s Social Security Number uniquely identifies them among all the
millions of U.S. citizens, an IP address uniquely identifies each host on the Internet.
Which perhaps brings up the question, “With millions of IP addresses already taken,
how do I know what IP addresses I can use for my network?” The answer to that
question is a resounding “It depends.” Every single computer that can access the
Internet doesn’t necessarily have its own unique IP address. However, the hosts that
serve the Internet—that is, the hosts that can be reached from other computers on
the Internet—all do have unique IP addresses. Each of those servers also has a unique
fully qualified domain name (FQDN). For example, the FQDN www.microsoft.com
uniquely identifies the web site host, www, on the unique domain name microsoft.com.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:37 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:37 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
There are also ranges of private IP addresses, which can assigned to hosts that are
clients to, but not servers on, the Web, as listed here:
While the private IP addresses can’t be used for servers on the Internet,
they can access the Internet through a proxy server or Network Address
Translation (NAT).
Table 1-1 summarizes what you’ve just learned about the classed (also called
classful ) IP addresses. Each class is defined by a certain range of IP addresses. Each
class also has “set aside” some private addresses that can be used on a local network
without approval from a governing body that assigns globally unique IP addresses.
Recall that the subnet mask identifies which portion of an IP address represents
the address of the network as a whole versus the address of an individual host. In a
subnet mask, each 255 value indicates 8 bits. The more bits there are in the host
portion of the IP addresses, the more unique hosts you can identify on that network.
Table 1-2 illustrates this by comparing Class A, B, and C networks. As you increase
the number of bits used to identify the network, you increase the number of networks
you can have within the class. But, at the same time, since you’re taking away bits
for identifying individual hosts, you decrease the maximum number of hosts a given
network could contain.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:37 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
TABLE 1-2 Number of Networks and Hosts per Network for Each TCP/IP Address (Classes A–C)
That leaves the following host addresses remaining, which you can assign to hosts:
169.254.1.1 to 169.254.1.254
It’s not always quite as simple as that because subnetting would allow you to break
that network into smaller subnets, as we’ll discuss later in the chapter. But before we
complicate matters, let’s look at another address you’re likely to assign to hosts in
your network, the default gateway.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:37 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
FIGURE 1-3
The default
gateway provides
access to
computers
outside the
local subnet.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:38 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
represents the place to which all “foreign” packets are sent. If any host in the subnet
needs to send a packet to some host that’s not in its own subnet, the packet gets
shipped straight to the default gateway.
EXERCISE 1-1
CertCam 1-1
Configuring TCP/IP on Servers
In this exercise, we’ll look at the specific steps required to assign an IP address
to a Windows computer on a LAN. We’ll use an example of assigning a static IP
address to a computer running Windows 2000 Server. A static IP address is one
that’s assigned by the administrator and never changes. Windows 2000 also
supports dynamic IP addressing, where a host gets its IP address automatically
from a DHCP server. We’ll discuss all of that in Chapter 4. But since Microsoft
recommends that all servers in a network use static IP addresses, we’ll assign a
static IP address to a server here. Here are the steps involved:
1. Open the Network and Dial-Up Connections window, either from the
Settings menu on the Start menu, or by right-clicking My Network Places
on the desktop and choosing Properties.
2. Right-click the icon for your Local Area Connection and choose Properties.
3. In the dialog box that opens, click Internet Protocol (TCP/IP) and then click
the Properties button.
4. Choose Use The Following IP Address to set a static IP address.
5. Fill in this computer’s IP address and subnet mask as in the example shown
in Figure 1-4. Of course, you’ll want to use an IP address and subnet mask
appropriate for your own network.
6. If you already know the IP addresses of the default gateway and DNS servers
for this network, you can fill those in as well. Otherwise, you can leave those
options blank for now.
7. Click the OK button in the current dialog box, and then click the OK
button in the remaining dialog box to close that. You can also close the
Network and Dial-Up Connections window if you like.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:38 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
FIGURE 1-4
The TCP/IP
Properties
dialog box
If you have access to two or more computers, and they’re connected right now,
you can repeat these steps on any other computers in the network. Generally,
Microsoft recommends using dynamic IP addressing in client computers. But until
you have a DHCP server set up to assign IP addresses automatically, you can just
assign static IP addresses to all of your computers. For the purposes of the exercises
in this book, be sure to make all the computers part of the same subnet.
.
There’s no rule that says you must use dynamic addresses on hosts and static IP addresses
on servers. But since Microsoft recommends that approach, you should keep it in mind
when answering any questions about assigning IP addresses to hosts.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:39 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
grew, it became clear that the powers that be were going to run out of globally
unique IP Class A, B, and C addresses.
To gain some flexibility in doling out ranges of globally unique IP addresses,
the registrars came up with Classless Inter-Domain Routing (CIDR, pronounced
cider) addresses. CIDR addresses don’t use traditional subnet masks to identify the
network and host portions of an IP address. Rather, they use a /x at the end of the
IP address, where x is the number of bits used to indicate the network portion of
the address.
For example, the address 199.199.199.123/26 would be called a slash 26 address.
When viewing the address in binary format, the top (leftmost) 26 bits would be the
ones assigned by the registrar, leaving the remaining 6 bits for the administrators
assigned to hosts. Referring back to our discussion of subnet masks, if we write the
address 199.199.199.5 in binary, and then use corresponding 1’s and 0’s to mask
the network portion of the address, we end up with the address and mask shown
in Figure 1-5.
