Internet Authentication server gives us RADIUS server. RADIUS stands for Remote
Authentication Dial in User Server, RADIUS is an industry standard.
Note: an IP address is assigned to every device that you want access on the network, and each have unique IP address. A client, server, every interface of router, printer and all devices on the network should have an IP address to communicate in the network.
Note: In class C address we have 254 clients for each subnet.
In class B address we have approximately 65,534 hosts per subnet.
In class A address we have millions of hosts per subnet.
Numbers can range from 0-255, but x.x.x.0 is used for identifying network and
x.x.x.255 is used for broadcasting, so we use the numbers from 1-254.
Note: The portion between two firewalls is called screened subnet, in corporate network we call it as DMZ (De Militarized zone).
Wednesday, March 31, 2010
What we get with RRAS?
We will get with RRAS the ability to create a fully functional router with our windows 2003 server.
We will get quite a bit of Remote connectivity functionality. It also can support
clients dialing in through phone lines, or through the internet through a virtual private network.
We will get quite a bit of Remote connectivity functionality. It also can support
clients dialing in through phone lines, or through the internet through a virtual private network.
What are the features of Microsoft proxy ?
Active / Passive caching
User level control
IP filters
Access logs
Access to the internet for IPX clients
User level control
IP filters
Access logs
Access to the internet for IPX clients
How to set proxy setting to the clients?
Right click Internet explorer -> Click on connections -> Click on LAN settings -> Click use proxy server -> type the IP address of the proxy server and port that we are using
How to install proxy server on windows 2003?
There is a patch to install proxy on windows 2003. It doesn’t install natively on windows 2003. You have to install along with the windows 2003 patch. You can download this patch from Microsoft website. Or you can get this in windows proxy CD.
Go to Proxy folder -> Click on windows proxy update -> click on the patch file -> Go
through the wizard.
This patch file invokes the proxy installation.
To configure the proxy settings
Start -> Programs -> Microsoft proxy server -> Microsoft management console -> we get
MMC for Internet Information Service, because our proxy server is incorporated with in IIS service.
With proxy we have two types of caching.
Active caching
Passive caching
Go to Proxy folder -> Click on windows proxy update -> click on the patch file -> Go
through the wizard.
This patch file invokes the proxy installation.
To configure the proxy settings
Start -> Programs -> Microsoft proxy server -> Microsoft management console -> we get
MMC for Internet Information Service, because our proxy server is incorporated with in IIS service.
With proxy we have two types of caching.
Active caching
Passive caching
What is proxy?
NAT server helps the client to access Internet, where as proxy server does every
thing for client. When a request comes from the client the proxy server surfs the internet and caches the results to its local disk, sends that result to the client.
With proxy we have performance improvement, because results are cached to the
local hard disk.
With proxy we have security, because only one system in the internal network
communicating with the Internet.
Rather than allowing clients to access internet by changing IP address, the proxy
server does all the surfing for clients and caches to its local disk and gives to the clients.
thing for client. When a request comes from the client the proxy server surfs the internet and caches the results to its local disk, sends that result to the client.
With proxy we have performance improvement, because results are cached to the
local hard disk.
With proxy we have security, because only one system in the internal network
communicating with the Internet.
Rather than allowing clients to access internet by changing IP address, the proxy
server does all the surfing for clients and caches to its local disk and gives to the clients.
What are the limitations of Windows 2003 NAT?
-> Supports only TCP/IP
There is no support for IPX or other protocol.
No support for:
-> SNMP (so we cannot do SNMP monitoring for our NAT devices)
-> LDAP
-> Com / Dcom
-> Kerberos V5
-> RPC
-> IPSec
Note: Windows 2000 NAT doesn’t allow L2TP traffic, it allows only PPTP traffic.
There is no support for IPX or other protocol.
No support for:
-> SNMP (so we cannot do SNMP monitoring for our NAT devices)
-> LDAP
-> Com / Dcom
-> Kerberos V5
-> RPC
-> IPSec
Note: Windows 2000 NAT doesn’t allow L2TP traffic, it allows only PPTP traffic.
How to add public IP address pools to our NAT server?
Start -> Programs -> Administrative tools -> RRAS -> IP routing -> click on NAT -> on
Right hand side you see network cards -> click on external NIC (which has a valid public IP) -> Click on Address pool tab -> Click on add button -> Give the pool of IP addresses.
Note: By default there is no access to the internal devices on the NAT network to out side clients. By default out side clients cannot access any thing in our Nat network.
Right hand side you see network cards -> click on external NIC (which has a valid public IP) -> Click on Address pool tab -> Click on add button -> Give the pool of IP addresses.
Note: By default there is no access to the internal devices on the NAT network to out side clients. By default out side clients cannot access any thing in our Nat network.
How to enable DHCP service through NAT?
Start -> Programs -> Administrative tools -> RRAS -> IP routing -> Right click on NAT
-> go to properties -> Click on Address assignment -> Select the option automatically
assign IP address by using DHCP
Note: If don’t want to use your NAT server to assign IP addresses clear the check box.
Note: NAT server contains at least two NIC, because one for internal IP address and another one for external (Public IP).
-> go to properties -> Click on Address assignment -> Select the option automatically
assign IP address by using DHCP
Note: If don’t want to use your NAT server to assign IP addresses clear the check box.
Note: NAT server contains at least two NIC, because one for internal IP address and another one for external (Public IP).
How to go to the NAT options?
Start -> Programs -> Administrative tools -> RRAS -> IP routing -> NAT
Note: Windows 2003 NAT can acts as a DHCP server. So it is possible to give IP address
with our NAT server. When you are doing this make sure that you don’t have DHCP
server in your network.
If you have less clients (5 or 6) then there is no harm assigning IP address through
NAT, but if your network is big then best is to use DHCP.
Note: Windows 2003 NAT can acts as a DHCP server. So it is possible to give IP address
with our NAT server. When you are doing this make sure that you don’t have DHCP
server in your network.
If you have less clients (5 or 6) then there is no harm assigning IP address through
NAT, but if your network is big then best is to use DHCP.
What is QoS?
QoS stands for Quality of Service. With QoS we can reserve bandwidth to certain
applications.
applications.
What are the file names that we cannot create in Windows operating system?
The file names that cannot be created in Windows operating system are
-> Con
-> Prn
-> Lpt1, Lpt2, Lpt3, Lpt4, ….., Lpt9
-> Com1, com2 com3, com4, com5,….., com9
-> Nul
-> Aux
Note: The file name clock$ cannot be created in DOS 6.22 or earlier versions of DOS.
-> Con
-> Prn
-> Lpt1, Lpt2, Lpt3, Lpt4, ….., Lpt9
-> Com1, com2 com3, com4, com5,….., com9
-> Nul
-> Aux
Note: The file name clock$ cannot be created in DOS 6.22 or earlier versions of DOS.
What is KCC ?
KCC is Knowledge Consistency Checker, which creates the connection object that links the DCs into common replication topology and dictates the replication routes between one DC to another in Active Directory forest.
How to force KCC to generate connection object immediately without delay?
Type the command repadmin /kcc. This command forces the KCC to generate
connection object immediately without any delay.
connection object immediately without any delay.
What is convergence?
The state at which all domain controllers have the same replica contents of the
Active Directory database.
Active Directory database.
What is latency?
The required time for all updates to be completed throughout all domain
controllers on the network domain or forest.
controllers on the network domain or forest.
How to change mixed mode to native mode?
Start -> Programs -> Administrative tools -> Active directory users and computers ->
Right click on Domain -> Drag down to properties -> on General tab click on Change
mode button -> Click Yes
Note: By default windows 2003 will be loaded in mixed mode. You can change windows 2003 from mixed mode to native mode, but once if you change mixed mode to native mode you cannot change from native mode to mixed mode.
Note: When you are formatting the disk, if you set the block size as default, windows 2000/XP/2003 divides the partition into 4 KB blocks. When you are creating a file or folder it allocates space to that file or folder in multiples of 4 KB. When you create a new file first time it allocates 4 KB, after 4 KB is filled up it allocates another 4 KB size, it goes on like this until the disk space is completed.
Right click on Domain -> Drag down to properties -> on General tab click on Change
mode button -> Click Yes
Note: By default windows 2003 will be loaded in mixed mode. You can change windows 2003 from mixed mode to native mode, but once if you change mixed mode to native mode you cannot change from native mode to mixed mode.
Note: When you are formatting the disk, if you set the block size as default, windows 2000/XP/2003 divides the partition into 4 KB blocks. When you are creating a file or folder it allocates space to that file or folder in multiples of 4 KB. When you create a new file first time it allocates 4 KB, after 4 KB is filled up it allocates another 4 KB size, it goes on like this until the disk space is completed.
How to do quick shutdown/restart?
Press Ctrl +Alt +Del, on the dialogue box you can shutdown button.
While pressing shutdown button hold CTRL key
While pressing shutdown button hold CTRL key
How many ports are there?
There are 65535 ports.
Note: The ports 0-1023 are called well known ports and all other ports are called
Dynamic or private ports (i.e., 1024-65535)
Note: The ports 0-1023 are called well known ports and all other ports are called
Dynamic or private ports (i.e., 1024-65535)
Tuesday, March 30, 2010
What is the Refresh interval for Group Policy?
Refresh interval for Domain Controllers is 5 minutes, and the refresh interval for all other computers in the network is 45 minutes (doubt).
What is Logon Credentials?
The information authenticate a user, generally consisting of
User Name
Password
Domain Name
User Name
Password
Domain Name
What is a Host name?
An alias given to a computer on TCP/IP network to identify it on the network. Host
names are friendlier way to TCP/IP hosts than IP address.
A host name can contain A-Z, 0-9, “.”, “-“, characters.
names are friendlier way to TCP/IP hosts than IP address.
A host name can contain A-Z, 0-9, “.”, “-“, characters.
What is a host?
