Microsoft Press Windows Vista Administrator's Pocket Consultant ebook
Page 42
Sharing and discovery Provides the options for configuring the computer's sharing and discovery settings and lists the current state of each option. To manage an option, expand the option's view panel by clicking the Expand button (showing a down arrow), clicking the desired setting, and then clicking Apply. To turn on or turn off network discovery, expand Network Discovery, click Turn On Network Discovery or Turn Off Network Discovery as appropriate, and then click Apply.
From Network And Sharing Center, you can attempt to diagnose a warning status. To do this, click the warning icon to start Windows Network Diagnostics. Windows Network Diagnostics will then attempt to identify the network problem and provide a possible solution.
Working with Network Map
When mapping is permitted by Group Policy and discovery is enabled, Network Map, shown in Figure 12-3, provides an expanded graphical depiction of the network configuration and connections. You can access Network Map by following these steps:
Click Start and then click Network.
In Network Explorer, click Network And Sharing Center on the toolbar.
In Network And Sharing Center, click View Full Map.
Figure 12-3: Use Network Map to get an expanded view of the network.
Note
In a standard configuration, computers running Windows Vista can create a summary network map like the one available in Network And Sharing Center. Any more detailed network mapping, however, is only permitted when network discovery is enabled and when allowed by Group Policy.
When you click View Full Map in Network And Sharing Center (and both discovery and policy settings allow it), Windows Vista generates a map of the current network. Computers and devices that are discovered and can be placed on the map are shown with lines that depict how they are connected. Computers and devices that are discovered but cannot be placed on the map are listed at the bottom of the page.
On the network map, any problems with the network configuration or connections are depicted with warning icons. A yellow warning icon indicates a possible configuration issue. A red X indicates a lack of a connection for a particular network segment. Clicking a warning icon starts Windows Network Diagnostics, which tries to identify the network problem and provide a possible solution.
Several helpful links are provided. You can open Windows Help And Support by clicking the Why Are Some Computers And Devices Missing link. You can open Network Explorer by clicking the View Computers And Devices link.
Real World
Network Map can be useful in some situations. However, because it allows discovery of an organization's internal network, which can put the network at risk, network mapping is disabled in Group Policy by default. Group Policy settings for controlling network mapping are found under Computer PolicyAdministrative TemplatesNetworkLink-Layer Topology Discovery. For a computer to discover other computers for mapping, Turn On Mapper I/O (LLTDIO) Driver must be enabled in a Group Policy Object being applied to the computer. For a computer to be discovered by other computers, Turn On Responder (RSPNDR) Driver must be enabled in a Group Policy Object being applied to the computer.
When you enable either or both of these settings, you can also specify how this feature should work. In most cases, if you allow mapping, you'll want to configure the settings to allow operation while in the domain and prohibit operation while in a private network. Only allow operation on a public network when there is a specific requirement to do so and then only allow it for the individual computer or computers that require mapping.
Installing Networking Components
If you want to install networking on a computer, you must install Transmission Control Protocol/Internet Protocol (TCP/IP) networking and a network adapter. Windows Vista uses TCP/IP as the default wide area network (WAN) protocol. Networking is normally installed during Windows Vista installation. You can also install TCP/IP networking through local area connection properties.
Working with TCP/IP and the Dual IP Stack
The TCP and IP protocols make it possible for computers to communicate across various networks and the Internet using network adapters, whether network interface cards, USB-attachable network adapters, PC Card network adapters, or built-in adapters on the motherboard. Windows Vista has a dual IP layer architecture in which both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) are implemented and share common Transport and Frame layers.
IPv4 and IPv6 are used in very different ways. IPv4 has 32-bit addresses and is the primary version of IP used on most networks, including the Internet. IPv6 has 128-bit addresses and is the next generation version of IP.
IPv4's 32-bit addresses commonly are expressed as four separate decimal values, such as 127.0.0.1 or 192.168.1.20. The four decimal values are referred to as octets because each represents 8 bits of the 32-bit number. With standard unicast IPv4 addresses, a variable part of the IP address represents the network ID and a variable part of the IP address represents the host ID. There is no correlation between a host's IPv4 address and the internal machine (MAC) address used by the host's network adapter.
IPv6's 128-bit addresses are divided into eight 16-bit blocks delimited by colons. Each 16-bit block is expressed in hexadecimal form. With standard unicast IPv6 addresses, the first 64 bits represent the network ID and the last 64 bits represent the network interface. An example of an IPv6 address follows:
FEC0:0:0:02BC:FF:BECB:FE4F:961D
Because many IPv6 address blocks are set to 0, a contiguous set of 0 blocks can be expressed as "::", a notation referred to as the double-colon notation. Using doublecolon notation, the two 0 blocks in the previous address are compressed as follows:
FEC0::02BC:FF:BECB:FE4F:961D
If there were three or more 0 blocks, they would be compressed in the same way. For example, FFE8:0:0:0:0:0:0:1 becomes FFE8::1.
