Section 5.1. Implementing, Managing, and Maintaining IP Addressing

5.1. Implementing, Managing, and Maintaining IP Addressing

For computers to communicate on a network, they must be configured with a communications protocol. Transmission Control Protocol/Internet Protocol (TCP/IP) is the primary communications protocol used by networked Windows computers. TCP/IP is a protocol suite, consisting of two separate protocols:

TCP

A connection-oriented protocol for end-to-end communications.

IP

An internetworking protocol for routing packets over a network.

During installation of Windows XP Professional or Windows Server 2003 computers, TCP/IP is automatically configured if the operating system detects a network adapter.

The default configuration for both Windows XP Professional and Windows Server 2003 computers is to automatically obtain an IP address from a DHCP server. IP addresses automatically obtained from a DHCP server are referred to as dynamically assigned IP addresses , or simply, dynamic IP addresses . Two other types of IP addresses are used:

Static IP addresses

Addresses manually assigned to computers. Although some types of servers, including DHCP servers, require static, IP addressing most other servers can use either static or dynamic IP addressing.

Automatic private IP addresses (APIPA)

Addresses used when a computer is configured for DHCP but no DHCP server is available. APIPA is also used when a DHCP IP address expires and cannot be renewed.

Regardless of whether IP addressing is assigned manually, dynamically, or automatically, the goal is the same: to allow a computer to communicate on a network. The sections that follow examine installing, configuring, and troubleshooting TCP/IP addressing as well as managing and troubleshooting DHCP. When computer names are used, name resolution is critical to proper functioning of TCP/IP communications. A computer must be able to look up the IP address associated with a computer name, referred to as a forward lookup, or determine the computer name based on an IP address, referred to as a reverse lookup. On Windows Server 2003 domains, DNS is the primary name resolution service.

5.1.1. Installing TCP/IP

As part of setup, TCP/IP is configured if the operating system detects a network adapter. Each network adapter installed on a computer has an associated Local Area Network connection. The default name of the first network adapter's connection is Local Area Connection. If for some reason TCP/IP isn't installed or has been uninstalled, you may need to install TCP/IP by completing the following steps:

1. Click Start Control Panel Network Connections Local Area Connection.

2. Scroll down through the list of protocols used by the connection. If Internet Protocol (TCP/IP) is not listed, click Install.

3. Select Protocol, and then click Add.

4. In the Select Network Protocol dialog box, click Internet Protocol (TCP/IP) and then click OK.

5. Internet Protocol (TCP/IP) is installed and enabled in the default configuration.

6. Click Close.

5.1.2. Configure TCP/IP Addressing on a Server Computer

Server computers can be assigned static or dynamic IP addresses. If DHCP is configured but no DHCP server is available, the server will use APIPA. APIPA is also used when a DHCP IP address expires and cannot be renewed. Administrators have full control over how static, dynamic, and Automatic Private IP Addressing is used. In all three configurations, TCP/IP addressing can use:

An IP address

IP addresses identify computers by their associated network ID and host ID components. Address classes are used to subdivide the IP address space.

A subnet mask

Identifies which parts of the IP address belong to the network ID and which parts belong to the host ID. Subnets can be used to make more efficient use of IP address space by sizing networks appropriately for the number of nodes used.

A default gateway

Identifies the IP address of the router that will act as the computer's gateway. Proper gateway configuration is essential for communications between networks.

Preferred and alternate DNS server

Identifies the IP address of the preferred and alternate DNS servers to use for name resolution. Proper DNS configuration is essential for name resolution.

5.1.2.1. Understanding IP addressing

IP addresses are public or private. Public IP addresses are routable over the Internet and must be assigned by Internet service providers (ISPs). Private IP addresses are reserved for use on internal networks and are not routed over the public Internet. If you're connecting a computer directly to the Internet and have been assigned an IP address, you can use a public IP address. Otherwise, you should use a private IP address, preferably assigned by your organization's network administrator.