Any device on a TCP/IP network that has an IP address. Example includes severs, clients,network interface print devices, routers.
What is Dial up line?
Any telecommunications link that is serviced by a modem. Dial-up lines are
ordinary phone lines used for voice communication, while dedicated or leased lines are digital lines with dedicated circuits. Dial-up lines are generally much less expensive to use, but they have less available bandwidth.
ordinary phone lines used for voice communication, while dedicated or leased lines are digital lines with dedicated circuits. Dial-up lines are generally much less expensive to use, but they have less available bandwidth.
What is Dedicated Line?
Any telecommunications line that is continuously available for the subscriber with
little or no latency. Dedicated lines are also referred to as “leased lines.”
Note: The other one is the Dial up line.
little or no latency. Dedicated lines are also referred to as “leased lines.”
Note: The other one is the Dial up line.
Class B Sub netting
Example:
IP address 140.80.1.0
Subnet mask 255.255.240.0
240(10)-> 11110000(2)
Here n=4 (Because 148.80.1.0-> 11111111.11111111.11110000.00000000)
m= 12 (Because 148.80.1.0-> 11111111.11111111.11110000.00000000)
Maximum no. of combinations -> 2n = 24 = 16
Max no. of subnets -> 2n-2 = 14
Max no. of hosts/subnet -> 2m-2 =212-2 = 4096-2 =4094
Number of combinations (16)
00000000 = 0 (This is not used for assigning IP address)
00010000 = 16
00100000 = 32
00110000 = 48
01000000 = 64
01010000 = 80
01100000 = 96
01110000 = 112
10000000 = 128
IP address 140.80.1.0
Subnet mask 255.255.240.0
240(10)-> 11110000(2)
Here n=4 (Because 148.80.1.0-> 11111111.11111111.11110000.00000000)
m= 12 (Because 148.80.1.0-> 11111111.11111111.11110000.00000000)
Maximum no. of combinations -> 2n = 24 = 16
Max no. of subnets -> 2n-2 = 14
Max no. of hosts/subnet -> 2m-2 =212-2 = 4096-2 =4094
Number of combinations (16)
00000000 = 0 (This is not used for assigning IP address)
00010000 = 16
00100000 = 32
00110000 = 48
01000000 = 64
01010000 = 80
01100000 = 96
01110000 = 112
10000000 = 128
Class C sub netting
IP address 198.100.98.0
Decimal mask 255.255.255.224
Convert 224 into binary -> 11100000(2)
Maximum no. of combinations = 2n (Where n is number of masked bits)
Note: Masked bit = 1, UN masked bit= 0.
Maximum number of subnets -> 2n-2
Maximum number of hosts/subnet -> 2m-2 (Where m is number of unmasked bits)
Now 224(10) = 11100000(2)
Maximum no. of combinations = 2n = 23 = 8
Maximum no. of subnets =2n-2 = 23-2 = 6
Maximum no. of hosts/subnet=2m -2 =25 -2 = 30
Available combinations
0 -> 000 (This is not used for assigning IP address)
1 -> 001
2 -> 010
3 -> 011
4 -> 100
5 -> 101
6 -> 110
7 -> 111 (This is not used for assigning IP address)
Octant contains 8 bits, presently we have 3 bits (Remaining 5 bits are zeros)
00100000 = 32
01000000 = 64
01100000 = 96
10000000 = 128
10100000 = 160
11000000 = 192
Therefore modified subnets are
255.255.255.32
255.255.255.64
255.255.255.96
255.255.255.128
255.255.255.160
255.255.255.192
Decimal mask 255.255.255.224
Convert 224 into binary -> 11100000(2)
Maximum no. of combinations = 2n (Where n is number of masked bits)
Note: Masked bit = 1, UN masked bit= 0.
Maximum number of subnets -> 2n-2
Maximum number of hosts/subnet -> 2m-2 (Where m is number of unmasked bits)
Now 224(10) = 11100000(2)
Maximum no. of combinations = 2n = 23 = 8
Maximum no. of subnets =2n-2 = 23-2 = 6
Maximum no. of hosts/subnet=2m -2 =25 -2 = 30
Available combinations
0 -> 000 (This is not used for assigning IP address)
1 -> 001
2 -> 010
3 -> 011
4 -> 100
5 -> 101
6 -> 110
7 -> 111 (This is not used for assigning IP address)
Octant contains 8 bits, presently we have 3 bits (Remaining 5 bits are zeros)
00100000 = 32
01000000 = 64
01100000 = 96
10000000 = 128
10100000 = 160
11000000 = 192
Therefore modified subnets are
255.255.255.32
255.255.255.64
255.255.255.96
255.255.255.128
255.255.255.160
255.255.255.192
How many ways do you have to determine whether a computer is Domain
There are several ways to determine
1) On log on Windows dialogue box see whether the log on field has this computer
option or not. If it contains only domain names then it is a Domain Controller, if it
contains this computer option then it is either Work station or Member server.
2) Start -> Run ->Type netdom query fsmo -> The computer names that have been
listed there are Domain Controller.
3) Search for NTDS and Sysvol folder in system directory, if they are there then it is a
Domain Controller.
4) Start->Run ->Regedit32 ->Search for NTDS folder in HKEY_LOCALMACHINE
If you find that one then it is a Domain Controller.
5) Start -> Programs ->Administrative tools -> Active Directory Users and Computers
-> Click on Domain Controller OU -> the names that are listed there are the names
of the domain controllers.
6) In 2000 you cannot change the name of the Domain Controller so Right click on My
computer ->Properties ->Network Identification -> There Change button is grayed
out.
1) On log on Windows dialogue box see whether the log on field has this computer
option or not. If it contains only domain names then it is a Domain Controller, if it
contains this computer option then it is either Work station or Member server.
2) Start -> Run ->Type netdom query fsmo -> The computer names that have been
listed there are Domain Controller.
3) Search for NTDS and Sysvol folder in system directory, if they are there then it is a
Domain Controller.
4) Start->Run ->Regedit32 ->Search for NTDS folder in HKEY_LOCALMACHINE
If you find that one then it is a Domain Controller.
5) Start -> Programs ->Administrative tools -> Active Directory Users and Computers
-> Click on Domain Controller OU -> the names that are listed there are the names
of the domain controllers.
6) In 2000 you cannot change the name of the Domain Controller so Right click on My
computer ->Properties ->Network Identification -> There Change button is grayed
out.
Explain about different groups in Active directory.
There are two types of groups are the in Active directory.
Security group
Distributed group
Security group
Distributed group
What is Global Catalogue?
The global catalogue holds a partial replica of domain data directory partitions for
all domains in the forest. By default, the partial set of attributes stored in the global
catalog includes those attributes most frequently used in search operations, because one
of the primary functions of the global catalogue is to support clients querying the
directory.
all domains in the forest. By default, the partial set of attributes stored in the global
catalog includes those attributes most frequently used in search operations, because one
of the primary functions of the global catalogue is to support clients querying the
directory.
Explain about Active Directory database.
The information stored in the Active Directory is called Active Directory database.
The information stored in the Active Directory (i. e., Active directory database) on every
domain controller in the forest is partitioned into three categories. They are
· Domain Partition
· Configuration Partition
· Schema Partition
Domain Partition
The domain partition contains all of the objects in the directory for a domain.
Domain data in each domain is replicated to every domain controller in that domain, but
not beyond its domain.
Configuration Partition
The configuration partition containes all the information of all domains in the forest.
Schema Partition
The schema partition contains all object types and their attributes that can be
created in Active Directory. This data is common to all domain controllers in the domain
tree or forest, and is replicated by Active Directory to all the domain controllers in the
forest.
The information stored in the Active Directory (i. e., Active directory database) on every
domain controller in the forest is partitioned into three categories. They are
· Domain Partition
· Configuration Partition
· Schema Partition
Domain Partition
The domain partition contains all of the objects in the directory for a domain.
Domain data in each domain is replicated to every domain controller in that domain, but
not beyond its domain.
Configuration Partition
The configuration partition containes all the information of all domains in the forest.
Schema Partition
The schema partition contains all object types and their attributes that can be
created in Active Directory. This data is common to all domain controllers in the domain
tree or forest, and is replicated by Active Directory to all the domain controllers in the
forest.
Monday, March 29, 2010
How to take backup?
StartProgramsAccessoriesSystem tools backup click on backup tab
There you can select the required one.
The system state backup includes the following files
· Boot files
· Com+ class registration database
· Registry
If the system is domain controller then apart from above files it takes backup of the
following files also.
· Active directory
· Sys vol
Note: If you want to restore the system state backup on a domain controller you have to
restart the computer in Directory Services restore mode, because you are restoring Active
Directory when it is in active. If you want to restore Active Directory it should not be in
active. If you restart the computer in Directory services restore mode the Active directory
is not in active, so you can restore the Active directory.
You can restore Active Directory in two ways
Authoritative restore
Non Authoritative restore
Non Authoritative restore
Restart the computer
Press F8 to select Directory services restore mode
Start Programs Accessories system tools Backup Click on restore
tab Select the restore file Click on restore now
Restart the computer
Authoritative Restore mode
Restart the computer
Press F8 to select Directory services restore mode
Start Programs Accessories system tools Backup Click on restore
tab Select the restore file Click on restore now
Open command prompt
Type ntdsutil
Type authoritative restore
Note: Here you can restore authoritatively entire database or a particular OU. But you
cannot restore a particular object.
Type restore sub tree distinguished name of OU
Ex: research is a OU under yahoo.com, then you have to type distinguished name like
ou=research, dc=yahoo, dc=com
There you can select the required one.
The system state backup includes the following files
· Boot files
· Com+ class registration database
· Registry
If the system is domain controller then apart from above files it takes backup of the
following files also.
· Active directory
· Sys vol
Note: If you want to restore the system state backup on a domain controller you have to
restart the computer in Directory Services restore mode, because you are restoring Active
Directory when it is in active. If you want to restore Active Directory it should not be in
active. If you restart the computer in Directory services restore mode the Active directory
is not in active, so you can restore the Active directory.
