"WINDOWS 2000
TROUBLESHOOTING
T C P/I P
“This book is an important ally in keeping your Windows 2000 TCP/IP network running smoothly.”
—Excerpt from Foreword by Ted Rohling, Chief Technical Officer Decision Networks, Inc.
FREE Monthly Technology Updates One-year Vendor Product Upgrade Protection Plan FREE Membership to Access.Globalknowledge
Debra Littlejohn Shinder, MCSE, MCP+I, MCT Thomas W. Shinder, M.D., MCSE, MCP+I, MCT
�solutions@syngress.com
With over 1,000,000 copies of our MCSE, MCSD, CompTIA, and Cisco study guides in print, we have come to know many of you personally. By listening, we've learned what you like and dislike about typical computer books. The most requested item has been for a web-based service that keeps you current on the topic of the book and related technologies. In response, we have created solutions@syngress.com, a service that includes the following features:
s
A one-year warranty against content obsolescence that occurs as the result of vendor product upgrades. We will provide regular web updates for affected chapters. Monthly mailings that respond to customer FAQs and provide detailed explanations of the most difficult topics, written by content experts exclusively for solutions@syngress.com. Regularly updated links to sites that our editors have determined offer valuable additional information on key topics. Access to “Ask the Author”™ customer query forms that allow readers to post questions to be addressed by our authors and editors.
s
s
s
Once you've purchased this book, browse to
www.syngress.com/solutions.
To register, you will need to have the book handy to verify your purchase. Thank you for giving us the opportunity to serve you.
��WINDOWS 2000
TROUBLESHOOTING
TCP/IP
�Syngress Media, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work. There is no guarantee of any kind, expressed or implied, regarding the Work or its contents. The Work is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. You should always use reasonable case, including backup and other appropriate precautions, when working with computers, networks, data, and files. Syngress Media® and Syngress® are registered trademarks of Syngress Media, Inc. “Career Advancement Through Skill Enhancement™” is a trademark of Syngress Media, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies. KEY 001 002 003 004 005 006 007 008 009 010 SERIAL NUMBER MBN123WER6 BUT432GHPL VTR987EDXA LKN567YTG7 QQWZA2BNM9 183ABC7891 VCRTED1984 CRTY1534XX MNPPP19875 XXCVB98345
PUBLISHED BY Syngress Media, Inc. 800 Hingham Street Rockland, MA 02370 Troubleshooting Windows 2000 TCP/IP Copyright © 2000 by Syngress Media, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. Printed in the United States of America 1234567890 ISBN: 1-928994-11-3 Copy edit by: Beth Roberts Technical edit by: Thomas W. Shinder, M.D. Index by: Robert Saigh Project Editor: Julie Smalley Distributed by Publishers Group West Proofreading by: James Melkonian Page Layout and Art by: Emily Eagar and Vesna Williams Co-Publisher: Richard Kristof
�Acknowledgments
We would like to acknowledge the following people for their kindness and support in making this book possible. Richard Kristof, Duncan Anderson, Jennifer Gould, Robert Woodruff, Kevin Murray, Dale Leatherwood, Shelley Everett, Laurie Hedrick, Rhonda Harmon, Lisa Lavallee, and Robert Sanregret of Global Knowledge, for their generous access to the IT industry’s best courses, instructors and training facilities. Ralph Troupe and the team at Rt. 1 Solutions for their invaluable insight into the challenges of designing, deploying and supporting world-class enterprise networks. Karen Cross, Kim Wylie, Harry Kirchner, John Hays, Bill Richter, Michael Ruggiero, Kevin Votel, Brittin Clark, Sarah Schaffer, Luke Kreinberg, Ellen Lafferty and Sarah MacLachlan of Publishers Group West for sharing their incredible marketing experience and expertise. Peter Hoenigsberg, Mary Ging, Caroline Hird, Simon Beale, Julia Oldknow, Kelly Burrows, Jonathan Bunkell, Catherine Anderson, Peet Kruger, Pia Rasmussen, Denelise L'Ecluse, Rosanna Ramacciotti, Marek Lewinson, Marc Appels, Paul Chrystal, Femi Otesanya, and Tracey Alcock of Harcourt International for making certain that our vision remains worldwide in scope. Special thanks to the professionals at Osborne with whom we are proud to publish the best-selling Global Knowledge Certification Press series.
