Subject: Just Passed TCP/IP4.0
I just passed TCP/IP4 today with the score is 846, not bad, bot good, just so so. It was a tough test, but if you understood the concepts of Subneting, WINS, DNS, DHCP, SNMP very well, it could be passed easily. Of course, The integration of these concept
Here are some important tips and materials which are remembered from my examination and summarised from some other braindumps. May them be helpful.
1. IP addressing and Subneting
1.1 ARP resolves a local IP address or a remote IP address to its hardware address. Local ARP cache is always checked for an IP address/hardware address mapping before initiating an ARP request broadcast. Once the hardware address has been attained, ARP w
ARP.exe utility can be used to view and modify the ARP cache.
arp -a View the contents of the arp cache
arp -g The same as -a
arp -d Delete a entry
arp -s Add a static arp entry for the frequently accessed hosts
1.2 Do remember the definition of IP address classes(A,B,C,D,E). Memorise the following table:
class IP address Network IP Host ID Scope
A w.x.y.z w x.y.z 1-126
B w.x.y.z w.x y.z 128-191
C w.x.y.z w.x.y z 192-223
1.3 Do know the subnetworking and be familiar with the calculation method. A subnetting table and a binary values table will be very helpful, so write them down before your examination.
2. IP routing
2.1 A Windows NT Server installed at least two network interfaces which are connected to separate subnets is called a multihomed computer, it can be configured as a router. There are two types of routing tables: static and dynamic.
2.2 A static table must be setup manually. The ROUTE.exe utility is used for configuring the static gateways. It is very important that you should understand which interfaces you need to configure for each static router. Please see the following figure.
SubnetA SubnetB SubnetC 168.192.12.0 168.192.24.0 168.192.36.0 | | | +------ Route 1 -------+-------Router 2 --------+ | 12.1 24.1 | 24.2.36.1 | | | | Client1 Client2 Client3
Default Gateway 168.192.12.1, 168.192.24.1 or 168.192.36.1
168.192.24.2
The route table on Route 1 should be:
168.192.12.0 168.192.12.1
168.192.24.0 168.192.24.1
168.192.36.0 168.192.24.2
The route table on Route 2 should be:
168.192.12.0 168.192.24.1
168.192.24.0 168.192.24.2
168.192.36.0 168.192.36.1
The default gateways are important in the client configuration which wants to be able to communicate with other computers through routers, it must be configured to the local router interface. But multihomed computers must rely on their routing tables to e
Do understand the parameters of the route -add command:
route -add [destination network address] mask [netmask] [gateway].
2.3 A dynamic automatically configures and maintains it's routing table. To be a dynamic routers, the multihomed computers require a separate routing protocol installed to let them communicate with one another. RIP and OSPF are two common routing protocol
3. RAS
3.1 The Default Gateway of RAS server should be BLANK for it to act as an access point to an ISP, because the ISP provides the gateway information to the RAS server. Meanwhile, the Default Gateway of Win95 clients need to point to the RAS server's IP addr
3.2 PPTP protocol increases the local area network security by filtering and allowing only PPTP frames to enter the network.
3.3 PPTP can support the following protocols: IP/IPX/NetBEUI, exclude AppleTalk.
4. DHCP
4.1 DHCP clients communicate with DHCP server via BOOTP broadcast messages which can only cross routers if the router is a RFC1542-compliant router, and has BOOTP forwarding enabled. Windows NT provides DHCP relay agent service which is compliant with RFC
4.2 DHCP clients automatically attempt to renew their IP address lease after 50% of the lease has expired. It will broadcast to the DHCP server for a renewal. If the DHCP server is not available to renew the IP address, the client will wait until 87.5% of
4.3 Know the scope options:
Global -- changes made here affect all scopes available in the DHCP server
Scope -- changes made here affect only the highlighted scope
Client -- changes made here affect only the specified client
Relevant options are available to let DHCP automatically update the client with addressing for WINS servers, DNS servers, default gateways, etc.
4.4 Through Client Reservations, DHCP server always assigns same IP address to the client. To configure a Client Reservation, both the IP address and MAC of the client should be known. If there are multiple DHCP server in the internetwork, it is very important.
4.5 2 DHCP servers can not share or replicate their databases, therefore, for providing backuping, you need to divert the range of IP addresses to the 2 servers.
One question is about that you must manually assign a valid IP address and Default Gateway to the DHCP server.
5. Name Resolution
5.1 The computer can have two names: a NetBIOS name and a Host name.
NetBIOS name - Microsoft's naming system implemented with LAN Manager, Windows and Windows NT.
Host name - An older naming system primarily used with UNIX systems.
5.2 Typical name resolution order:
NetBIOS Host
------- ----
Local netbios name cache Local host name
WINS Hosts
Broadcast DNS
LMHosts Local netbios name cache (?)