You can restore Active Directory in two ways
Authoritative restore
Non Authoritative restore
Non Authoritative restore
Restart the computer
Press F8 to select Directory services restore mode
Start Programs Accessories system tools Backup Click on restore
tab Select the restore file Click on restore now
Restart the computer
Authoritative Restore mode
Restart the computer
Press F8 to select Directory services restore mode
Start Programs Accessories system tools Backup Click on restore
tab Select the restore file Click on restore now
Open command prompt
Type ntdsutil
Type authoritative restore
Note: Here you can restore authoritatively entire database or a particular OU. But you
cannot restore a particular object.
Type restore sub tree distinguished name of OU
Ex: research is a OU under yahoo.com, then you have to type distinguished name like
ou=research, dc=yahoo, dc=com
What commands do you need to execute before upgrading to windows 2000 to
Before upgrading to windows 2000 to windows 2003 insert the CD of windows 2003
then open 1386 folder, then at command prompt type the following commands.
Adprep /forestprep
Adprep /domainprep
(i. e., f:\1386(2003)>adprep /forestprep and f:\1386(2003)>adprep /domainprep)
If you are upgrading entire forest type the adprep /forestprep at root domain.
If you are upgrading only a domain then type the adprep /domainprep at
root domain.
Note: You have to type the above commands on the server which has IM role.
then open 1386 folder, then at command prompt type the following commands.
Adprep /forestprep
Adprep /domainprep
(i. e., f:\1386(2003)>adprep /forestprep and f:\1386(2003)>adprep /domainprep)
If you are upgrading entire forest type the adprep /forestprep at root domain.
If you are upgrading only a domain then type the adprep /domainprep at
root domain.
Note: You have to type the above commands on the server which has IM role.
1. What is the range of addresses in the classes of internet addresses?
Class A 0.0.0.0 - 127.255.255.255
Class B 128.0.0.0 - 191.255.255.255
Class C 192.0.0.0 - 223.255.255.255
Class D 224.0.0.0 - 239.255.255.255
Class E 240.0.0.0 - 254.255.255.255
Note: Class A, Class B, Class C are used to assign IP addresses. Class D is used for
Multicasting. Class E is reserved for the future (Experimental).
Class B 128.0.0.0 - 191.255.255.255
Class C 192.0.0.0 - 223.255.255.255
Class D 224.0.0.0 - 239.255.255.255
Class E 240.0.0.0 - 254.255.255.255
Note: Class A, Class B, Class C are used to assign IP addresses. Class D is used for
Multicasting. Class E is reserved for the future (Experimental).
When a user logs on the start up options will be loaded. How to stop them? (The notification area icons)
When a user types user name and password, and presses enter immediately hold down
Shift key. Then the above things will not be loaded.
Shift key. Then the above things will not be loaded.
How can you see the post screen when the system started?
When the system starts press the Break key. Then it post screen is stopped there only, to
continue press Enter.
continue press Enter.
How can you know that Active directory is installed properly?
It will create a folder called sysvol under c:\windows. With in the sysvol folder you
should have four folders, namely Domain, staging, sysvol, staging area. Apart form this
you should have NTDS folder (In c:\windows) containing ntds.dit file and four log files.
should have four folders, namely Domain, staging, sysvol, staging area. Apart form this
you should have NTDS folder (In c:\windows) containing ntds.dit file and four log files.
What are Windows 2003 WINS enhancements when compare to the previous
· Better Management interface
· Better clients
· Replication can maintain persistent connections.
· Supports automatic partner discovery
· Integrates with DNS and DHCP
· Supports burst mode handling
· Better clients
· Replication can maintain persistent connections.
· Supports automatic partner discovery
· Integrates with DNS and DHCP
· Supports burst mode handling
What is the location of lmhost file (LAN Manager Host file) in windows 2003?
Winnt/system32/drivers/etc/lmhost.sam
Note: Extension represents that it is a sample file. You can create lmhost file with out that
extension.
Note: Extension represents that it is a sample file. You can create lmhost file with out that
extension.
What is the length of NETBIOS name?
A NETBIOS name is 16 characters long. The first fifteen characters you can use
for the server name, the 16th character is an identifier for what type of service it is
registering.
for the server name, the 16th character is an identifier for what type of service it is
registering.
What is NETBIOS?
NETBIOS stands for Network Basic Input Output System. It is a naming interface, it is
interface by which client can connect to access the lower level of the TCP/IP model to be
able to communicate and access those resources.
We share resources with the NETBIOS interface in windows NT. This means that
we are using NetBIOS name to connect the client to the server.
interface by which client can connect to access the lower level of the TCP/IP model to be
able to communicate and access those resources.
We share resources with the NETBIOS interface in windows NT. This means that
we are using NetBIOS name to connect the client to the server.
What is WINS and what it does
WINS stands for Windows Internet Naming Service. It resolves NETBIOS names
to IP addresses. WINS is used only when you need to access the NETBIOS resources.
to IP addresses. WINS is used only when you need to access the NETBIOS resources.
How many ways can you install Windows 2003?
1) Insert the CD, boot from the CD, and install the O.S. (This is the best way)
2) Boot from the floppy, insert the CD, and install the O.S.
3) Install over the network or install over the Hard disk. For this you have to run the files
WinNT or winnt32.
2) Boot from the floppy, insert the CD, and install the O.S.
3) Install over the network or install over the Hard disk. For this you have to run the files
WinNT or winnt32.
What is the minimum and maximum configuration to create a partition in NTFS?
The minimum size to create a partition in NTFS is 8 MB.
The maximum size to create a partition in NTFS is the disk capacity
The maximum size to create a partition in NTFS is the disk capacity
Friday, March 26, 2010
Why should we logon
Login enables the user to use the resources and services, such as files, printers and
messaging, which are available in the Network.
When the user Identity is authenticated and his or her rights to resources and
services are determined.
When the user logs out, he or she is then disconnected from all parts of the
network.
messaging, which are available in the Network.
When the user Identity is authenticated and his or her rights to resources and
services are determined.
When the user logs out, he or she is then disconnected from all parts of the
network.
Why should we logon
Login enables the user to use the resources and services, such as files, printers and
messaging, which are available in the Network.
When the user Identity is authenticated and his or her rights to resources and
services are determined.
When the user logs out, he or she is then disconnected from all parts of the
network.
messaging, which are available in the Network.
When the user Identity is authenticated and his or her rights to resources and
services are determined.
When the user logs out, he or she is then disconnected from all parts of the
network.
What is LAN driver?
The LAN driver controls the workstation’s Network Interface card.
A LAN driver serves as a link between an operating system of a station and the physical
network parts
A LAN driver serves as a link between an operating system of a station and the physical
network parts
What are peripheral devices
Peripheral devices are computer related devices, such as local printers, disk drivers and
modems.
modems.
What is network Interface card
A Network Interface Card is a circuit board installed on each computer to allow servers
and workstations to communicate with each other.
and workstations to communicate with each other.
What is Network
A network is a group of computers that can communicate with each other, share resources
such as hard disks and printers, and access remote hosts or other networks.
such as hard disks and printers, and access remote hosts or other networks.
Some of the features you can use when you choose NTFS are:
* Active Directory, which you can use to view and control network resources easily.
* Domains, which are part of Active Directory, and which you can use to fine-tune
security options while keeping administration simple. Domain controllers require NTFS.
* File encryption, which greatly enhances security.
* Permissions that can be set on individual files rather than just folders.
* Sparse files. These are very large files created by applications in such a way that only
limited disk space is needed. That is, NTFS allocates disk space only to the portions of a
file that are written to.
* Remote Storage, which provides an extension to your disk space by making
removable media such as tapes more accessible.
* Recovery logging of disk activities, which helps you restore information quickly in
the event of power failure or other system problems.
* Disk quotas, which you can use to monitor and control the amount of disk space used
by individual users.
* Better scalability to large drives. The maximum drive size for NTFS is much greater
than that for FAT, and as drive size increases, performance with NTFS doesn't degrade as
it does with FAT.
* Domains, which are part of Active Directory, and which you can use to fine-tune
security options while keeping administration simple. Domain controllers require NTFS.
* File encryption, which greatly enhances security.
* Permissions that can be set on individual files rather than just folders.
* Sparse files. These are very large files created by applications in such a way that only
limited disk space is needed. That is, NTFS allocates disk space only to the portions of a
file that are written to.
* Remote Storage, which provides an extension to your disk space by making
removable media such as tapes more accessible.
* Recovery logging of disk activities, which helps you restore information quickly in
the event of power failure or other system problems.
* Disk quotas, which you can use to monitor and control the amount of disk space used
by individual users.
* Better scalability to large drives. The maximum drive size for NTFS is much greater
than that for FAT, and as drive size increases, performance with NTFS doesn't degrade as
it does with FAT.
Thursday, March 25, 2010
What is NetMeeting? What is the use of NetMeeting?
NetMeeting enables you to communicate with others over the Internet or your local
intranet. Using NetMeeting you can:
· Talk to others
· Use video to see others and let others see you
· Share applications and documents with others
· Collaborate with others in shared applications
· Send files to others
· Draw with others in a shared Whiteboard
· Send messages to others in chat
intranet. Using NetMeeting you can:
· Talk to others
· Use video to see others and let others see you
· Share applications and documents with others
· Collaborate with others in shared applications
· Send files to others
· Draw with others in a shared Whiteboard
· Send messages to others in chat
What is the advantage of NTFS over FAT
You must use the NTFS file system on domain controllers. In addition, any servers that
have any partition formatted with FAT or FAT32 will lack many security features. For
example, on FAT or FAT32 partitions, a shared folder can be protected only by the
permissions set on the share, not on individual files, and there is no software protection
against local access to the partition.
