MVA slides lesson 6
Download as PPTX, PDF1 like541 views
The document discusses several key networking services including DHCP, Remote Desktop Services, Routing and Remote Access Service (RRAS), IPsec, DNS, and WINS. It defines each service and explains how DHCP uses the four-step DORA process to assign IP addresses. The document also provides instructions for installing and configuring DHCP, disabling APIPA, and using Remote Desktop Connection. It describes how RRAS supports remote access VPNs and routing. IPsec encryption protocols and when to use them are also outlined. Finally, DNS and WINS name resolution services are compared.
MVA slides lesson 6
- 2. Objectives Skills/Concepts Objective Domain Description Objective Domain Number Setting up common networking services Understanding network services 3.5 Defining more network services Understanding network services 3.5 Defining Name Resolution Techniques Understand Name Resolution 3.4
- 3. • Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that enables configured client computers to obtain IP addresses automatically • The IP information obtained might include the following: • IP addresses • Subnet masks • Gateway addresses • DNS server addresses • Other advanced options • The DHCP Server service provides the following benefits: •Reliable IP address configuration •Reduced network administration DHCP
- 4. • Before a DHCP server can start leasing IP addresses to client computers, the following steps must be performed: 1. Install the DHCP service 2. Configure an IP scope 3. Activate the scope 4. Authorize the server 5. Configure advanced IP options (optional) DHCP Server
- 5. DEMO: Install and view the DHCP Service (and console)
- 6. • DHCP sessions use a four-step process known as DORA. • Discovery: The client sends a broadcast to the network to find a DHCP server • Offer: The DHCP server sends a unicast “offering” of an IP address to the client • Request: The client broadcasts to all servers that it has accepted the offer • Acknowledge: The DHCP server sends a final unicast to the client that includes the IP information the client will use • DHCP utilizes ports 67 and 68 DORA Hey, are there any DHCP Servers here? (DHCPDiscover) Yes, I am a DHCP Server, and here is an IP Address for you (DHCPOffer) Thanks, I like that IP and I will take it (DHCPRequest) Ok, it s yours. Pleasure doing business with you (DHCPAck)
- 7. DEMO: Add a DHCP Scope
- 8. • Automatic Private IP Addressing (APIPA) is a service for assigning unique IP addresses on small office/home office (SOHO) networks without deploying the DHCP service • APIPA can get in the way of a client obtaining an IP address properly (e.g., when a client attempts to obtain an IP address from a DHCP server, but the DHCP server is too busy) APIPA
- 9. • APIPA is disabled using Registry Editor 1. Open Registry Editor 2. In Registry Editor, navigate to the following registry key: KEY_LOCAL_MACHINESYSTEMCurrentCo ntrolSetServicesTcpipParameters 3. Create the following entry: IPAutoconfigurationEnabled: REG_DWORD 4. Assign a value of 0 to disable Automatic Private IP Addressing (APIPA) support. 5. Close Registry Editor. Disable APIPA
- 11. • Remote Desktop Services, formerly known as Terminal Services, is a type of thin-client terminal server computing. • RDS enables virtual desktop infrastructure (VDI), session-based desktops, and applications, allowing users to work anywhere • Thin-client computers and PCs can connect to servers running Remote Desktop Services Remote Desktop Services
- 13. Remote Desktop Connection (DEMO) Computer NameComputer Name
- 14. • Routing and Remote Access Service (RRAS) supports remote user or site- to-site connectivity by using virtual private network (VPN) or dial-up connections. • RRAS consists of the following components: • Remote Access. By using RRAS, you can deploy VPN connections to provide end users with remote access to your organization's network. You can also create a site-to-site VPN connection between two servers at different locations. • Routing. RRAS is a software router and an open platform for routing and networking. It offers routing services to businesses in local area network (LAN) and wide area network (WAN) environments or over the Internet by using secure VPN connections. Routing is used for multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and network address translation (NAT) routing services. • Microsoft RRAS was formerly known as Remote Access Service (RAS) Routing and Remote Access Service
- 15. Routing and Remote Access Service Internet/ISP
- 16. DEMO: Install and view Routing and Remote Access
