Chapter 9, Network Protocols and Services

Chapter 9, Lesson 1

|1| Network Protocols

|2| 1. Introduction to Network Protocols

A. A protocol is a set of rules and conventions for sending information over a network.

B. Protocol binding order

1. Protocols can be added or deleted at will and selectively bound to all network interfaces.

2. Binding order is determined by the order in which the protocols were initially installed.

3. Binding order can be changed at any time on a per-interface basis.

4. Network services can be selectively enabled or disabled on a per-adapter or per-protocol basis.

|3| 2. Transmission Control Protocol/Internet Protocol (TCP/IP)

A. The TCP/IP suite has been adopted by Microsoft as the strategic enterprise transport protocol for Microsoft Windows 2000.

B. The Windows 2000 TCP/IP suite is designed to make it easy to integrate Microsoft enterprise networks into large-scale corporate, government, and public networks.

|4| 3. Asynchronous Transfer Mode (ATM)

A. Overview of ATM

1. ATM is an advanced implementation of packet switching that is ideal for voice, video, and data communication.

2. Because the number of bytes of a cell is constant, cells can be switched at a constant interval.

3. An ATM endpoint establishes a connection before sending any data on the network.

4. ATM guarantees Quality of Service (QoS) on a local area network (LAN), a wide area network (WAN), and a public internetwork.

5. Windows 2000 uses LAN emulation, IP over ATM, ATM over Digital Subscriber Line (xDSL), and native ATM access to support ATM.

B. LAN emulation (LANE)

1. LANE is a method by which protocols that understand only connectionless media can communicate over ATM.

2. LANE consists of two primary components.

a. LANE client (Atmlane.sys)

b. LANE services

C. IP over ATM

1. A group of services that is used for communicating over an ATM network and that can be used as an alternative to LAN emulation

2. Uses the connection-oriented properties of ATM to overcome the connectionless nature of IP

3. Services do not reside in one place and are not usually on an ATM switch

4. A small layer between ATM and TCP/IP

5. Handled by two primary components

a. ARP server (Atmarps.sys)

b. ARP client (Atmarpc.sys)

D. ATM over xDSL

1. xDSL is a means by which plain old telephone service (POTS) can be used to send digital data over a pair of copper wires.

2. To connect many DSL users to an ATM backbone network, the DSL data is sent to a Digital Subscriber Line Access Multiplexer (DSLAM).

3. ATM over xDSL offers high-speed network access from the home and small office environment.

4. ATM over xDSL preserves the high-speed characteristics and QoS guarantees available in the core ATM network without changing protocols.

E. ATM access through Winsock 2.0 and native ATM access

1. ATM support for Winsock 2.0 is available through the Windows Sockets ATM Service Provider.

2. Applications that use native ATM can create virtual circuits and access QoS guarantees.

|5| 4. NWLink

A. Overview of NWLink

1. NWLink is Microsoft’s implementation of the Novell NetWare IPX/SPX protocol.

2. NWLink does not allow a Windows 2000 computer to directly access files or printers shared on a NetWare server or to act as a file or print server to a NetWare client.

3. Gateway Service for NetWare (GSNW) acts as a redirector for a Windows 2000 Server computer where it is installed and as a gateway for other client computers.

4. NWLink is useful if NetWare client/server applications are running that use Winsock or NetBIOS over IPX/SPX protocols.

B. Setting the frame type

1. The frame type defines the way in which the network adapter formats data to be sent over a network.

2. NWLink supports a number of topologies and frame types.

a. Ethernet

b. Token ring

c. Fiber Distributed Data Interface (FDDI)

3. You can choose to automatically detect or manually configure the frame type.

|6| 5. NetBIOS Enhanced User Interface (NetBEUI)

A. NetBEUI is broadcast-based and is not routable.

B. NetBEUI provides compatibility with existing LANs that use the NetBEUI protocol.

C. NetBEUI provides computers running Windows 2000 with several capabilities.

1. Connection-oriented and connectionless communication between computers

2. Self-configuration and self-tuning

3. Error protection

4. Small memory overhead

Note A Windows 2000 network running Active Directory services cannot use NWLink or NetBEUI as the primary protocol. Only TCP/IP is supported for access to Active Directory services.

|7| 6. AppleTalk

A. Windows 2000 includes support for AppleTalk.

B. AppleTalk allows Windows 2000 to be a router and a dial-up server.

C. For the AppleTalk protocol to function properly, a Windows 2000 Server computer must be configured with Services for Macintosh and must be available on the network.

|8| 7. Data Link Control (DLC)

A. DLC is used to print to Hewlett-Packard printers that are connected directly to networks.

Note TCP/IP can also be used for printing to HP printers and is the preferred protocol on modern networks.