· File and folder level security
· We can do disk compression
· We can do disk quotas
· We can encrypt files
· We can do remote storage
· We can do dynamic volume
· We can mount volumes to folders
· We can support Macintosh files
· POSIX sub system
have any partition formatted with FAT or FAT32 will lack many security features. For
example, on FAT or FAT32 partitions, a shared folder can be protected only by the
permissions set on the share, not on individual files, and there is no software protection
against local access to the partition.
· File and folder level security
· We can do disk compression
· We can do disk quotas
· We can encrypt files
· We can do remote storage
· We can do dynamic volume
· We can mount volumes to folders
· We can support Macintosh files
· POSIX sub system
What is BIOS
A computer's basic input/output system (BIOS) is a set of software through which the
operating system (or Setup) communicates with the computer's hardware devices.
operating system (or Setup) communicates with the computer's hardware devices.
What are Unicast, Multicast, and Broad cast
Unicast: Just from one computer to one computer.
Multicast: Those who ever register for a particular multicast group to those only.
Broadcast: To all the computers.
Multicast: Those who ever register for a particular multicast group to those only.
Broadcast: To all the computers.
I have a file to which the user has access, but he has no folder permission to
It is possible for a user to navigate to a file for which
he does not have folder permission. This involves simply knowing the path of the
file object. Even if the user can’t drill down the file/folder tree using My
Computer, he can still gain access to the file using the Universal Naming
Convention (UNC). The best way to start would be to type the full path of a file
into Run… window.
he does not have folder permission. This involves simply knowing the path of the
file object. Even if the user can’t drill down the file/folder tree using My
Computer, he can still gain access to the file using the Universal Naming
Convention (UNC). The best way to start would be to type the full path of a file
into Run… window.
Wednesday, March 24, 2010
What is system volume and boot volume
The system volume is the one in which your boot files are there.
Whatever partition is marked as active that partition is called system partition.
The boot volume is the one in which your system files are there.
Whatever partition is marked as active that partition is called system partition.
The boot volume is the one in which your system files are there.
What is active (system) partition?
The partition in which your current Operating System boot files are there.
What is the difference between partition and volume
You have limitations on number of Partitions.
You don’t have limitations on number of volumes.
You cannot extend the size of a partition.
You can extend the size of a volume
You don’t have limitations on number of volumes.
You cannot extend the size of a partition.
You can extend the size of a volume
How many types of volumes are there?
There are 5 types of volumes are there.
Simple
Spanned
Striped (also called RAID 0)
Mirror (Also called RAID 1)
RAID 5 (Also called striped volumes with parity)
Simple
Spanned
Striped (also called RAID 0)
Mirror (Also called RAID 1)
RAID 5 (Also called striped volumes with parity)
What is a volume
Disk volume is a way of dividing your Physical Disk so that each section functions as a
separate unit.
separate unit.
How many partitions can you create maximum? (Among that how many primary
Maximum we can create 4 partitions in basic disk. Among that we can create maximum 1
extended partition. You can create 4 primary partitions if you do not have Extended.
extended partition. You can create 4 primary partitions if you do not have Extended.
What is the difference between primary and secondary partition
A primary partition or system partition is one on which you can install the files needed to
load an operating system.
load an operating system.
Tuesday, March 23, 2010
What is a partition
Disk Partition is a way of dividing your Physical Disk so that each section functions as a
separate unit.
A partition divides a disk into sections that function as separate units and that can be
formatted for use by a file system.
separate unit.
A partition divides a disk into sections that function as separate units and that can be
formatted for use by a file system.
How many hard disks can you connect to a system at a time
Maximum we can connect four Hard disks (If we don’t have CD ROM)
What is a forest
Collection of one or more domain trees that do not form a contiguous namespace. Forests
allow organizations to group divisions that operate independently but still need to
communicate with one another.
All trees in a forest share common Schema, configuration partitions and Global Catalog.
All trees in a give forest trust each other with two way transitive trust relations
allow organizations to group divisions that operate independently but still need to
communicate with one another.
All trees in a forest share common Schema, configuration partitions and Global Catalog.
All trees in a give forest trust each other with two way transitive trust relations
Who will replicate the Password changes
PDC emulator (immediately it replicates to all the Domain Controllers)
How to know whether a server is Domain Controller or not
You can find in three ways
1) By log on dialogue box
If it is a Domain Controller at Domain Names you won’t get “this
computer” option.
If you get “this computer” option in a server Operating System that must
be a Member Server.
2) By My computer Properties
On Network Identification tab, the Properties button will be disabled.
3) By typing DCPROMO
If it is already a Domain Controller you will uninstallation wizard for
Active Directory.
If it is not a Domain Controller you will get installation wizard for Active
Directory.
4. You should see the share of netlog and sysvol … just type netshare at the
cmd prompt
5. You should be able o see the ntds setting in the winnt directory
6. You should see the ntds folder in regedit ..
1) By log on dialogue box
If it is a Domain Controller at Domain Names you won’t get “this
computer” option.
If you get “this computer” option in a server Operating System that must
be a Member Server.
2) By My computer Properties
On Network Identification tab, the Properties button will be disabled.
3) By typing DCPROMO
If it is already a Domain Controller you will uninstallation wizard for
Active Directory.
If it is not a Domain Controller you will get installation wizard for Active
Directory.
4. You should see the share of netlog and sysvol … just type netshare at the
cmd prompt
5. You should be able o see the ntds setting in the winnt directory
6. You should see the ntds folder in regedit ..
Monday, March 22, 2010
What is standalone server
A server that belongs to a workgroup, not a domain, is called a stand-alone server
What is a Member server
Member servers, which belong to a domain but do not contain a copy of the Active
Directory data.
Directory data.
What is a Domain controller
Domain controllers, which contain matching copies of the user accounts and other Active
Directory data in a given domain.
Directory data in a given domain.
How to transfer a role from on Domain Controller to another Domain controller
Start -> Programs -> Administrative tools -> Active Directory sites and services ->
Right click on Domain Name -> First connect to the required server by the option
“connect to”. Then -> Right click on Domain Name ->select Operations Masters -> there
you will get 3 roles tabs.-> Select the required one -> click on change tab -> OK
How to
Right click on Domain Name -> First connect to the required server by the option
“connect to”. Then -> Right click on Domain Name ->select Operations Masters -> there
you will get 3 roles tabs.-> Select the required one -> click on change tab -> OK
How to
How to check which server is having Global Catalogue
First load support tools
Run -> cmd -> ldp
Then you will get a window there
Click on file -> Select connect to -> type the required server
Then you will get some information, at the bottom you can find “Global Catalogue”
TRUE/FALSE. If TRUE is there then it is a global catalogue server. If FALSE is there
then it is not a global catalogue server.
Run -> cmd -> ldp
Then you will get a window there
Click on file -> Select connect to -> type the required server
Then you will get some information, at the bottom you can find “Global Catalogue”
TRUE/FALSE. If TRUE is there then it is a global catalogue server. If FALSE is there
then it is not a global catalogue server.
What is Global Catalogue
This is a database on one or more domain controllers. Each copy of the database contains
a replica of every object in the Active Directory but with a limited number of each
object's attributes.
a replica of every object in the Active Directory but with a limited number of each
object's attributes.
Friday, March 19, 2010
What are the roles a Child Main Domain Controller will have by default
By default it gets only three roles.
PDC Emulator
Relative Identifier (RID)
Infrastructure Master (IM)
PDC Emulator
Relative Identifier (RID)
Infrastructure Master (IM)
What are the roles an Additional Domain controller will have by default
By default you cannot get any role. But if you want to assign any role you can transfer
from master.
from master.
What roles does a Main Domain Controller (the first domain controller in the entire
By default it gets 5 roles.
Schema Master
Domain Naming Master
PDC Emulator
Relative Identifier (RID)
Infrastructure Master (IM)
Note: The above roles are called operations master roles.
Schema Master
Domain Naming Master
PDC Emulator
Relative Identifier (RID)
Infrastructure Master (IM)
Note: The above roles are called operations master roles.
What is Active Directory
Active Directory is a directory service, which stores information about network resources
such as users, groups, computes, printers, and shares. Active Directory provides single
point for organization, control, management.
such as users, groups, computes, printers, and shares. Active Directory provides single
point for organization, control, management.
Thursday, March 18, 2010
Why do we need Multiple Domain Controllers
If you have multiple domain controllers, it provides better support for users than having
only one. Multiple domain controllers provide automatic backup for user accounts and
other Active Directory data, and they work together to support domain controller
functions (such as validating logons).
only one. Multiple domain controllers provide automatic backup for user accounts and
other Active Directory data, and they work together to support domain controller
functions (such as validating logons).
Can you change the Name of a Domain Controller
You cannot change the name of a server while it is a domain controller in windows 2000
domain. Instead, you must change it to a member or stand-alone server, change the name,
and finally make the server a domain controller once again.
But you can change the name of a domain controller in windows 2003 Operating System.
domain. Instead, you must change it to a member or stand-alone server, change the name,
and finally make the server a domain controller once again.
But you can change the name of a domain controller in windows 2003 Operating System.
What is Domain Controller and Member server
With Windows 2000, servers in a domain can have one of two roles:
Domain controllers, which contain matching copies of the user accounts and other Active
Directory data in a given domain.
Member servers, which belong to a domain but do not contain a copy of the Active
Directory data.
Domain controllers, which contain matching copies of the user accounts and other Active
Directory data in a given domain.
Member servers, which belong to a domain but do not contain a copy of the Active
Directory data.
What is a Stand-alone computer
A computer that belongs to a workgroup, not a domain, is called a stand-alone computer.
What is the difference between a workgroup and a domain
A workgroup is a distributed directory maintained on each computer within the
workgroup. A domain is a centralized directory of resources maintained on domain
controllers and presented to the user through Active Directory services
workgroup. A domain is a centralized directory of resources maintained on domain
controllers and presented to the user through Active Directory services
Wednesday, March 17, 2010
What is the Difference between Desktop and Server
In desktop system we cannot load Active directory.