You can easily convert a /x to a more traditional subnet mask, though you’ll need
to covert binary numbers to their decimal equivalents. You just have to jot down
the 32-bit mask with x number of 1’s, followed by enough 0’s to make the number
36 bits in length. Divide that 32-bit number into four octets. Then convert each
octet to a decimal number. For example, let’s take the /26 designation. We jot down
26 ones, followed by 6 zeros:
11111111111111111111111111000000
Now convert each binary octet to a decimal number, and you get the following:
255.255.255.192
FIGURE 1-5
The address
199.199.199.5/26
in binary with 1’s
representing the
network portion
in the lower mask
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:40 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Thus, 255.255.255.192 and /26 are just two different ways of expressing the
same thing—a subnet mask that, in binary, has 26 network bits and 6 host bits.
If you take a look at Table 1-3, where I’ve converted a series of /x designations
to binary and to subnet masks, you’ll see the progression. The last number in the
subnet mask is just the last octet converted from binary to decimal.
Before we get any deeper into this business of working with binary numbers, let’s
take a moment to look at some strategies you can use to convert decimal to binary,
and vice versa.
TABLE 1-3 Some /x Designations, with Their Corresponding Subnet Masks in Binary and Decimal
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:40 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
FIGURE 1-6
The Windows
Calculator in
scientific view
To convert decimal to binary, start by clicking the Bin option button. Then type
in the binary number. Leading 0’s will be ignored because they have no value, so just
start typing at the first 1. For example, to convert 00110011 to decimal, you’d type
or punch in 110011. Then click the Dec option button to see the result, 51.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:40 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Now that we’ve been through some of the basics of TCP/IP addressing, let’s take
a look at some scenario questions and answers that might come up.
Working with these same numbers in binary shows why this all makes sense. For
example, using those same values, 192.168.1.0 and a subnet mask of 255.255.255.0
in binary, we can use the letter n to identify network bits, and h to identify host bits:
192 168 0 0 IP Address (decimal)
11000000 10101000 00000000 00000000 IP address (binary)
nnnnnnnn nnnnnnnn nnnnnnnn hhhhhhhh network or host
11111111 11111111 11111111 00000000 Subnet mask (binary)
255 255 255 0 Subnet mask (decimal)
Subnetting
When we subnet a Class C address (in other words, break it down into two or more
subnets), we’re “swiping” host bits and making them into subnet bits. Let’s see
what happens when we change the subnet mask in the preceding example from
255.255.255.0 to 255.255.255.224. The bits that are affected by the change are
indicated next by the letter s, to indicate that they’re “swiped” bits now used to
identify the subnet:
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:41 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
It’s important to keep in mind that the subnet is a mask, not a number per se,
and as such you must have a series of contiguous 1’s for the network/subnet,
followed by contiguous 0’s for the host portion. Thus, only values that have leading
1’s, like 10000000, 11000000, 11100000, and so forth, are valid. There are only
nine possibilities, as summarized in Table 1-4.
It wouldn’t actually make sense to have a /32 designation (for example,
255.255.255.255 subnet mask), since there wouldn’t be any bits left in the host
portion of the address. I’ve only included that in the table to show the progression.
where n is the number of network bits, and h is the number of host bits. Since
there are always 32 bits in the mask, and we’re given the number of network bits
TABLE 1-4
/x Last Octet (Binary) Last Octet (Decimal)
The Full Range of /24 00000000 0
Viable Subnet
/25 10000000 128
Octets in Binary
and Decimal /26 11000000 192
/27 11100000 224
/28 11110000 240
/29 11111000 248
/30 11111100 252
/31 11111110 254
/32 11111111 255
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:41 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
We know we have 126 host addresses to work with, and the first possible host
address is 192.168.0.1. Therefore, the range of available addresses must be
192.168.0.1 to 192.168.0.126
TABLE 1-5 Number of Subnets and Possible Hosts per Subnet per /x Designation
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:41 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
The broadcast address would be one higher than the last host address, so it
must be
192.168.0.127
That covers the first subnet. The second subnet then starts right after the first
subnet’s broadcast address. Thus, the subnet address of the second subnet must be
192.168.0.128
Once again, we have 126 possible host addresses. The first valid host address
would be one greater than the subnet address, so the range must be
192.168.0.129 to 192.168.0.254
because that’s the range of numbers needed to address 126 hosts. The second
subnet’s broadcast address would be one greater than the last host address, so that
address must be
192.168.0.129 to 192.168.0.254
Table 1-6 summarizes the preceding information. As you can see, we’ve actually
taken a Class C address and split it right in half, making two equal-sized subnets.
If you use a /26 designation with a class C address of 192.168.9.9, you end up
2
with 2 or 4 subnet bits. To determine the remaining host bits, we subtract 26 from
32, which tells us we have 6 host bits to work with. Thus, the maximum number
6
of hosts per subnet would be 2 – 2, or 62. Again, reserving the lowest and highest
address within each of the four subnets for the network ID and broadcast address
leaves us with the subnets and IP addresses listed in Table 1-7.
