Vous êtes sur la page 1sur 355

PUBLISHED BY

Microsoft Press

A Division of Microsoft Corporation

One Microsoft Way Redmond, Washington 98052-6399

Copyright © 2004 by Microsoft Corporation

All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form

or by any means without the written permission of the publisher.

Library of Congress Cataloging-in-Publication Data [ pending. ]

Printed and bound in the United States of America.

1

Distributed in Canada by H.B. Fenn and Company Ltd.

A CIP catalogue record for this book is available from the British Library.

Microsoft Press books are available through booksellers and distributors worldwide. For further information about interna­ tional editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to moac@microsoft.com.

Active Directory, BackOffice, Microsoft, Microsoft Press, MS-DOS, MSN, Outlook, Windows, the Windows logo, Windows Media, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners.

The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.

This book expresses the author’s views and opinions. The information contained in this book is provided without any express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book.

2

3

4

5

6

7

8

9

QWT

8

7

6

5

4

3

Program Managers: Hilary Long, Linda Engelman Project Editor: Julie Miller Technical Editor: Owen Fowler Copy Editors: Ginny Bess, Chrstina Palaia (BookMasters, Inc.) Indexer: Nancy Guenther (BookMasters, Inc.)

Sub Assy Part No. X10-36038 Body Part No. X10-23990

CONTENTS AT A GLANCE

CHAPTER 1:

 

Implementing DHCP

 

1

CHAPTER 2:

Managing and Monitoring DHCP

 

.

.

.

.

.

.

.

.

.

.

31

CHAPTER 3:

Implementing Name Resolution Using DNS

.

61

CHAPTER 4:

Managing and Monitoring DNS

 

.

.

.

.

.

.

.

.105

CHAPTER 5:

Network Security

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.145

CHAPTER 6:

 

Securing Network Traffic with IPSec

.

.

.

.177

CHAPTER 7:

 

Implementing and Managing Software

 
 

Update Services

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.213

CHAPTER 8:

 

Configuring Routing by Using Routing

 
 

and Remote Access

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.241

CHAPTER 9:

 

Maintaining a Network Infrastructure

 

.279

Glossary

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.313

Index.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.331

CONTENTS

About This Book

Target Audience

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xv

Prerequisites

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xv

The Textbook

. The Supplemental Course Materials CD-ROM

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xv

xvi

Readiness Review Suite Setup eBook Setup The Lab Manual Notational Conventions Keyboard Conventions

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xvii

xvii

xvii

xviii

xix

Coverage

of

Exam

Objectives .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xix

The Microsoft Certified Professional Program

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xxii

Certifications

.

.

.

.

. MCP Requirements About the Authors . For Microsoft Official Academic Course

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

xxii

xxiii

xxiii

xxiv

Evaluation Edition Software Support

xxiv

CHAPTER 1:

Implementing DHCP

1

Brief History of DHCP

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.2

What is DHCP?

How DHCP Works DHCP Clients and Servers

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.3

.4

.4

. DHCP Message Types How Clients Obtain an Initial Lease How DHCP Renews a Lease

DHCP Leases

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Authorizing a DHCP Server

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.5

.5

.6

.8

Changing Subnets and DHCP Servers Using the DHCP Relay Agent Automatic Client Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.9

.9

.10

.13

. DHCP Server Authorization Process

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.13

Protecting Against Improper Use of Workgroup DHCP Servers

 

.14

Configuring a DHCP Scope What Is a DHCP Scope? Multicast Addressing Configuring a DHCP Reservation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.16

.16

.18

.18

What Is a DHCP Reservation?

.

.

.

.

.

.

.

.

.

.

.

.

.

.19

vi

CONTENTS

Configuring DHCP Options User and Vendor Classes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.20

.20

Configuring a DHCP Relay Agent

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.21

How Relay Agents Work

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.22

Using Superscopes

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.23

Summary

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.27

Exercises

. Exercise 1-1: Installing and Authorizing a DHCP Server

Exercise 1-2: Configuring a DHCP Scope

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.27

.27

.27

. Exercise 1-3: Configuring a DHCP Reservation

.

.

.

.

.

.

.

.

.

.

.28

Exercise 1-4: Removing DHCP

.28

Review Questions

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.29

Case Scenarios

.

.

.

.

.

.

.

.

.

. Case Scenario 1-2: Maximizing Lease Availability

. Case Scenario 1-1: Obtaining an IP Address

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.29

.29

.29

CHAPTER 2:

Managing and Monitoring DHCP

.

.

.

.

.

.

.

.

.

.

31

. Understanding DNS Dynamic Updates

Managing DHCP

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. Configuring DNS Dynamic Update Settings on the DHCP Server

.

.

.

.

.

.

.

.

 

.32

.32

.34

Troubleshooting Dynamic Update

.37

.

Managing a DHCP Database What Is a DHCP Database?

.

. Backing Up and Restoring DHCP Server Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.39

.39

.40

Reconciling a DHCP Database

 

.42

Compacting a DHCP Database Enabling Server-Based Conflict Detection

.

.

.

.

.

.43

.44

Removing the DHCP Role

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.44

Best Practices for Managing a DHCP Database

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.44

.45

Monitoring a DHCP Database Establishing a Performance Baseline

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.45

. Using DHCP Statistics to Monitor a DHCP Server

Location of DHCP Data

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.45

.46

Using the DHCP Audit Log to Monitor a DHCP Server

.

.

.

.

.48

Using the Performance Console to Monitor DHCP

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.51

Best Practices for Monitoring DHCP

 

.53

Using Automatic Private IP Addressing

.

.

.

.

.

.

.

.

.54

.54

Disabling APIPA Troubleshooting APIPA Summary

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.55

.56

CONTENTS

vii

Exercises

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. Exercise 2-1: Configuring DNS Dynamic Update

. Exercise 2-2: Manually Backing Up a DHCP Database

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.56

.56

.56

Exercise 2-3: Reconciling a DHCP Database

 

.57

Exercise 2-4: Manually Compacting a DHCP Database

 

.

.

.

.57

Exercise 2-5: Configuring and Viewing the DHCP Audit Log

.57

Exercise 2-6: Creating Alerts for a DHCP Server

.

.

.

.

.

.

.

.

.

.

.

.58

Review Questions

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.58

Case Scenarios

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

. Case Scenario 2-1: Monitoring DHCP Requests Case Scenario 2-2: Monitoring DHCP Network Traffic

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.60

.60

.60

CHAPTER 3:

Implementing Name Resolution Using DNS

.

61

Overview of the Name Resolution Process Overview of DNS Benefits of DNS What Is DNS? Domain Namespace

Installing DNS DNS Zones Standard Zones

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.