In server system we can load Active directory. So that we can create a Domain in server,
advanced server, Data center server.
In professional there is no fault tolerance on the hard drive (i.e., disk mirroring, RAID 5).
In server we have fault tolerance on the hard drive.
In server system we can load Active directory. So that we can create a Domain in server,
advanced server, Data center server.
In professional there is no fault tolerance on the hard drive (i.e., disk mirroring, RAID 5).
In server we have fault tolerance on the hard drive.
What is the family of Windows 2003
Windows Server 2003, Web Edition
Windows Server 2003, Standard Edition
Windows Server 2003, Enterprise Edition
Windows Server 2003, Data center Edition
Windows Server 2003, Standard Edition
Windows Server 2003, Enterprise Edition
Windows Server 2003, Data center Edition
What is the process of assigning IP address by DHCP service
There are four stages in assigning IP address to a host by DHCP server.
1) DHCP discover
2) DHCP offer
3) DHCP request
4) DHCP Acknowledge
DHCP Discover:
When ever client has to obtain an IP address from a DHCP server it will broadcast
a message called “DHCP discover” , which contains destination address 255.255.255.255
and source IP address as 0.0.0.0 and its MAC address.
DHCP offer:
The DHCP server on the network will respond to DHCP discover by sending a
DHCP offer message to the client requesting an IP address.
DHCP request:
The client after receiving offer message will send a “DHCP request” message
asking the DHCP server to confirm the IP address it has offered to it through DHCP offer
message.
DHCP Acknowledge:
DHCP server will respond to the “DHCP request” message by sending
acknowledge message through which it confirms the IP address to other machine.
1) DHCP discover
2) DHCP offer
3) DHCP request
4) DHCP Acknowledge
DHCP Discover:
When ever client has to obtain an IP address from a DHCP server it will broadcast
a message called “DHCP discover” , which contains destination address 255.255.255.255
and source IP address as 0.0.0.0 and its MAC address.
DHCP offer:
The DHCP server on the network will respond to DHCP discover by sending a
DHCP offer message to the client requesting an IP address.
DHCP request:
The client after receiving offer message will send a “DHCP request” message
asking the DHCP server to confirm the IP address it has offered to it through DHCP offer
message.
DHCP Acknowledge:
DHCP server will respond to the “DHCP request” message by sending
acknowledge message through which it confirms the IP address to other machine.
Tuesday, March 16, 2010
How to authorize the DHCP server
Login with Enterprise administrator privileges.
Right Click on Servername.Domainname.com
Click on Authorize
Then it will be authorized (Indication is you will get green up arrow)
Right Click on Servername.Domainname.com
Click on Authorize
Then it will be authorized (Indication is you will get green up arrow)
Who can authorize DHCP server in the entire domain
An Enterprise administrator can only authorize DHCP server. No other person in the
domain can authorize the DHCP server. Even if u r Administrator without enterprise
administrator privileges you can’t authorize the DHCP server
domain can authorize the DHCP server. Even if u r Administrator without enterprise
administrator privileges you can’t authorize the DHCP server
How to uninstall DHCP
Programs -Settings -Control Panel -Add/Remove Programs -
Add/Remove Windows Components -Select the Network Services-Click
on properties -Deselect DHCP -OK
Add/Remove Windows Components -Select the Network Services-Click
on properties -Deselect DHCP -OK
How to install DHCP
We can install DHCP by two ways
1) While installing Operating System
While installing Operating System, It asks at Network Settings whether u
want Typical settings or Custom Settings
Select Custom Settings-Select Network Services -click on Details -Select DHCP -click on OK
2) Independently
Programs -Settings -Control Panel -Add/Remove Programs -Add/Remove Windows Components -Select the Network Services -Click
on properties -Select DHCP -OK
(During the installation it asks for CD)
1) While installing Operating System
While installing Operating System, It asks at Network Settings whether u
want Typical settings or Custom Settings
Select Custom Settings-Select Network Services -click on Details -Select DHCP -click on OK
2) Independently
Programs -Settings -Control Panel -Add/Remove Programs -Add/Remove Windows Components -Select the Network Services -Click
on properties -Select DHCP -OK
(During the installation it asks for CD)
Friday, March 12, 2010
What is name Resolution
The process of translating the name into some object or information that the name
represents is called name resolution. A telephone book forms a namespace in which the
names of telephone subscribers can be resolved to the phone numbers.
represents is called name resolution. A telephone book forms a namespace in which the
names of telephone subscribers can be resolved to the phone numbers.
What is Dynamic Updates in DNS
Generally we need to create a host record for newly joined computer (either client or
Member server or Domain controller). If you enable dynamic Update option, then DNS it
self creates associated host record for newly joined computers.
Member server or Domain controller). If you enable dynamic Update option, then DNS it
self creates associated host record for newly joined computers.
How to check whether DNS is working or not
Type the command “nslookup” at command prompt
Then it gives the DNS server name and its IP address
Then it gives the DNS server name and its IP address
What is the difference between Primary zone and Secondary zone
Primary zone has read and write permissions, where as Secondary zone has read only
permission.
Note: Secondary zone is used for Backup and Load balancing.
permission.
Note: Secondary zone is used for Backup and Load balancing.
What are the commands do we use for DNS
Nslookup (and all interactive mode commands)
Ipconfig /fulshdns
Ipconfig /registerdns
Note: A best strategy of using DNS in corporate network is use two DNS servers. One is
on internal network and another one is between two firewalls. For more security keep the
zone as secondary in the DNS server which is between firewalls.
Ipconfig /fulshdns
Ipconfig /registerdns
Note: A best strategy of using DNS in corporate network is use two DNS servers. One is
on internal network and another one is between two firewalls. For more security keep the
zone as secondary in the DNS server which is between firewalls.
What are the features of Widows 2003 DNS
Supports SRV (service) records
Supports Dynamic Updates
Supports IXFR (Incremental Zone Transfer)
Supports security
Supports Dynamic Updates
Supports IXFR (Incremental Zone Transfer)
Supports security
Where to create the primary, secondary, Active Directory Integrated zones
If you want to create an Active Directory integrated zone, the server must be Domain
Controller.
If you want to create the Primary DNS, you can create on Domain Controller or Member
server. But if create on member you could not get 4 options under the domain which are
meant for Active directory.
You can create Secondary zone on a Member Server or on a Domain Controller. There is
no difference between them.
Controller.
If you want to create the Primary DNS, you can create on Domain Controller or Member
server. But if create on member you could not get 4 options under the domain which are
meant for Active directory.
You can create Secondary zone on a Member Server or on a Domain Controller. There is
no difference between them.
List of important port numbers
15 - Netstat
21 - FTP
23 - Telnet
25 - SMTP
42 - WINS
53 - DNS
67 - Bootp
68 - DHCP
80 - HTTP
88 - Kerberos
101 - HOSTNAME
110 - POP3
119 - NNTP
123 - NTP (Network time protocol)
139 - NetBIOS
161 - SNMP
180 - RIS
389 - LDAP (Lightweight Directory Access Protocol)
443 - HTTPS (HTTP over SSL/TLS)
520 - RIP
79 - FINGER
37 - Time
3389 - Terminal services
443 - SSL (https) (http protocol over TLS/SSL)
220 - IMAP3
3268 - AD Global Catalog
3269 - AD Global Catalog over SSL
500 - Internet Key Exchange, IKE (IPSec) (UDP 500)
21 - FTP
23 - Telnet
25 - SMTP
42 - WINS
53 - DNS
67 - Bootp
68 - DHCP
80 - HTTP
88 - Kerberos
101 - HOSTNAME
110 - POP3
119 - NNTP
123 - NTP (Network time protocol)
139 - NetBIOS
161 - SNMP
180 - RIS
389 - LDAP (Lightweight Directory Access Protocol)
443 - HTTPS (HTTP over SSL/TLS)
520 - RIP
79 - FINGER
37 - Time
3389 - Terminal services
443 - SSL (https) (http protocol over TLS/SSL)
220 - IMAP3
3268 - AD Global Catalog
3269 - AD Global Catalog over SSL
500 - Internet Key Exchange, IKE (IPSec) (UDP 500)
Thursday, March 11, 2010
Port
A port is a channel of a device that supports a single point-to-point connection. For single-port devices such as
modems, the device and the port are indistinguishable. For multiport devices, the port is the subdivision of the
device over which a separate point-to-point communication is possible. For example, Primary Rate Interface (PRI)
ISDN adapters support two separate channels called B channels. The ISDN adapter is a device. Each B channel is a
port because a separate point-to-point connection occurs over each B channel.
modems, the device and the port are indistinguishable. For multiport devices, the port is the subdivision of the
device over which a separate point-to-point communication is possible. For example, Primary Rate Interface (PRI)
ISDN adapters support two separate channels called B channels. The ISDN adapter is a device. Each B channel is a
port because a separate point-to-point connection occurs over each B channel.
ICMP router discovery
To configure IP hosts with the IP addresses of local routers and provide a way for hosts to sense routers that are
down, you can use Internet Control Message Protocol (ICMP) messages for router solicitation and advertisement
(as described in RFC 1256, "ICMP Router Discovery Messages"):
Router solicitations are sent by hosts to discover routers on their networks.
Router advertisements are sent by routers in response to a router solicitation and periodically to notify hosts on
the network that the router is still available.
The TCP/IP protocol for Windows 2003 supports ICMP router solicitations. The Windows 2003 router supports ICMP
router advertisements.
down, you can use Internet Control Message Protocol (ICMP) messages for router solicitation and advertisement
(as described in RFC 1256, "ICMP Router Discovery Messages"):
Router solicitations are sent by hosts to discover routers on their networks.
Router advertisements are sent by routers in response to a router solicitation and periodically to notify hosts on
the network that the router is still available.