B. Only the print server communicating directly with the print device requires the DLC protocol to be installed.

C. After you have configured a Windows 2000 Server computer to perform the role of print server for the DLC-enabled network print device, client computers can communicate to the printer share on the Windows 2000 Server computer.

|9| 8. Infrared Data Association (IrDA)

A. IrDA is a group of short-range, high-speed, bidirectional wireless infrared protocols.

B. IrDA allows a variety of devices to communicate with one another.

C. The IrDA protocol stack is accessed by using Network Driver Interface Specification (NDIS) connectionless drivers.

Chapter 9, Lesson 2

Transmission Control Protocol/Internet Protocol

|10| 1. Overview of the TCP/IP Suite

A. Introduction to TCP/IP

1. An industry-standard suite of protocols that enables enterprise networking and connectivity on Windows 2000–based computers

2. Offers several advantages

a. A routable networking protocol supported by most operating systems

b. A technology for connecting dissimilar systems

c. A robust, scalable, cross-platform client/server framework

d. A method of gaining access to Internet resources

3. Provides a set of standards for how computers communicate and how networks are interconnected

B. Network interface layer

1. At the base of the TCP/IP model is the network interface layer.

2. This layer puts frames on the wire and pulls frames off the wire.

C. Internet layer

1. Internet-layer protocols encapsulate packets in Internet datagrams and run all the necessary routing algorithms.

2. There are four Internet layer protocols.

a. IP

b. ARP

c. ICMP

d. IGMP

D. Transport layer

1. Transport layer protocols provide communication sessions between computers.

2. There are two transport layer protocols.

a. TCP

b. UDP

E. Application layer

1. At the top of the TCP/IP model is the application layer, in which applications gain access to the network.

2. There are two application layer interfaces.

a. Winsock

b. NetBT

|11| 2. Configuring TCP/IP to Use a Static IP Address

A. Dynamic Host Configuration Protocol (DHCP)

1. By default, client computers running Microsoft Windows 2000, Windows NT, Windows 98, and Windows 95 obtain TCP/IP configuration information from the DHCP Service.

2. Even in a DHCP environment, you should assign a static IP address to selected network computers.

B. For each network adapter card that uses TCP/IP, you can configure an IP address, a subnet mask, and a default gateway.

C. Several options are used in configuring a static IP address.

1. IP address

2. Subnet mask

3. Default gateway

|12| 3. Configuring TCP/IP to Obtain an IP Address Automatically

A. Using DHCP

1. If a server running the DHCP Service is available on the network, it can automatically assign TCP/IP configuration information to the DHCP client.

2. Using DHCP to configure TCP/IP automatically on client computers can simplify administration and ensure correct configuration information.

B. Using the Internet Protocol (TCP/IP) Properties dialog box to configure a DHCP client

|13| 4. Using Automatic Private IP Addressing

A. Windows 2000 implementation of TCP/IP

1. Supports automatic assignment of IP addresses for simple LAN configurations

2. An extension of dynamic IP addresses without using static IP address assignment or installing the DHCP Service

B. Automatic Private IP Addressing (APIPA) follows specific steps in assigning an IP address.

1. Windows 2000 TCP/IP attempts to find a DHCP server on the attached network to obtain a dynamically assigned IP address.

2. In the absence of a DHCP server during startup, the client cannot obtain an IP address.

3. APIPA generates an IP address in the form of 169.254.x.y and a subnet mask of 255.255.0.0.

C. After the computer generates the address, it broadcasts to this address and then assigns the address to itself if no other computer responds.