TABLE 1-6 IP Addresses and Subnet Masks for 192.168.0.0/25 (126 Hosts per Subnet)
Subnet Broadcast
Subnet Address First Host Last Host Address Subnet Mask
1 192.168.0.0 192.168.0.1 192.168.0.126 192.168.0.127 255.255.255.128
2 192.168.0.128 192.168.0.129 192.168.0.254 192.168.0.255 255.255.255.128
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:41 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
TABLE 1-7 IP Addresses and Subnet Masks for 192.168.0/26 (62 Hosts per Subnet)
Subnet Broadcast
Subnet Address(s) First Host Last Host Address Subnet Mask
1 192.168.0.0 192.168.0.1 192.168.0.62 192.168.0.63 255.255.255.192
2 192.168.0.64 192.168.0.65 192.168.0.126 192.168.0.127 255.255.255.192
3 192.168.0.128 192.168.0.129 192.168.0.190 192.168.0.191 255.255.255.192
4 192.168.0.192 192.168.0.193 192.168.0.254 192.168.0.255 255.255.255.192
In a nutshell, we’ve taken the Class C address 192.168.0.0 and divided it into
four separate, equal-sized chunks. The starting address of each subnet is exactly 64
greater than the previous subnet’s starting address, because we have 64 addresses per
subnet (60 hosts plus the subnet and broadcast addresses).
Subnetting is simple to do with a good subnet calculator, like SolarWinds.Net
Advanced Subnet Calculator, available from www.tucows.com—though, of course,
you wouldn’t be able to use that during your exam. But even without a subnet
calculator, you can figure out anything as long as you know the network address
and subnet mask. For example, suppose a senior administrator asks you to configure
some new network using 192.168.0.160 with a subnet mask 255.255.255.240.
What IP addresses can you assign to your host? Right off the bat, we know our
network address, since that’s a given:
192.168.0.160 subnet address (given)
So, how many hosts per subnet? First, we need to figure out how many subnet
bits are available, so we convert the last octet in the subnet mask, 240, to binary,
4
which yields 11110000. So, we have 4 host bits to work with, and hence 2 – 2, or
14 hosts per subnet. We know that the IP address of the first host will be one greater
than the subnet address, thus our range of IP addresses is
192.168.0.161 to 192.168.0.174 (14 hosts per subnet)
The broadcast address is one more than the last IP address, and thus is the
following:
192.168.0.175 (broadcast address)
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:42 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Broadcasting
Hosts on small subnets often use broadcasting to communicate with one another.
Broadcasting is required when a given host doesn’t know the address of some host
with which it needs to communicate. To illustrate how broadcasting works, let’s
suppose a host named Igor needs to contact a host named Franz, but doesn’t know
Franz’s hardware address or IP address. How’s Igor going to get his message across?
Easy. Since he doesn’t know of a specific address to send the message to, he sends it
to the broadcast address, which, in turn, automatically delivers the message to every
host in the subnet. You might think of Igor sending his message to the subnet’s
broadcast address as being the same as Igor shouting “Igor at 192.168.0.2 here. If
there is a Franz out there, please send me your address.”
Every host on the network hears the broadcast message and checks to see who the
message is intended for. Each host examines the message to see if the name Igor is
looking for matches its own name. If the names don’t match, the message is just
ignored and no reply is sent back to Igor. However, when Franz sees that the message
is addressed to him, he replies, “Hey Igor at 192.168.0.2, Franz here, and my address
is 192.168.0.5,” as illustrated in Figure 1-7. So now Igor and Franz know each other’s
addresses, and can send messages directly back and forth.
That all works just fine and dandy, but there’s one big drawback. Igor has
to pester every host in the LAN just to find the one host he’s really trying to
communicate with. That’s not a big deal on a single small subnet. However, if you
look at an extremely large network, like the Internet, you can see why broadcasting
would create way too much traffic and take way too long. For example, suppose
you type www.GeneralSpecificX.com into your web browser, which knows nothing
about that site’s IP address. If your browser had to go to every single host on the
Internet asking “Are you www.GeneralSpecificX.com?,” it would be pestering literally
hundreds of millions of computers with this stupid question. And those other
hundreds of millions of hosts would be pestering each other, and your computer,
with similar stupid questions. There’d be so much bandwidth eaten up by all these
broadcasts, it would be impossible to get anything else done.
So what’s the solution to the broadcasting problem? In a word, routing. As you
may recall, a router (or default gateway) connects a subnet to the “outside world.”
One side of the router has an IP address that makes it a member of the subnet to
which it’s connected. As such, the router “hears” all the broadcast messages going
across the subnet. However, the one thing it won’t do is send those broadcast messages
through to the outside world. In other words, when the router gets a broadcast
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:42 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 23
FIGURE 1-7
Igor broadcasting
a message to
everyone, trying
to find Franz
message, it “shuts down the gateway,” in essence saying “Broadcast messages stop
here,” as illustrated in Figure 1-8.
Configure Routing
So now, armed with this information, let’s look at the concept of routing, which is
central to TCP/IP. The simplest form of routing is the network that’s attached to
the Internet via a router or modem and an Internet service provider (ISP). Hosts
within the local subnet can communicate by broadcasts, and such messages stay
within the subnet. Messages that are destined for hosts outside the local subnet are
sent to the default gateway, which is the IP address of the device that connects the
subnet to the Internet, as illustrated in Figure 1-9. That device then forwards the
message to the ISP, who handles it from there.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:43 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:43 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 25
FIGURE 1-9
A small subnet
that uses a default
gateway to access
the Internet
Router1. However, if Router1 were unavailable, Sales could still get its message
across to Marketing by going through Router2 and Router 3. Hence, we get some
fault tolerance here in that if one router goes down, messages can still get through.
