Network News Transfer Protocol
Because Network News Transfer Protocol (NNTP) is growing in popularity, it would be wise for us to take a brief look at the architecture of this protocol. We'll then discuss the more pragmatic aspects of administering NNTP on your network.
NNTP Architecture
NNTP specifies a way to distribute, query, retrieve, and post news articles on the Internet. A client wanting to retrieve a subset of articles from the database is called a subscriber. NNTP allows a subscriber to request a subset of articles rather than requiring the retrieval of all articles from the database. Before NNTP was developed, two methods of distributing news items were popular: Internet mailing lists and the Usenet news system.
An Internet mailing list, commonly known as a list server, distributes news by the use of distribution e-mail lists. A subscriber sends a message to the distribution list, and the message is e-mailed to all of the members of the list. But sending a separate copy of an e-mail to each subscriber can consume a large amount of disk space, bandwidth, and CPU resources. In addition, it can take from several minutes to several hours for the message to be fully distributed, depending on the size of the list and the physical resources available to propagate it. Maintaining the subscriber list also involves significant administrative effort, unless a third-party program is used to automate this function.
Storing and retrieving messages from a central location instead of sending an email to each subscriber can significantly reduce the use of these resources. The Usenet news system provides this alternative. In addition, Usenet allows a subscriber to select only those messages he or she wants to read and also provides indexing, cross-referencing, and message expiration.
NNTP is modeled on the Usenet news specifications in RFC 850, but it is designed to make fewer demands on the structure, content, and storage of the news articles. It runs as a background service on one host and can accept connections from other hosts on the LAN or over the Internet.
When a subscriber connects to an NNTP server, the subscriber issues the NEWSGROUPS command to determine whether any new newsgroups have been created on the server. If so, the server notifies the subscriber and gives the subscriber the opportunity to subscribe to the new newsgroups. After this, the subscriber is connected to the desired newsgroup and can use the NEWNEWS command to ask the server whether any new articles have been posted since the subscriber's last connection. The subscriber receives a list of new articles from the server and can request transmission of some or all of those articles. Finally, the subscriber can either reply to a news article or post a new article to the server by using the POST command.
NNTP uses TCP for its connections and SMTP-like commands and responses. The default TCP port for NNTP is 119. An NNTP command consists of a command word followed in some cases by a parameter, and commands are not case sensitive. Each line can contain only one command and may not exceed 512 characters, including spaces, punctuation, and the trailing CR–LF (carriage return/line feed) command. Commands cannot be continued on the next line.
Responses from the server can take the form of a text response or a status response. Text responses are displayed in the subscriber's client program, whereas status responses are interpreted by the client program before any display occurs.
Each status response line begins with a three-digit numeric code. The first digit of the response indicates the success, failure, or progress of the previous command. Table 17-5 lists the meaning of different values for the first digit. The second digit in the code indicates the function response category. These categories are listed in Table 17-6. The third digit indicates the specific response.
Table 17-5. Meaning of first digit of status response code
| First Digit | Meaning |
|---|---|
| 1xx | Informative message |
| 2xx | Command OK |
| 3xx | Command OK so far; send the rest of it |
| 4xx | Command was correct but couldn't be performed for some reason |
| 5xx | Command not implemented or incorrect or a serious program error occurred |
Table 17-6. Meaning of second digit of status response code
| Second Digit | Meaning |
|---|---|
| x0x | Connection, setup, and miscellaneous messages |
| x1x | Newsgroup selection |
| x2x | Article selection |
| x3x | Distribution functions |
| x4x | Posting |
| x8x | Nonstandard (private implementation) extensions |
| x9x | Debugging output |
In general, the 2xx codes are sent upon initial connection to the NNTP server, depending on the posting permissions. Code 400 is sent when the NNTP server discontinues service, and the 5xx codes indicate that the command could not be performed for some unusual reason. Table 17-7 lists some common codes you might encounter when troubleshooting NNTP connections.
