Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 74 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
74
Dung lượng
434,09 KB
Nội dung
418 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems whose IP does match the one in the ARP message first puts the sending computer’s IP/MAC address information in its own ARP cache, then sends a response to the sending computer with the information about its MAC address. When the sending computer gets the response, it adds the destination computer’s IP/MAC address information to its cache, and can now send data to the destination computer. IP Communications on a Routed Network (to a Remote Subnet) If the destination computer is not on the same local subnet, it works slightly differently. In this case, ARP will resolve the remote IP address to the physical address of the router that can forward the message on to the subnet on which the destination computer resides. The IP protocol again checks the IP addresses and subnet mask and this time determines that the destination computer is not on the local subnet. IP determines the IP address of the default gateway (router), and the sending computer checks the ARP cache for a physical address that matches the router’s IP address. IP Addresses and the Internet As we all know by now, TCP/IP is the protocol suite used for com- munications over the vast global network of networks that we call the Internet. We also know that in order for communications to take place on a TCP/IP network, every network ID on the internetwork must be unique, and every Host ID must be unique to that network. In theory, this means that of the millions of computers connect- ed to the Internet, there should be no two with the same IP address. In practice, however, this is not strictly true. Due to the shortage of available IP addresses, and also because registering multiple address- es adds to the cost of running a network, many companies and home networks use some method of connecting many computers to the Internet through a single IP address. There are two popular types of software designed to accomplish this: Network Address Translation (NAT) and Proxy Services. Network Address Translation (NAT). This is a means of config- uring one computer, which has a dial-up or dedicated connection to For IT Professionals Continued 91_tcpip_08.qx 2/25/00 11:10 AM Page 418 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 419 the Internet through an ISP, to serve as a gateway through which other computers on the LAN can obtain Internet access without being assigned separate “public” addresses. With NAT, these client computers use “internal” addresses from the private address range, which are not visible to systems outside the local network. To the Internet, there appears to be only one computer connected—and indeed, only the “gateway” computer (sometimes called the NAT or ICS host computer) is actually connected to the Internet. There are third-party software implementations of NAT, such as Sygate and NAT32. A new feature in Windows 2000 is built-in support for NAT. Windows 2000 Professional includes Internet Connection Sharing, which is a somewhat limited form of NAT that is simple to configure and administer. Windows 2000 Server includes ICS too, but it also provides for a more flexible form of NAT through RRAS (Routing and Remote Access Service), which allows for changing the IP address range, use of multiple public addresses, and multiple LAN interfaces. ICS does not support these advanced features. Both ICS and NAT include components for address assignment, translation of the pri- vate internal addresses to the public external address(es), and name resolution services. Proxy Services. A proxy server is a more sophisticated means of providing a shared connection to the Internet, which provides for greater security through complex filtering. Proxy software, such as Microsoft Proxy Server or Winproxy, requires a higher level of config- uration and contains other features in addition to address transla- tion. For example, proxy servers can be set up to cache often-accessed Web sites so that performance will be optimized and less actual access to the Internet is required. Generally, however, proxy servers use the same address translation technique as NAT— requests for Internet access go through the server, which maps each clients’ internal IP address and the application making the request to a port on the server. The proxy then presents the request to the “out- side world” as if it came directly from the server itself, and the inter- nal machines’ addresses are hidden from the Internet. The result is that there are many, many more individual comput- ers “on the Net” than it would appear from the number of public IP addresses visible to the outside network. What appears to be one computer, with one IP address, may be a NAT host or proxy server that is forwarding requests and responses for dozens or even hun- dreds of computers on its local network. 91_tcpip_08.qx 2/25/00 11:10 AM Page 419 420 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems If it doesn’t find one, it broadcasts an ARP message to find the router’s physical address, using the same process as in the previous example. When the router, which is attached to the local subnet, receives the ARP message and determines the IP matches its own, it responds with its physical address after putting the sender’s IP/MAC information into its cache. The sender updates its own cache with the router’s information, and now will send any messages addressed to the remote destination computer through the router. The router will forward the message to the destination computer (or another router, if it is not directly connection to the destination computer’s subnet) using the same process. Overview: IP Addressing Configuration Errors A large percentage of TCP/IP connectivity problems can be traced to IP addressing configuration errors. Thus, one of the first things you should check, if your TCP/IP-based computer