Lesson 6

Skills/Concepts
Setting up common networking services
Defining more network services
Defining Name
Resolution Techniques
Objective Domain
Description
Understanding network services
Understanding network services
Understand Name
Resolution
Objective Domain
Number
3.5
3.5
3.4

•
•
•
•
•
•
•
Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that enables configured client computers to obtain IP addresses automatically
The IP information obtained might include the following:
IP addresses
Subnet masks
Gateway addresses
DNS server addresses
•
•
•
Other advanced options
The DHCP Server service provides the following benefits:
Reliable IP address configuration
Reduced network administration

DHCP Server
•
1.
2.
Before a DHCP server can start leasing IP addresses to client computers, the following steps must be performed:
Install the DHCP service
Configure an IP scope
3.
4.
5.
Activate the scope
Authorize the server
Configure advanced IP options (optional)

DEMO: Install and view the DHCP Service (and console)

•
•
•
•
DHCP sessions use a four-step process known as DORA.
Discovery: The client sends a broadcast to the network to find a DHCP server
Offer: The DHCP server sends a unicast “offering” of an IP address to the client
•
•
Request: The client broadcasts to all servers that it has accepted the offer
Acknowledge: The DHCP server sends a final unicast to the client that includes the
IP information the client will use
DHCP utilizes ports 67 and 68
Hey, are there any DHCP
Servers here? (DHCPDiscover)
Yes, I am a DHCP Server, and here is an IP Address for you (DHCPOffer)
Thanks, I like that IP and I will take it (DHCPRequest)
Ok, it s yours. Pleasure doing business with you (DHCPAck)

•
•
Automatic Private IP Addressing (APIPA) is a service for assigning unique IP addresses on small office/home office (SOHO) networks without deploying the DHCP service
APIPA can get in the way of a client obtaining an IP address properly
(e.g., when a client attempts to obtain an IP address from a DHCP server, but the DHCP server is too busy)

•
APIPA is disabled using Registry Editor
1. Open Registry Editor
2. In Registry Editor, navigate to the following registry key:
KEY_LOCAL_MACHINE\SYSTEM\CurrentCo ntrolSet\Services\Tcpip\Parameters
3. Create the following entry:
IPAutoconfigurationEnabled: REG_DWORD
4. Assign a value of 0 to disable Automatic
Private IP Addressing (APIPA) support.
5. Close Registry Editor.

•
•
•
Remote Desktop Services, formerly known as Terminal Services, is a type of thin-client terminal server computing.
RDS enables virtual desktop infrastructure (VDI), session-based desktops, and applications, allowing users to work anywhere
Thin-client computers and PCs can connect to servers running Remote
Desktop Services

Remote Desktop Services

Computer Name Computer Name

•
•
•
•
•
Routing and Remote Access Service (RRAS) supports remote user or siteto-site connectivity by using virtual private network (VPN) or dial-up connections.
RRAS consists of the following components:
Remote Access. By using RRAS, you can deploy VPN connections to provide end users with remote access to your organization's network. You can also create a site-to-site VPN connection between two servers at different locations.
Routing. RRAS is a software router and an open platform for routing and networking. It offers routing services to businesses in local area network (LAN) and wide area network (WAN) environments or over the
Internet by using secure VPN connections. Routing is used for multiprotocol LAN-to-LAN, LAN-to-WAN,
VPN, and network address translation (NAT) routing services.
Microsoft RRAS was formerly known as Remote Access Service (RAS)

Internet/ISP

•
•
•
•
•
Protocol within the TCP/IP suite that encrypts and authenticates IP packets
•
•
Ensures private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services
Designed to secure any application traffic because it resides on the network layer (or Internet layer for the TCP/IP reference model)
Used in conjunction with virtual private networks and is an integral part of
IPv6
IPsec has been defined to work in two different modes:
Tunnel mode is most often used for site-to-site VPN connections
Transport mode is most often used for securing IP traffic on private networks

Protocol
Authentication
Header (AH)
Requirement
The data and the header need to be protected from modification and authenticated, but remain readable.
Encapsulating
Security Payload
(ESP)
Only the data needs to be protected by encryption so it is unreadable, but the IP addressing can be left unprotected
Both AH and
ESP
The header and data, respectively, need to be protected while data is encrypted.
Usage
Use for data integrity in situations where data is not secret but must be authenticated — for example, where access is enforced by IPSec to trusted computers only, or where network intrusion detection, QoS, or firewall filtering requires traffic inspection.
Use when data must be kept secret, such as file sharing, database traffic, RADIUS protocol data, or internal Web applications that have not been adequately secured by
SSL.
Use for the highest security. However, there are very few circumstances in which the packet must be so strongly protected. When possible, use ESP alone instead.

•
•
•
•
•
•
•
Domain Name System (DNS) is a worldwide service that resolves host names to IP addresses
DNS architecture is a hierarchical distributed database and an associated set of protocols that define:
A mechanism for querying and updating the database
A mechanism for replicating the information in the database among servers
A schema of the database
DNS is part of the application layer of the TCP/IP reference model
DNS servers use inbound port 53 to accept name resolution requests

•
•
•
•
•
Windows Internet Name Service (WINS) is a service that resolves
NetBIOS names to IP addresses
WINS is required for any environment in which users access resources that have NetBIOS names
It is Microsoft’s version of the NetBIOS Name Service (NBNS) combined with a name server
If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name unless you use
Lmhosts files, and you might be unable to establish file and print sharing connections

•
•
•
•
•
•
Be able to install and configure DHCP to hand out IP addresses to client computers.
You have learned the four-step DHCP process known as DORA.
Be able to install and configure Remote Desktop Services so that client computers can connect remotely to a server.
Understand how to install and configure Routing and Remote Access
Service (RRAS) as a LAN router.
You have learned how to define IPsec and the various protocols that can be used.
Understand how DNS and WINS function, how the services are installed and configured and when WINS is needed on your network.

Additional Resources & Next Steps
•
40033A: Windows Operating System and Windows
Server Fundamentals: Training 2-Pack for MTA
Exams 98-349 and 98-365 (5 Days)
•
40349A: Windows Operating System Fundamentals:
MTA Exam 98-349 (3 Days)
•
40032A: Networking and Security Fundamentals:
Training 2-Pack for MTA Exams 98-366 and 98-367
(5 Days)
•
• Exam 98-366: MTA
Networking
Fundamentals (Microsoft
Official Academic
Course)
40366A: Networking Fundamentals: MTA Exam 98-
366
• http://www.microsoft.com/enus/download/confirmation.aspx?id=32
62
•
Exam 98-366:
Networking
Fundamentals