D. Although APIPA can assign a TCP/IP address to DHCP clients, it does not generate all the information that is provided by DHCP.

E. Disabling automatic private IP addressing

1. By default, the APIPA feature is enabled.

2. You can disable APIPA by modifying the registry.

|14| 5. Troubleshooting TCP/IP

A. Ping

B. Arp

C. Ipconfig

D. Nbtstat

E. Netstat

F. Route

G. Hostname

H. Tracert

6. Testing TCP/IP Connectivity

|15| A. TCP/IP utilities

1. File Transport Protocol (FTP)

2. Trivial File Transport Protocol (TFTP)

3. Telnet

4. Remote Copy Protocol (RCP)

5. Remote shell (RSH)

6. Remote execution (REXEC)

7. Finger

|16| B. Using ipconfig

1. Use ipconfig to verify the TCP/IP configuration parameters on a host.

2. Executing the ipconfig /all command provides several results.

a. If a configuration has initialized, the ipconfig utility displays the IP address and the subnet mask and, if it is assigned, the default gateway.

b. If a duplicate IP address exists, the ipconfig utility indicates that the IP address is configured; however, the subnet mask is 0.0.0.0.

c. If the computer is unable to obtain an IP address from a server running the DHCP Service on the network, the ipconfig utility displays the IP address provided by APIPA.

|17| C. Using ping

1. To test connectivity

2. To test TCP/IP configurations and diagnose connection failures

3. To determine whether a particular TCP/IP host is available and functioning

|18| D. Using ipconfig and ping

1. You can use a combination of the ipconfig and ping commands to verify a computer’s configuration and test router connections.

2. Follow specific steps when using the tools.

a. The ipconfig command is used to verify that the TCP/IP configuration has been initialized.

b. The ping command is used against the loopback address (127.0.0.1) to verify that TCP/IP is correctly installed and bound to your network adapter card.

c. The ping command is used with the IP address of the local computer to verify that the computer is not a duplicate of another IP address on the network.

d. The ping command is used with the IP address of the default gateway to verify that the default gateway is operational and that the computer can communicate with the local network.

e. The ping command is used with the IP address of a remote host to verify that the computer can communicate through a router.

Chapter 9, Lesson 3

Dynamic Host Configuration Protocol Service

1. Introduction to DHCP

|19| A. Overview

1. DHCP is a TCP/IP standard for simplifying the management of IP configuration.

2. Each time a DHCP client starts, it requests IP addressing information from a DHCP server.

a. IP address

b. Subnet mask

c. Optional values, such as a default gateway address

3. When a DHCP server receives a request for an IP address, it selects IP addressing information from a pool of addresses defined in its database and offers the IP addressing information to the DHCP client.

4. Manual vs. automatic TCP/IP configuration

|20| B. The DHCP lease process

1. The DHCP Service allocates IP addressing information to client computers.

2. The DHCP lease process occurs when certain events occur.

a. TCP/IP is initialized for the first time on a DHCP client.

b. A client requests a specific IP address and is denied.

c. A client previously leased an IP address but released the IP address and requires a new one.

3. DHCP uses a four-phase process to lease IP addressing information to a DHCP client for a specific period.

a. DHCPDISCOVER

b. DHCPOFFER

c. DHCPREQUEST

d. DHCPPACK

e. DHCPNACK

C. IP lease renewal and release

1. Overview

a. All DHCP clients attempt to renew their lease when 50 percent of the lease time has expired.

b. Each time a DHCP client restarts, it attempts to lease the same IP address from the original DHCP server.

c. If a DHCP client cannot renew its lease with the original DHCP server at the 50 percent interval, the client broadcasts a DHCPREQUEST to contact any available DHCP server when 87.5 percent of the lease time has expired.

d. If a DHCP client expires or a DHCPNACK message is received, the DHCP client must immediately discontinue using that IP address.

2. Using ipconfig to renew a lease

a. Use ipconfig /renew to send a DHCPREQUEST message to the DHCP server to receive updated options and lease time.

b. If the DHCP server is unavailable, the client continues using the current DHCP-supplied configuration options.

