The Basics of IP Networks

TCP/IP Network Concepts.

As the Internet continues to grow, the use of Transmission Control Protocol/Internet Protocol (TCP/IP) on internal networks increases. TCP/IP offers a widely deployed set of open protocol standards that are well suited to forming wide area networks (WANs).

For each computer to identify itself on a TCP/IP network, each host must be uniquely identified by the following information:

An IP address

A 32-bit field composed of four octets (8-bit numbers from 0 through 255). Each address has decimal notation to separate octet numbers, such as A subnet mask This indicates how the IP address is to be read. It also indicates how to separate the network identifying information from the host identifying information and interprets the IP address correctly. For example, if a subnet mask of is applied for an address, it indicates that the host number is 24, located on the 10.85.189 subnetwork.

A default gateway

This is used to specify the address for the nearest routing device that is used by the host device to forward addressed packets on to the network. One way to configure this address information is to have a network administrator or technician manually enter these settings on each computer before it is joined to the local network. This type of manually applied configuration is referred to as static IP addressing. It requires that all addresses are recorded and centrally maintained by a network administrator. This provides an orderly procedure for adding new devices and avoids problems that can arise from duplicating address assignments on the network.

For small networks, adding new devices does not present a difficult problem. However, as networks become larger or further divide into multiple subnetworks, integrating new devices into existing networks becomes a significant chore for network administrators. In addition, this task may need to be repeated each time a device is moved to a different subnetwork.

Although IP addressing is an efficient scheme that works optimally for computers and routers, network users find common names for hosts (such as much easier to remember than IP addresses (such as Further solutions for mapping user-friendly names to assigned IP addresses simplify user access, but compound the existing administrative problems already inherent in TCP/IP.

The following sections cover some of the accepted and proposed standards that have been drafted to provide solutions for all of these TCP/IP shortcomings.

What Is DNS? The Domain Name System (DNS) service was developed by the Internet Engineering Task Force (IETF) as an attempt to standardize a way to map pairings of logical host names to actual IP addresses on a TCP/IP network.

DNS is an acceptable method for resolving names to addresses, but it requires the use of host files, and DNS servers must be overseen and updated manually as names and addresses are modified. This adds to tasks that a TCP/IP network administrator must perform, although it does simplify network access for users. For DNS to work properly it requires the use of a name space. The DNS name space is hierarchical in nature and allows host names to be stated in absolute or relative terms. Absolute names, or fully qualified domain names (FQDNs) are defined from the root of the name space and uniquely identify a node in the hierarchy. FQDNs end with a trailing dot. Relative names are represented relative to a name in the hierarchy. For example, is a relative DNS name of a host defined from the com part of the DNS name space hierarchy, which contains domain names of commercial organizations. see examples below

Example 1 – hsdataline UK

If the domain name of a company is:

then the following domain names:

are known as subdomains of the domain.

Example 2 – Izimi UK

If the domain name of a company is:

then the following domain names:

are known as subdomains of the domain.

In addition to planning for domain hierarchies, the DNS service uses host files, which are flat text files that pair DNS domain names and IP address pairings for hosts on the local network. Host files are used by the DNS server to process and resolve name query requests forwarded by DNS clients initiating communications on the local network. In nearly all cases where DNS is used, host files must be created and updated manually for the DNS service to work properly for all hosts.

Because DNS is a supported standard for all TCP/IP networks, most internal networks that support TCP/IP have no restrictions regarding the use of DNS services. Although other TCP/IP servers that are not Windows-based can be made to function as DNS servers, Windows NT Server provides the option of acting as a DNS server as well.

What Is WINS? Windows Internet Naming Service (WINS) is another option for resolving host names on networks that use Microsoft TCP/IP. It provides a distributed database for registering and querying dynamic computer name-to-IP address mappings in a routed network environment. WINS uses the NetBIOS computer name for any Windows-based network client to register each client in the WINS database on a computer running Windows NT Server.

A WINS system consists of the following:

WINS server Runs on a Windows NT Server–based computer and handles name registration requests from WINS clients and registers their names and IP addresses. The server also responds to name queries from WINS clients by returning the IP address of the name being queried (assuming the name is registered with the WINS server). WINS client Registers its name with the WINS server when it joins or leaves the network. The client also queries the WINS server for remote name resolution. WINS proxy Helps resolve names on behalf of non-WINS clients. The proxy communicates with the WINS server to resolve names (rather than maintaining its own database) and then caches the names for a certain amount of time. The proxy serves as an intermediary between the WINS server and the non-WINS client, either by communicating with the WINS server or by supplying a name-to-IP address mapping from its cache. The presence of a WINS proxy in a WINS system is dictated solely by the presence of non-WINS clients. If you are administering a routed internal network, WINS is the best choice for NetBIOS name resolution, because it is designed to solve the problems that occur with name resolution in a complex internal network. WINS goes beyond eliminating the need for an LMHOSTS file (a hosts file of NetBIOS names–to–IP address pairs) by reducing the use of local broadcasts for name resolution and allowing users to easily locate systems on remote networks.

Using WINS provides the following benefits:

In a dynamic network environment where host IP addresses can change frequently, WINS provides an excellent way to dynamically register these changes as they occur. It centralizes management of the NetBIOS names-to-IP addresses mapping database, so that there is no need to manage multiple LMHOSTS files across several servers on a network. It reduces IP broadcast traffic in a NetBIOS-based internal network, while allowing the clients to locate remote systems across local or wide area networks easily. With WINS, users on a Windows NT–based network can browse transparently across routers (for Windows NT domains that span multiple subnets). Browsing without WINS is complicated and involves manual procedures. For more information on TCP/IP networking, see the Networking Supplement in your Windows NT Server documentation.