v
�From Global Knowledge
At Global Knowledge we strive to support the multiplicity of learning styles required by our students to achieve success as technical professionals. As the world's largest IT training company, Global Knowledge is uniquely positioned to offer these books. The expertise gained each year from providing instructor-led training to hundreds of thousands of students worldwide has been captured in book form to enhance your learning experience. We hope that the quality of these books demonstrates our commitment to your lifelong learning success. Whether you choose to learn through the written word, computer based training, Web delivery, or instructor-led training, Global Knowledge is committed to providing you with the very best in each of these categories. For those of you who know Global Knowledge, or those of you who have just found us for the first time, our goal is to be your lifelong competency partner. Thank your for the opportunity to serve you. We look forward to serving your needs again in the future. Warmest regards,
Duncan Anderson President and Chief Executive Officer, Global Knowledge
vi
�Contributors
Debra Littlejohn Shinder (MCSE, MCP+I, MCT) is an instructor in the AATP program at Eastfield College, Dallas County Community College District, where she has taught since 1992. She is Webmaster for the cities of Seagoville and Sunnyvale, TX, as well as the family Web site at www.shinder.net. She and her husband, Dr. Thomas W. Shinder, provide consulting and technical support services to Dallas area organizations. She is also the proud mother of daughter, Kristen, who is currently serving in the U.S. Navy in Italy, and son, Kris, who is a high school chess champion. Deb has been a writer for most her life, and has published numerous articles in both technical and non-technical fields. She can be contacted at deb@shinder.net. Thomas W. Shinder, M.D. (MCSE, MCP+I, MCT) is a technology trainer and consultant in the Dallas-Ft. Worth metroplex. Dr. Shinder has consulted with major firms including Xerox, Lucent Technologies and FINA Oil, assisting in the development and implementation of IP-based communications strategies. Dr. Shinder attended Medical School at the University of Illinois in Chicago, and trained in Neurology at the Oregon Health Sciences Center in Portland, Oregon. His fascination with interneuronal communication ultimately melded with his interest in internetworking and led him to focus on Systems Engineering. Tom works passionately with his beloved wife, Deb Shinder, to design elegant and cost-efficient solutions for smalland medium-sized businesses based on Windows NT/2000 platforms.
vii
�Foreword
When facing a new operating environment such as Windows 2000, resources such as this book are essential to your success. Here you will find all the information you need to understand the new TCP/IP administration tools available in the Windows 2000 environment. Rather than looking through countless CDs and volumes of documentation, you can look here. You will find the helpful hints you need to locate and troubleshoot the problems you will inevitably face. Experience and knowledge work together to help you do your job. This book is an important ally in keeping your Windows 2000 TCP/IP network running smoothly. Our success as network analysts is often judged by our ability to find and fix problems. In the past, the process was often a hit-or-miss proposition made worse by difficult-to-use vendor documentation. I have spent countless hours with co-workers just trying to find clues to the nature of a problem because not enough good information was available. Hopefully this book will save you from the hit-or-miss approach, immediately increasing your value as a Windows 2000 network analyst. Read, highlight, dog-ear, tab, use sticky notes; in short, make the book yours! —Ted Rohling, MCP, CCNA, CCDA Mr. Rohling is the Chief Technical Officer of Decision Networks, Inc., a computer networks consulting and training company in San Antonio, Texas. Ted has over 33 years of experience in the computer and networking field.
�Contents
Preface Chapter 1: TCP/IP Overview
Introduction TCP/IP’s “Net” Worth More Power, More Flexibility—and More Potential for Problems What’s Ahead in This Chapter TCP/IP: Where It Came From, and Where It’s Going History of the TCP/IP Protocols The Role of the U.S. Department of Defense From ARPAnet to the Internet Another Contender for the Title: The OSI Protocol Suite The Future of TCP/IP Looking Ahead to IPv6 Networking Models The Purpose of the Models Why Use Layered Models? The ISO OSI Model Seven Layers of the Networking World Layer 7: The Application Layer Layer 6: The Presentation Layer Layer 5: The Session Layer Layer 4: The Transport Layer Layer 3: The Network Layer Layer 2: The Data Link Layer Layer 1: The Physical Layer The DoD Model The Application/Process Layer The Host-to-Host (Transport) Layer The Internetworking Layer The Network Interface Layer The Microsoft Windows 2000 Networking Model The Application and User Mode Services Component The API Boundary Layer The File System Drivers The TDI Boundary Layer The Network Transport Protocol Component The NDIS Boundary Layer The NDIS Wrapper A Family of Protocols: The TCP/IP Suite Application Layer Protocols FTP SNMP
