Contents
I UP FRONT: NETWORK PLANNING AND DESIGN CONCEPTS
1 A Short History of Computer Networking
2 Overview of Network Topologies
Shared and Nonshared Network Media Topologies
Bridged Versus Routed Topologies
Building and Campus Topologies
Connecting Network Segments Within a Building: The Backbone
Design Considerations in a Campus LAN Environment
Planning a Logical Network Design
What Kinds of Services or Applications Will the Network Offer?
What Degree of Reliability Do I Require for Each Network Link?
Planning and Design Components
Test, Test, and Then Test Some More
Creating Policies and Procedures for Network Usage
Providing Training for Technical Personnel
You Can’t Forget the Budget (or Can You?)
4 Upgrading Strategies and Project Management
Determining When an Upgrade Is Necessary—The Evaluation Process
Determining User Requirements and Expectations
Maintaining Support for Legacy Applications
What Resources Are Needed for the Upgrade?
Evaluating the Plan As It Applies to Corporate Policies and Procedures
Closing the Book—Documenting What Has Changed and Why
Other Considerations for Upgrading
5 Protecting the Network: Preventative Maintenance Techniques
Power Conditioning and Uninterruptible Power Supplies (UPSs)
Advanced Configuration and Power Interface (ACPI) and Standalone UPS Systems
Server and Workstation Backups
Backup Media—Tape, Optical Storage, and Hard Disk
Building Redundancy into the Network
Justifying Preventative Maintenance
II Physical Networking Components
6 Wiring the Network—Cables, Connectors, Concentrators, and Other Network Components
The Backbone Cabling System Structure
The Horizontal Cabling System Structure
Insulation Displacement Contact
Modular Plug Pair Configurations
General Considerations for Fiber-Optic Cabling
Small Form Factor Connectors (SFF)
General Horizontal Cabling Subsystem Specifications
Documenting and the Administration of the Installation
Different Cards, Different Speeds
Network Cable Connectors and Terminators
The Wired for Management (WfM) Initiative
Load Balancing and Dual-Redundant Network Controllers
The Open Data-Link Interface (ODI)
The Network Driver Interface Specification (NDIS)
Checking the NIC Configuration on Linux
Checking the LEDs—Activity and Link Lights
Running the Adapter’s Diagnostic Program
Checking the Computer’s Network Configuration
Segmenting the Collision Domain
Using Switches to Create a Collapsed Backbone
Putting a Switch in Your Home Office
Stackable and Chassis Switches
Switch Troubleshooting and Management
Virtual LANs and Network Topologies
Switching Based on Network Frames
Using Explicit Tagging on the Network Backbone
IEEE Standards for Virtual LANs
What Kind of Switch Should You Buy?
Hierarchical Network Organization
The Difference Between Routable Protocols and Routing Protocols
When Do You Need to Use a Router?
Delegating Responsibility for Local Area Networks
Using a Router to Protect Your Network—NAT and Packet Filtering
Using Routers over Wide Area Networks (WANs)
11 Network Attached Storage (NAS) and Storage Area Networks (SANs)
Local Versus Networked Storage Devices
Defining Network Attached Storage (NAS)
Defining a Storage Area Network (SAN)
NAS Capacity Limitations—Bandwidth and Storage
Using Fibre Channel as a Network Transport
Encoding Data on Fibre Channel Networks
Using a Fabric Switched Topology for SANs
A Mixed Topology of Loops and Switches
What Kind of NAS or SAN Solution Should You Use?
III LOW-LEVEL NETWORK PROTOCOLS
12 The IEEE LAN/MAN Committee Networking Standards
What Is the LAN/MAN Committee?
IEEE 802: Overview and Architecture
IEEE 802.1: Bridging and Management
IEEE 802.2: Logical Link Control
IEEE 802.3: CSMA/CD Access Method
IEEE 802.4: Token-Passing Bus Access Method and IEEE 802.5: Token-Ring Access Method
IEEE 802.7: Recommended Practices for Broadband Local Area Networks
Obtaining the IEEE 802 Standards Documents Free
13 Ethernet: The Universal Standard
Variations on a Theme: How Many Kinds of Ethernet Are There?
Collisions: What Are CSMA/CA and CSMA/CD?