is not able to communicate on the network, is the TCP/IP Properties sheet. Ensure that if you have manual- ly assigned the IP address, it is a valid address for the subnet. Also check the address of the default gateway, DNS and WINS servers, and the sub- net mask. Simply making this quick check can eliminate many problems. Common errors include transposing two digits within an address and switching two addresses between fields (such as entering the computer’s address in the default gateway field, and vice versa). It sounds elemen- tary, but remember one important rule of troubleshooting is to always check the “simple stuff” first. Microsoft documentation attributes the majority of TCP/IP connectivity problems to incorrectly entered IP address information. This is one case where typos do count. Duplicate IP Addresses Duplicate addresses can be a problem in a network where some or all of the IP addresses are manually assigned, especially if there is more than one administrator or other personnel are responsible for configuring TCP/IP properties on computers. NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 420 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 421 If this happens, the following situation may occur: When a Windows 2000 computer comes online (or when its IP address is changed), and its TCP/IP stack is initialized, it sends a “gratuitous” ARP message, request- ing the hardware address associated with its own IP address. If another computer responds, thus claiming the IP address as its own, the newly initialized computer will stop using IP. If there is another network protocol installed, it may be able to continue communicating on the network using the other protocol. If TCP/IP is the only network protocol installed, it will not be able to communicate on the network. Windows 2000 tries to prevent duplicate address errors in several ways. If you change the TCP/IP settings and enter an IP address that is already in use on the network, you will get a message indicating the address is taken and instructing you to change your settings. If you change the settings while offline and then come back onto the network, you will receive a mes- sage informing you that there is an IP address conflict. The computer that is already using the address will also display an error message (see Figure 8.8) indicating that there is an address conflict, although it will be able to continue communicating via TCP/IP using the address. Figure 8.8 Windows 2000 displays an error message when a duplicate address is detected. One way to track down this problem is by checking the System Log in the Windows 2000 Event Viewer. An error message will appear, indicating that the system detected an IP address conflict. Locating the Other Computer that Is Using the Address There are several ways to locate which other computer on the network is using the address. If it is a Windows 2000 or NT computer, there will be an event entered in its System Log reporting the conflict, although the computer that “got there first” will be able to go on using the address. You can also use the tracert command on the address to find out the name of the computer using it, or you can use arp –a to find out the physical address of the computer using the IP address, as long as the other computer is on your local subnet. 91_tcpip_08.qx 2/25/00 11:10 AM Page 421 422 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems There is third-party IP management software that will do sophisticated tracking and auditing of IP address information. One such product that is compatible with Windows 2000 is Meta IP. For more information, see www.metainfo.com/products/metaip.cfm. Address Conflicts with Computers Using DHCP If you receive a message that you have an IP address conflict at bootup and the machine is using DHCP, you can release the address so the DHCP server will assign a new address. To release the address, use the ipconfig /release command. Invalid IP Addresses If the computer is given an IP address that is “illegal” or just invalid for use on that particular network, it will not be able to communicate with other computers over TCP/IP. As mentioned earlier, if you are running a private network that has no connection to the “cloud” (as many books and illustrations represent the Internet), you can use any IP addresses you wish, including those that have already been assigned for public use. This will not cause a prob- lem—unless you later decide to connect your network to the Internet without changing the addressing scheme. At that point, your addresses may conflict with those of another organization that has registered that address space. Packets intended for computers on your network will be routed to the “legal” holder of the addresses. An invalid address may not be illegal, but does not “fit” into the local network’s addressing scheme. If the LAN is using the network ID of 192.168.1.0 with a subnet mask of 255.255.255.0, then the computers that are on that network must have IP addresses that use 192.168.1 for the first three octets. If you assign one of the computers an address that is not on that network (or if it is assigned an address with a different net- work ID by APIPA because a DHCP server could not be contacted), when IP attempts to contact another computer on the same segment it will identify the address as belonging to a remote host and will send the pack- et to its default gateway. Also remember that Host IDs of all 0s or all 1s are not valid for assignment as a computer’s IP address. A Host ID of all 0s is used to TIP 91_tcpip_08.qx 2/25/00 11:10 AM Page 422 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 423 identify the network, and a Host ID of all 1s is used as the broadcast address, for messages to be sent to all computers on the network. Thus, on a class B network using the default subnet mask of 255.255.0.0, both the addresses 138.21.0.0 and 138.21.255.255 would be unavailable for Host IDs. On a class C network using the