xxv 1
2 2 4 4 5 5 6 7 8 10 10 14 15 15 16 16 18 19 20 21 24 25 29 33 34 34 34 34 34 35 36 37 37 38 38 38 38 38 39 39
ix
�x
Troubleshooting Windows 2000 TCP/IP • Contents
Telnet SMTP HTTP NNTP Transport Layer Protocols TCP UDP Network Layer Protocols IP ARP and RARP ICMP IGMP TCP/IP Utilities Basic Network Design Planning as Preventative Medicine Testing and Implementation Prototyping Pilot Programs Rollout Summary FAQs
40 40 41 41 42 42 42 42 42 42 43 43 43 44 44 44 44 45 46 47 48
Chapter 2: Setting Up a Windows 2000 TCP/IP Network
Introduction Designing a New Windows 2000 TCP/IP Network The Planning Team Planning the Hardware Configurations Planning the Physical Layout Diagramming the Network Layout Planning for Sites What Is an Active Directory Site? Planning the Namespace Planning the Addressing Scheme Installing and Configuring Windows 2000 TCP/IP Installing TCP/IP on a Windows 2000 Computer The Protocol Installation Process Configuring TCP/IP Upgrading to Windows 2000 from Windows NT 4.0 The Windows NT Domain Models Single Domain Single Master Domain Multiple Master Domains Complete Trust
51
52 52 53 53 54 55 56 56 59 60 61 62 63 66 68 68 69 69 71 72
�Windows 2000 Configuration Wizards • Contents
xi
Which Model Is Easiest to Upgrade? Other Pre-Upgrade Issues Windows 32-Bit Applications DOS Applications Windows 16-Bit Applications OS/2 and POSIX Application Support in Windows 2000 Application Support Summary Common Upgrade Problems Migrating to Windows 2000 from Novell NetWare Understanding the NetWare Implementation of TCP/IP Premigration Issues Using the Directory Services Migration Tool Common Migration Problems Migrating to Windows 2000 from UNIX Understanding the UNIX Implementation of TCP/IP Summoning the Daemons UNIX TCP/IP Utilities Peaceful Coexistence: The Hybrid Network Environment NetWare Interoperability Client Services for NetWare (CSNW) Gateway Services for NetWare (GSNW) NetWare Protocol Support File and Print Services for NetWare Troubleshooter UNIX Interoperability Interoperability with IBM Mainframe Networks Summary FAQs
73 75 75 75 76 76 77 78 78 79 80 80 82 82 83 83 83 84 84 85 85 85 85 86 86 86 87 88
Chapter 3: General Windows 2000 TCP/IP Troubleshooting Guidelines
Introduction The Ten Commandments of Troubleshooting 1: Know Thy Network 2: Use the Tools of the Trade 3: Take It One Change at a Time 4: Isolate the Problem 5: Recreate the Problem 6: Don’t Overlook the Obvious 7: Try the Easy Way First 8: Document What You Do 9: Practice the Art of Patience 10: Seek Help from Others Windows 2000 Troubleshooting Resources Microsoft Documentation
91
92 92 92 93 93 94 95 95 96 96 97 98 99 99
�xii
Troubleshooting Windows 2000 TCP/IP • Contents
Help Files Resource Kits White Papers TechNet Newsgroups Third-Party Documentation Internet Mailing Lists Usenet Newsgroups Web Resources General Troubleshooting Models Differential Diagnosis Model Examination Diagnosis Treatment Follow-Up SARA Model Scanning Analysis Response Assessment Putting the Models to Work for You The Information-Gathering Phase Questions to Ask Question Format Log Files Application Log System Log Security Log Tools of the Trade The Problem Isolation Phase Organizing and Analyzing the Information Setting Priorities Prioritizing the Problems Prioritizing the Solutions Taking Corrective Measures One Change at a Time Order of Implementation Monitoring Results Using Forms and Check lists Summary FAQs
100 101 102 103 104 105 105 106 106 107 108 108 109 109 109 110 110 111 111 112 112 112 112 113 117 117 117 120 122 122 123 125 126 126 127 127 127 127 128 131 133
Chapter 4: Windows 2000 TCP/IP Internals
Introduction RFC Compliance Enhancements to the TCP/IP Stack in Windows 2000 RFC 1323: TCP Extensions for High Performance
135
136 136 138 140
�Windows 2000 Configuration Wizards • Contents
xiii
Scalable TCP Window Size TCP Timestamps RFC 2018: SACK (Selective Acknowledgment) RFC 1577: IP over ATM RFC 2001: TCP Fast Retransmit RFCs 2211 and 2212: Quality of Service RFC 2205: Resource Reservation Protocol IPSec Purpose and Uses of IPSec IP Security Options IPSec Configuration IPSec Troubleshooting NDIS 5.0 Inside the Windows 2000 Internet Protocol (IP) Classless Inter-Domain Routing Multihoming Problems Related to Multihoming IP Multicasting Multicast Address Range Troubleshooting IP Multicasting Duplicate IP Address Detection Inside the Windows 2000 Transport Protocols (TCP and UDP) Transmission Control Protocol Dead Gateway Detection Delayed Acknowledgments TCP Keep-Alives Avoiding the Silly Window Syndrome User Datagram Protocol Understanding TCP/IP Registry Settings Using the Registry Editing Tools Configuring TCP/IP Behavior through the Registry Creating a New Value Editing Common TCP/IP Registry Values Registry Settings that Should Not Be Edited Summary FAQs