Table 17-7. Common NNTP status response codes
| Code | Meaning |
|---|---|
| 100 | Help text |
| 190-199 | Debug output |
| 200 | Server ready; posting allowed |
| 201 | Server ready; no posting allowed |
| 400 | Service discontinued |
| 500 | Command not recognized |
| 501 | Command syntax error |
| 502 | Access restriction or permission denied |
| 503 | Program fault; command not performed |
NNTP Commands
It isn't possible here to go into detail about each NNTP command. However, several of the commands that you will see in both the event log and the output log file are worth describing in case you ever need to troubleshoot an NNTP connection. Figure 17-16 illustrates some of these commands.
Figure 17-16. Log file for NNTP service.
The ARTICLE, BODY, HEAD, and STAT commands refer to the retrieval and transmission of a news article. The HEAD and BODY commands are identical to the ARTICLE command, except that they return either the header lines (HEAD) or the body text (BODY) of the article. No text is returned with the STAT command. Instead, this command returns the message ID to the subscriber.
The ARTICLE command has two forms: one that is followed by the message ID of the article to display and one that is followed by either a parameter or no parameter. In the first form, the ARTICLE command displays the header, a blank line, and then the body text of the specified article. The subscriber obtains the message ID from a list that is provided in response to the NEWNEWS command.
The second form of the command, ARTICLE <message-id>, displays the header, a blank line, and then the body text of the message. The subscriber chooses the message number from the range of articles provided when the newsgroup was selected. If the number is omitted, the current article is assumed. Some of the error responses that might occur with this command include the following:
- "420 no current article has been selected"
- "423 no such article number in this group"
- "430 no such article found"
The GROUP command must be followed by the name of a newsgroup. Newsgroup names are not case sensitive. If the group requested no longer exists, the subscriber receives the error message "411 no such news group." If the requested group does exist, the subscriber receives the article numbers of the first and last articles in the group, along with an estimate of the number of articles in the group. This number is not guaranteed to be accurate.
The LIST command returns a list of valid newsgroups and associated information. Each newsgroup is sent as a line of text that looks like this:
<group> <last> <first> <p>
where
<group> is the name of the newsgroup
<last> is the number of the last known article currently in that newsgroup
<first> is the number of the first article currently in the newsgroup
<p> is either "y" or "n," where "y" indicates that posting is allowed and "n" indicates that posting is not allowed
It may be possible to receive a "y" in the <p> portion of the response and still not be able to post to that newsgroup because the newsgroup either is moderated, is restricted, or has gone offline for some reason.
The NEWSGROUPS command is followed by the date and then the time and then an optional <distributions> parameter. It lists newsgroups that have been created since the date and time specified. The date is specified as six digits in the yymmdd format. For the year, the closest century is assumed as the first two digits. Hence, 86 would mean 1986, and 30 would mean 2030. The time parameter is sent as six digits in hhmmss format, with the hours calculated on a 24-hour time clock. The time zone is assumed to be the server's time zone unless the token GMT appears, in which case both the date and the time are evaluated at the 0 meridian.
The optional <distributions> parameter is a list of distribution groups. For instance, the distribution portion of net.oaktree is "net." This parameter causes the distribution portion of the article to be examined for a match with the distribution groups listed. Only those that match the specified groups will be listed.
Administering NNTP
NNTP in Exchange 2000 Server is used to create asynchronous group discussions. You can configure it to communicate with external NNTP servers to make popular Usenet groups available internally to your users. NNTP in IIS replaces the Internet News Service in Exchange Server 5.5. When you install Exchange 2000 Server, it enhances NNTP in Windows 2000, giving it the ability to communicate with other news servers through newsfeeds.
You can create multiple NNTP servers within your organization in a master-subordinate layout. This enables clients to connect to a collection of servers and still maintain accurate views of newsgroup content. Creating a collection of servers provides scalability for a large user base, such as an ISP, and fault tolerance if a subordinate server should go offline.
Even though the master server controls the article numbers and maintains synchronization with the subordinate servers, clients always connect to the subordinate news server. DNS configuration automatically distributes the client load equally across subordinate servers. Since each subordinate server provides a newsfeed to the master server, a newly posted article will first be sent to the master server and will not appear on the subordinate server until the master server sends the article to all subordinate servers.