default sub- net mask of 255.255.255.0, the same would be true of the addresses 201.45.3.0 and 201.45.3.255. DHCP Configuration Problems The Dynamic Host Configuration Protocol runs on a Windows 2000 Server and automatically assigns IP addresses to computers configured to be DHCP clients. DHCP originated as a derivative of BOOTP, the Bootstrap Protocol used in earlier networks to assign IP addresses dynamically, usually in the context of booting diskless workstations from the network. The specifications for BOOTP are defined in RFCs 951 and 1084. How DHCP Works: Condensed Version Most network administrators are familiar with DHCP and aware of the four-step process required for a DHCP client to obtain a “lease” on an IP address. We will briefly review those steps to identify the points in the process where things can go wrong. DHCP is not a Microsoft-specific feature. UNIX, NetWare, and other network operating systems (server software programs) also use DHCP. The four steps in the lease process involve the sending of four special messages between the DHCP client and a DHCP server. These messages are called: ■ DHCP Discover ■ DHCP Offer NOTE NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 423 424 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems ■ DHCP Request ■ DHCP Acknowledgment The process is relatively simple. DHCP Discover When a computer that is configured to be a DHCP client comes online and its TCP/IP stack is initialized, it accesses the Registry settings per- taining to TCP/IP parameters and recognizes that it must obtain an IP address from a DHCP server. It does not, however, know how to reach a DHCP server. Unlike DNS and WINS servers addresses, the IP address of a DHCP server is not entered in the TCP/IP configuration properties. That means the computer must broadcast for a DHCP server. The client sends a broadcast message (addressed to the broadcast address 255.255.255.255) called a DHCP Discover message, which essentially asks DHCP to come to its aid and assign it an IP address. Since the client does not have an IP address at this point, it uses the address 0.0.0.0 as its source address. The server would not be able to identify the client that sent the request from this address, so the message also includes the client computer’s name and its physical MAC address. DHCP Offer If there is an authorized DHCP server on the network, it hears the client’s plea for help and responds with a message called a DHCP Offer. This mes- sage contains an IP address from its predefined scope of addresses that can be allocated, as well as other information such as duration of the lease. This message is also sent as a broadcast, since the client computer doesn’t yet have an IP address to which the server can send the message directly. The Offer message includes the IP address that is available (and the server temporarily reserves it during the extension of the offer), a subnet mask, a lease duration (which is specified by the administrator in config- uring DHCP), and the server’s IP address. DHCP Request The client will receive “offers” from more than one source if there are mul- tiple DHCP servers on the network that have available addresses. The client will accept the first offer that arrives, and will send back a message NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 424 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 425 called a DHCP Request. This is also a broadcast—so the other servers who made offers will know that they’ve been “rejected” and will release the addresses they had temporarily reserved for the client—which we might think of as a formal acceptance of the first server’s offer. It includes the IP address of the server whose offer is being accepted. DHCP Acknowledgment The final message, the one that “clinches the deal,” comes from the DHCP server. It acknowledges the acceptance of its offer and assigns the IP address to the client for it to use for the duration of the lease period. It also includes other TCP/IP configuration information, such as the default gateway and subnet mask, and the addresses of DNS and WINS servers, if the client is configured to get this information through DHCP. After receiving this message, the client will be able to use the IP address for TCP/IP communications over the network. This last message is called an ACK. If the server is for some reason unable to complete the transaction, it sends instead a NACK, or negative acknowledgment. A NACK occurs when a client attempts to lease an IP address it held previously, which has become unavailable, or if the client has relocated to a different subnet and the address it is trying to lease is now invalid. Common DHCP Problems Next, we will look at some of the problems that can occur as this scenario plays out. Windows 2000 Pro cannot be a DHCP server, although it can serve as a DHCP allocator, performing somewhat the same function, when set up to share its Internet connection as an ICS host. Traditionally, most problems with DHCP fall into a few broad categories: ■ Server configuration problems ■ Client configuration problems NOTE NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 425 426 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems ■ Unauthorized DHCP servers ■ Unavailable DHCP server We will discuss each of these, how Windows 2000’s TCP/IP enhance- ments help to reduce the frequency of these problems, and best practices for optimizing DHCP performance and decreasing the chances of problems. Server Configuration Problems As might be expected, the majority of DHCP problems stem from incorrect initial configuration or failure to update the configuration on the DHCP server(s). Remember that the DHCP server itself cannot be a DHCP client; it must be manually configured with a static IP address and other TCP/IP configuration information. In Windows 2000, Microsoft has incorporated the management of the DHCP server services into the Microsoft Management Console (MMC), pro- viding a new, more standardized look and feel for administrators. See Figure 8.9 for an example of the DHCP management console snap-in. TIP Figure 8.9 The DHCP server is configured from the MMC. You can access the DHCP MMC via Start | Programs | Administrative Tools | DHCP on the server. If DHCP is not performing as expected across the network, the first thing you should check is the configuration on the DHCP server. 