1 - Understanding and configuring TCP/IP - Windows Networking

Windows Networking.

Network Layers: Network layers are functional steps in communication, performed by programs called protocols.

Communication between computers is bidirectional. The networking layers taken together describe a way to construct and deconstruct packets. Each layer, and each protocol, must be able to perform its function in both directions.

The layered model traditionally used to describe communications is the Open Systems Interconnect (OSI) model.

With WS2008R2/W7 a new implementation of TCP/IP model is introduced, known as “Next  Generation TCP/IP Stack”

Layers:

Network Interface Layer: describes a standard model for communication among devices located on a single network segment. It uses protocols to communicate with other nearby interfaces identified by a fixed hardware address (MAC address, for example). Also specifies physical requirements for signaling, interfaces, cables, hubs, switches (layer 2 device) and access points. Examples are: Ethernet, Token Ring, Point-to-Point Protocol, etc.

Internet Layer: describes a global configurable software addressing scheme that allows devices to communicate when they reside on remote network segments. The main protocol is IP, and network device that reads data at this layer is a router.

Routers read the destination address written in a packet and then forward it towards its destination along an appropriate network path. Routers do not pass broadcast.

Protocols:

-IPv4: responsible for addressing and routing packets between hosts that might be dozens of network segments away. IPv4 relies on 32-bit addresses.

-IPv6: Uses 128-bit addresses, and can define more addresses.

Both protocols are enabled by default.

Transport Layer: Defines a method to send and receive shipments of data among devices. Also serves to tag data as being destined for a particular application.

Protocols:

-TCP: receives data from an application and processes the data as a stream of bytes.  Communication is two-way and reliable. The receiver acknowledges when each segment of a data shipment is received, and if the sender misses it, it’s resend again.

When TCP receives a stream of data, it’s sent to the application designed by the TCP port number.

-UDP: connectionless service that provides only best-effort delivery to network hosts.

Application Layer: Step at which network services are standardized.  Protocols are programs, such as e-mail, that provide some service to a user or application. Some examples are HTTP, Telnet, FTP, SNMP,DNS,etc.

By encapsulating data with layers, TCP/IP creates a packet. Not every packet really includes data encapsulated by exactly four protocols.

Configuring Networking Properties in WS2008R2

Network and Sharing Center: is the central dashboard for network settings. Can be used to review the basic configuration and verify Internet access, follow links to run a network troubleshooting wizard, open the status page of the Local Area Connection, create new connections, etc.

Options:

-Change Advanced Sharing Settings: relates to the default settings on the local computer for network profiles (Work, Home or Public). For each one, you can configure the local computer to enalbe or disable Network Discovery, File and Printer Sharing, Public Folder Sharing, and Media Streaming.

-See Full Map: allows you to see the devices on the local LAN and how these devices are connected to each other and to the Internet. Relies on two components:

-Link Layer Topology Discovery (LLTD) Mapper component, queries the network for devices to include in the map.

-LLTD Responder, responds to the queries from the Mapper.

Viewing Network Connections

Detected connections are displayed in Network Connections, along tiwh any additional connections. Network connections can be opened with cmd>ncpa.cpl

Default components: Connections by themselves do not allow network hosts to communicate; network clients, services, ad protocols bound to a connection are what provide connectivity through it. Networking tab on Properties dialog box reveals clients, services and protocols.

-Network clients: software components that allow the local computer to connect with a particular networking operating system.

-Network Services: software components that provide additional features for network connections:

-File and printer Sharing for Microsoft Networks: allows the local computer to share folders for network access.

-QoS Packet Scheduler provides network traffic control, including rate-of-flow and priorization services.

-Network Protocols: By default, four network protocols are installed and bound to any network connection:IPv4,IPv6, LLTD Mapper and LLTD Responder.

Bridging Network Connections: To combine multiple network connections, so Windows can treat them as if they were on the same network, yo can enable Network Bridging, and all points entering the server will appear on the same network. They can all share connections.