Defining the Collision Domain—Buses, Hubs, and Switches
Restrictions on Legacy Ethernet Topologies
Limiting Factors of Ethernet Technologies
Interconnecting Devices and Cable Segment Length
Using a Backbone to Connect the Enterprise
XEROX PARC Ethernet and Ethernet II
The 802.2 Logical Link Control (LLC) Standard
Fast Ethernet (IEEE 802.3u) and Gigabit Ethernet (IEEE 802.3z)
10Gigabit Ethernet (IEEE 802.3ae)
IV Dedicated Connections and WAN Protocols
The Point-to-Point Protocol and the Serial Line Internet Protocol
The Serial Line Internet Protocol (SLIP)
The Point-to-Point Protocol (PPP)
Establishing a Link: The Link Control Protocol (LCP)
Network Control Protocols (NCPs)
Configuring a Windows XP Professional Client for Dial-Up
When Dial-Up Isn’t Fast Enough
Diagnosing Problems with T-Carrier Services
Asynchronous Transfer Mode (ATM)
The ATM Architecture Model (B-ISDN/ATM Model)
The Importance of Frame Relay and the X.25 Interface
The Local Management Interface Signal Mechanism
Using Switched Virtual Circuits (SVCs)
Possible Problems Using Frame Relay
16 Digital Subscriber Lines (DSL) Technology
Topological Differences Between Cable and DSL
Providing IP Addresses to Cable Modems
First-Generation Cable Modem Systems
How Cable Modems Differ from xDSL Broadband Access
The Data Over Cable Service Interface Specification (DOCSIS)
Choosing Between Cable and DSL
V Wireless Networking Protocols
18 Introduction to Wireless Networking
Why Wireless Networks Have Proliferated
Access Points and Ad Hoc Networks
Using an Access Point to Mediate Wireless Communications
Physical Transmission Technologies
Frequency Hopping Versus Spread Spectrum
The IEEE 802.11 Wireless Standard
Other Services Performed at the MAC Layer
Sources of Interference for Wireless Networks
19 IEEE 802.11b: Wi-Fi Pioneer
Components of an 802.11-Based Wireless Network
802.11b—First, But Fading Away
Proprietary Extensions to 802.11b
What to Look for in an Access Point
Access Points with VPN Support
Do You Need a Wireless Network?
Connecting the Wireless Network to a Wired LAN
20 Faster Service: IEEE 802.11a
Overview of the IEEE 802.11a Standard
Interference from Consumer Devices
Increased Bandwidth in the 5GHz Band
Proprietary Extensions to 802.11a
Using Wireless Networking in Public Places
Comparing 802.11a with 802.11b and 802.11g
Overview of the 802.11g Standard
Installing a Wireless-G Broadband Router
Installing and Configuring a Wireless Network Adapter
Using the Windows XP Service Pack 2 Wireless Network Setup Wizard
Proprietary Extensions to the IEEE 802.11g Standard
Improving Network Performance with Dual-Band Wireless Technology
Which Wireless Protocol Should You Use?
22 Bluetooth Wireless Technology
The Bluetooth Special Interest Group (SIG)
The Service Discovery Application Profile
The Cordless Telephony Profile and the Intercom Profile
The Dial-Up Networking Profile
Bluetooth Is More Than a Wireless Communication Protocol
23 Security and Other Wireless Technologies
Instant Messaging and Consumer Devices
Comparing Mobile Information Devices
Wired Protected Access (WPA), WPA2, and 802.11i
How Well Do You Know Your Users?
VI Lan and Wan Network, Service, and Application Protocols
24 Overview of the TCP/IP Protocol Suite
TCP/IP and the OSI Reference Model
TCP/IP Is a Collection of Protocols, Services, and Applications
IP Is a Connectionless Transport Protocol
IP Is an Unacknowledged Protocol
IP Provides the Address Space for the Network
Examining IP Datagram Header Information
The Address Resolution Protocol—Resolving IP Addresses to Hardware Addresses
RARP—The Reverse Address Resolution Protocol
The Transmission Control Protocol (TCP)
TCP Provides a Reliable Connection-Oriented Session
Examining TCP Header Information
The User Datagram Protocol (UDP)
Examining UDP Header Information
Interaction Between UDP and ICMP
Ports, Services, and Applications
The Internet Control Message Protocol (ICMP)
25 Basic TCP/IP Services and Applications
The File Transfer Protocol (FTP)
Server Replies to FTP Commands
Using a Windows FTP Command-Line Client
Using the Red Hat Linux Command-Line FTP Client
The Trivial File Transfer Protocol (TFTP)
What Is a Network Virtual Terminal and NVT ASCII?