- 17. • Protocol within the TCP/IP suite that encrypts and authenticates IP packets • Ensures private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services • Designed to secure any application traffic because it resides on the network layer (or Internet layer for the TCP/IP reference model) • Used in conjunction with virtual private networks and is an integral part of IPv6 • IPsec has been defined to work in two different modes: • Tunnel mode is most often used for site-to-site VPN connections • Transport mode is most often used for securing IP traffic on private networks Internet Protocol Security (IPSec)
- 18. IPSec Protocol Types Protocol Requirement Usage Authentication Header (AH) The data and the header need to be protected from modification and authenticated, but remain readable. Use for data integrity in situations where data is not secret but must be authenticated — for example, where access is enforced by IPSec to trusted computers only, or where network intrusion detection, QoS, or firewall filtering requires traffic inspection. Encapsulating Security Payload (ESP) Only the data needs to be protected by encryption so it is unreadable, but the IP addressing can be left unprotected Use when data must be kept secret, such as file sharing, database traffic, RADIUS protocol data, or internal Web applications that have not been adequately secured by SSL. Both AH and ESP The header and data, respectively, need to be protected while data is encrypted. Use for the highest security. However, there are very few circumstances in which the packet must be so strongly protected. When possible, use ESP alone instead.
- 19. • Domain Name System (DNS) is a worldwide service that resolves host names to IP addresses • DNS architecture is a hierarchical distributed database and an associated set of protocols that define: • A mechanism for querying and updating the database • A mechanism for replicating the information in the database among servers • A schema of the database • DNS is part of the application layer of the TCP/IP reference model • DNS servers use inbound port 53 to accept name resolution requests DNS
- 20. • Windows Internet Name Service (WINS) is a service that resolves NetBIOS names to IP addresses • WINS is required for any environment in which users access resources that have NetBIOS names • It is Microsoft’s version of the NetBIOS Name Service (NBNS) combined with a name server • If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name unless you use Lmhosts files, and you might be unable to establish file and print sharing connections • WINS and DNS are both name resolution services for TCP/IP networks WINS
- 21. • Be able to install and configure DHCP to hand out IP addresses to client computers. • You have learned the four-step DHCP process known as DORA. • Be able to install and configure Remote Desktop Services so that client computers can connect remotely to a server. • Understand how to install and configure Routing and Remote Access Service (RRAS) as a LAN router. • You have learned how to define IPsec and the various protocols that can be used. • Understand how DNS and WINS function, how the services are installed and configured and when WINS is needed on your network. Summary
- 22. Additional Resources & Next Steps Books • Exam 98-366: MTA Networking Fundamentals (Microsoft Official Academic Course) Instructor-Led Courses • 40033A: Windows Operating System and Windows Server Fundamentals: Training 2-Pack for MTA Exams 98-349 and 98-365 (5 Days) • 40349A: Windows Operating System Fundamentals: MTA Exam 98-349 (3 Days) • 40032A: Networking and Security Fundamentals: Training 2-Pack for MTA Exams 98-366 and 98-367 (5 Days) • 40366A: Networking Fundamentals: MTA Exam 98- 366 Exams & Certifications • Exam 98-366: Networking Fundamentals Remote Desktop Poster • http://www.microsoft.com/en- us/download/confirmation.aspx?id=32 62
Editor's Notes
- #3: This should also be a review for the 70-642.
- #12: Before Windows Server 2008 R2, it was known as Terminal services. Starting with Windows Server 2008 R2, it is called Remote Desktop Services.
- #13: Bing up Server PosterPedia
- #21: WINS and DNS are both name resolution services for TCP/IP networks. While WINS resolves names in the NetBIOS namespace, DNS resolves names in the DNS domain namespace. WINS primarily supports clients that run older versions of Windows and applications that use NetBIOS. Windows 2000, Windows XP, and Windows Server 2003 use DNS names in addition to NetBIOS names. Environments that include some computers that use NetBIOS names and other computers that use domain names must include both WINS servers and DNS servers.