Module 2: TCP/IP as a Solution for Networking Contents Overview Introducing TCP/IP Designing a Functional TCP/IP Solution Securing a TCP/IP Solution 20 Enhancing a TCP/IP Design for Availability 28 Optimizing a TCP/IP Design for Performance 29 Lab A: Designing a TCP/IP Solution 41 Review 47 Information in this document is subject to change without notice The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property  2000 Microsoft Corporation All rights reserved Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, JScript, MS-DOS, NetMeeting, PowerPoint, Visual Basic, Visual C++, Visual Studio, Win32, Windows, Windows Media, Windows NT, are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A and/or other countries/regions Project Lead: Don Thompson (Volt Technical) Instructional Designers: Patrice Lewis (S&T OnSite), Renu Bhatt NIIT (USA) Inc Instructional Design Consultants: Paul Howard, Susan Greenberg Program Managers: Jack Creasey, Doug Steen (Independent Contractor) Technical Contributors: Thomas Lee, Bernie Kilshaw, Joe Davies Graphic Artist: Kirsten Larson (S&T OnSite) Editing Manager: Lynette Skinner Editor: Kristen Heller (Wasser) Copy Editor: Kaarin Dolliver (S&T Consulting) Online Program Manager: Debbi Conger Online Publications Manager: Arlo Emerson (Aditi) Online Support: Eric Brandt (S&T Consulting) Multimedia Development: Kelly Renner (Entex) Test Leads: Sid Benevente, Keith Cotton Test Developer: Greg Stemp (S&T OnSite) Production Support: Lori Walker (S&T Consulting) Manufacturing Manager: Rick Terek (S&T OnSite) Manufacturing Support: Laura King (S&T OnSite) Lead Product Manager, Development Services: Bo Galford Lead Product Manager: Ken Rosen Group Product Manager: Robert Stewart Other product and company names mentioned herein may be the trademarks of their respective owners Module 2: TCP/IP as a Solution for Networking iii Instructor Notes Presentation: 60 Minutes Lab: 60 Minutes This module provides students with the information and decision-making experiences needed to design a Transmission Control Protocol/Internet Protocol (TCP/IP) solution in a Microsoft® Windows® 2000 networking infrastructure Students will recognize the appropriate IP address structures when designing a TCP/IP solution to meet the networking requirements of an organization At the end of this module, students will be able to:
Identify the features of TCP/IP in Windows 2000 and the functionality provided by those features
Recognize an IP address structure appropriate for private or public network TCP/IP functionality
Describe methods available to secure TCP/IP data traffic
Describe strategies to improve the availability of TCP/IP routing structures
Describe strategies for the efficient use of IP traffic data transmission Upon completion of the design lab, students will be able to design TCP/IP solutions that meet the networking requirements of a variety of organizations Course Materials and Preparation This section provides you with the required materials and preparation tasks that are needed to teach this module Required Materials To teach this module, you need the following materials:
Microsoft® PowerPoint® file 1562B_02.ppt Preparation Tasks To prepare for this module:
Review the contents of this module
Read any relevant information in the Windows 2000 Help files, the Windows 2000 Resource Kit, or in documents provided on the Instructor CD
Read any relevant RFCs in the Windows 2000 Help files
Be familiar with TCP/IP subnetting, supernetting, Classless Inter-Domain Routing (CIDR), and variable length subnet masks (VLSM)
Know how and where to obtain IP address blocks
Read the review questions and be prepared to elaborate beyond the answers provided in the text
Review the discussion material and be prepared to lead class discussions on the topics
Complete the labs and be prepared to elaborate beyond the solutions found there iv Module 2: TCP/IP as a Solution for Networking Module Strategy Use the following strategy to present this module
Introducing TCP/IP Provide an introduction to TCP/IP for creating network design solutions The purpose of this module is to lay the foundation for developing a Windows 2000 network In this section: • Provide a brief overview of the TCP/IP suite of protocols Assume that the students have experience with TCP/IP network infrastructures • Point out that the first step in designing a TCP/IP solution is to determine the number of hosts, the addressing structure needs, the number of subnets and routers, and the underlying network configuration • Emphasize the main features of TCP/IP that will assist the students in designing TCP/IP solutions Explain how the technology features provided by TCP/IP in Windows 2000 support business solutions