REAL WORLD Setting Up a Master-Subordinate NewsfeedTo set up a master-subordinate newsfeed, perform the following steps:
- Create the newsgroup on the master server.
- Create the newsgroups on the subordinate servers.
- Create a newsfeed from the master server to each subordinate server.
- Create a newsfeed from each subordinate server to the master server.
Configuring an NNTP Virtual Server
To configure the NNTP virtual server, in the Exchange System snap-in navigate to your server object, expand the Protocols container and then the NNTP container; right-click the default virtual server. Figure 17-17 shows the General tab of the NNTP virtual server's property sheet.
Figure 17-17. General tab of an NNTP virtual server's property sheet.
By default, an NNTP server communicates over TCP port 119 or via Secure Sockets Layer (SSL) using TCP port 563. When multiple virtual NNTP servers are present, each must be assigned a unique IP address and/or TCP/SSL port combination.
The default number of connections to an NNTP server from other NNTP hosts is 5000. Adjust this number based on your server's resources and the number of concurrent NNTP connections you expect. The Path Header text box enables you to specify the name of the server to append to the NNTP path header. The default is the fully qualified domain name (FQDN) of the computer. A client can examine the path header to see the route a message has traveled from a source client through various news servers to the destination news server.
The Settings tab allows you to set limits on articles that are posted and to enable control messages and moderated newsgroups (Figure 17-18). This tab also allows you to prevent other servers from pulling articles from this server. The default is to allow them to do so.
Control messages are used by NNTP hosts to communicate with one another, to create and remove newsgroups, and to cancel messages that have already been posted. For example, if you create a new newsgroup, the host providing the newsfeed sends a control message to hosts receiving the newsfeed, indicating that a new newsgroup has been created. NNTP then uses this information to determine whether a new newsgroup should be added under the newsgroup object.
Figure 17-18. Settings tab of an NNTP virtual server's property sheet.
The Administrator E-Mail Account text box on the Settings tab lets you specify an e-mail address that will receive NDRs when messages are not successfully delivered to the newsgroup moderator. To enable the sending of NDRs, create a new DWORD value named MailFromHeader with a value of 1 in the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NntpSvc\Parameters\.
NNTP Server Objects
Listed underneath the NNTP virtual server in the Exchange System scope pane are five objects, as shown in Figure 17-19. Let's take a brief look at each one.
Figure 17-19. NNTP server objects.
The Newsgroups object lists the newsgroups that are currently configured on this server, plus the three control newsgroups.
The Feeds object lists inbound and outbound feeds. You set up each feed with a wizard that asks, in part, which role you want the feed to play: Peer, Master, or Slave. By default, each feed uses "*" as a wildcard to denote that all newsgroups on the remote server will be involved with the feed. You can enter individual newsgroups manually if you're interested only in a subset of the newsgroups on the remote server.
By right-clicking the Expiration Policies object, pointing to New, and then choosing Expiration Policy, you can run through a simple wizard to specify how long newsgroup messages should be retained. The time interval is set in hours and can be a maximum of 9999 hours, or just under 14 months.
The Virtual Directories object allows you to set up a virtual root and then map that root to a file system, a remote share, or an Exchange public folder database (Figure 17-20). Start the wizard by right-clicking the Virtual Directories container, pointing to New, and then choosing Virtual Directory. This wizard allows you to select a different server to which this virtual root will write. Using this option, you can have the root written to the file system of a remote server.
Figure 17-20. Mapping a virtual root to a file system.
Finally, you can monitor users' current sessions with the Current Sessions object. Simply highlight the Current Sessions object to see all of the users who are engaged in a current session with this NNTP virtual server listed in the details pane. From here, you can forcibly disconnect individual users by right-clicking the user and choosing Terminate. You can forcibly disconnect all users at once by right-clicking any user in the list and choosing Terminate All.
EAN: N/A
Pages: 193