The available IP addresses are divided into network class ranges. For TCP/IP version 4, the standard classes are Class A, Class B, and Class C. These network classes are used with unicast IP addresses; which class you use is based on the anticipated number of networks and hosts per network.

TCP/IP version 4 IP addresses are comprised of sets of 32-bit numbers. When you assign IP addresses, each 8-bit section, or octet, of this 32-bit number is entered in decimal format with each set of numbers separated by periods. With Class A networks, the first octet identifies the network and the last three octets identify the computers on the network, allowing millions of hosts but a small number of networks. With Class B networks, the first and second octet identify the network and the last two octets identify the computers on the network, allowing an equal number of networks and hosts. With Class C networks, the first three octets identify the network and the last octet identifies the computers on the network, allowing many networks and relatively few hosts per network.

Table 5-1 provides an overview of private IP addresses by class. The first and last IP address of a subnet are not usable and cannot be assigned to client computers. The first IP address of a subnet is the network ID. The last IP address of a subnet is the network's broadcast address. With standard network configurations, the network ID is the .0 address of the subnet, such as 192.168.1.0, and the broadcast address is the .255 address of the subnet, such as 192.168.1.255.

When assigning IP address ranges, you'll need to specify how many bits of an IP address to use for the network ID and how many bits to use for the host ID. Table 5-2 shows the standard bit lengths and network masks for Class A, B, and C networks.

Some organizations use subnetting to subdivide networks and create additional logical networks within standard network class ranges. When you use subnetting, the standard class rules for which bits apply to the network ID and which bits apply to the host ID are determined by the subnet mask. For example, you might want to subnet so that the first 26 bits refer to the network ID and the final 6 bits refer to the host ID. This allows you to have 1,024 subnets with up to 62 hosts per subnet.

Many experienced network administrators use a prefix notation when referring to IP addresses where the network ID is followed by the number of bits in the network ID. So, for example, rather than writing or saying that the network 192.168.1.0 has a network mask of 255.255.255.0, you could say the network 192.168.1.0 is a slash 24 network. This is written in network prefix notation as:

 192.168.1.0/24 

5.1.2.2. Configuring static IP addressing

You can configure a static IP address by editing the TCP/IP properties for the computer's network adapter. To access the TCP/IP properties of the Local Area Connection and configure them, follow these steps:

1. Click Start Control Panel Network Connections Local Area Connection.

2. Click Internet Protocol (TCP/IP) and then select Properties. Be careful not to clear the checkbox. Scroll down through the list of protocols used by the connection if necessary.

3. Select the Use The Following IP Address radio button, and then type the IP address in the IP Address field (see Figure 5-1). The IP address must not be used anywhere else on the network.

4. Windows inserts a default value for the subnet mask into the Subnet Mask field. As necessary, change this to what is used on your subnet.

5. Type the IP address of the default gateway.

6. Type the IP addresses of the preferred and alternate DNS servers.

7. Click OK twice to close all open dialog boxes and apply the changes.

Figure 5-1. Configuring static TCP/IP settings.

5.1.2.3. Configuring dynamic IP addressing

Dynamic IP addressing is the default configuration for Windows XP Professional and Windows Server 2003. When a computer uses DHCP, the IP address settings are obtained automatically from a DHCP server. Settings for DNS can be obtained automatically as well. This is the default setting.

You can determine whether a computer is using dynamic addressing and which DHPC server is being used by typing ipconfig /all at a command prompt. If DHCP is enabled, the output from this command shows the current IP addressing configuration, including details on the DHCP server and IP address lease from this server.

To configure a computer to use DHCP, follow these steps:

1. Click Start Control Panel Network Connections Local Area Connection.

2. Click Internet Protocol (TCP/IP) and then select Properties. Be careful not to clear the checkbox. Scroll down through the list of protocols used by the connection if necessary.

3. Select the Obtain An IP Address Automatically radio button (see Figure 5-2).

   Figure 5-2. Configuring dynamic IP addressing.

