RRAS Tools and Utilities

Several tools and utilities are available for Windows Server 2003 Routing and Remote Access Service. The following utilities allow administrators to configure and obtain information for accounting, auditing, and troubleshooting RRAS:

Routing and Remote Access MMC snap-in
Netsh command-line tool
Authentication and accounting logging
Event logging
Tracing

Routing and Remote Access MMC Snap-in

The Routing and Remote Access snap-in, shown in Figure 26.11, is located in the Administrative Tools folder. It is the primary management tool for configuring Windows Server 2003 RRAS.

Figure 26.11. Administering RRAS through the Routing and Remote Access snap-in.

Within the RRAS snap-in is a series of floating windows that display table entries or statistics. After a floating window is displayed, you can move it anywhere on the screen, and it remains on top of the Routing and Remote Access snap-in. Table 26.1 lists the floating windows in the Routing and Remote Access snap-in and includes their location.

Table 26.1. Routing and Remote Access Floating Windows
Floating Window	Location	Description
TCP/IP information	IP Routing/General/Interface	Global TCP/IP statistics, such as the number of routes, incoming and outgoing bytes
Multicast boundaries	IP Routing/General/Interface	The contents of the TCP/IP multicast boundaries
Multicast statistics	IP Routing/General	Statistics per group, such as the number of multicast packets received
Address translations	IP Routing/General/Interface	The contents of the Address Resolution Protocol (ARP) cache
IP addresses	IP Routing/General/Interface	The IP addresses assigned to routing interfaces
IP routing table	IP Routing/General/Static Routes	The contents of the IP routing table
RRAS Clients	Remote Access Clients	The list of client connections, including local and remote addresses and TCP ports
UDP listener ports	Ports	The list of UDP ports on which the router is listening
Areas	IP Routing/OSPF	The list of configured OSPF areas
Link state database	IP Routing/OSPF	The contents of the OSPF link state database
Neighbors (OSPF)	IP Routing/OSPF	The list of neighboring OSPF routers and their state
Virtual interfaces	IP Routing/OSPF	The list of configured virtual interfaces and their state
Neighbors (RIP)	IP Routing/RIP	The list of neighboring RIP routers
DHCP Allocator information	IP Routing/NAT/Basic Firewall	Statistics on the number and types of DHCP messages sent and received
DNS Proxy information	IP Routing/Network Address Translation	Statistics on the number of types of DNS messages sent and received
Mappings	IP Routing/NAT/Basic Firewall/Interface	Contents of the Network Address Translation mapping table
Group table	IP Routing/IGMP	Global list of groups detected by using the IGMP routing protocol
Interface group table	IP Routing/IGMP/Interface	Interface list of groups detected by using the IGMP routing protocol
IPX parameters	IPX Routing/General	Global IPX statistics, such as the number of routes and services, packets received, and packets forwarded
IPX routing table	IPX Routing/Static Routes	The contents of the IPX routing table
IPX service table	IPX Routing/Static Services	The contents of the SAP service table
RIP parameters	IPX Routing/RIP for IPX	Global statistics on the RIP for IPX protocol
SAP parameters	IPX Routing/SAP for IPX	Global statistics on the SAP for IPX protocol

The Netsh Command-Line Tool

Netsh is a command-line and scripting tool used to configure Windows Server 2003 networking components on local or remote computers. Windows Server 2003 Netsh also enables you to save a configuration script in a text file for archiving or for configuring other servers. Netsh is installed with the Windows Server 2003 operating system.

Netsh is a shell that can support multiple Windows Server 2003 components through the addition of Netsh helper DLLs. A Netsh helper DLL extends Netsh functionality by providing additional commands to monitor or configure a specific Windows Server 2003 networking component. Each Netsh helper DLL provides a context or group of commands for a specific networking component. Subcontexts can exist within each context; for example, within the routing context, the subcontexts IP and IPX exist to group IP routing and IPX routing commands together.

Netsh command-line options include the following:

a <AliasFile> Specifies that an alias file be used. An alias file contains a list of Netsh commands and an aliased version so that the aliased command line can be used in place of the Netsh command. Alias files can be used to map commands to the appropriate Netsh command that might be more familiar in other platforms.
c <Context> Specifies the context of the command corresponding to an installed helper DLL.
Command Specifies the Netsh command to carry out.
f <ScriptFile> Specifies that all the Netsh commands in the file ScriptFile be run.
r <Remote Computer Name or IP Address> Specifies that Netsh commands are run on the remote computer specified by its name or IP address.

You can abbreviate Netsh commands to the shortest unambiguous string. For example, typing the command ro ip sh int is equivalent to typing routing ip show interface. Netsh commands can be either global or context specific. You can issue global commands in any context and use them for general Netsh functions. Context-specific commands vary according to the context. Table 26.2 lists the global commands for Netsh.