FIGURE 1-10
A small business
scenario
with routers
connecting three
departmental
subnets
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:44 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Corporate Scenario
We can keep scaling up to larger, more complex scenarios. For example, Figure 1-11
shows a larger corporate or enterprise network with all kinds of networks and
protocols joined together with a bunch of routers. In that example, Windows 2000
Server computers are used as routers (as opposed to “dedicated routers”). I’ll show
you how to make a Windows 2000 Server computer into a router momentarily.
Obviously, we won’t get into all of the configuring needed to set up such a
complex network right here. The point, though, is that a little bit of routing goes
a long way in connecting all kinds of networks together, providing network
communications across a wide variety of platforms. The Internet is exactly that,
FIGURE 1-11 A corporate routing scenario involving many routers and protocols
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:44 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 27
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:45 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Windows 2000 Server computer that will be playing the role of router, you need to
make sure the Routing and Remote Access Server is configured. Here’s how:
When you’ve completed the wizard, you’re ready to start the next phase, which
involves installing the NICs. You would just go through the usual procedure.
When both NICs are installed, each will have its own icon in Network and
Dial-Up Connections, as in the example shown in Figure 1-13.
Since each NIC is a separate network interface, each can have its own unique
TCP/IP settings. In this situation, you need to configure each NIC with a valid IP
address for the subnet to which it connects. For example, take a look at Figure 1-14.
FIGURE 1-12
Routing and
Remote Access
Services, not
yet configured
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:45 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 29
FIGURE 1-13
Each installed
NIC has its own
icon in Network
and Dial-Up
Connections.
The subnet on the left has the address 192.168.0.0 subnet mask 255.255.255.0. The
subnet on the right has the address 192.168.100.0 subnet mask 255.255.255.0.
These are two separate subnets, since the network portions of their IP addresses
clearly don’t match.
To get routing to work, each NIC needs to be connected to and configured as
a host within its subnet. For example, in the example shown in Figure 1-14, I’ve
given NIC1 the IP address 192.168.0.1, thereby making it a host on the 192.168.0.0
FIGURE 1-14
Server01 playing
the role of
router between
192.168.0.0 and
192.168.100.0
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:46 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
The source host can “see” this same relationship. It “knows” that the destination
host is on the same subnet. So it need not go through any routers to get to that host.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:46 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 31
FIGURE 1-15
Routing must be
enabled for a
Windows 2000
Server computer
to function as a
router.
entering the command route print at the command prompt. The results might look
something like the example in Figure 1-16.
To interpret the command’s output in this example, you first need to know
some things about the machine on which the command was entered. In this example,
I entered the command at a Windows 2000 Professional computer that has the
following TCP/IP configuration:
TCP/IP Address: 10.10.1.31
Subnet mask: 255.0.0.0
Default gateway: 10.10.1.1
The lines under Interface List indicate this computer’s network interfaces. The
first item, 0x1, is the TCP loopback interface used in conjunction with the loopback
address for testing purposes. Every TCP/IP client has the same loopback address of
127.0.0.1; the loopback interface is just the address where loopback messages get
sent. Later in this chapter, you’ll see how you can use that address for testing and
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:47 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
FIGURE 1-16
Sample output
from a
ROUTE PRINT
command
troubleshooting. The second item in this example, 0x2, is this computer’s NIC.
You can see its hardware address, as well as the make and model of the card. This
particular machine has only one NIC installed. If it were a multihomed machine
with multiple NICs, those additional NICs would be listed as 0x3, 0x4, and so forth.
The next section of the display, titled Active Routes, lists routes that this machine
knows about. Each row is divided into the following columns:
Now let’s take a look at some of the routes listed in the sample output. The first
line looks like this:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.31 1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:47 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 33
The address 0.0.0.0 with the netmask 0.0.0.0 translates roughly to “the place you
should go if none of the lines in the routing table apply.” In other words, this row
defines the default gateway for all packets that aren’t within broadcast range, and
that don’t meet any of the criteria in the other lines in the routing table.
Let’s take a look at the next line now:
Network Destination Netmask Gateway Interface Metric
10.0.0.0 255.0.0.0 10.10.1.31 10.10.1.31 1
This line says that “To get to any address that starts with 10. (in other words,
10.0.0.0 subnet 255.0.0.0), use your own NIC at 10.10.1.31. There will not be
any router hops to make.” This makes sense if you think about it for a minute.
Recall that this is a machine on a Class A network. We know this because its own
IP address and subnet mask are 10.10.1.31 and 255.0.0.0. So it stands to reason that
in order to get a message out to another machine on this same network, the machine
could use its own NIC (10.10.1.31) as the gateway to the local network, and there
wouldn’t be any routers involved.
The third route network destination, 10.10.1.31 netmask 255.255.255.255,
refers to the local computer. This line essentially says “To get to yourself, use the
loopback address 127.0.0.1.” The next destination, 10.255.255.255 netmask
255.255.255.255, is the broadcast address. So this line says “To broadcast a message
to all hosts on the 10.0.0.0 network, use your own 10.10.1.31 NIC.” The next
destination address, 127.0.0.0 netmask 255.0.0.0, is the reserved loopback address.
Because the netmask uses 255.0.0.0, this line says “Any message sent to
127.anything.anything.anything gets sent to the IP address 127.0.0.1.”
The network destination 224.0.0.0 netmask 224.0.0.0 is the reserved multicast
address. We’ll discuss multicasting in depth later in the book. For now, it’s sufficient
to know that multicasting is a means of sending a single stream of data to multiple
IP addresses, sort of like a radio station that just sends out its show via an antenna,
and any radio that happens to be tuned to that station hears the show. The
255.255.255.255 netmask 255.255.255.255 is the limited broadcast address, any
alternative route used by some broadcasts to the local subnet.