The TCP/IP protocol for Windows 2003 supports ICMP router solicitations. The Windows 2003 router supports ICMP
router advertisements.
DHCP Relay Agent
The DHCP Relay Agent component provided with the Windows 2003 router is a Bootstrap Protocol (BOOTP) relay
agent that relays Dynamic Host Configuration Protocol (DHCP) messages between DHCP clients and DHCP servers
on different IP networks. The DHCP Relay Agent is compliant with RFC 1542, "Clarifications and Extensions for the
Bootstrap Protocol." For each IP network segment that contains DHCP clients, either a DHCP server or a computer
acting as a DHCP Relay Agent is required.
agent that relays Dynamic Host Configuration Protocol (DHCP) messages between DHCP clients and DHCP servers
on different IP networks. The DHCP Relay Agent is compliant with RFC 1542, "Clarifications and Extensions for the
Bootstrap Protocol." For each IP network segment that contains DHCP clients, either a DHCP server or a computer
acting as a DHCP Relay Agent is required.
What is difference between scope and superscope
Scope in dhcp, where u can specify a range of IP Address which will be leased to
the dhcp clients.
Superscope is the combination of multiple scopes.
the dhcp clients.
Superscope is the combination of multiple scopes.
Wednesday, March 10, 2010
RADIUS
RADIUS stands for Remote Authentication Dial in User Service. It is used to
authenticate remote users. Instead of authenticating users at individual RAS server, we
pass a request to central server (RADIUS server), and let the authentication happen there.
All RAS servers pass authentication requests to this central server (RADIUS server) that
is doing the authentication. It is authenticating users based on Active Directory. It is also
doing reporting, so it is doing .accounting and authentication. With RADIUS
authentication will takes place at a central location. Now there is no need to maintain a
local database of users for each RAS server. When ever authentication needed RAS
server forwards query to RADIUS server.
Accounting means we keep tracking who is connected, how long, why they failed to
connect etc., the information is all centralized here.
authenticate remote users. Instead of authenticating users at individual RAS server, we
pass a request to central server (RADIUS server), and let the authentication happen there.
All RAS servers pass authentication requests to this central server (RADIUS server) that
is doing the authentication. It is authenticating users based on Active Directory. It is also
doing reporting, so it is doing .accounting and authentication. With RADIUS
authentication will takes place at a central location. Now there is no need to maintain a
local database of users for each RAS server. When ever authentication needed RAS
server forwards query to RADIUS server.
Accounting means we keep tracking who is connected, how long, why they failed to
connect etc., the information is all centralized here.
Who is responsible to assign Public IP address
The responsible organization to assign IP address is IntetNIC (Internet Network
Information Centre). This organization assigns public IP address to all individuals or
organizations. But you can take IP address from ISP’s (Internet Service Providers),
because ISP’s buys a pool IP addresses from InterNIC and then sells to others.
Information Centre). This organization assigns public IP address to all individuals or
organizations. But you can take IP address from ISP’s (Internet Service Providers),
because ISP’s buys a pool IP addresses from InterNIC and then sells to others.
What is proxy
NAT server helps the client to access Internet, where as proxy server does every
thing for client. When a request comes from the client the proxy server surfs the internet
and caches the results to its local disk, sends that result to the client.
With proxy we have performance improvement, because results are cached to the
local hard disk.
With proxy we have security, because only one system in the internal network
communicating with the Internet.
Rather than allowing clients to access internet by changing IP address, the proxy
server does all the surfing for clients and caches to its local disk and gives to the clients.
thing for client. When a request comes from the client the proxy server surfs the internet
and caches the results to its local disk, sends that result to the client.
With proxy we have performance improvement, because results are cached to the
local hard disk.
With proxy we have security, because only one system in the internal network
communicating with the Internet.
Rather than allowing clients to access internet by changing IP address, the proxy
server does all the surfing for clients and caches to its local disk and gives to the clients.
NAT
NAT stands for Network Address Translation. It is a device between the Internet
(i.e., public network) and our private network. On one NIC card it has valid Internet
address; on the other NIC it has our private (internal) network address.
NAT is a device that translates one valid public IP address to more tuple internal
private address
(i.e., public network) and our private network. On one NIC card it has valid Internet
address; on the other NIC it has our private (internal) network address.
NAT is a device that translates one valid public IP address to more tuple internal
private address
What is a Domain
A group of computers that are part of a network and shares a common directory and
security polices. In Windows 2000 a domain is a security boundary and permissions that
are granted in one domain are not carried over to other domains
security polices. In Windows 2000 a domain is a security boundary and permissions that
are granted in one domain are not carried over to other domains
Tuesday, March 9, 2010
ACTIVE DIRECTORY
AD: Is a centralized database where it contains the information about the objects like users, groups, computers, printers etc.
AD is a centralized hierarchical Directory Database.
AD is a searchable Database.
2003 O/S. when installed (gets installed as a stand alone server) to promoting to D.C. We have to install A.D.
Domain Controller (D.C.)
A server where A.D. is installed is called D.C.
Functionality of A.D.:
Using A.D. we can organize, manage and control resources.
It provides single point of administration.
Purpose of A.D.:
1. Provides user logon authentication services.
2. To organize and manage user A/Cs, computers, groups and n/w resources.
3. Enables authorized users to easily locate n/w resources.
Features of A.D.:
1. Fully integrated security system with the help of Kerberos.
2. Easy administration using group policy.
3. Scalable to any size n/w
4. Flexible (install/uninstall)
5. Extensible (modify the schema)
New features in 2003
6. Rename computer name & Domain names.
7. Cross –forest trust relationship.
8. Site-to-Site replication is faster.
Evolution of LDAP:
Earlier we had no database standard; hence TTU & ISO introduced X-500
LDAP (Light Weight Directory Access Protocol): It is an industry standard directory access protocol used for querying and providing communication among the objects in A.D.
It is directory access protocol.
It runs on the port no. 389.
DAP: It is based on OSI model.
LDAP: Is based on TCP/IP model
AD is a centralized hierarchical Directory Database.
AD is a searchable Database.
2003 O/S. when installed (gets installed as a stand alone server) to promoting to D.C. We have to install A.D.
Domain Controller (D.C.)
A server where A.D. is installed is called D.C.
Functionality of A.D.:
Using A.D. we can organize, manage and control resources.
It provides single point of administration.
Purpose of A.D.:
1. Provides user logon authentication services.
2. To organize and manage user A/Cs, computers, groups and n/w resources.
3. Enables authorized users to easily locate n/w resources.
Features of A.D.:
1. Fully integrated security system with the help of Kerberos.
2. Easy administration using group policy.
3. Scalable to any size n/w
4. Flexible (install/uninstall)
5. Extensible (modify the schema)
New features in 2003
6. Rename computer name & Domain names.
7. Cross –forest trust relationship.
8. Site-to-Site replication is faster.
Evolution of LDAP:
Earlier we had no database standard; hence TTU & ISO introduced X-500
LDAP (Light Weight Directory Access Protocol): It is an industry standard directory access protocol used for querying and providing communication among the objects in A.D.
It is directory access protocol.
It runs on the port no. 389.
DAP: It is based on OSI model.
LDAP: Is based on TCP/IP model
IP Addressing:
There are two versions of IPs
1. IP version 4: offers IPs up to 4.2 billion (32 bit size)
2. IP version 6: 128 bit size.
IP address is used for identifying the system and provides communication.
IP address is of 32 bits divided in four octets.
Each Octet is of 8 bits, separated by a (.) dot.
IP is a combination of Network ID & Host ID.
Uses subnet mask to differentiate Network ID with Host ID.
Subnet mask acts like a mask between Network ID & the Host ID.
Numbers range between 0-255.
Organizations responsible for assigning IPs to clients.
IANA: Internet Assign Naming Authority.
ICANN: Internet Corporation assigning for name Numbers.
IANA has classified IP addressing into classes.
Class A: 1-126(used in LAN/WAN)
Class B: 128 – 191(used in LAN/WAN)
Class C: 192 – 223(used in LAN/WAN)
Class D: 224 – 239 (used for multi casting)
Class E: 240 – 254 (used for experimentation & research)
1. IP version 4: offers IPs up to 4.2 billion (32 bit size)
2. IP version 6: 128 bit size.
IP address is used for identifying the system and provides communication.
IP address is of 32 bits divided in four octets.
Each Octet is of 8 bits, separated by a (.) dot.
IP is a combination of Network ID & Host ID.
Uses subnet mask to differentiate Network ID with Host ID.
Subnet mask acts like a mask between Network ID & the Host ID.
Numbers range between 0-255.
Organizations responsible for assigning IPs to clients.
IANA: Internet Assign Naming Authority.
ICANN: Internet Corporation assigning for name Numbers.
IANA has classified IP addressing into classes.
Class A: 1-126(used in LAN/WAN)
Class B: 128 – 191(used in LAN/WAN)
Class C: 192 – 223(used in LAN/WAN)
Class D: 224 – 239 (used for multi casting)
Class E: 240 – 254 (used for experimentation & research)
Network Topologies:
The way of cabling is called topology.
The architecture of a network is called topology
E.g.: Bus, Star, Ring, and Mesh Topologies.
Bus Topology:
Components of Bus Topology:
1. Co-axial cable (back bone cable)
2. T- connectors
3. BNC (British Network Connector)
4. Terminator
5. Patch cable
Disadvantages of Bus:
If anything goes wrong with backbone cable whole network is down.
Follows a serial communication.
Outdated these days.
Star Topology:
Star topology is an advanced version over bus topology. Where it uses either a hub or a switch, it uses cat5/6 cables.
It uses connecters called (Recommend Jack) - RJ45
Star topology offers faster data transfer or processing.
Ring Topology:
Ring topology is useful when we want redundancy (fault tolerance) we go with this type of topology.
Ring topology uses a device called MSAU. (Multi Station Access Unit)
It is a unit inside which a logical ring is formed. This ring ensures the availability of Network. The availability of ring ensures availability of network.