140 150 152 153 155 156 157 158 158 159 160 161 164 165 166 167 168 169 170 171 171 172 172 173 173 174 174 175 175 176 178 179 180 181 182 185
Chapter 5: Using Network Monitoring and Troubleshooting Tools in Windows 2000
Introduction Windows 2000 Monitoring Tools Basic Monitoring Guidelines Baselining Documentation Backing Up Analysis
187
188 188 188 188 189 189 189
�xiv
Troubleshooting Windows 2000 TCP/IP • Contents
Performance Logs and Alerts Counters Log File Format Alerts Network Monitor Filtering Security Issues Installation Using the Program Capture Window Panes Extra Tools Buffers Collecting Data Filtered Captures Event Viewer Using TCP/IP Utilities PING -t Switch -n Switch -r Switch -i Switch -w Switch Using PING nslookup PATHPING tracert ARP Using ARP Static ARP Cache Entries ipconfig netstat and nbtstat netdiag Using netdiag SNMP What SNMP Does Installing the Agent Using IPSec Encryption Network Management Programs Microsoft Systems Management Server NTManage Summary FAQs
190 192 196 196 198 199 199 199 199 200 200 202 204 207 216 219 219 220 220 220 221 221 221 223 223 225 227 227 227 228 233 238 239 242 242 244 250 250 250 251 251 252
Chapter 6: Troubleshooting Windows 2000 NetBIOS Name Resolution Problems
Introduction to Name Resolution Services NetBIOS Name Resolution
257
258 258
�Troubleshooting Windows 2000 TCP/IP • Contents
xv
Windows 2000 Methods of NetBIOS Name Resolution NetBIOS Name Cache NetBIOS Name Server Broadcast LMHOSTS HOSTS DNS Server The Order of NetBIOS Resolution B-Node P-Node M-Node H-Node The Windows 2000 Windows Internet Name Service (WINS) NetBIOS Name Registration NetBIOS Name Query Request NetBIOS Name Release Multihomed Computers and WINS WINS Proxy Agents WINS Configuration Issues Static Mappings WINS Replication Partnership Agreements WINS Partner Autodiscovery WINS Network Topologies Spoke and Hub topology Push and Pull Partnerships Backing Up the WINS Database Scavenging the Database Interactions with DNS Servers Pointing WINS Servers to Themselves The Browser Service, WINS and Multihomed Masters Windows 2000 WINS Enhancements Persistent Connections Manual Tombstoning Is WINS Ever Going to Go Away? Troubleshooting Common NetBIOS Communication Problems Summary Don’t Multihome Your WINS Server Use a WINS Proxy Agent on Segments with non-WINS Clients Avoid Static Records in the WINS Database Define Replication Partners Based on Link Factors Avoid Split Registration Use the Hub and Spoke Model in Multisite Environments Configure DNS Servers to Resolve NetBIOS Names Don’t Multihome Master Browsers Use Manual Tombstoning Instead of Deleting Records Consider the Ramifications before Disabling NetBT FAQs
261 261 262 263 263 265 266 266 266 267 267 268 271 271 273 274 274 275 276 276 277 278 281 282 283 283 288 290 290 296 299 302 302 302 305 306 309 309 310 310 310 311 311 311 311 312 312 313
�xvi
Troubleshooting Windows 2000 TCP/IP • Contents
Chapter 7: Troubleshooting Windows 2000 DNS Problems
Introduction The Difference between NetBIOS Names and Host Names Flat versus Hierarchical Namespace NetBIOS on a TCP/IP Network Characteristics of Host Names The Need for a Name Resolution Service Domains: The “Family Name” The Domain Name System A Hierarchical Naming System Domain Levels Fully Qualified Domain Names Host Name Resolution Name Resolution Sequence The Caching Resolver Using the HOSTS File for Name Resolution Sending the DNS Query to a DNS Server The Recursion Process UNC Paths and DNS Queries Connecting over the Internet via UNC Qualified versus Unqualified Names Appending DNS Suffixes Host Name Resolution via WINS Lookups Multiple DNS Zones and WINs Naming Conventions and Issues Windows 2000 Support for RFC 2181 The Controversial Underscore Character Integrity Check Extended Character Set and Zone Transfers Lowercase Only Domain Naming Schemes and Implementation Problems Same Intranet and Internet Domain Name Solution: Separate DNS Zone Databases Different Intranet and Internet Domain Names Advantages of Using Different Internal and External Domain Names Proxy Configuration Corporate Mergers and Domain Management The Problem: Corporate Merger Proposed Solution Testing the Solution DNS Zone Design and Troubleshooting Standard Zones Zone Transfer Refresh Interval
317
318 319 319 320 321 321 3..."
|
You need to upgrade your Flash Player , or try to enable javascript in order see this document properly.
|
|
Comments