91_tcpip_08.qx 2/25/00 11:10 AM Page 426 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 427 If DHCP is not functioning at all, one thing to check is whether the DHCP service has been stopped. Windows NT administrators are used to stopping and starting services from the Services applet in Control Panel, but you won’t find that applet in Windows 2000 Server. Instead, right-click My Computer, choose Manage, and navigate down the tree in the left panel to expand Services and Applications. Select DHCP, right-click (or choose the Action menu), and select All Tasks. Here you can start, stop, pause, resume, or restart the service, as shown in Figure 8.10. NOTE Figure 8.10 Starting and stopping the DHCP service via the Computer Management MMC. As you can see in Figure 8.10, you can perform configuration tasks such as creating new scopes, reconciling scopes, defining classes from the Computer Management snap-in, and starting or stopping the service. 91_tcpip_08.qx 2/25/00 11:10 AM Page 427 [...]... Options There are four types of DHCP scope options, in increasing order of specificity: s s Server options Scope options 91_tcpip_08.qx 2/25/00 11:11 AM Page 4 37 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 4 37 s s Client options Class options Server options These are the default options that are applied to all scopes configured on a particular DHCP server You can use them to define... addressing serves little purpose NOTE Use the ipconfig command to determine whether a computer is using an APIPA address If the IP address being used by the computer is in the 169.254.x.x range, an APIPA-assigned address is being used 91_tcpip_08.qx 2/25/00 11:11 AM Page 4 47 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8 4 47 You may wish to disable APIPA, especially if your network... chapter 91_tcpip_08.qx 2/25/00 11:11 AM Page 444 444 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems Client Is Missing Configuration Information If the client was assigned an IP address by the DHCP server but did not properly receive additional configuration information, such as the DNS server address, ensure that the client supports the options and that the options have been properly... order of priority: 1 Specific client options are used before scope or global options 2 Scope options are used before Server options 91_tcpip_08.qx 2/25/00 11:11 AM Page 438 438 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems 3 Class options can override values assigned and set at the same context (server, scope, or client options) or the values that are inherited from options at a higher...91_tcpip_08.qx 2/25/00 11:10 AM Page 428 428 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems These tasks can also be performed from the DHCP MMC accessed through Administrative Tools; this can be confusing when you first start working with Windows 2000 Scopes and Address Pools In the context of DHCP, a scope is a group of consecutive IP addresses that can be allocated... Management Protocol (SNMP), as discussed in Chapter 5, “Using Network Monitoring and Troubleshooting Tools in Windows 2000, ” for 91_tcpip_08.qx 2/25/00 11:11 AM Page 440 440 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems monitoring of DHCP-related statistics There is a great deal of useful information available via the DHCP manager, including the number of DHCP Discover, Offer, Request,... have the same address 91_tcpip_08.qx 2/25/00 11:11 AM Page 436 436 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems 1 Type in a name for the reservation, the IP address to be reserved, and the physical (MAC) address of the computer for which you are reserving the address 2 The Description field is optional 3 You must choose the allowed client type (DHCP, BOOTP, or both) 4 Click ADD to... DHCP-related problem is the depletion of available IP addresses, so Windows 2000 allows you to set up a predefined point at which an alert will be sent informing you that the specified percentage of available IP addresses has been used (you can also configure a second notice to be sent when the addresses are all gone) The Windows 2000 DHCP management tool supports the Simple Network Management Protocol... so that the DHCP server does not have enough IP addresses to assign to all requesting DHCP clients Not activating the scope after defining it To activate the scope, right-click the scope you want to activate under DHCP in Computer Management, and select Activate, as shown in Figure 8.12 91_tcpip_08.qx 2/25/00 11:10 AM Page 430 430 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems Note... done during the creation of the 91_tcpip_08.qx 2/25/00 11:10 AM Page 432 432 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems Figure 8.14 You can change the lease duration for DHCP clients through the Scope Properties sheet scope Another option you have, which was not given by the New Scope Wizard, is to choose not to limit the duration of the DHCP leases In that case, clients will retain . other personnel are responsible for configuring TCP/IP properties on computers. NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 420 Troubleshooting Windows 2000 IP Addressing Problems • Chapter 8. four types of DHCP scope options, in increasing order of specificity: ■ Server options ■ Scope options WARNING NOTE 91_tcpip_08.qx 2/25/00 11:11 AM Page 436 Troubleshooting Windows 2000 IP Addressing. Offer NOTE NOTE 91_tcpip_08.qx 2/25/00 11:10 AM Page 423 424 Chapter 8 • Troubleshooting Windows 2000 IP Addressing Problems ■ DHCP Request ■ DHCP Acknowledgment The process is relatively simple. DHCP Discover When