When networking hardware is detected during installation of the operating system, both IPv4 and IPv6 are enabled by default and there is no need to install a separate component to enable support for IPv6. Windows Vista's modified IP architecture is referred to as the Next Generation TCP/IP stack. Table 12-1 summarizes the key TCP/IP enhancements implemented in the Next Generation TCP/IP stack. Table 12-2 summarizes the key TCP/IP enhancements that are specific to IPv6.
Table 12-1: Key TCP/IP Enhancements in the Next Generation TCP/IP Stack
Features Supported
Description
Automatic Black Hole Router Detection
Prevents TCP connections from terminating due to intermediate routers silently discarding large TCP segments, retransmissions, or error messages.
Automatic Dead Gateway Retry
Ensures that an unreachable gateway is checked periodically to determine whether it has become available.
Compound TCP
Optimizes TCP transfers for the sending host by increasing the amount of data sent in a connection while ensuring other TCP connections are not impacted.
Extended Selective Acknowledgments
Extends the way Selective Acknowledgments (SACKs) are used, enabling a receiver to indicate up to four noncontiguous blocks of received data and to acknowledge duplicate packets. This helps the receiver determine when it has retransmitted a segment unnecessarily and adjust its behavior to prevent future retransmissions.
Modified Fast Recovery Algorithm
Provides faster throughput by altering the way that a sender can increase the sending rate if multiple segments in a window of data are lost and the sender receives an acknowledgment stating only part of the data has been successfully received.
Neighbor Unreachability Detection for IPv4
Determines when neighboring nodes and routers are no longer reachable and reports the condition.
Network Diagnostics Framework
Provides an extensible framework that helps users recover from and troubleshoot problems with network connections.
Receive Window Auto Tuning
Optimizes TCP transfers for the h
ost receiving data by automatically managing the size of the memory buffer (the receive windows) to use for storing incoming data based on the current network conditions.
Routing Compartments
Prevents unwanted forwarding of traffic between interfaces by associating an interface or a set of interfaces with a login session that has its own routing tables.
SACK-based Loss Recovery
Makes it possible to use SACK information to perform loss recovery when duplicate acknowledgments have been received and to more quickly recover when multiple segments are not received at the destination.
Spurious Retransmission Timeout Detection
Provides correction for sudden, temporary increases in retransmission timeouts and prevents unnecessary retransmission of segments.
TCP Extended Statistics
Helps determine whether a performance bottleneck for a connection is the sending application, the receiving application, or the network.
Windows Filtering Platform
Provides application programming interfaces (APIs) for extending the TCP/IP filtering architecture so that it can support additional features.
Table 12-2: Key TCP/IP Enhancements for IPv6
Feature Supported
Description
DHCPv6-capable DHCP client
Extends the DHCP client to support IPv6 and allows stateful address autoconfiguration with a DHCPv6 server.
IP Security
Allows use of Internet Key Exchange (IKE) and data encryption for IPv6.
IPv6 over Point-to-Point Protocol (PPPv6)
Allows native IPv6 traffic to be sent over PPP-based connections, which in turn allows remote access clients to connect with an IPv6-based Internet service provider (ISP) through dial-up or PPP over Ethernet (PPPoE)-based connections.
Link-Local Multicast Name Resolution (LLMNR)
Allows IPv6 hosts on a single subnet without a DNS server to resolve each other's names.
Multicast Listener Discovery version 2 (MLDv2)
Provides support for source-specific multicast traffic and is equivalent to Internet Group Management Protocol version 3 (IGMPv3) for IPv4.
Random Interface IDs
Prevents address scanning of IPv6 addresses based on the known company IDs of network adapter manufacturers. By default, Windows Vista generates random interface IDs for nontemporary autoconfigured IPv6 addresses, including public and link-local addresses.
Symmetric Network Address Translators
Maps the internal (private) address and port number to different external (public) addresses and ports, depending on the external destination address.
Installing Network Adapters
Network adapters are hardware devices that are used to communicate on networks. You can install and configure network adapters by completing the following steps:
Configure the network adapter following the manufacturer's instructions. For example, you might need to use the software provided by the manufacturer to modify the Interrupt setting or the Port setting of the adapter.
If installing an internal network interface card, shut down the computer, unplug it, and install the adapter card in the appropriate slot on the computer. When you're finished, plug in and start the computer.
Windows Vista should detect the new adapter during startup. If you have a separate driver disk for the adapter, you should insert it now. Otherwise, you might be prompted to insert a driver disk.
If Windows Vista doesn't detect the adapter automatically, follow the installation instructions in the "Working with Device Drivers" and "Managing Hardware" sections of Chapter 3, "Configuring Systems, Hardware Devices, and Drivers."
If networking services aren't installed on the system, install them as described in the next section.