Telnet Protocol Commands and Option Negotiations
Using Telnet and FTP with a Firewall
How the Traditional R-Utilities Authorize Access to Your Network’s Resources
Other Services and Applications Built on the TCP/IP Suite
26 Internet Mail Protocols: POP3, SMTP, and IMAP
SMTP Commands and Response Codes
The Post Office Protocol (POP3)
The Internet Message Access Protocol Version 4 (IMAP4)
Retrieving the Message Header and Body of the Message
The User’s Inbox and Other Mailbox Naming
27 Troubleshooting Tools for TCP/IP Networks
Checking the Host System’s Configuration First
Using hostname and Related Commands
Using ipconfig and ifconfig to Check Host Configurations
Using ping and tracert to Check Connectivity
The netstat and route Commands
Using the nslookup Command to Troubleshoot Name Resolution Issues
Using Network Connection Repair in Windows XP
28 BOOTP and Dynamic Host Configuration Protocol (DHCP)
The BOOTP Request/Reply Mechanism
BOOTP Vendor-Specific Information Options
Downloading an Operating System
Taking BOOTP One Step Further: DHCP
The DHCP Packet Format and Additional Options
The DHCP Client/Server Exchange
Installing and Configuring a DHCP Server on Windows 2000/2003
Installing the DHCP Server Service on Windows 2000 or Server 2003
Configuring the DHCP Server and Scope Options
Providing Support for BOOTP Clients
Considerations for Using DHCP in Large or Routed Environments
How DHCP Interacts with Microsoft’s Dynamic Domain Name Service (DNS)
Troubleshooting Microsoft DHCP
Configuring a Router or WAP to Provide DHCP Services
Using MAC Address Filtering to Stop Unauthorized Users
Hardware Versus Protocol Addresses
Installing and Configuring WINS on Windows 2000/2003 Servers
Managing the Windows 2000 WINS Server
Managing the Windows Server 2003 WINS Service
Using netsh Commands to Manage WINS
Installing DNS on a Windows Server
30 Using the Active Directory Service
The Difference Between the Directory and the Directory Service
What Active Directory Delivers
Evolution of Directory Services from X.500 to LDAP
Standard Objects in the Active Directory
What Is a Domain Tree? What Is a Forest?
Domain Models—May They Rest in Peace
Partitioning the Active Directory into Domains
Active Directory Trees and Forests
The Active Directory and Dynamic DNS
How the Active Directory Uses DNS
Using Sites to Manage Large Enterprises
Summarizing the Directory Data Using the Global Catalog
Active Directory Service Interfaces (ADSI)
Directory-Aware Application Programming
Now It’s Just Domain Controllers and Member Servers
Modifying the Active Directory Schema
Finding Objects in the Active Directory
Finding a Printer in the Active Directory
The Active Directory Service and Windows Server 2003
New Active Directory Features in Windows Server 2003
Installing Active Directory on a Windows Server 2003 Computer
Why File Server Protocols are Important
Server Message Block (SMB) and the Common Internet File System (CIFS)
Protocol Negotiation and Session Setup
Monitoring and Troubleshooting SMB Communications
Using the SMB/CIFS Protocol on Non-Microsoft Clients: Samba
The Common Internet File System (CIFS)
General Requests and Responses
Request Being Processed Response
Unix Network File System (NFS)
Protocol Components: Remote Procedure Call (RPC) Protocol
External Data Representation (XDR)
The NFS Protocol and Mount Protocol
Configuring NFS Servers and Clients
Microsoft Distributed File System (DFS)
32 The Hypertext Transfer Protocol
Basic Types of Routing Protocols
The Routing Information Protocol (RIP)
OSPF (Open Shortest Path First)
Multi-Protocol Label Switching (MPLS)
Combining Routing and Switching
Using Frame Relay and ATM with MPLS
34 The Secure Sockets Layer (SSL) Protocol
Symmetric and Asymmetric Encryption
Using Information in the Digital Certificate to Prevent Interception Attacks
Adding Another Layer to the Network Protocol Stack
Does SSL Provide Enough Security for Internet Transactions?