To bridge networks, select them pressing Ctrl, then right-click and select Bridge Networks.

Viewing an Address Configuration

Ip configuration consists, at a minimum, of an IPv4 address and subnet mask, or an IPv6 address and a subnet prefix.Can also include information such as a default gateway, DNS server address, DNS name suffix, and WINS server information.

To view IP address configuration,  use cmd> ipconfig, or the Network Connection Details dialog box.

Assigning an IP Configuration Manually

IPv4: manually configured address is known as a static address because remains constant. Are appropiate for critical infrastructure servers such as domain controllers, DNS Servers, DHCP Servers, WINS, and routers.

Can be assigned by using the IPv4 Properties dialog box, opening it with double-click.

Select the “Use The Following IP Address” option and specify the IP address, a subnet mask, and optionally a default gateway. To assign a static DNS server, select “Use The Following DNS Server Address”, and specify it.

From the command prompt, you can use the command Netsh:

Netsh interface ipv4 set address “Connection_name” static   Address     Subnet_mask    Default_gateway

IPv6:Normally, static IPv6 addresses are assigned only to routers and not to hosts. In the case you need to do it, you can set it by using the IPv6 Properties dialog box.

Select “Use the following IPv6 address”, and then specify the address, subnet prefix length, and default gateway. If you set it, you must set a static DNS server address.

From the command prompt, you can use:

Netsh interface ipv6 set address “Connection_Name”    Address.

Configuring an IPv4 Connection to receive an Address automatically

By default, all connections are configured to receive an IPv4 address automatically. A computer with this configuration is known as a DHCP client. All network connections will obtain an IPv4 address from a DHCP server if one is available. If not, will assign itself any alternate configuration. If no alternate configuration is defined, it will assign an Automatic Private IP Addressing (APIPA) address.

To configure a connection to obtain an IPv4 address automatically, selecte the option in the IPv4 properties dialog box. 

Netsh can also be used with the command:

Netsh interface ipv4 set address “Local Area Connection” dhcp

DHCP assigned addresses will always take priority over other automatic IPv4 configuration methods. A host can receive an IP address from a DHCP server if there is one within broadcast range.

Defining an alternate configuration: If no DHCP server available, you can assign an alternate configuration by selecting Alternate Configuration tab in the IPv4 Properties dialog box.

APIPA: automatic addressing  feature for some temporary networks. When no DHCP server available or alternate configuration, host uses APIPA to assign itself an IP addres on 169.254.0.1-254 with a subnet mask of 255.255.0.0

This enables two or more windows computers located in the same broadcast domain to communicate; but they cannot access Internet.

Repairing a network connection.

If an APIPA address has been assigned and no DHCP server is available, you can install a DHCP server or assign a static IP address.

On a network with an operative DHCP server, first step is to renew the IP configuration using cmd> ipconfig/ renew , or use the Diagnose feature, in Network connections. If this doesn’t work, check the DHCP server, and if it’s running, search for hardware problems.

Troubleshooting networks – utilities (rely on layer 3 - ICMP) (ICMP is blocked by default by Windows Firewall, some routers, and stand-alone firewall).

Ping – Key tool used to test network connectivity. If the remote computer replies the ping, connectivity to the host has been verified.

Tracert – traces a path from the local computer to a remote computer and check the status of each router along the way. Purpose is to determine the location of any break in connectivity that might lie between the local computer and a remote destination.

PathPing – is intended to find links that are causing intermittent data loss. Sends packets to each router on the way to a final destination over a period of time and then computer the percentage of packets returned from each hop. Shows the degree of packet loss at any given router or link.

Arp – is the name of an utility and a protocol. Address Resolution Protocol is udes to translate the IPv4 address of a computer or router in broadcast range to the MAC address of an actual interface across the network.

Arp can be used to to fix network problems when an innacurate mapping is the cause, revealing a problem. Can also be used to reveal ARP poisoning.