3. Using ipconfig to release a lease

a. Use ipconfig /release to cause a DHCP client to send a DHCPRELEASE message to the DHCP server and to release its lease.

b. Microsoft DHCP clients do not initiate DHCPRELEASE messages when shutting down.

2. Installing and Configuring the DHCP Service

A. Requirements

1. Requirements for a server running the DHCP Service

a. A static IP address, a subnet mask, a default gateway, and other TCP/IP parameters

b. The DHCP Service

c. An activated DHCP scope

d. An authorization

2. Requirements for DHCP clients

a. A computer that is DHCP-enabled

b. A DHCP client running one of the supported operating systems

|21| B. Installing the DHCP Service

1. The first step in implementing DHCP is to install the DHCP Service.

2. To install the DHCP Service, use the Add/Remove Programs utility in Control Panel.

|22| C. The DHCP snap-in

1. Use the DHCP snap-in for all DHCP management and configuration tasks.

2. You can access the DHCP snap-in as a stand-alone MMC console or through the Computer Management snap-in.

|23| D. Creating a DHCP scope

1. After you have installed the DHCP Service and it is running, the next step is to create a scope.

2. When creating a DHCP scope, consider several guidelines.

a. You must create at least one scope for every DHCP server.

b. You must exclude static IP addresses from the scope.

c. You can create multiple scopes on a DHCP server to centralize administration and to assign IP addresses specific to a subnet.

d. DHCP servers do not share scope information.

3. Use the DHCP snap-in to create a scope.

4. You can specify a number of parameters when creating a new scope.

a. Name

b. Description

c. Start IP address

d. End IP address

e. Subnet mask

f. Start IP address (for excluded range)

g. End IP address (for excluded range)

h. Lease duration

5. Once you have created the scope, you must activate it to make it available for lease assignments.

6. Configuring a DHCP scope

a. Server options are available to all DHCP clients.

b. Scope options are available only to clients who lease an address from the specific scope.

c. Client options are available to specific clients with reserved DHCP address leases.

7. Configuring DHCP options

a. A number of options are available when you configure the DHCP server, scope, or client reservations.

Note These are some (not all) of the options that are available when you configure a DHCP server, scope, or client reservation.

(1) 003 Router

(2) 006 DNS Servers

(3) 015 DNS Domain Name

(4) 044 WINS/NBNS Servers

(5) 046 WINS/NBT Node Type

(6) 047 NetBIOS Scope ID

b. Several value types are used in configuring the DHCP options.

(1) IP address

(2) Long

(3) String value

(4) Word

(5) Byte

(6) Binary

|24| 8. Configuring a client reservation

a. For some DHCP clients, it is important that the same IP address be reassigned when their lease expires.

b. Clients using static host name resolution might also require that critical servers maintain their IP address configuration.

c. To configure a client reservation, select Reservations under the specific scope and create a new reservation.

|25| E. Authorizing the DHCP server

1. A DHCP server must be authorized in Active Directory services before it can assign IP addresses.

2. Authorization is a security precaution that ensures that only authorized DHCP servers run on your network.

3. Use the DHCP snap-in to authorize the DHCP server.

3. Backing Up and Restoring the DHCP Database

A. Backing up the DHCP database

1. By default, Windows 2000 backs up the DHCP database every 60 minutes.

2. You can change the default backup interval by changing the value.

B. Restoring the DHCP database

1. By default, the DHCP Service restores a corrupt DHCP database when you restart the DHCP Service.

2. You can also manually restore the DHCP database file.

3. To manually restore the DHCP database, edit the registry.

4. Several files are stored in %systemroot%\System32\DHCP.

a. DHCP.mdb

b. Tmp.edb

c. J50.log and J50*.log

Chapter 9, Lesson 4

Windows Internet Naming Service

1. Introduction to WINS

|26| A. The WINS name resolution process

1. Every time a WINS client starts, it registers its NetBIOS name/IP address mapping with a designated WINS server. It then queries the WINS server for the computer name resolution.

2. When a WINS client initiates a NetBIOS command to communicate with another network resource, it sends the name query request directly to the WINS server instead of broadcasting the request on the local network.

3. The WINS server finds a NetBIOS name/IP address mapping for the destination resource in this database, and it returns the IP address to the WINS client.