35 Introduction to the IPv6 Protocol
What’s the Difference Between IPv4 and IPv6?
The Options Type Field for Hop-by-Hop and Destination Options
VII Network User and Resource Management
Interdomain Trust Relationships
Limiting the Time a User Can Log On
Limiting Which Workstations a User Can Log On To
Replication Between Domain Controllers
Detecting Failed Logon Attempts
Strategies to Minimize Logon Problems
37 Windows 2000 and Windows Server 2003 User and Computer Management Utilities
The Microsoft Management Console
Creating a New User Domain in the Active Directory
Managing Other User Account Information
Adding a Computer to the Domain
Managing Other Computer Account Information
Choosing a Group Based on the Group’s Scope
Other Things You Can Do with the Active Directory Computers and Users Snap-In
38 Managing Unix and Linux Users
Adding or Removing User Accounts
Using a Linux GUI Utility to Manage Users
Network Information Service (NIS)
The NIS Server ypserve Daemon and Maps Location
Setting the NIS Domain Name Using the Command domainname
Starting NIS: ypinit, ypserve, and ypxfrd
Pushing Modifications to NIS Slave Servers
User-Level and Share-Level Security
Microsoft Windows Share-Level Security
Assigning User Rights for Windows 2000, Server 2003, and XP
Managing User Password Policies
NTFS Standard and Special Permissions
Windows Permissions Are Cumulative
User Groups Make Managing User Rights Easier
User Groups in Windows 2000 and Server 2003
Differences Between NDS and File-System and Directory Rights
The Everyone Group and the [Public] Group
SUID and SGID File Permissions
Printing Protocols and Printing Languages
Using lpr/lpd and the TCP Stream Protocols
Data Link Control Protocol (DLC)
Internet Printing Protocol (IPP)
The BSD Spooling System: lpr and lpd
Configuring Windows Print Servers
Installing and Configuring Printers on Windows Servers
Print Server Object Properties
The NetWare 6.x iPrint Utility
Hardware-Based Print Servers—Print Server Appliances
VIII System and Network Security
42 Basic Security Measures Every Network Administrator Needs to Know
Acceptable Use Statement and Usage Guidelines
What a Security Policy Should Include
Uninterruptible Power Supply (UPS)
Disposing of Hardware and Media in a Secure Manner
Before the Fact: Controlling Access
Application Servers, Print Servers, and Web Servers
43 Auditing and Other Monitoring Measures
Configuring Windows NT 4.0 Auditing Policies
Using the Windows NT 4.0 Event Viewer
Configuring Windows 2000 and Windows Server 2003 Auditing Policies
Enabling Auditing for Files and Folders
Enabling Auditing for Printers
Logging Shutdown and Startup Events with Windows 2003 Server
Auditing Windows XP Professional Computers
44 Security Issues for Wide Area Networks
Computer Viruses, Trojan Horses, and Other Destructive Programs
Your Network Under Fire—Common Attacks
Distributed Denial-of-Service Attacks
Password Protection and SecurID and Smart Cards
If It’s Too Good to Be True, It Isn’t
Protecting Host Computers—Encryption and Virus-Protection Software
Staying on Top of Security Issues
Filtering Based on Port Numbers
Intrusion Detection (Stateful Inspection)
Filtering Based on Applications
Windows Firewall Versus Third-Party Firewall Programs
Impersonating the End User: Network Address Translation (NAT)
Advantages and Disadvantages of a Proxy Server
What to Expect from a Firewall
Inexpensive Firewalls for SOHO Environments
Using Both Hardware and Software Firewalls
How Do You Know That the Firewall Is Secure?
46 Virtual Private Networks (VPNs) and Tunneling
Protocols, Protocols, and More Protocols!