Installing Networking Services (TCP/IP)
If you're installing TCP/IP after installing Windows Vista, log on to the computer using an account with Administrator privileges and then follow these steps:
Click Start and then click Network. In Network Explorer, click Network And Sharing Center on the toolbar.
In Network And Sharing Center, click Manage Network Connections.
In Network Connections, right-click the connection you want to work with and then select Properties.
In the Local Area Connection Status dialog box, click Properties. This displays the Local Area Connection Properties dialog box, shown in Figure 12-4.
Figure 12-4: Use the Local Area Connection Properties dialog box to install and configure TCP/IP.
If Internet Protocol Version 6 (TCP/IPv6), Internet Protocol Version 4 (TCP/IPv4), or both aren't shown in the list of installed components, you'll need to install them. Click Install. Then click Protocol, Add. In the Select Network Protocol dialog box, select the protocol to install and then click OK. If you are installing both TCP/IPv6 and TCP/IPv4, repeat this procedure.
In the Local Area Connection Properties dialog box, make sure that the following are selected as appropriate: Internet Protocol Version 6 (TCP/IPv6), Internet Protocol Version 4 (TCP/IPv4), or both. Then click OK.
As necessary, follow the instructions in the next section for configuring local area connections for the computer.
Configuring Local Area Connections
A local area connection is created automatically if a computer has a network adapter and is connected to a network. If a computer has multiple network adapters and is connected to a network, you'll have one local area connection for each adapter. If no network connection is available, you should connect the computer to the network or create a different type of connection, as explained in the "Managing Local Area Connections" section of this chapter.
Computers use IP addresses to communicate over TCP/IP. Windows Vista provides the following ways to configure IP addressing:
Manually IP addresses that are assigned manually are called static IP addresses. Static IP addresses are fixed and don't change unless you change them. You'll usually assign static IP addresses to Windows servers, and when you do this, you'll need to configure additional information to help the server navigate the network.
Dynamically A DHCP server (if one is installed on the network) assigns dynamic IP addresses at startup, and the addresses might change over time. Dynamic IP addressing is the default configuration.
Alternatively (IPv4 only) When a computer is configured to use DHCPv4 and no DHCPv4 server is available, Windows Vista assigns an alternate private IP address automatically. By default, the alternate IPv4 address is in the range from 169.254.0.1 to 169.254.255.254 with a subnet mask of 255.255.0.0. You can also specify a user-configured alternate IPv4 address, which is particularly useful for laptop users.
Configuring Static IP Addresses
When you assign a static IP address, you need to tell the computer the IP address you want to use, the subnet mask for this IP address, and, if necessary, the default gateway to use for internetwork communications. An IP address is a numeric identifier for a computer. IP addressing schemes vary according to how your network is configured, but they're normally assigned based on a particular network segment.
IPv6 addresses and IPv4 addresses are very different, as discussed in the "Working with TCP/IP and the Dual IP Stack" section of this chapter. With IPv6, the first 64 bits represent the network ID and the remaining 64 bits represent the network interface. With IPv4, a variable number of the initial bits represent the network ID and the rest of the bits represent the host ID. For example, if you're working with IPv4 and a computer on the network segment 10.0.10.0 with a subnet mask of 255.255.255.0, the first three bits represent the network ID, and the address range you have available for computer hosts is from 10.0.10.1 to 10.0.10.254. In this range, the address 10.0.10.255 is reserved for network broadcasts.
If you're on a private network that is indirectly connected to the Internet, you should use private IPv4 addresses. Private network IPv4 addresses are summarized in Table 12-3.
Table 12-3: Private IPv4 Network Addressing<
br />
Private Network ID
Subnet Mask
Network Address Range
10.0.0.0
255.0.0.0
10.0.0.0–10.255.255.255
172.16.0.0
255.240.0.0
172.16.0.0–172.31.255.255
192.168.0.0
255.255.0.0
192.168.0.0–192.168.255.255
All other IPv4 network addresses are public and must be leased or purchased. If the network is connected directly to the Internet and you've obtained a range of IPv4 addresses from your Internet service provider, you can use the IPv4 addresses you've been assigned.
Using the PING Command to Check an Address
Before you assign a static IP address, you should make sure that the address isn't already in use or reserved for use with DHCP. You can use the PING command to see whether an address is in use. Open a command prompt and type ping, followed by the IP address you want to check.
To test the IPv4 address 10.0.10.12, you would use the following command:
ping 10.0.10.12
To test the IPv6 address FEC0::02BC:FF:BECB:FE4F:961D, you would use the following command:
ping FEC0::02BC:FF:BECB:FE4F:961D
If you receive a successful reply from the PING test, the IP address is in use and you should try another one. If the request times out for all four PING attempts, the IP address isn't active on the network at this time and probably isn't in use. However, a firewall could be blocking your PING request. Your company's network administrator would also be able to confirm whether an IP address is in use.
Configuring a Static IPv4 or IPv6 Address