It was basically implemented in IBM networks.
The architecture of a network is called topology
E.g.: Bus, Star, Ring, and Mesh Topologies.
Bus Topology:
Components of Bus Topology:
1. Co-axial cable (back bone cable)
2. T- connectors
3. BNC (British Network Connector)
4. Terminator
5. Patch cable
Disadvantages of Bus:
If anything goes wrong with backbone cable whole network is down.
Follows a serial communication.
Outdated these days.
Star Topology:
Star topology is an advanced version over bus topology. Where it uses either a hub or a switch, it uses cat5/6 cables.
It uses connecters called (Recommend Jack) - RJ45
Star topology offers faster data transfer or processing.
Ring Topology:
Ring topology is useful when we want redundancy (fault tolerance) we go with this type of topology.
Ring topology uses a device called MSAU. (Multi Station Access Unit)
It is a unit inside which a logical ring is formed. This ring ensures the availability of Network. The availability of ring ensures availability of network.
It was basically implemented in IBM networks.
Networking devices
Hubs, Switches, Routers and NICs.
HUB: Hub is a centralized device provides communication among systems when we have more than 2 computers we need to have a device called hub to interconnect.
Disadvantage of a Hub:
When we want to transfer some data from one system to another system.
If our network has 24 systems the data packet instead of being sent only to the destined system it is being send to all the network participants. (i.e. 24 systems.)
Hubs follow broadcasting
SWITCH: It is an advanced version over a Hub.
The main benefit of switch is Unicast. Data packets are transmitted only to the target computer instead of all.
Switch maintains a table called MIT (Mac Information Table.) which is generated as soon as we turn on the switch, which acts like an index table and easy the process of finding the networked system. MIT contains the port no, IP address and MAC address.
MAC: (Media Access Control): It is an address burnt in the NIC by the manufacturer.
MAC address is of 48 bits in the farm of Hexa decimal.
Every NIC has its own unique MAC address.
MAC address determines the physical location of a system.
ROUTER: Router is a device connects two different networks.
Class A network with Class C network etc.
Routing is a process of communication between two different networks.
HUB: Hub is a centralized device provides communication among systems when we have more than 2 computers we need to have a device called hub to interconnect.
Disadvantage of a Hub:
When we want to transfer some data from one system to another system.
If our network has 24 systems the data packet instead of being sent only to the destined system it is being send to all the network participants. (i.e. 24 systems.)
Hubs follow broadcasting
SWITCH: It is an advanced version over a Hub.
The main benefit of switch is Unicast. Data packets are transmitted only to the target computer instead of all.
Switch maintains a table called MIT (Mac Information Table.) which is generated as soon as we turn on the switch, which acts like an index table and easy the process of finding the networked system. MIT contains the port no, IP address and MAC address.
MAC: (Media Access Control): It is an address burnt in the NIC by the manufacturer.
MAC address is of 48 bits in the farm of Hexa decimal.
Every NIC has its own unique MAC address.
MAC address determines the physical location of a system.
ROUTER: Router is a device connects two different networks.
Class A network with Class C network etc.
Routing is a process of communication between two different networks.
Types of Networks
1) Local Area Network (LAN): Systems connected within the same geographical area is called LAN. A LAN can span 2 kilometers.
Components of LAN:
1. .NIC (Network Interface Card)
2. Cable – Co axial, cat5 or cat6
3. Hubs or Switches.
2) Metropolitan Area Networking: MAN is a combination of LANs or WANS located and connected within the same city.
Components of MAN:
1. Router
2. Brouter (Brouter is a combination of bridge or router)
3. ATM Switches
4. DSL connectivity (DSL – Digital Subscriber Link) ex: Star cables
.
3) Wide Area Networking (WAN): Interconnection of LANs or MANs located within the same geographical area or different area it depends on telecommunication services.
Components of LAN:
1. .NIC (Network Interface Card)
2. Cable – Co axial, cat5 or cat6
3. Hubs or Switches.
2) Metropolitan Area Networking: MAN is a combination of LANs or WANS located and connected within the same city.
Components of MAN:
1. Router
2. Brouter (Brouter is a combination of bridge or router)
3. ATM Switches
4. DSL connectivity (DSL – Digital Subscriber Link) ex: Star cables
.
3) Wide Area Networking (WAN): Interconnection of LANs or MANs located within the same geographical area or different area it depends on telecommunication services.
OSI Layer
SECOND CLASS LECTUREOSI Seven-Layer ModelIn the 1980s, the European-dominated International Standards Organization (ISO),began to develop its Open Systems Interconnection (OSI) networking suite.OSI has two major components: an abstract model of networking (the BasicReference Model, or seven-layer model), and a set of concrete protocols.The standard documents that describe OSI are for sale and not currently available online.Parts of OSI have influenced Internet protocol development, but none more thanthe abstract model itself, documented in OSI 7498 and its various addenda.In this model, a networking system is divided into layers. Within each layer,one or more entities implement its functionality. Each entity interacts directly onlywith the layer immediately beneath it, and provides facilities for use by the layer above it.Protocols enable an entity in one host to interact with a corresponding entity at thesame layer in a remote host.The seven layers of the OSI Basic Reference Model are (from bottom to top):communications media, as well as the electrical properties and interpretationof the exchanged signals. Ex: this layer defines the size of Ethernet coaxial cable,the type of BNC connector used, and the termination method.transmitted on a particular medium. Ex: this layer defines the framing,addressing and checksumming of Ethernet packets.data links can deliver data between any two nodes in a network. Ex: this layerdefines the addressing and routing structure of the Internet.Ex: this layer defines if and how retransmissions will be used to ensure data delivery.1. The Physical Layer describes the physical properties of the various2. The Data Link Layer describes the logical organization of data bits3. The Network Layer describes how a series of exchanges over various4. The Transport Layer describes the quality and nature of the data delivery.than the packets handled by lower layers. Ex: this layer describes how requestand reply packets are paired in a remote procedure call.Ex: this layer describes how floating point numbers can be exchanged betweenhosts with different math formats.Ex: this layer would implement file system operations.The original Internet protocol specifications defined a four-level model,and protocols designed around it (like TCP) have difficulty fitting neatly intothe seven-layer model. Most newer designs use the seven-layer model.\begin{soapbox}The OSI Basic Reference Model has enjoyed a far greater acceptance than theOSI protocols themselves. There are several reasons for this. OSI's committee-baseddesign process bred overgrown, unimaginative protocols that nobody ever accusedof efficiency. Heavy European dominance helped protect their investments in X.25(CONS is basically X.25 for datagram networks). Perhaps most importantly, X.25data networks never caught people's imagination like the Internet, which, with astrong history of free, downloadable protocol specifications, has been loath toembrace yet another networking scheme where you have to pay to figure howthings work.And why should we? OSI's biggest problem is that doesn't really offer anything new.The strongest case for its implementation comes from its status as an "international standard",but we already have a de facto international standard - the Internet. OSI protocols willbe around, but its most significant contribution is the philosophy of networking representedby its layered model.If the Internet community has to worry about anything, it's the danger of IETF turninginto another ISO - a big, overgrown standards organization run by committees,churning out thousands of pages of rubbish, and dominated by big business playersmore interested in preserving investments than advancing the state of the art.5. The Session Layer describes the organization of data sequences larger6. The Presentation Layer describes the syntax of data being transferred.7. The Application Layer describes how real work actually gets done.Open System Interconnection Reference ModelLayer 7—ApplicationLayer 6—PresentationLayer 5—SessionLayer 4—TransportLayer 3—NetworkLayer 2—Data linkLayer 1—PhysicalAll—Application layerPeople—Presentation layerSeem—Session layerTo—Transport layerNeed—Network layerData—Data link layerProcessing—Physical layerThe Open System Interconnection (OSI) reference model describes howinformation from a software application in one computer moves through a networkmedium to a software application in another computer. The OSI reference model isa conceptual model composed of seven layers, each specifying particular networkfunctions. The model was developed by the International Organization forStandardization (ISO) in 1984, and it is now considered the primary architecturalmodel for intercomputer communications. The OSI model divides the tasksinvolved with moving information between networked computers into sevensmaller, more manageable task groups. A task or group of tasks is then assigned toeach of the seven OSI layers. Each layer is reasonably self-contained so that thetasks assigned to each layer can be implemented independently. This enables thesolutions offered by one layer to be updated without adversely affecting the otherlayers. The following list details the seven layers of the Open SystemInterconnection (OSI) reference model:Note A handy way to remember the seven layers is the sentence "Allpeople seem to need data processing." The beginning letter of each wordcorresponds to a layer.Figure 1-2 illustrates the seven-layer OSI reference model.Characteristics of the OSI LayersFigure 1-3 illustrates the division between the upper and lower OSI layers.Figure 1-2: The OSI Reference Model Contains Seven Independent LayersThe seven layers of the OSI reference model can be divided into two categories:upper layers and lower layers.The upper layers of the OSI model deal with application issues and generally areimplemented only in software. The highest layer, the application layer, is closest tothe end user. Both users and application layer processes interact with softwareapplications that contain a communications component. The term upper layer issometimes used to refer to any layer above another layer in the OSI model.The lower layers of the OSI model handle data transport issues. The physical layerand the data link layer are implemented in hardware and software. The lowestlayer, the physical layer, is closest to the physical network medium (the networkcabling, for example) and is responsible for actually placing information on themedium.Figure 1-3: Two Sets of Layers Make Up the OSI LayersProtocolsOSI Model and Communication Between SystemsInteraction Between OSI Model LayersThe OSI model provides a conceptual framework for communication betweencomputers, but the model itself is not a method of communication. Actualcommunication is made possible by using communication protocols. In the contextof data networking, a protocol is a formal set of rules and conventions that governshow computers exchange information over a network medium. A protocolimplements the functions of one or more of the OSI layers.A wide variety of communication protocols exist. Some of these protocols includeLAN protocols, WAN protocols, network protocols, and routing protocols. LANprotocols operate at the physical and data link layers of the OSI model and definecommunication over the various LAN media. WAN protocols operate at the lowestthree layers of the OSI model and define communication over the various wideareamedia. Routing protocols are network layer protocols that are responsible forexchanging information between routers so that the routers can select the properpath for network traffic. Finally, network protocols are the various upper-layerprotocols that exist in a given protocol suite. Many protocols rely on others foroperation. For example, many routing protocols use network protocols to exchangeinformation between routers. This concept of building upon the layers already inexistence is the