The last section shown in Figure 1-16, titled Persistent Routes, lists static, permanent
routes created by an administrator. In the sample output, there are none listed,
simply because I haven’t created any. I’m relying on the default gateway address to
handle all messages with destinations outside my local subnet. But you can’t always
rely on that. We’ll discuss why, and how to get around it, in the next section.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:47 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
EXERCISE 1-2
CertCam 1-2
Viewing a Computer’s Routing Table
Like I said, every computer has a built-in routing table. So you can do this simple
exercise on virtually any Windows machine. I didn’t create an exercise that actually
lets you change the routing table, as you wouldn’t want to play around with that on
a real, production network. Furthermore, you could only create a route to a viable
network, and I don’t know what, if any, networks you’re connected to. But, anyway,
to perform this simple exercise on a Windows 2000 machine, follow these steps:
1. Click the Start button and choose Programs | Accessories | Command Prompt.
2. Type route print and press ENTER.
3. That’s it. If you’d like a printed copy, type route print >prn and press ENTER.
4. Type exit and press ENTER if you want to close the Command Prompt window.
The output of your route print command may not match the example shown in
this chapter, but you should see many of the same default routes.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:48 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 35
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:48 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
These “instructions,” which are formally called static routes, can be added to the
routing table using the ROUTE command with the following syntax
ROUTE [-p] ADD destination MASK subnet gateway METRIC m IF interface
where
We’d also want to tell that computer to send all messages destined for any address
starting with 199.150.150 to 197.100.100.102, the near-side IP address of the
router that connects network C to network B. So we’d also enter this command:
route -p ADD 199.150.150.0 MASK 255.255.255.0 197.100.100.102 METRIC 2
The command will check the specified route before adding it to the routing table.
If for some reason the specified network cannot be reached, the entry will be rejected
and you’ll see an error message to that effect. The problem could be a simple typo or
a connection problem to the remote network.
Once you’ve successfully entered a route, it will appear in the output of the route
print command. If you included the -p switch, the route will be listed under the
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:48 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Configure Routing 37
Persistent Routes heading. Otherwise, the new route just appears in the regular list
of routes. In this example, the following lines would be added under Persistent Routes:
Network Destination Netmask Gateway Interface Metric
200.50.50.0 255.255.255.0 197.100.100.101 197.100.100.33 2
199.150.150.0 255.255.255.0 197.100.100.102 197.100.100.33 2
Notice that in both route add commands, I omitted the IF interface parameter.
Since this machine has only one NIC, the route add command can test the
connection and figure this out on its own.
The large metric, 40, is somewhat typical of an Internet connection where many
routers might have to be crossed to get to a specific destination on the Internet. But
more importantly, there’s also a conflict here. The default gateway address 0.0.0.0
says “Use 197.100.100.1 for all communications outside this subnet.” But then, the
next two lines say “Use 197.100.100.101 for communications to 200.50.50.0, and
197.100.100.102 for communications to 199.199.150.0.” So, which will it be when
it comes time to send a message to Network A, the default gateway address or the
specified route?
For example, let’s say some hypothetical routing table contains these two routes:
Network Destination Netmask Gateway Interface Metric
200.50.50.0 255.255.255.0 197.100.100.101 197.100.100.33 2
200.50.50.200 255.255.255.255 197.100.100.102 197.100.100.34 2
The first route tells the machine to send anything destined for the network
200.50.50.0 through 197.100.100.101.” The second one tells the machine that a
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:49 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
You can intentionally add some conflicting, static routes to a routing table
for fault tolerance. Give the preferred route a low metric, such as 1; the
“backup” route a higher metric, like 2; and so forth.
would delete the route that has the network destination address 200.50.50.200.
If you have two routes with the same network destination address but different
gateways, you can include the gateway address to specify the record you want to delete.
You can use the * wildcard character in both the print and delete versions of the
command. For example route print 200* displays only routes whose network
destination starts with 200. The route delete 200* command would delete all routes
whose network destinations start with 200.
The route change command lets you change an existing static route, for example,
route change 199.150.150.0 MASK 255.255.255.0 197.100.100.102 METRIC 4
The route command alone on a line prints help for the command (same as
entering the command route /?).
Now that I’ve told you all of this, let me first point out that it’s very unlikely
that you’ll ever have to go from one machine to the next, setting up all these routes.
Thanks to dynamic routing and modern routing protocols like RIP (Routing
Information Protocol) and OSPF (Open Shortest Path First), routers can keep
machines informed of available routes, and individual hosts can compare routing
tables to one another and keep each other up to date. We’ll get to these protocols
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:49 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
in a later chapter. For now, the important thing is to understand that all machines
have a routing table. And even if you don’t specifically need to manually add static
routes to a machine’s table, it’s good to be able to interpret the contents of the table
for troubleshooting purposes.
Just because you might not have to use static routing much in the real world,
that doesn’t mean you can just ignore all this stuff. You may well need to
analyze some routing tables and understand how ROUTE ADD works to
answer some questions on your certification exam!
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:49 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
■ Primary DNS Suffix If DNS has been set up, the domain portion of the
DNS name (for example, certifiable.net) appears here.
■ Node Type Describes the method used to resolve NetBIOS-style hostnames,
like server01, to IP addresses, as will be discussed in Chapter 2.
