Network Services Lesson 6

Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Setting up common networking services Understanding network services 3.5 Defining more network services Understanding network services 3.5 Defining Name Resolution Techniques Understand Name Resolution 3.4

Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that enables configured client computers to obtain IP addresses automatically The IP information obtained might include the following: IP addresses Subnet masks Gateway addresses DNS server addresses Other advanced options The DHCP Server service provides the following benefits: Reliable IP address configuration Reduced network administration DHCP

Before a DHCP server can start leasing IP addresses to client computers, the following steps must be performed: 1. Install the DHCP service 2. Configure an IP scope 3. Activate the scope 4. Authorize the server 5. Configure advanced IP options (optional) DHCP Server

DEMO: Install and view the DHCP Service (and console)

DHCP sessions use a four-step process known as DORA. Discovery: The client sends a broadcast to the network to find a DHCP server Offer: The DHCP server sends a unicast “offering” of an IP address to the client Request: The client broadcasts to all servers that it has accepted the offer Acknowledge: The DHCP server sends a final unicast to the client that includes the IP information the client will use DHCP utilizes ports 67 and 68 DORA

DEMO: Add a DHCP Scope

Automatic Private IP Addressing (APIPA) is a service for assigning unique IP addresses on small office/home office (SOHO) networks without deploying the DHCP service APIPA can get in the way of a client obtaining an IP address properly (e.g., when a client attempts to obtain an IP address from a DHCP server, but the DHCP server is too busy) APIPA

APIPA is disabled using Registry Editor 1. Open Registry Editor 2. In Registry Editor, navigate to the following registry key: KEY_LOCAL_MACHINE\SYSTEM\Curre ntControlSet\Services\Tcpip\Parameters 3. Create the following entry: IPAutoconfigurationEnabled: REG_DWORD 4. Assign a value of 0 to disable Automatic Private IP Addressing (APIPA) support. 5. Close Registry Editor. Disable APIPA

DEMO: Disable APIPA

Remote Desktop Services, formerly known as Terminal Services, is a type of thin-client terminal server computing. RDS enables virtual desktop infrastructure (VDI), session-based desktops, and applications, allowing users to work anywhere Thin-client computers and PCs can connect to servers running Remote Desktop Services Remote Desktop Services

Remote Desktop Connection (DEMO) Computer Name

Routing and Remote Access Service (RRAS) supports remote user or site-to-site connectivity by using virtual private network (VPN) or dial- up connections. RRAS consists of the following components: Remote Access. By using RRAS, you can deploy VPN connections to provide end users with remote access to your organization's network. You can also create a site-to-site VPN connection between two servers at different locations. Routing. RRAS is a software router and an open platform for routing and networking. It offers routing services to businesses in local area network (LAN) and wide area network (WAN) environments or over the Internet by using secure VPN connections. Routing is used for multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and network address translation (NAT) routing services. Microsoft RRAS was formerly known as Remote Access Service (RAS) Routing and Remote Access Service

Internet/ISP

DEMO: Install and view Routing and Remote Access

Protocol within the TCP/IP suite that encrypts and authenticates IP packets Ensures private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services Designed to secure any application traffic because it resides on the network layer (or Internet layer for the TCP/IP reference model) Used in conjunction with virtual private networks and is an integral part of IPv6 IPsec has been defined to work in two different modes: Tunnel mode is most often used for site-to-site VPN connections Transport mode is most often used for securing IP traffic on private networks Internet Protocol Security (IPSec)

IPSec Protocol Types ProtocolRequirementUsage Authentication Header (AH) The data and the header need to be protected from modification and authenticated, but remain readable. Use for data integrity in situations where data is not secret but must be authenticated — for example, where access is enforced by IPSec to trusted computers only, or where network intrusion detection, QoS, or firewall filtering requires traffic inspection. Encapsulating Security Payload (ESP) Only the data needs to be protected by encryption so it is unreadable, but the IP addressing can be left unprotected Use when data must be kept secret, such as file sharing, database traffic, RADIUS protocol data, or internal Web applications that have not been adequately secured by SSL. Both AH and ESP The header and data, respectively, need to be protected while data is encrypted. Use for the highest security. However, there are very few circumstances in which the packet must be so strongly protected. When possible, use ESP alone instead.

Domain Name System (DNS) is a worldwide service that resolves host names to IP addresses DNS architecture is a hierarchical distributed database and an associated set of protocols that define: A mechanism for querying and updating the database A mechanism for replicating the information in the database among servers A schema of the database DNS is part of the application layer of the TCP/IP reference model DNS servers use inbound port 53 to accept name resolution requests DNS

Windows Internet Name Service (WINS) is a service that resolves NetBIOS names to IP addresses WINS is required for any environment in which users access resources that have NetBIOS names It is Microsoft’s version of the NetBIOS Name Service (NBNS) combined with a name server If you do not use WINS in such a network, you cannot connect to a remote network resource by using its NetBIOS name unless you use Lmhosts files, and you might be unable to establish file and print sharing connections WINS and DNS are both name resolution services for TCP/IP networks WINS

Be able to install and configure DHCP to hand out IP addresses to client computers. You have learned the four-step DHCP process known as DORA. Be able to install and configure Remote Desktop Services so that client computers can connect remotely to a server. Understand how to install and configure Routing and Remote Access Service (RRAS) as a LAN router. You have learned how to define IPsec and the various protocols that can be used. Understand how DNS and WINS function, how the services are installed and configured and when WINS is needed on your network. Summary

Additional Resources & Next Steps Books Exam : MTA Networking Fundamentals (Microsoft Official Academic Course) Instructor-Led Courses 40033A: Windows Operating System and Windows Server Fundamentals: Training 2-Pack for MTA Exams and (5 Days) 40349A: Windows Operating System Fundamentals: MTA Exam (3 Days) 40032A: Networking and Security Fundamentals: Training 2-Pack for MTA Exams and (5 Days) 40366A: Networking Fundamentals: MTA Exam Exams & Certifications Exam : Networking Fundamentals Remote Desktop Poster us/download/confirmation.aspx?id= us/download/confirmation.aspx?id=3 262