Table 26.2. Netsh Commands
Command	Description
`..`	Moves up one context level.
`? or help`	Displays command-line Help.
`show version`	Displays the current version of Windows and the Netsh utility.
`show netdlls`	Displays the current version of installed Netsh helper DLLs.
`add helper`	Adds a Netsh helper DLL.
`delete helper`	Removes a Netsh helper DLL.
`show helper`	Displays the installed Netsh helper DLLs.
`cmd`	Creates a command window.
`online`	Sets the current mode to online.
`offline`	Sets the current mode to offline.
`set mode`	Sets the current mode to online or offline.
`show mode`	Displays the current mode.
`flush`	Discards any changes in offline mode.
`commit`	Commits changes made in offline mode.
`set audit-logging`	Turns on or off the logging facility.
`show audit-logging`	Displays current audit logging settings.
`set loglevel`	Sets level of logging information.
`show loglevel`	Displays the level of logging information.
`set machine`	Configures the computer on which the Netsh commands are executed.
`show machine`	Displays the computer on which the Netsh commands are executed.
`exec`	Executes a script file containing Netsh commands.
`quit or bye or exit`	Exits the Netsh utility.
`add alias`	Adds an alias to an existing command.
`delete alias`	Deletes an alias to an existing command.
`show alias`	Displays all defined aliases.
`dump`	Writes configuration to a text file.
`popd`	A scripting command that pops a context from the stack.
`pushd`	A scripting command that pushes the current context on the stack.

Netsh can function in two modes: Online and Offline. In Online mode, commands executed by Netsh are carried out immediately. In Offline mode, commands executed at the Netsh prompt are accumulated and carried out as a batch by using the commit global command. The flush global command discards the batch commands. Netsh commands can also run through a script. You can run the script by using the f option or by executing the exec global command at the Netsh command prompt.

The dump command can be used to generate a script that captures the current RRAS configuration. This command generates the current running configuration in terms of Netsh commands. The generated script can be used to configure a new RRAS server or modify the current one.

For the Routing and Remote Access Service, Netsh has the following contexts:

ras Use commands in the ras context to configure remote access configuration.
aaa Use commands in the aaa context to configure the AAA component used by both Routing and Remote Access Service and Internet Authentication Service.
routing Use commands in the routing context to configure IP and IPX routing.
interface Use commands in the interface context to configure demand-dial interfaces.

Authentication and Accounting Logging

The Routing and Remote Access Service can log authentication and accounting information for PPP-based connection attempts. This logging is separate from the events found in the system event log and can assist in tracking remote access usage and authentication attempts. Authentication and accounting logging is useful for troubleshooting remote access policy issues; the result of each authentication attempt is recorded, as is the remote access policy that was applied. The authentication and accounting information is stored in a configurable log file or in files stored in the %systemroot%\System32\LogFiles folder. The log files are saved in Internet Authentication Service (IAS) or in database-compatible format, which can allow database programs to read the log file directly for analysis. Logging can be configured for the type of activity you want to log (accounting or authentication activity). The log file settings can be configured from the properties of the Local File object in the Remote Access Logging folder in the Routing and Remote Access snap-in.

Event Logging

Windows Server 2003 RRAS also performs extensive error logging in the system event log. You can use information in the event logs to troubleshoot routing or remote access problems.

The following four levels of logging are available:

Log errors only (the default)
Log errors and warnings
Log the maximum amount of information
Disable event logging

You can set the level of event logging on the General tab of the following property pages:

IP Routing/General
IP Routing/NAT/Basic Firewall
IP Routing/OSPF
IP Routing/IGMP
IPX Routing/General
Routing/RIP for IPX
IPX Routing/SAP for IPX

Note

Logging uses system resources; therefore, you should use it sparingly to help identify network problems. After you identify the problem, reset the logging to its default setting (log errors only).

Tracing

RRAS for Windows Server 2003 provides extensive tracing capability that can be used to troubleshoot complex network problems. By enabling file tracing, you can record internal component variables, function calls, and interactions. File tracing can be enabled on various RRAS components to log tracing information to files. Enabling file tracing requires changing settings in the Windows Server 2003 Registry.

Caution

Do not edit the Registry unless you have no alternative. The Registry Editor bypasses standard safeguards, allowing settings that can damage your system or even require you to reinstall Windows.

Each installed routing protocol or component is capable of tracing, and each appears as a subkey, such as OSPF and RIPV2.

Similar to the authentication and accounting logging, tracing consumes system resources; therefore, you should use it sparingly to help identify network problems. After the trace is complete or the problem is identified, immediately disable tracing. Do not leave tracing enabled on multiprocessor computers.

The tracing information can be complex and detailed. Often, this information is useful only to Microsoft support engineers or network administrators who are experts in using the Windows Server 2003 Routing and Remote Access service. To enable file tracing for each component, do the following:

1.	Run regedit.exe and navigate to the following Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\`<`Component`>` (`<`Component`>` represents the component for which you want to enable file tracing.)
2.	Select the component for which you want to enable file tracing.
3.	Right-click the EnableFileTracing entry, click Modify, and then assign a value of 1 (the default value is 0).
4.	For the selected component, modify additional entries as needed:

To set the location of the trace file, right-click the FileDirectory entry, click Modify, and then type the location of the log file as a path. The filename for the log file is the name of the component for which tracing is enabled. By default, log files are placed in the %windir%\Tracing directory.

To set the level of file tracing, right-click the FileTracingMask entry, click Modify, and then type a value for the tracing level. The tracing level can be from 0 to 0xFFFF0000. By default, the level of file tracing is set to 0xFFFF0000, which is the maximum level of tracing.

To set the maximum size of a log file, right-click the MaxFileSize entry, click Modify, and then type a size for the log file. The default value is 0x00100000, or 64KB.