   

4. To obtain DNS settings automatically from the DHCP server, select the Obtain DNS Server Address Automatically radio button. Otherwise, select the Use The Following DNS Server Addresses radio button and provide the IP addresses of the preferred and alternate DNS servers.

5. Click OK twice to close all open dialog boxes and apply the changes.

5.1.2.4. Configuring Automatic Private IP Addressing

When DHCP is configured but not available or the client lease is expired and cannot be renewed, clients use Automatic Private IP Addressing. With APIPA, clients assign themselves an IP address in the range 169.254.0.1-169.254.255.254 with a subnet mask of 255.255.0.0. An IP address and subnet mask are the only IP addressing assigned to the computer, limiting its communications; through broadcasts within the local subnet, the computer periodically checks for an available DHCP server (every five minutes). You can also specify user-configured APIPA, which allows an alternate configuration to be used when DHCP isn't available.

You can determine whether a computer is using automatic private addressing by typing ipconfig /all at a command prompt. If DHCP is enabled and the IP address is in the range 169.254.0.1-169.254.255.254, the computer is using APIPA.

To review or set a computer's alternate configuration, follow these steps:

1. Click Start Control Panel Network Connections Local Area Connection.

2. Click Internet Protocol (TCP/IP) and then select Properties. Be careful not to clear the checkbox. Scroll down through the list of protocols used by the connection if necessary.

3. Click the Alternate Configuration tab as shown in Figure 5-3.

   Figure 5-3. Use the default alternate configuration or define your own alternate configuration.

   

4. Select the Automatic Private IP Address radio button to use the default alternate configuration.

5. Select the User Configured radio button and then provide an alternate IP address, subnet mask, default gateway, and DNS servers as necessary.

6. Click OK twice to close all open dialog boxes and apply the changes.

5.1.3. Troubleshooting TCP/IP Addressing

As you've seen, implementing and managing TCP/IP from a client perspective is fairly straightforward. Each computer needs to be assigned an IP address to communicate on the network. This IP address can be manually assigned, dynamically assigned by a DHCP server, or automatically assigned when DHCP is configured and not available. The subnet mask tells the computer the bounds of its environmenti.e., which bits of the IP address belong to the network ID and which bits belong to the host ID. To communicate between subnets, the computer uses a gateway. To resolve computer names, the computer uses DNS.

When computers can't connect to each other or communicate over the network, the likely culprit is the TCP/IP configuration. To successfully troubleshoot TCP/IP addressing issues, administrators need a strong understanding of the common problems and the probable resolution for those problems.

5.1.3.1. Diagnosing and resolving issues related to APIPA

Automatic Private IP Addressing (APIPA) is designed to ensure that computers that are configured to use dynamic IP addressing are in fact assigned an IP address when DHCP is configured but not available. The default configuration limits the computer's communications to the local subnet. This occurs because the computer is configured with an IP address and subnet mask but without a gateway.

By default, the computer will check for a DHCP server by sending a DHCP Discover message every five minutes. If the computer gets a DHCP Offer back from a DHCP server, the computer then sends a DHCP Request to the server. When the computer gets back a DHCP Acknowledgment, it will use the IP address configuration sent by the DHCP server.

When APIPA is configured and a problem occurs with networking, the computer's network connection may be left in one of three states:

• No address with or without an associated error message.

• An all zeros address.

• A nonzero IP address outside the defined APIPA range.

As odd as it may seem, APIPA requires an active network connection (in most cases) for automatic configuration to work properly. If the network cable to the computer is disconnected or improperly connected, the computer may not be assigned an IP address. When you type ipconfig /all at a command prompt, you may see an error stating "Media Disconnected," such as:

 Windows IP Configuration         Host Name . . . . . . . . . . : engws102         Primary Dns Suffix  . . . . . :         Node Type . . . . . . . . . . : Hybrid         IP Routing Enabled. . . . . . : No         WINS Proxy Enabled. . . . . . : No         DNS Suffix Search List. . . . : domain.local Ethernet adapter Local Area Connection:         Media State . . . . . . . . . : Media disconnected         Description . . . . . . . . . : Intel(R) PRO/100 VE Network Connection         Physical Address. . . . . . . : 81-34-2E-4B-CD-E8         Dhcp Enabled. . . . . . . . . : No         Autoconfiguration Enabled . . : No         IP Address. . . . . . . . . . : 192.168.0.102         Subnet Mask . . . . . . . . . : 255.255.255.0         Default Gateway . . . . . . . : 192.168.0.1         DNS Servers . . . . . . . . . : 192.168.0.52                                         192.168.0.62 

The media may be disconnected at either end of the network cable. To resolve the problem, check the network cable connected to the computer and then type ipconfig /all again. If this doesn't resolve the problem, you may have a faulty cable, hub, switch, or network interface card.

If typing ipconfig /all doesn't provide a configuration summary, the network adapter may be disabled or faulty. If typing ipconfig /all shows an IP address of all zeros, the likely reason is that the dynamic IP address was released using ipconfig /release and was not renewed. You can attempt to renew the IP address by typing ipconfig /renew at a command prompt. If the all zeros address isn't cleared, then APIPA may be disabled in the Registry.

On Windows 2000 or later, you can disable APIPA by creating the IPAutoconfigurationEnabled as a DWORD value-entry under HKEY_LOCAL_MACHINE System CurrentControlSet Services Tcpip Parameters Interfaces AdapterGUID, where AdapterGUID is the globally unique identifier (GUID) for the computer's network adapter. Set the value to 0x0 to disable APIPA. Set the value to 0x1 to enable APIPA. After you change this Registry entry, you must restart the computer.

If typing ipconfig /all shows an IP address outside the defined APIPA range, the computer may have dynamic addressing from a previous location or it may have a user-defined alternate configuration. You can resolve the incorrect dynamic IP addressing issue by typing ipconfig /release, and then typing ipconfig /renew at a command prompt. You can determine whether the computer has a user-defined alternate configuration by checking the Internet Protocol (TCP/IP) properties of the network adapter.

5.1.3.2. Diagnosing and resolving issues related to incorrect TCP/IP configuration

Although configuring TCP/IP is fairly straightforward, diagnosing and resolving issues related to incorrect configurations isn't always. The two biggest issues you'll see have to do with the computer's network cable and network configuration.

With static IP addressing, the computer is assigned the designated IP address as long as the network adapter is active. If typing ipconfig /all doesn't provide a configuration summary, the network adapter may be disabled or faulty. If you see an error stating "Media Disconnected," the media may be disconnected at either end of the network cable. To resolve the problem, check the network cable connected to the computer and then type ipconfig /all again. If this doesn't resolve the problem, you may have a faulty cable, hub, switch, or network interface card.

With any type of IP addressing configuration, improper settings will cause communications problems. Some of the problems and symptoms are as follows:

Invalid gateway configuration

Computer may be able to communicate on local subnet but not across subnets. Computer won't be able to access resources in other subnets or connect to computers in other subnets.

Invalid IP address

Except for broadcast communications, computer may not be able to communicate on local subnet or across subnets.

Invalid subnet mask

Computer may not know appropriate subnet boundaries and may not route communications through a gateway when it should.

Invalid DNS configuration

Computer may not be able to use name resolution or may fail to resolve computer names.

Invalid WINS configuration

Windows Internet Naming Service (WINS) is used with pre-Windows 2000 computers and resources. Computer may not be able to resolve NetBIOS computer names and therefore may not be able to communicate with pre- Windows 2000 computers and resources.

You should use ipconfig /all to determine the computer's IP addressing configuration. If you notice incorrect settings, configure the appropriate settings using the Internet Protocol (TCP/IP) properties of the network adapter. Some problems with DNS can be caused by caching of old DNS records. You can use the following commands to diagnose and resolve DNS caching issues:

ipconfig /displaydns

Displays the entries in the DNS cache.

ipconfig /flushdns

Purges the entries in the DNS cache.

ipconfig /registerdns

Refreshes all leased IP addresses and re-registers DNS for these entries.