foundation of the OSI model.Information being transferred from a software application in one computer systemto a software application in another must pass through the OSI layers. For example,if a software application in System A has information to transmit to a softwareapplication in System B, the application program in System A will pass itsinformation to the application layer (Layer 7) of System A. The application layerthen passes the information to the presentation layer (Layer 6), which relays thedata to the session layer (Layer 5), and so on down to the physical layer (Layer 1).At the physical layer, the information is placed on the physical network mediumand is sent across the medium to System B. The physical layer of System Bremoves the information from the physical medium, and then its physical layerpasses the information up to the data link layer (Layer 2), which passes it to thenetwork layer (Layer 3), and so on, until it reaches the application layer (Layer 7)of System B. Finally, the application layer of System B passes the information tothe recipient application program to complete the communication process.OSI Layer ServicesA given layer in the OSI model generally communicates with three other OSIlayers: the layer directly above it, the layer directly below it, and its peer layer inother networked computer systems. The data link layer in System A, for example,communicates with the network layer of System A, the physical layer of System A,and the data link layer in System B. Figure 1-4 illustrates this example.Figure 1-4: OSI Model Layers Communicate with Other LayersOne OSI layer communicates with another layer to make use of the servicesprovided by the second layer. The services provided by adjacent layers help a givenOSI layer communicate with its peer layer in other computer systems. Three basicelements are involved in layer services: the service user, the service provider, andthe service access point (SAP).In this context, the service user is the OSI layer that requests services from anadjacent OSI layer. The service provider is the OSI layer that provides services toservice users. OSI layers can provide services to multiple service users. The SAP isa conceptual location at which one OSI layer can request the services of anotherOSI layer.Figure 1-5 illustrates how these three elements interact at the network and data linklFaiygeurrse. 1-5: Service Users, Providers, and SAPs Interact at the Network andData Link LayersOSI Model Layers and Information ExchangeInformation Exchange ProcessThe seven OSI layers use various forms of control information to communicatewith their peer layers in other computer systems. This control information consistsof specific requests and instructions that are exchanged between peer OSI layers.Control information typically takes one of two forms: headers and trailers. Headersare prepended to data that has been passed down from upper layers. Trailers areappended to data that has been passed down from upper layers. An OSI layer is notrequired to attach a header or a trailer to data from upper layers.Headers, trailers, and data are relative concepts, depending on the layer thatanalyzes the information unit. At the network layer, for example, an informationunit consists of a Layer 3 header and data. At the data link layer, however, all theinformation passed down by the network layer (the Layer 3 header and the data) istreated as data.In other words, the data portion of an information unit at a given OSI layerpotentially can contain headers, trailers, and data from all the higher layers. This isknown as encapsulation. Figure 1-6 shows how the header and data from one layerare encapsulated into the header of the next lowest layer.Figure 1-6: Headers and Data Can Be Encapsulated During Information ExchangeThe information exchange process occurs between peer OSI layers. Each layer inthe source system adds control information to data, and each layer in the destinationsystem analyzes and removes the control information from that data.OSI Model Physical LayerOSI Model Data Link LayerIf System A has data from a software application to send to System B, the data ispassed to the application layer. The application layer in System A thencommunicates any control information required by the application layer in SystemB by prepending a header to the data. The resulting information unit (a header andthe data) is passed to the presentation layer, which prepends its own headercontaining control information intended for the presentation layer in System B. Theinformation unit grows in size as each layer prepends its own header (and, in somecases, a trailer) that contains control information to be used by its peer layer inSystem B. At the physical layer, the entire information unit is placed onto thenetwork medium.The physical layer in System B receives the information unit and passes it to thedata link layer. The data link layer in System B then reads the control informationcontained in the header prepended by the data link layer in System A. The header isthen removed, and the remainder of the information unit is passed to the networklayer. Each layer performs the same actions: The layer reads the header from itspeer layer, strips it off, and passes the remaining information unit to the nexthighest layer. After the application layer performs these actions, the data is passedto the recipient software application in System B, in exactly the form in which itwas transmitted by the application in System A.The physical layer defines the electrical, mechanical, procedural, and functionalspecifications for activating, maintaining, and deactivating the physical linkbetween communicating network systems. Physical layer specifications definecharacteristics such as voltage levels, timing of voltage changes, physical datarates, maximum transmission distances, and physical connectors. Physical layerimplementations can be categorized as either LAN or WAN specifications. Figure1-7 illustrates some common LAN and WAN physical layer implementations.Figure 1-7: Physical Layer Implementations Can Be LAN or WAN SpecificationsOSI Model Network LayerThe data link layer provides reliable transit of data across a physical network link.Different data link layer specifications define different network and protocolcharacteristics, including physical addressing, network topology, error notification,sequencing of frames, and flow control. Physical addressing (as opposed tonetwork addressing) defines how devices are addressed at the data link layer.Network topology consists of the data link layer specifications that often definehow devices are to be physically connected, such as in a bus or a ring topology.Error notification alerts upper-layer protocols that a transmission error hasoccurred, and the sequencing of data frames reorders frames that are transmittedout of sequence. Finally, flow control moderates the transmission of data so that thereceiving device is not overwhelmed with more traffic than it can handle at onetime.The Institute of Electrical and Electronics Engineers (IEEE) has subdivided thedata link layer into two sublayers: Logical Link Control (LLC) and Media AccessControl (MAC). Figure 1-8 illustrates the IEEE sublayers of the data link layer.Figure 1-8: The Data Link Layer Contains Two SublayersThe Logical Link Control (LLC) sublayer of the data link layer managescommunications between devices over a single link of a network. LLC is defined inthe IEEE 802.2 specification and supports both connectionless and connectionorientedservices used by higher-layer protocols. IEEE 802.2 defines a number offields in data link layer frames that enable multiple higher-layer protocols to share asingle physical data link. The Media Access Control (MAC) sublayer of the datalink layer manages protocol access to the physical network medium. The IEEEMAC specification defines MAC addresses, which enable multiple devices touniquely identify one another at the data link layer.The network layer defines the network address, which differs from the MACaddress. Some network layer implementations, such as the Internet Protocol (IP),define network addresses in a way that route selection can be determinedsystematically by comparing the source network address with the destinationnetwork address and applying the subnet mask. Because this layer defines thelogical network layout, routers can use this layer to determine how to forwardpackets. Because of this, much of the design and configuration work forinternetworks happens at Layer 3, the network layer.OSI Model Transport LayerThe transport protocols used on the Internet are TCP and UDP.OSI Model Session LayerOSI Model Presentation LayerThe transport layer accepts data from the session layer and segments the data fortransport across the network. Generally, the transport layer is responsible formaking sure that the data is delivered error-free and in the proper sequence. Flowcontrol generally occurs at the transport layer.Flow control manages data transmission between devices so that the transmittingdevice does not send more data than the receiving device can process. Multiplexingenables data from several applications to be transmitted onto a single physical link.Virtual circuits are established, maintained, and terminated by the transport layer.Error checking involves creating various mechanisms for detecting transmissionerrors, while error recovery involves acting, such as requesting that data beretransmitted, to resolve any errors that occur.The session layer establishes, manages, and terminates communication sessions.Communication sessions consist of service requests and service responses thatoccur between applications located in different network devices. These requestsand responses are coordinated by protocols implemented at the session layer. Someexamples of session-layer implementations include Zone Information Protocol(ZIP), the AppleTalk protocol that coordinates the name binding process; andSession Control Protocol (SCP), the DECnet Phase IV session layer protocol.The presentation layer provides a variety of coding and conversion functions thatare applied to application layer data. These functions ensure that information sentfrom the application layer of one system would be readable by the application layerof another system. Some examples of presentation layer coding and conversionschemes include common data representation formats, conversion of characterrepresentation formats, common data compression schemes, and common dataencryption schemes.Common data representation formats, or the use of standard image, sound, andvideo formats, enable the interchange of application data between different types ofcomputer systems. Conversion schemes are used to exchange information withsystems by using different text and data representations, such as EBCDIC andASCII. Standard data compression schemes enable data that is compressed at thesource device to be properly decompressed at the destination. Standard dataencryption schemes enable data encrypted at the source device to be properlydeciphered at the destination.OSI Model Application LayerPresentation layer implementations are not typically associated with a particularprotocol stack. Some well-known standards for video include QuickTime andMotion Picture Experts Group (MPEG). QuickTime is an Apple Computerspecification for video and audio, and MPEG is a standard for video compressionand coding.Among the well-known graphic image formats are Graphics Interchange Format(GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format(TIFF). GIF is a standard for compressing and coding graphic images. JPEG isanother compression and coding standard for graphic images, and TIFF is astandard coding format for graphic images.The application layer is the OSI layer closest to the end user, which means thatboth the OSI application layer and the user interact directly with the softwareapplication.This layer interacts with software applications that implement a communicatingcomponent. Such application programs fall outside the scope of the OSI model.Application layer functions typically include identifying communication partners,determining resource availability, and synchronizing communication.When identifying communication partners, the application layer determines theidentity and availability of communication partners for an application with data totransmit.When determining resource availability, the application layer must decide whethersufficient network resources for the requested communication exist. Insynchronizing communication, all communication between applications requirescooperation that is managed by the application layer.Some examples of application layer implementations include Telnet, File TransferProtocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Subscribe to:
Posts (Atom)