Forcing IP down the Throat of Windows 2003

Configuring TCP/IP on Windows 2003 can range from simple to complex. We review the simple process and discuss a few advanced items. For complex configurations, consult a reference such as the Windows Server 2003 Resource Kit or TechNet.

Three basic items are always required for configuring TCP/IP:

IP address
Subnet mask
Default gateway

With just these three items, you can connect a client or server to a network. The protocol is configured on the Internet Protocol (TCP/IP) Properties dialog box. To access this dialog box, follow these steps:

Choose Start Control Panel Network Connections Local Area Connection.
Click Properties.

The Local Area Connection Properties dialog box appears.
In the list of installed components , select Internet Protocol (TCP/IP).
Click Properties to open the Internet Protocol (TCP/IP) Properties dialog box (see Figure 14-2).

Figure 14-2: The Internet Protocol (TCP/IP) Properties dialog box.

If TCP/IP is not already installed, follow these steps:

In the Local Area Connection Properties dialog box, click Install.

The Select Network Component Type dialog box appears.
Select Protocol, and then click Add.

The Select Network Protocol dialog box appears.
Select Internet Protocol (TCP/IP), and then click OK.
If prompted, provide a path to the distribution CD.
Provide the configuration details as discussed later in this section.

The Internet Protocol (TCP/IP) Properties dialog box offers fields for defining the three IP configuration basics. Note the selection to obtain an IP address automatically. This setting configures the system to request IP configuration from a Dynamic Host Configuration Protocol (DHCP) server. Because most servers don't work well using dynamic IP addresses, you may want to define a static IP address for your Windows Server 2003 instead of using DHCP. You'll either obtain a public IP address from your ISP or use a private IP address from one of the reserved address ranges defined in RFC 1918.

You must also calculate a subnet mask for your network (that is, as long as you're not using DHCP). Here again, you may obtain this from your ISP if you're using public IP addresses, or you may calculate your own if you're using private IP addresses. In most cases where private IP addresses are used, the default subnet mask for the address class should work without alteration or additional calculations.

Finally, you must also provide a default gateway address for your server (unless you just don't want this system to communicate with other hosts outside of its subnet). The default gateway should be the address of the router on the local subnet to which the server is attached that can forward outbound traffic to other network segments. On networks using public IP addresses, this is probably a router, firewall, or proxy server that connects the local subnet to other subnets or to the Internet. On networks using private IP addresses, this is usually the machine on which the proxy and NAT software resides, which mediates between the local subnet and an Internet connection.

The Internet Protocol (TCP/IP) Properties dialog box also offers fields to configure Domain Name Service (DNS). For the most part, you can leave these blank at least for now. We talk more about DNS in the "DNS Does the Trick" section later in this chapter.

After you define an IP address, a subnet mask, and a default gateway, click OK, and then close all the windows you've opened and reboot. That's all there is to basic TCP/IP configuration on Windows 2003!

More complex configurations become necessary when your network is larger and, therefore, more complicated. To deal with such complexity, you have to do some advanced work. Click the Advanced button in the Internet Protocol (TCP/IP) Properties dialog box to reveal the Advanced TCP/IP Settings dialog box, complete with its four tabs. The tabs (along with brief descriptions) are as follows :

IP Settings: This tab allows you to define multiple IP address and subnet mask combinations for a single NIC. You can define also additional default gateways, as well as an interface metric, which is used by routers (or the routing service of Windows 2003) to determine which path to send data to - the path with the lowest metric is used first.
DNS: This tab allows you to define additional DNS servers - the one or two you defined on the Internet Protocol (TCP/IP) Properties dialog box appears here as well, so don't get confused . In addition, you can specify how to search or resolve issues based on DNS server, DNS domain, and DNS parent domains. The two check boxes at the bottom of the DNS tab allow you to use dynamic registration to automatically add your server's IP address and domain name to your local DNS. For more information about DNS, please consult the "DNS Does the Trick" section later in this chapter.
WINS: This tab is where IP addresses for Windows Internet Name Service (WINS) servers are defined. WINS servers resolve NetBIOS names into IP addresses. WINS is convenient for Windows 2003 networks with multiple servers and network segments. This tab also offers you control over how or whether NetBIOS operates over TCP/IP. For more information about WINS, please consult the "Everyone WINS Sometime" section later in this chapter.
Options: This tab is where you can define alternate settings associated with TCP/IP. This tab offers access to only TCP/IP filtering by default, but the layout of the interface seems to hint that other optional features or services may be configured here if they are installed later. TCP/IP filtering allows you to define TCP, User Datagram Protocol (UDP), and protocol ports that will be allowed to function. In other words, it blocks all traffic except the traffic for the ports that you choose to allow in. This interface is rather limited because it doesn't tell you which ports you need to allow in. We recommend deploying a proxy or firewall to perform TCP/IP filtering, because these devices are more user -friendly and tell you which ports you need.