Hosts WINS
DNS Broadcast
LMHosts
5.3 The local NetBios name cache can be viewed with the NBTSTAT.exe utility.
5.4 NetBIOS name resolution nodes
H-node(08) - Hybrid node. The client will first query the WINS server, then if not successful, will use (up to) 3 B-node broadcasts.By inserting the IP address of the WINS server in the client's network properties, it defaults to H-node.
M-node(04) - Mixed node. The client will first use (up to) 3 B-node broadcasts, then if not successful, will query the WINS server.
P-node(02) - Point-to-point node. The client with P-node will only query the WINS server.
B-node(01) - Broadcast node. Default node method for non-WINS clients.
One question asks you why a workstation is not making a broadcast even when it can not resolve through other methods? The answer is that NetBIOS name resolution node of that workstation is configured as P-node.
6 WINS
6.1 WINS is a dynamic database located on a Windows NT server, which stores NetBIOS name to IP address mappings. WINS is needed if you want to browse your network over routers. WINS packets are directed packets and therefore can pass routers. It is recomm
6.2 A WINS proxy agent is only needed if you have none-WINS-enabled clients in your network.
6.3 A WINS server can be configured to fully replicate its database with other WINS servers by configuring a WINS server as a push partner, or a pull partner, or both, to others. A Push partner push its database changes to others once the number of change
One question asks you that you want a workstation in Subnet A to browse and communicate with the other workstations in subnet B, but you can not do it although the two subnets have their own WINS server installed. The answer is that Implementing WINS repl
6.4 JETPACK.exe utility can be used to compact the WINS database when the database size is over 30 MB.
6.5 The LMHOSTS. file can be looked as a static WINS database on local machine, it is not case-sensitive. The lmhost. file is always located in the %Systemroot%\system32\drivers\etc directory on NT machine. Do know the following tags:
#PRE
#DOM
#INCLUDE:\\servername\share\lmhosts
#BEGIN_ALTERNATE
#END_ALTERNATE
Be sure BDCs can authentication user account when PDC is fail, you should add the all other's IP address and add #PRE in all domain controller's lmhosts. file.
Be sure BDCs can communicate with PDC, you should add an entry for PDC and add #PRE #DOM at the line tail in the each BDC's lmhosts. file
7 DNS
7.1 Domain Name Service's purpose is to convert the domain name such as www.microsoft.com to the IP address. DNS is a hierarchical server database which contains host name to IP address static mappings. DNS can be also used to resolve NetBIOS names when "use WINS" is activated.
7.2 DNS Server types
(1). Primary Servers: Get all data for the zone from locally stored files. All changes to a zone must take place at the Primary server.
(2). Secondary Servers: Get all information from another name server that is authoritative for the zone. This transaction is known as a "zone transfer".
(3). Master Server: A name server that provides zone information to the requesting secondary servers. This server can be either a Primary server or another secondary server.
(4). Caching Only Server: This type of server is not authoritative for any zone. It has no local zone files. It merely accepts and processes requests, storing results in its cache (which all name servers have) for future resolution. Remember that the cach
(5). Forwarder: A forwarder is a name server configured to accept requests for name resolution from other name servers when resolution is unsuccessful. This is typically used within an intranet for name resolution outside of the zone. For example, you can
(6).Slaves: A slave is simply a name server configured to use forwarders and further configured to return a failure response if the forwarder can not complete the resolution.
One question asks you that you want the third DNS server to be configured for supporting the load balancing of Primary Server and should not participate in Zone Transfer Traffics. The answer is Cache-Only Server.
Another question asks you that how a third DNS server should be configured to resolve Internet names. The answer is Forwarder for other DNS servers.
7.3 Each client computer has a copy of a flat-file database stored in a text file named Host. The lines of this file match IP addresses to domain names. The Hosts. file can be treated as a local DNS server, it should be maintained manually.
7.4 The common resource records:
CNAME -- Enables you to associate more than one host name with an IP
address. (Alias a as WWW and FTP)
MX -- DNS entry for a mail server
8 SNMP
8.1 SNMP uses a distributed architecture consisting of management system and agents, it is a typical Client/Server mode application. SNMP service should be installed on the host which then is able to be monitored by the another remote host such as a UNIX
8.2 You can configure SNMP security by setting the Accepted Community Name and add the IP address of specified host to the Only Accept SNMP Packets from These Hosts list in the Security tab of the Microsoft SNMP Properties dialog box.
8.3 The SNMPUTIL.exe utility is used to verify whether the SNMP Service has been correctly configured to communicate with SNMP management stations.
9 Printing Utilities
9.1 The LPD, for Windows NT it is called TCP/IP Printer Server Service(LPDSVC), runs as a service on the Windows NT computer and enables any computer with TCP/IP and LPR to send print jobs to the Windows NT computer.