What Is DHCP? The Dynamic Host Configuration Protocol (DHCP) was established to relieve the administrative burden of manual configuration of TCP/IP hosts on the network. DHCP provides an alternative to static IP addressing by enabling automatic configuration of the TCP/IP-related parameters when a DHCP client becomes active on the local network.

Note DHCP provides a way of passing configuration information to hosts that is based on an earlier protocol standard, known as the Bootstrap Protocol (BOOTP). BOOTP was conceived as a way to allow diskless workstations to obtain TCP/IP configuration settings and perform a network “boot.” DHCP uses some of the same concepts as BOOTP, such as a shared message format, which allows existing BOOTP clients to interoperate with DHCP servers. However, further additions to DHCP distinguish it from BOOTP.

DHCP provides a safe, reliable, and simple TCP/IP network configuration. It ensures that address conflicts do not occur and helps conserve the use of IP addresses by using centralized management of address allocation. DHCP conserves addresses that are not in use by having the DHCP server reclaim an address after the address lease period has elapsed.

The administrator controls how IP addresses are dynamically assigned by the DHCP server. To establish DHCP service, you set several parameters that are used to manage dynamic assignment of IP addresses. First, a lease period for each address is set. A lease specifies how long a computer can use an assigned IP address before having to renew the lease with the DHCP server. Another parameter that must be set for DHCP service is a scope. A scope indicates the available range of addresses that can be used within DHCP assignment. The scope provides for an available pool of addresses for the DHCP server to use when assigning and configuring clients. The scope exists only once for an entire subnetwork, but it can be further defined by excluding reserved subranges of addresses from the pool of assignable addresses allowed by the scope.

Setting up a DHCP environment provides three major benefits:

It requires no additional address configuration for the workstation. Users do not need to know or maintain their computer’s TCP/IP address configuration. This can be useful for mobile computer users who use portable computers that are moved to different offices or subnets frequently. DHCP clients can be configured with additional TCP/IP parameters, such as the DNS server address or WINS server addresses that are essential for successful name-to-IP address resolution by a host. DHCP gives you better control of IP address assignment and management. For example, if the IP address for a router in a network changes and 250 client computers have to be updated with the new address, you do not have to manually reconfigure every workstation.

DHCP is based on a client/server model. The DHCP server runs on a server, such as a computer running Windows NT Server. The DHCP client runs on a network client such as a workstation running Windows 95 or Windows NT Workstation.

During system startup (the initializing state), a DHCP client computer sends a DHCP “discover” message that is broadcast on the local network and can be forwarded to all the DHCP servers on the internal network. Each DHCP server that receives the discover message responds with an “offer” message containing an IP address and valid configuration information for the DHCP client computer that sent the request.

The DHCP client then collects the configuration and enters a selecting state, where it chooses one of the address “offers” provided by the DHCP servers. The client selects one of the offered configurations and enters a requesting state. It then sends a “request” message to specify a request from that DHCP server. The selected DHCP server sends an “acknowledgment” message that contains the address requested, a valid lease for the address, and TCP/IP network configuration parameters for the client. The client enters a bound state after receiving the acknowledgment from the server and can now participate on the TCP/IP network.

Client computers with local disk storage save the received address for use during subsequent system startup. As the lease approaches its expiration date, the client attempts to renew its lease with the DHCP server. If the DHCP server that initially offered the lease is not available or the lease has expired, the client repeats the process and gets a new configuration from any of the available DHCP servers.

The following three types of hosts can be active in a DHCP configuration process:

DHCP server Contains IP addresses, lease duration, and associated TCP/IP configuration information.

The DHCP server listens for client requests and processes them. DHCP client Gets its IP address and related TCP/IP configuration parameters from the DHCP server during the initialization stage. The client also extends the lease on the IP address by renewing the lease before it expires.

DHCP relay agent A relay agent software (compliant with RFC 1542) assists in forwarding the DHCP packets between subnets in a routed internal network. Usually, this component runs on the routers.

For more information about setting up DHCP services, see your Windows 200x Server documentation.

What Are Ports? Ports are used in TCP/IP to name the ends of logical connections that carry long-term conversations. A port gives transport protocols such as User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) the capability of handling communications between multiple hosts. It allows communication to be uniquely identified. The WinSock Proxy service uses ports extensively to provide a way of redirecting applications.

For the purpose of providing services to unknown callers, a service contact port is defined. Each WinSock Proxy–enabled application specifies a port to be used as the contact port on the server for TCP or UDP. The contact port is sometimes called the “well-known port.” To some extent, these same port assignments are used with UDP. To use UDP, the application must supply the IP address and port number of the destination application. Ports are identified by a positive integer. Originally, the assigned ports available were in the range from 0 through 255. Currently, the range for assigned ports has been expanded to allow 4-digit port numbers up to 9,999. The assigned ports use a small portion of the range of possible port numbers, allowing other unassigned port numbers to be designated as alternatives if the initial port is not available or is to be used for new custom server applications.

Ports can be designated to use either TCP or UDP as the transport-level protocol that specifies how ports send and receive data. In addition, port assignments are enabled separately for inbound ports and outbound ports on Microsoft Proxy Server. Inbound ports are used to listen for client requests from Internet clients, and outbound ports are used to listen for requests from clients on the internal network.