B. Name registration

1. Overview

a. Each WINS client is configured with the IP address of a primary WINS server and, optionally, a secondary WINS server.

b. If the WINS server is available and another WINS client has not registered the name, the WINS server returns a successful registration message to the client.

2. When a name is already registered

a. When a name is already registered in the WINS database, the WINS server sends a name query request to the currently registered owner of the name.

b. If the currently registered owner responds successfully to the WINS server, the WINS server sends a negative name registration response to the WINS client that is attempting to register the name.

3. When the WINS server is unavailable

a. A WINS client makes three attempts to find the primary WINS server.

b. If neither server is available, the client generates three B-node broadcasts on the local network.

|27| C. Name renewal

1. A WINS server registers all NetBIOS names on a temporary basis so that other computers can use the same name later if the original owner stops using it.

2. To continue using the same NetBIOS name, a client must renew its lease before the lease expires.

3. A WINS client first attempts to refresh its lease after one-eighth of the Time to Live (TTL) interval has expired.

4. When half the TTL interval has expired, the WINS client attempts to refresh its lease with a secondary WINS server.

5. When a WINS server receives the name refresh request, it sends the client a name refresh response with a new TTL interval.

|28| D. Name release

1. When a WINS client’s name is no longer in use, the client sends a message to the WINS server to release the name.

2. When the WINS server receives the name release request, it checks its database for the specified name.

|29| E. Name query

1. After a WINS client has registered its NetBIOS name and IP address with a WINS server, it can communicate with other hosts by obtaining the IP address of other NetBIOS-based computers from the WINS server.

2. By default, a WINS client attempts to resolve another host’s NetBIOS name to an IP address.

a. The client checks its NetBIOS name cache for the NetBIOS name/IP address mapping of the destination computer.

b. If the client cannot resolve the name from its cache, it sends a name query request directly to its primary WINS server.

c. If the primary WINS server is unavailable, the client resends the request two more times before switching to the secondary WINS server.

d. If either WINS server, primary or secondary, resolves the name, it sends a response to the client with the IP address for the requested NetBIOS name.

e. If no WINS server can resolve the name, the client receives a message saying that the requested name does not exist and initiates a network broadcast.

2. Implementing WINS

|30| A. WINS server configuration

1. A WINS server requires a computer running Windows 2000 Server; however, the server does not have to be a domain controller.

2. A WINS server can include additional configurations.

a. A static mapping for all non-WINS clients to allow communication with the WINS clients on remote networks

b. WINS support through the DHCP Service

|31| B. WINS client configuration

1. A WINS client must be running one of the supported operating systems.

2. A WINS client also requires the IP address of a primary WINS server and optionally, the IP address of a secondary WINS server.

|32| C. WINS installation

1. The WINS service is not installed as part of the default Windows 2000 Server installation.

2. After you install the WINS Service, you should configure its TCP/IP properties so that the computer points to itself.

|33| D. WINS snap-in

1. You can use the WINS snap-in for all management and configuration tasks of the WINS server.

2. The WINS snap-in provides access to detailed information about the WINS servers on a network.

3. You can access the WINS snap-in as a stand-alone MMC console or through the Computer Management snap-in.

E. Support for non-WINS clients

1. Static mappings

a. On a network that includes non-WINS clients, you can configure a static NetBIOS name/IP address mapping for each non-WINS client.

b. When you create a static mapping, you can specify a NetBIOS scope.

c. There are five types of static mappings that you can create when you add a new static mapping.

(1) Unique

(2) Group

(3) Domain name

(4) Internet group

(5) Multihomed

2. Configuring a WINS proxy agent

a. A WINS proxy agent extends the name resolution capabilities of the WINS server to non-WINS clients by listening for broadcast name registrations and broadcast resolution requests and then forwarding them to a WINS server.

(1) When a non-WINS client broadcasts a name registration request, the WINS proxy agent forwards the request to the WINS server to verify that no other WINS client has registered that name.