Designing a Functional TCP/IP Solution Provide an introduction to IP addressing and address schemes used for public and private Internets In this section: • Avoid spending too much time on explaining the fundamentals of routing, subnetting, and supernetting • Describe the use of addressing structures and subnet masks in IP addressing • Remind the students that public addresses use a direct routing path to the public network, whereas private addresses require translation before routing to the public network Describe IP addressing schemes for private networks • Describe the purpose of subnet masks and how IP devices determine the portions of an IP address that are used for routing and host addressing • Explain the manual allocation, DHCP manual, DHCP dynamic, and Automatic Private IP Addressing (APIPA) IP configuration methodologies used by network hosts
Securing a TCP/IP Solution When the TCP/IP data is sent on the network, unauthorized users can access it Discuss the methods for securing a TCP/IP solution In this section: • Explain how the use of filters in a TCP/IP design can control and block traffic • Present the use of encryption and authentication by using Internet Protocol Security (IPSec) Point out that IPSec provides data integrity and data encryption functions to improve security Module 2: TCP/IP as a Solution for Networking v • Describe the IPSec protection levels Emphasize that to reduce the CPU overhead associated with the provision of authentication and encryption, you must select the lowest level of protection that meets the security requirements • Point out that the exchange of authenticated and encrypted data between the peer computers that use IPSec, requires negotiation of the security keys
Enhancing a TCP/IP Design for Availability A TCP/IP network must be available for users to transfer data over the network In this section, discuss the use of redundant routers and links to enhance the availability of a TCP/IP design
Optimizing a TCP/IP Design for Performance Emphasize the fact that the performance of a TCP/IP network design focuses on the average length of time required to transmit an IP packet Discuss the strategies used to ensure efficient data transmission In this section: • Explain that dividing IP address ranges with variable length subnets, and combining IP address ranges by supernets, are the two methods of optimizing subnet designs • Describe how to recognize traffic patterns and performance factors to optimize IP performance on the network You can use the following information to explain optimization of IP performance: The characteristics of a wide area network (WAN) most likely to limit application performance are the available bandwidth and delay A designer may not be able to make the technology decisions, which affect the Maximum Transmission Unit (MTU) for a network, but the Receive Window Size may require adjustment to suit the Delay/Bandwidth product for links within a WAN Consider a latency sensitive traffic example On a 10 megabits per second (Mbps) local area network (LAN) segment where delay is essentially zero, consider a client to domain controller log on and an authentication transaction If the transaction requires 18 packets, with an average of 120 bytes per packet, and the domain controller processing overhead is 150 milliseconds (ms), a simple indication of the transaction time would be: (time_for_one_packet) * 18 + (DC_overhead) = Transaction_time (120*8*1/10*106)*18+150*10-3=151ms The transaction time here is dominated by the domain controller response times, so primarily the computers used limit performance This level of performance is typical in LAN-based environments vi Module 2: TCP/IP as a Solution for Networking If the same transaction occurred over a 256Kbps WAN link with 130ms roundtrip time (RTT) delay: (time_for_one_packet) * 18 + (9*Delay) + (DC_overhead) = Transaction_time (120*8*1/256*103)*18+(9*130*10-3)+150*10-3=1.24Secs The transaction time here is dominated by the delay time, so link speed and computer processing time have a reduced effect If this transaction is required as part of Web pages transacted over HTTPS, this authentication might occur many times and be the major component of the refresh time for a page, thereby rendering the application unacceptable when used across a WAN A design may be required to provide a domain controller at the remote site to bring the client performance to an acceptable level • Emphasize that remote networks require special consideration when you develop an IP addressing scheme Describe how to optimize remote subnets • Present Quality of Service (QoS) as a solution for optimizing the performance of a TCP/IP