■ IP Routing Enabled A simple Yes or No answer describing whether or not
this machine is functioning as a router.
■ WINS Proxy Enabled Specifies whether WINS name resolution is enabled,
as described in Chapter 2.
Information that’s specific to network adapter cards is listed under the Ethernet
Adapter heading. The name of the connection, as it appears in the Network and
Dial-Up Connections window is followed by these lines:
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:50 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
In terms of what we’ve discussed so far in this chapter, what you’re mainly
looking for in IPCONFIG’s output is to ensure that the computer has a valid IP
address and subnet mask. If there is a gateway of some sort on the network, whether
it be a dedicated router or just a computer that provides access to the Internet, the
default gateway address for that router must be correct as well. If you find an error
that needs correcting, you can make changes through the TCP/IP Properties dialog
box, described previously in Exercise 1-1.
The IPCONFIG command works only on systems that have the TCP/IP
networking protocols installed. If entering the ipconfig /all command returns an
error message like “TCP/IP is not running on this system,” there’s a problem with
the NIC or with the TCP/IP installation. To check to see if the NIC is working
properly, open the Control Panel, open the System icon, and click the Hardware
tab. Then click the Device Manager button and expand the Network Adapters
category. Double-click the icon for your NIC to view its properties. If the dialog
box doesn’t indicate any problems, you know the problem lies outside the NIC.
Windows 2000 doesn’t automatically install drivers for every NIC on the
market, so it’s a good idea to check the card and TCP/IP right after you
install Windows, or install a new card.
If the Properties dialog box indicates, instead, that there is a problem with the
card, first check to make sure the card is on the Windows 2000 Hardware
Compatibility List. Optionally, you can search for updated drivers via the Internet,
and use the Update Driver button on the Drivers tab of the Properties dialog box to
install the updated driver.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:50 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
EXERCISE 1-3
Checking an IP Configuration
You’ll no doubt be using the ipconfig /all command often through this book, and in
the real world as well. So, in this exercise, we’ll go through the simple steps necessary
to use the command:
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:50 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:51 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Pinging Hostnames
You can also ping another computer by its hostname. For example, if you’re sitting
at a computer named client01, which has a connection to a computer named
server01, you can ping the server by entering the command ping server01. Once
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:51 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
again, if the connection works, you’ll get a positive response. If the ping fails, it
could be a name resolution problem—a topic we’ll discuss at length in Chapter 2.
If you can ping a host by its IP address, but not its hostname, you should
suspect a problem with your DNS configuration or name resolution.
Trace complete.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:51 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
By default, tracert is limited to testing 30 hops. But you can use the -h switch to
test more or fewer maximum hops. For example, if 30 hops weren’t enough to reach
the destination host, you could try something like tracert -h 40 208.55.30.20 to
increase the maximum number of hops to 40.
EXERCISE 1-4
CertCam 1-4
Tracing a Route
If you have Internet access from your current machine, you can try out the
TRACERT command by following these simple steps:
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:52 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
3. After viewing the output, type exit and press ENTER to close the Command
Prompt window.
Since you’re tracing the route to an IP address that’s on the Internet, the trace
should complete successfully, provided your Internet connection is working.
If there is a problem with a router between your computer and the destination
computer, you may receive feedback that looks more like this:
Tracing route to www.coolnerds.com [208.55.30.20]
over a maximum of 30 hops:
If a router’s IP address appears repeatedly in the display, that’s called looping, and
means the router is not forwarding to the next router. This is most often caused
by an improper configuration at that specific router. Of course, whenever you
encounter a problem tracing the route to an Internet address, it’s very likely that
the faulty router will be outside your company’s internal network. The only thing
to do, in that case, is to report the problem to your ISP. If the router is in-house,
but outside your area of responsibility, you should report the problem to the
administrator of that specific router.
Like PING, TRACERT will accept a hostname as well as an IP address. For
example, you could enter the command tracert www.coolnerds.com to ping the
host at 208.55.30.20. As with PING, if you’re able to get to the host by its IP
address but not by its hostname, then you know you have a name resolution problem
on your hands. As mentioned, we’ll start on name resolution in Chapter 2.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:52 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Finally, don’t forget that when it comes to troubleshooting routing problems, the
ROUTE PRINT command can be an ideal resource for seeing where a machine
“thinks” it’s supposed to route certain messages. Scan the table for conflicting routes,
and remember that a route with a more specific netmask will take precedence over a
conflicting route in the table that has a less specific netmask.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:52 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Trace complete.
The This Node/Link: Lost/Sent = Pct and Address display the link between
two router IP addresses. The value followed by the pipe character (|) is the loss
rate for the specific link. In the example output, you can see that the link between
180.10.20.22 and 192.168.52.1 has a 21 percent loss rate. Dropped packets need
to be retransmitted. So, with such a high drop rate, you can see that this link is the
problem. So pathping has helped you locate the source of the problem. You could
then go to that router, or contact its administrator, to try to resolve that problem.
Most likely, the router is overloaded.
Now that you’ve learned about some basic network troubleshooting tools, let’s
take a look at some possible problem scenarios that might come up, and the
solutions to those problems.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:53 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
CERTIFICATION SUMMARY
In this chapter, we’ve looked at the ground level of the network infrastructure,
the TCP/IP addresses that uniquely identify hosts on a network. You can assign
either static or dynamic IP addresses to hosts. A static IP address is one that’s
assigned by an administrator, while a dynamic address is one that’s assigned to a
host automatically by a DHCP server. Microsoft recommends that you assign static
IP addresses to all the servers in your network. Use dynamic IP addressing for all
the clients. Doing so minimizes network administration headaches.