Duplicate IP addressing can cause problems as well. With unicast IP addresses, only one computer on a subnet can use an IP address. Unlike earlier versions of Windows, Windows XP Professional and Windows Server 2003 display warning prompts if a computer is using the same IP address as another computer. Before assigning a computer an IP address, you can determine whether an IP address is in use by:

1. Opening a command prompt on a computer with a working and valid IP address configuration.

2. Typing ping, followed by the IP address, such as: ping 192.168.1.15.

3. If you receive a reply from the IP address, it is in use.

Provided that the ping requests are not being blocked by firewalls or proxy servers, ping can also be used to determine if a computer can connect to another computer. If you ping an IP address that is valid and should be reachable, and you get a response of "could not find host" or "request timed out," there may be a IP addressing configuration problem or there may be a problem with the physical network or cabling. Here is an example of an unsuccessful ping:

 Pinging 192.169.25.2 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.169.25.2:     Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), 

Address Resolution Protocol (ARP) is used to lookup hardware MAC addresses. After TCP/IP uses ARP to determine a hardware MAC address, the client computer stores the IP-to-MAC address details in its local ARP cache. You can view the ARP cache contents by typing arp -a at a command prompt. You can clear the ARP cache by typing arp -d at a command prompt. If a computer's network adapter has just been changed, the old hardware MAC address will be stored by computers on the network. Dynamic entries in the ARP cache are automatically aged out after two minutes. However, you can clear the cache prior to this time or at any time if the cache isn't cleared for some reason.

Other commands you can use for troubleshooting include tracert and pingpath. Both tools are useful when you suspect there is a problem with the physical network between the computer you are working with and the one you are trying to reach. The results of tracert will indicate the specific point along the communications path where failure occurs. If the tracert fails at a router or gateway, this can indicate a problem with the router or gateway. The results of pingpath are essentially a combination of ping and tracert. Again, the results can help you identify a point of failure along the communications path.

The Windows Support Tools include Netdiag for performing comprehensive network diagnostics and end-to-end connectivity testing. To run Netdiag, type neTDiag at a command prompt. Netdiag will then test:

• Current configuration status

• Autoconfiguration status

• Default gateway settings

• Domain membership

• IP loopback

• DNS

• DC discovery

• DC list

• Kerberos

• LDAP

• Bindings

Test results are given as Passed, Failed, or Skipped. Some tests are skipped by default. Any test can be performed individually using the form:

 netdiag /test:TestName 

For example:

 netdiag /test:dns 

Here is an example of a failed DNS test:

 DNS test . . . . . . . . . . . . . : Failed           [WARNING] Cannot find a primary authoritative DNS server for the                name             'corpsvr21.cpandl.com.'. [WSAEADDRNOTAVAIL           ]             The name 'corpsvr21.cpandl.com.' may not be registered in DNS.           [WARNING] Cannot find a primary authoritative DNS server for the                name             'corpsvr21.cpandl.com.'. [ERROR_TIMEOUT]             The name 'corpsvr21.cpandl.com.' may not be registered in DNS.           [WARNING] Cannot find a primary authoritative DNS server for the                name             'corpsvr21.cpandl.com.'. [WSAEADDRNOTAVAIL           ]             The name 'corpsvr21.cpandl.com.' may not be registered in DNS.           [WARNING] Cannot find a primary authoritative DNS server for the                name             'corpsvr21.cpandl.com.'. [ERROR_TIMEOUT]             The name 'corpsvr21.cpandl.com.' may not be registered in DNS.     [WARNING] The DNS entries for this DC are not registered correctly on DNS server '0.0.0.0'. Please wait for 30 minutes for DNS server replication.     [FATAL] No DNS servers have the DNS records for this DC registered. 

As shown, the output provides sufficient detail to help you diagnose and resolve the problem. In this example, DNS is not properly configured for the domain.