9.2 Installing TCP/IP Printer Service and Share the printer on a Windows NT Server which is connect a print device, it can accept print jobs from LPR clients such as a unix client. Or you also can send a print job to a UNIX workstation from a Windows base
9.3 LPQ can be used to query the printer once print jobs have been submitted.
10 Commands & Utilities
10.1 Connectivity Commands
FTP -- Provides bidirectional file transfers between a Windows NT computer and any TCP/IP host running FTP server software.
TFTP -- Provides bidirectional file transfers between a Windows NT computer and any TCP/IP host running TFTP server software.
Telnet -- Provides terminal emulation on TCP/IP host running telnet server software
RCP -- Copies files between a Windows NT computer and a server running the RCP service
RSH -- Runs commands on a server running the RSH service
REXEC -- Runs a process on a remote computer
LPR -- Prints files to a host running the LPDSVC service(server side of TCP/IP printing for UNIX client.)
10.2 Troubleshooting Utilities
PING -- Verifies configurations and tests connectivity.
FINGER -- Retrieves system information from a remote computer that support the TCP/IP FINGER service.
ARP -- Used to display and modify the ARP cache. Is used to resolve IP address to hardware address.
IPCONFIG -- Quickly displays Windows IP configuration settings.
IPCONFIG/ALL -- Thoroughly displays Windows IP configuration settings.
LPQ -- Displays status of a remote LPD print queue.
NBTSTAT -- Displays protocol statistics and current TCP/IP connections using NetBIOS. Is also used to display NetBIOS name cache
NETSTAT -- Displays protocol statistics and current TCP/IP network connections. Netstat shows statistics since the server was booted.
ROUTE -- Used to display and edit static routing tables
HOSTNAME -- Returns the local computers host name for authentication by the RCP/RSH/REXEC.
TRACERT -- Is used to determine what route a packet takes to get from the source to the destination.
PerMonitor -- Monitors network and computer statistics. Is able to log the data and export it for spreadsheet usage.
NetMonitor -- Monitors network activity and is able to capture look at packets of data sent over network.
10.3 Some Frequency asked questions
( 1). To purge the contents of the arp cache -- ARP -d
( 2). To monitor the Ethernet traffic and the TCP/IP statistics -- NETSTAT -e -s
( 3). To collect data packets to analyse them with a spreadsheet application -- Performance Monitor
( 4). To export the statistics collected to a spread sheet for future analysis -- Performance Monitor
( 5). To construct a capacity planning on all statistical data you collected -- Performance Monitor
( 6). To see the IP address to MAC address resolution -- ARP
( 7). To redirect the jobs to the net printer -- LPR
( 8). Want the Unix client to print jobs at the NT print server connected print device-- LPR
( 9). To view the print jobs that were sent to UNIX-based TCP/IP printer server -- LPQ
(10). To troubleshoot DNS problems -- NSLOOKUP
(11). To Clear the NetBIOS cache -- NBTSTAT -R
(12). To Show the NetBIOS cache -- NBTSTAT -c
(13). To view a list of all currently TCP/IP connections to your NT Server computer -- NETSTAT
(14). To view what configuration changes the DHCP made at your workstation Configuration -- IPCONFIG /ALL
(15). To view traffic and analyse packets in real time -- Network Monitor
(16). To see a summary of both IP statistics and Ethernet statistics -- NETSTAT & NetMonitor
(17). To capture and decode TCP/IP packets on your NT computer -- Network Monitor
(18). To use NDIS 4.0 to capture TCP/IP frames from a network datastream -- Network Monitor
(19). To see the routing tables of a Windows NT server computer -- NETSTAT & ROUTE
(20). To see the a list of all NetBIOS names currently cached on NT computer -- NBTSTAT
(21). To examine the route between network connections -- TRACERT
(22). To accumulate and view the TCP/IP protocol statistics on the NT computer -- NetMonitor & NETSTAT -s
(23). To display the name of the computer with the duplicate IP address -- NBTSTAT -n
(24). To try making a connection to a remote Windows NT Server computer using TCP/IP -- PINT
(25). To identify the path that a data packet takes as it passes through the static routers -- TRACERT
(26). To copy some files from a remote UNIX server to your Windows NT Server computer -- FTP
(27). To view a chart of TCP/IP protocol statistics for one Windows NT Server computer-- Perf. Monitor
(28). To troubleshoot the IP address to hostname resolution problem -- NSLOOKUP
(29). To list the name resolution statistics for Windows networking -- NBTSTAT -r
(30). To display the routing table's contents -- NETSTAT -r
(31). To provide both capture filters and display filters -- Network Monitor
(32). To purge the server's NetBIOS name cache -- NBTSTAT -R
(33). To access and run applications on remote UNIX-based computers -- TELNET
May the gods bless you every one,
Laurence