(2) When a WINS proxy agent detects a name resolution broadcast, it checks its NetBIOS name cache and attempts to resolve the name.

b. To configure a WINS proxy agent, edit the registry on a WINS-enabled client.

|34| F. DHCP server configuration

1. If a computer is a DHCP client, you can configure WINS support by using the DHCP snap-in.

2. The snap-in allows you to add and configure the DHCP scope option 044 WINS/NBNS Servers and configure the address of primary and secondary servers.

3. When the DHCP client leases or renews an address lease, it receives this DHCP scope option, and the client is configured for WINS support.

4. You can also configure the 046 WINS/NBT Node Type option to set the node type.

Chapter 9, Lesson 5

Domain Name System

1. Introduction to DNS

|35| A. Overview

1. WINS resolves NetBIOS names to IP addresses, while DNS resolves IP host names to IP addresses.

2. IP host names resolved by using DNS or other means provide a number of benefits.

a. IP host names are user-friendly.

b. IP host names remain more constant than IP addresses.

c. IP host names allow users to connect to local servers by using the same naming conventions as the Internet.

|36| B. Domain namespace

1. Overview

a. Domain namespace is the naming scheme that provides the hierarchical structure for the DNS database.

b. The DNS database is indexed by name; therefore, each domain must have a name.

c. A domain’s name identifies its position in the hierarchy.

2. Root domain

a. The root domain is at the top of the hierarchy and is represented as a period (.).

b. The Internet root domain is managed by several organizations.

3. Top-level domain

a. Top-level domains are two-character or three-character name codes.

b. Top-level domains are categorized by organization type or geographic location.

4. Second-level domain

a. Organizations assign and register second-level domains to individuals and organizations for the Internet.

b. A second-level domain can contain both hosts and subdomains.

|37| C. Host names

1. Host names refer to specific computers on the Internet or a private network.

2. A host name is the leftmost portion of the fully qualified domain name (FQDN), which describes the exact position of a host within the domain hierarchy.

3. DNS uses a host’s FQDN to resolve a name to an IP address.

|38| D. Domain naming guidelines

1. Limit the number of domain levels.

2. Use unique names.

3. Use simple names.

4. Avoid lengthy domain names.

5. Use standard DNS characters and Unicode characters.

|39| E. Zones

1. A zone represents a discrete portion of the domain namespace.

2. Zones provide a way to partition the domain namespace into manageable sections.

3. Multiple zones in a domain namespace are used to distribute administrative tasks to different groups.

4. A zone must encompass a contiguous domain namespace.

5. The name-to-IP address mappings for a zone are stored in the zone database file.

|40| F. Name servers

1. A DNS name server stores the zone database file.

2. Name servers can store data for one zone or multiple zones.

3. There must be at least one name server for a zone.

4. A zone can have multiple name servers associated with it.

5. Multiple name servers provide several advantages.

a. The additional name servers obtain a copy of the zone database file from the name server that contains the primary database zone file.

b. If the name server containing the primary zone database file fails, the additional name servers can provide the server.

c. If a number of clients are in remote locations, use additional name servers to reduce query traffic across slow WAN links.

d. The additional name servers reduce the load on the name server containing the primary zone database file.

2. Overview of the Name Resolution Process

|41| A. Introduction to the name resolution process

1. Name resolution is the process of resolving names to IP addresses.

2. DNS name servers resolve forward and reverse lookup queries.

|42| B. Forward lookup query

1. The client passes a forward lookup query for the domain to its local name server.

2. The local name server checks its zone database file to determine whether it contains the name-to-IP address mapping for the client computer.

3. The local name server sends a request to a top-level domain server.

4. The local name server sends a request to the domain name server.

5. The local name server sends the IP address for the domain to the client.

6. The name resolution is complete, and the client can now access the domain.

|43| C. Name server caching

1. When a name server is processing a query, it might be required to send out several queries to find the answer.

2. When a name server receives a query request, several events occur.

a. The name server caches the query result for a specified amount of time.

b. Once the name server caches the query result, TTL starts counting down from its original value.

c. When TTL expires, the name server deletes the query result from its cache.

3. Caching query results enables the name server to quickly resolve other queries to the same portion of the domain namespace.

|44| D. Reverse lookup query

1. A reverse lookup query maps an IP address to a name.

2. Because the DNS distributed database is indexed by name and not by IP address, a reverse lookup query would require an exhaustive search of every domain name.