The Authentication Header (AH)
Encapsulation Security Payload (ESP)
The Point-to-Point Tunneling Protocol (PPTP)
Layer Two Tunneling Protocol (L2TP)
Creating a VPN Connection with Windows XP Professional
Setting Up and Using a VPN Connection in Windows XP
Troubleshooting a VPN Connection
Selecting a Router with VPN Support
Single-Key Encryption—Symmetric Encryption
48 Strategies for Troubleshooting Network Problems
A Documented Network Is Easier to Troubleshoot
Documentation and Maintenance—Keeping Things Up-to-Date
Auditing the Network to Locate Problem Sources
49 Network Testing and Analysis Tools
Network and Protocol Analyzers
Other Software LAN Analyzer Products
Simple Network Management Protocol (SNMP)
Network Objects: The Management Information Base (MIB)
The Complex Road to SNMPv2 and SNMPv3
50 Troubleshooting Small Office and Home Office (SOHO) Networks
Component Problems—You Can’t Get There from Here
51 Upgrading Older Ethernet Networks
Upgrading from 10BASE-2 or 10BASE-T
Hardware and Software Factors to Consider for 10BASE-2, 10BASE-T, and 100BASE-T
Bridges, Hubs, Repeaters, and Switches
Connecting Networks That Use Different Cables or Topologies
Upgrading the Network Backbone to Gigabit Ethernet
Using Gigabit Ethernet for High-End Servers
Gigabit Ethernet to the Desktop?
Gigabit Ethernet Can Cover the Distance
10 Gigabit Ethernet Is Becoming Economically Feasible
52 Upgrading from Bridges and Hubs to Routers and Switches
Segmenting the Network Can Improve Performance
Other Router Management Issues
Using a Router to Segment the Network
Connecting to a Larger WAN or the Internet
53 Adding Wireless Networking to a LAN
Choosing Locations for Access Points
54 Migrating from NetWare to Windows 2000 or Windows 2003
Windows Protocols and Services
Client Services for NetWare (CSNW)
Gateway Services for NetWare (GSNW)
Microsoft’s Services for NetWare Version 5.0 (SFN)
Comparison of Windows Server and NetWare File Permission Rights
Installing File and Print Services for NetWare Version 5.0 (FPNW 5.0)
Microsoft Directory Synchronization Services (MSDSS)
55 Migration and Integration Issues: Windows NT, Windows 2000, Windows 2003, Unix, and Linux
Windows Server Support for Unix Protocols and Utilities
Managing the FTP Service on Windows Server 2003
The Dynamic Host Configuration Protocol and BOOTP
Microsoft Windows Services for Unix 3.5
Sun Network Information System
56 Migrating from Windows NT 4.0 to Windows 2000, Windows 2003, and Windows XP
Do You Need to Upgrade the Operating System or Applications?
Upgrading to Windows 2000 Server
Windows NT Domain Controllers and Member Servers
Modeling the Directory Structure After Your Business Organization
Domains Are Partitions of the Active Directory
Migration Considerations: Centralized Versus Decentralized Management
Implementing a Migration to the Active Directory for Windows 2000
Start by Upgrading Primary Domain Controller
Adding Other Domains to the Active Directory
Upgrade the Master Domain First
Upgrading Windows NT 4.0 or Windows 2000 to Windows Server 2003
Hardware Requirements for a Windows Server 2003 Upgrade
The Application Compatibility Toolkit Application
What Role Will Your Server Perform?
An Example of Upgrading Windows 2000 Server to Windows Server 2003 Standard Edition
Should You Continue to Use Windows 2000 Professional or Move to Windows XP Professional?
57 Migration and Integration: NetWare, Unix, and Linux
Key Differences Between Unix/Linux and NetWare
Finding Linux Drivers for Hardware
A Overview of the OSI Seven-Layer Networking Reference Model
C Internet Resources for Network Administrators
Network Hardware and Software Manufacturers
D The Lightweight Directory Access Protocol
The X.500 Protocols and Standards
The Lightweight Directory Access Protocol
Adding, Modifying, or Deleting Information in the Directory
Comparing Information in the Directory
Windows 2000 Server, Windows Server 2003, and NetWare Are Not the Only Choices You Have
Sticking to Standards: Interoperability Between Directories
E Introduction to Setting Up a SOHO Network
Assessing Your Requirements: What Do You Need?
Applications Drive Hardware Purchases