network • Remind the students that implementing QoS enables real-time programs to make the most efficient use of network bandwidth The goal of a QoS implementation is a guaranteed delivery system for network traffic, such as IP packets Module 2: TCP/IP as a Solution for Networking vii Lab Strategy Use the following strategy to present this lab Lab A: Designing a TCP/IP Solution This lab is designed to assist the student in assimilating the information presented in the workbook into a network design solution To evaluate a network solution, students are expected to have basic network design and technology implementation knowledge In this lab, students will design a TCP/IP solution based on specific requirements outlined in the given scenario Students review a set of requirements and read supporting materials They use the information from the module to develop a detailed design that uses TCP/IP as a solution for the scenario To conduct this lab:
Read through the lab carefully, paying close attention to the instructions and to the details of the scenario
Divide the class into teams of two or more students
Present the lab and make sure students understand the instructions and the purpose of the lab
Explain that the Design Worksheet is to be used to develop the design of their solution
Remind students to consider any functionality, security, availability, and performance criteria that are provided in the scenario, and to think about how they will incorporate strategies to meet these criteria in their design
Take the opportunity to assess each student’s comprehension of the design strategies presented in the module while students are completing the lab
Allow some time to discuss the solutions after the lab is completed A solution is provided on the Instructor CD Encourage students to critique each other’s solutions and to discuss any ideas for improving the designs Module 2: TCP/IP as a Solution for Networking Overview Slide Objective To provide an overview of the module topics and objectives Lead-in TCP/IP provides a suite of communication protocols as a solution for the connectivity requirements of an organization In this module, you will define the role of TCP/IP in a networking infrastructure and create a functional TCP/IP networking solution
Introducing TCP/IP
Designing a Functional TCP/IP Solution
Securing a TCP/IP Solution
Enhancing a TCP/IP Design for Availability
Optimizing a TCP/IP Design for Performance Organizations are facing a growing need for Internet connectivity, and connectivity between dissimilar operating systems and hardware platforms spread over large geographic distances Because Transmission Control Protocol/Internet Protocol (TCP/IP) operates on a wide variety of physical networks and can be scaled to suit small to large networks, it is the only protocol that can meet the requirements of these organizations At the end of this module, you will be able to:
Identify the features of TCP/IP in Microsoft® Windows® 2000 and the functionality provided by those features
Recognize the IP address structure appropriate for private or public network TCP/IP functionality
Describe methods available to secure TCP/IP data traffic
Describe strategies to improve the availability of TCP/IP routing structures
Describe strategies for efficient use of IP traffic data transmission Module 2: TCP/IP as a Solution for Networking
Introducing TCP/IP Slide Objective To define the role of TCP/IP in a network and review the features that support that role Lead-in TCP/IP operates on a wide variety of physical networks and can be scaled to suit small to large networks
TCP/IP Protocol Suite
Design Decisions for a TCP/IP Solution
TCP/IP Features TCP/IP operates on a wide variety of physical networks and can be scaled to suit small to large networks IP is the protocol used for communications on public networks such as the Internet To design a TCP/IP network infrastructure, you need to:
Describe the components of the TCP/IP protocol suite
Determine the design decisions influencing a TCP/IP solution
Describe the features and functionality provided by TCP/IP in Windows 2000 ... infrastructure and create a functional TCP/IP networking solution
Introducing TCP/IP
Designing a Functional TCP/IP Solution
Securing a TCP/IP Solution
Enhancing a TCP/IP Design for Availability... as IP packets Module 2: TCP/IP as a Solution for Networking vii Lab Strategy Use the following strategy to present this lab Lab A: Designing a TCP/IP Solution This lab is designed to assist... organizations Course Materials and Preparation This section provides you with the required materials and preparation tasks that are needed to teach this module Required Materials To teach this module,