A TCP/IP address identifies both the network that a host belongs to and the
specific host. The subnet mask tells you which part of the address identifies the
network, and which part identifies the host. Standard addresses and subnet masks
are categorized as Class A (subnet 255.0.0.0), Class B (255.255.0.0), and Class C
(255.255.255.0). Any network can be divided into smaller subnets by using a
custom subnet mask, like 255.255.255.128, to split the host portion of that address
into a subnet ID and host ID.
You can use the command-line utilities IPCONFIG, PING, ARP, TRACERT,
and PATHPING at any stage of a network’s development to test and troubleshoot
network connectivity problems. To check the IP configuration on the local host,
use the ipconfig /all command. To test the connectivity between the local host
and some other host, use ping destination. To check routing between the local host
and a computer on the Internet or some other subnet, use pathping destination or
tracert destination. Whereas tracert only lets you see “dead” connections, pathping
lets you view packet-loss statistics, which can identify slow or inconsistent routers
along a path. You can also use the route print command to view any computer’s
routing table, which lets you see where the host is actually sending messages for a
given IP address or range of addresses.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:53 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Two-Minute Drill 51
✓ TWO-MINUTE DRILL
Configure TCP/IP on Servers and Clients
❑ TCP/IP is a suite of networking protocols, originally designed to solve
problems on the Internet’s precursor, ARPANet.
❑ Don’t confuse IP addresses with hardware addresses. A hardware address is
a unique 48-bit address that’s hardwired into every network interface card
(NIC) and usually cannot be changed by an administrator.
❑ The terms Media Access Control (MAC) address, physical address, Ethernet
address, Token Ring address, and NIC address are all synonymous with the
term hardware address.
❑ A TCP/IP address is a logical 32-bit address that can be assigned by an
administrator.
❑ A TCP/IP address’s subnet mask identifies which bits in the address represent
the network, and which bits represent the host.
❑ TCP/IP addresses and subnet masks are usually displayed in dotted quad
format, xxx.xxx.xxx.xxx, where xxx is any number from 0 to 255.
❑ The lowest host number in a range of IP addresses is reserved for the network
ID, and cannot be assigned to a host. For example, the address 192.168.1.0
subnet mask 255.255.255.0 refers to the network 192.168.1.
❑ The highest available address in a range of IP addresses is reserved for the
broadcast address. For example, 192.168.1.255 is the broadcast address for
the network 192.168.1.x subnet mask 255.255.255.0.
❑ An IP address can be static (assigned by an administrator and permanent) or
dynamic (assigned automatically by a DHCP server).
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:55 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
❑ In binary, the subnet bits that define the network portion must be
contiguous 1’s, and the address must provide for some hosts to be valid.
❑ Valid, commonly used numbers for the host portion of a subnet mask
include 128 (10000000), 192 (11000000), 224 (11100000), 240
(11110000), 248 (11111000), and 252 (11111100).
❑ The number of subnets you can get from a subnetted octet is 2n where n is
the number of network bits in the octet.
❑ The number of hosts per subnet is equal to 2h – 2 where h is the number of
host bits the subnet mask provides.
Configure Routing
❑ Every computer on a TCP/IP network has a built-in routing table.
❑ Most entries in the routing table are dynamic, meaning they’re created
automatically from known data.
❑ You can view the routing table on a machine by entering the route print
command at the command prompt.
❑ The network destination 0.0.0.0 netmask 0.0.0.0 tells where all traffic not
destined for the current network (or subnet) will be sent. Hence, it identifies
the default gateway.
❑ The Gateway column of the route print display identifies the IP address
of the NIC used to reach machines within a network destination IP range.
❑ The Interface column indicates which NIC in the local machine is used to
reach the IP address specified in the Gateway column.
❑ The Metric column indicates the cost of using a route in terms of hops across
routers. The trip to the default gateway also counts as a hop, so the metric
will never be less than 1.
❑ If there are conflicting routes in the routing table, the route with the most
specific subnet mask will be chosen. If there is a tie between routes, the route
with the smallest metric will be used.
❑ You can manually add static routes to a routing table by using the route add
command.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:52:59 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Two-Minute Drill 53
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:03 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
❑ If you try to PING an address that’s not on your subnet, and get an error
message, you can use the TRACERT command to get information about
each router that was contacted while trying to reach the destination address.
❑ If poor or inconsistent connections are the problem, PATHPING would be
the preferred troubleshooting command because it calculates dropped-packet
statistics for each path in the route.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:06 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Self Test 55
SELF TEST
The following questions will help you measure your understanding of the material presented in this
chapter. Read all the choices carefully because there might be more than one correct answer. Choose
all correct answers for each question.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:06 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
Configure Routing
6. Client01 in Figure 1-21 cannot ping any sites on the Internet. However, it can ping other hosts
within its own subnet. Which of the following would solve the problem? (Choose all that apply.)
A. Change NIC1’s IP address to 69.81.8.9.
B. Change NIC2’s IP address to 192.168.1.1.
C. Change Client01’s default gateway to 192.168.1.1.
D. Change Client01’s subnet mask to 255.0.0.0.
7. You are the administrator of one subnet in a large corporation. Another administrator asks
you to configure a temporary static route to all hosts on the network 192.168.5.0 subnet
255.255.255.0 for testing purposes. Which of the following commands shows the appropriate
network destination, subnet mask, and options for setting up such a route?