3. The in-addr.arpa domain is based on IP addresses, not domain names.

a. Subdomains are named after the numbers in the dotted-decimal representations of IP addresses.

b. The order of the IP address octet is reversed.

c. Companies administer subdomains of the in-addr.arpa domain based on their assigned IP addresses and subnet masks.

|45| 3. Installing the DNS Service

A. To implement DNS, you must configure the server and then install the DNS service.

B. The DNS server must be configured with a static IP address.

C. The DNS installation process accomplishes a number of tasks.

1. Installs the DNS snap-in and adds a shortcut to the Administrative Tools program group

2. Adds a key for the DNS service to the registry

3. Creates the %systemroot%\System32\DNS folder

D. Generally, you will not need to edit the DNS database file.

4. Configuring the DNS Service

|46| A. The DNS snap-in

1. You can use the DNS snap-in for all configuration and management tasks of the DNS server.

2. The DNS snap-in allows you to configure forward lookup zones and reverse lookup zones, add resource records to the zone database file, and configure the DNS service for Dynamic DNS (DDNS).

3. You can access the DNS snap-in as a stand-alone MMC console or through the Computer Management snap-in.

|47| B. Creating forward lookup zones

1. A forward lookup zone enables forward lookup queries.

2. Zone type

a. Active Directory–integrated

b. Standard primary

c. Standard secondary

3. Typically, a zone is named after the highest domain in the hierarchy that the zone encompasses.

4. Zone file

a. The zone file refers to the database file name, which defaults to the zone name with a .DNS extension.

b. When migrating a zone from another server, you can import the existing zone file.

|48| C. Creating reverse lookup zones

1. A reverse lookup zone enables reverse lookup queries.

2. Reverse lookup zones are not required; however, a reverse lookup zone is required to run troubleshooting tools and to record a name instead of an IP address in log files.

3. The zone types are the same as the zone type options available when a forward lookup zone is created.

4. Enter your network ID or the name of the reverse lookup zone.

5. Zone file

a. The network ID and subnet mask determine the default zone file name.

b. When migrating a zone from another server, you can import the existing zone file.

|49| D. Adding resource records

1. Once you create your zones, you can use the DNS snap-in to add resource records.

2. When a zone is created, DNS automatically adds two resource records.

a. Start of Authority (SOA)

b. Name Server (NS)

3. For a list of other types of resource records along with a description of each type, open the Resource Record Type dialog box.

|50| E. Configuring dynamic DNS

1. Dynamic updates

a. You can configure a list of authorized servers to initiate dynamic updates.

b. The update sequence consists of several steps.

(1) A client, using an SOA query, locates the primary DNS server and zone authoritative for the record to be registered.

(2) The client sends to the located DNS server an assertion or prerequisite-only update to verify an existing registration.

(3) If the update fails, the client attempts to register the record with the other primary DNS server.

c. Every computer running Windows 2000 attempts the registration of its A and PTR records.

2. DDNS and DHCP

a. DDNS interacts with the DHCP Service to maintain synchronized name-to-IP address mappings for network hosts.

b. Use the DNS snap-in to configure a zone for DDNS.

c. Use the DHCP snap-in to configure the server to send dynamic updates.

|51| 5. Configuring a DNS client

A. Once you install and configure the DNS service on computers running Windows 2000 Server, you can configure your Windows 2000 DNS clients.

B. You must ensure that TCP/IP is installed on the client before you can configure the client to use the DNS service.

C. You can specify DNS settings that assist in resolving host names not specified by their FQDN, and you can configure DDNS registration settings from the dialog box.

|52| 6. Troubleshooting the DNS service

A. Monitoring the DNS server

1. You can use the DNS snap-in to monitor the DNS service.

2. You can test the name server by performing two types of queries.

a. Simple query

b. Recursive query

B. Setting logging options

1. You can use the DNS snap-in to set additional logging options for debugging purposes.

2. Information from any of the selected options is saved to the log file.

C. Using nslookup

1. Nslookup is the primary diagnostic tool for the DNS service, and it is installed when TCP/IP is installed.