A. route add 192.168.5.0 MASK 255.255.255.0
B. route -p add 192.168.5.0 MASK 255.255.255.0
C. route add 192.168.5.0 MASK 255.255.255.255
D. route -p add 192.168.5.0 MASK 255.255.255.255
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:07 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Self Test 57
FIGURE 1-21
A server
connected to
the Internet and
a local subnet
8. Which of the following routing table entries would be used first to get a message to the host at
201.202.203.101 subnet 255.255.255.0?
A. Netmask 0.0.0.0 METRIC 30
B. 201.202.203.0 Netmask 255.255.255.0 Metric 1
C. 201.202.203.101 Netmask 255.255.255.255 Metric 1
D. 201.202.203.101 Netmask 255.255.255.255 Metric 2
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:07 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
11. You are able to ping the loopback and a host’s own IP address, but you’re having problems
pinging any other computers. You’ve checked all the connections and everything appears to
be in place. What would be the appropriate next step?
A. Try reaching the other computers with the PATHPING command.
B. Clear the ARP cache using arp -d * and then try again.
C. Use the nbtstat command to check the NetBIOS name cache.
D. Replace the NIC.
LAB QUESTION
You are an administrator on the network shown in Figure 1-22. Users in the San Francisco office
are complaining that they cannot reach DelDC01 from any clients. You run a TRACERT command
to DelDC01 from a client in the San Francisco office. It gets as far as TXRouter and then times out.
You run some additional PING tests and determine the following connections are valid:
■ 176.17.1.1 (DelRouter) to 176.17.1.11 (DelDC01)
■ 176.18.1.1 (TXRouter) to 176.17.1.1 (DelRouter)
What could you do at SFRouter to provide a consistent connection to DelDC01 for the San
Francisco office?
FIGURE 1-22
Offices in San
Francisco, Texas,
and Delaware
connected by
routers
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:08 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:08 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen / MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 /
Chapter 1
So you know you can have 25 – 2, or 30 hosts on the network. Thus, the range of valid host
addresses is 199.199.1.129 to 199.199.1.158.
ý A and B are wrong because you can’t assign the network ID 199.199.1.128 to a host.
ý C is wrong because 255 – 129 equals 126 possible host addresses. The host portion of
the subnet mask only allows for 30 hosts per subnet.
Configure Routing
6. þ C is correct. The default gateway for all clients on that side of the router must match the
connection that’s on the same side of the router (Server01 is playing the role of a router here).
ý A is incorrect because NIC1 is properly addressed for its side of the router.
ý B is wrong because NIC2 is on the far side of the router, so its IP address wouldn’t need
to match the IP addresses on the other side of the router.
ý D is wrong because Client01’s subnet mask is already appropriate for its subnet.
7. þ A is correct. 192.168.5.0 netmask 255.255.255.0 would encompass all hosts on the
192.168.5.0 network.
ý B is incorrect because we’re looking to set up a temporary route. The -p switch would
make this a persistent route.
ý C and D are incorrect because the netmask is too specific. We want a route that will
encompass all messages to 192.168.5.x.
8. þ C is correct. It has the most specific netmask and a lower metric than option D.
ý A is incorrect because all the other options have a more specific netmask.
ý B is incorrect because the netmask is less specific than those shown in C and D.
ý D would not be chosen over C because D has a higher metric.
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:08 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite / MCSE
Default screen Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9 / Chapter 1
Lab Answer 61
10. þ A is correct. You know that the IP software on the local host is working correctly because
you can ping the local host. Therefore, the first thing to check is the cable that connects the
host to the network.
ý B and C are wrong because you already know the NIC and IP software is functioning
correctly.
ý D is wrong because you’d only want to change the IP address and subnet mask after
you’ve ascertained that the networking hardware is functioning, and have also determined
that there’s a problem with the local TCP/IP configuration.
11. þ B is correct. When connectivity between hosts within a subnet fails, even though
everything appears to be in place, a faulty ARP cache could be the problem.
ý A is incorrect because pathping tests across routers.
ý C is incorrect because nbtstat and NetBIOS names aren’t an issue here.
ý D is incorrect because it’s a lot more trouble to go to than entering arp -d * and
trying again.
LAB ANSWER
This one takes some thinking, so let’s look at what you know. The route to DelDC01 is reachable
from 176.18.1.1 on TXRouter, as indicated from your ping tests. DelRouter is able to reach
TXRouter, as indicated by tracert. But the hop from TXRouter to DelRouter isn’t working. What’s
the most likely scenario in a situation like this? Either the routing table on SFRouter is wrong and
needs to be corrected, or there just is no persistent route in the table for this path.
So let’s say you check the routing table and there’s nothing in there to direct packages addressed
to 176.17.1.x to any particular IP address. You can create a persistent connection for all packets
addressed to 176.17.1.x to 176.18.1.1 by entering this command in SFRouter’s routing table:
route –p add 176.17.1.0 MASK 255.255.255.0 176.18.1.1
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:09 PM
Color profile: Generic CMYK printer profile
CertPrs8
Composite Default screen/ MCSE Managing a Windows 2000 Network Environment Study Guide / Simpson, McCaw / 222433-9
Blind Folio 62
P:\010Comp\CertPrs8\433-9\ch01.vp
Wednesday, June 12, 2002 2:53:09 PM