Network
Structure and functions of networks nodes
Physical and channel levels
Protocol and applied level of network
Splitting network on subnets
Installation of DHCP server
Installation of DNS, WINS, IIS servers
Local network of an enterprise covers 120 personal computers of users and 15 servers on the base of PC Intel platform, which are situated on the four floors of the office building.
Every floor is designed on the base of specification 100 BASE-TX, wiring is represented by cable UTP Cat 5e. Network’s speed is provided at the rate of 100 Mbps and network uses the same kind of Ethernet channel level packets. Besides client computers, network also contains printers. Maximum number of printers per floor is 10 items.
Switching is executed on each floor in wiring closet, one per floor. Wiring closets contain switchboards, patch -panels and 19″ UPS. The distance from closet to working area of client computers does not exceed 90 meters.
For providing high switching speed network uses HP procurve switch 2324 on 24 ports. Because the total number of connections is 40 and there has to be a reserve for future connections, the number of 48 ports would satisfy future requirements of the network. Both switches are connected by high speed channel of 1 Gbps by means of using special modules. All three floors have the same type equipment.
On the ground floor there is also Intel router in wiring closet. Switchboards of all floors are connected to this router and it is used for providing internet connection.
Access to resources and to network is realized on the base of TCP/IP protocol. It will be pointless to install additional protocols. Server computers use Windows 2000 Server as an operation system and all network services are installed and set up on this operation system.
NOTE in Windows 2000, memory is more important than ever. The minimum requirement for… Professional is 64MB, and 128MB is recommended. Windows 2000 Server has a minimum requirement of 128MB and 256MB recommended.”(from Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.18)
Security of network resources is provided by directory service Active Directory: “Active Directory is an essential and inseparable part of the Windows 2000 network architecture that improves on the domain architecture of the Windows NT® 4.0 operating system to provide a directory service designed for distributed networking environments. Active Directory lets organizations efficiently share and manage information about network resources and users. In addition, Active Directory acts as the central authority for network security, letting the operating system readily verify a user’s identity and control his or her access to network resources. Equally important, Active Directory acts as an integration point for bringing systems together and consolidating management tasks.
Combined, these capabilities let organizations apply standardized business rules to distributed applications and network resources, without requiring administrators to maintain a variety of specialized directories Active Directory provides a single point of management for Windows-based user accounts, clients, servers, and applications. It also helps organizations integrate systems not using Windows with Windows-based applications, and Windows-compatible devices, thus consolidating directories and easing management of the entire network operating system. Companies can also use Active Directory to extend systems securely to the Internet. Active Directory thus increases the value of an organization’s existing network investments and lowers the overall costs of computing by making the Windows network operating system more manageable, secure, and interoperable..” (from Active Directory Overview (http://www.microsoft.com/windows2000/server/evaluation/features/dirlist.asp)
Moreover, managing and administrating large multi-domain networks is difficult. Because of this, Microsoft has introduced the Active Directory in Windows 2000. The Active Directory can replace NT domains, but also can serve as an upgrade” (Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.265)
OS Windows 9x or Windows 2000/XP Professional are used as clients which are the members of domain.
WINS-server is installed and is functioning on one server-computer for addressing to network resources and to computers by their NetBIOS names. DNS server is used for providing functioning of directory service ActiveDirectory and for providing access to internet. In order to automatize registration and other operations with IP addresses in local net, network uses authorized DHCP-server in the domain. Access to corporative data inside net and from its filials is provided by Web-server on the base of Internet Information Services.
Structure and functions of networks nodes
Physical and channel levels
Let’s take a closer look on the equipment and structure of physical and channel level. In local network on client computers network adapters of 100 Mbps are used, which work in the full duplex mode. Horizontal subsystem is designed by cable UTP Cat 5e in decorative boxes.
On each floor wiring closets installed. For design of network and connection of floor switchboards with central Intel router it was decided to use optical fiber cable and extension modules or cascading switches of HP series J4817A procurve switch 2324 (24 ports RJ45). The use of HP J4817A switches is the most advantageous decision in category price/quality if compare to such switches as Cisco, 3 com and Intel. In each wc of the floor two HP J4817A procurve switch 2324 switches are cascading, so reserve of ports is also planned for expanding network and adding client computers in future.
On the ground floor two decisions may be made, depending on the loading on server: connection servers into ports of switches RJ45 10/100 and connection to ports 1 Gbps through extension modules. The second decision is more advantageous for domain controller and file servers of network. For servers and internet services the speed of 100 Mbps would be enough.
Protocol and applied level of network
Local network uses several servers on the base of OS Windows 2000. In the research there would be developed recommendations and setup preferences for network services such as Active Directory, DNS, DHCP, WINS and IIS. For simplicity of realization, increasing security level and efficiency services are installed on different servers.
The first stage of installation-is installation of operation systems Windows 2000 Server. During installation Network preferences should be defined: Access service, Client of Microsoft Network, Protocol TCP/IP. Static addresses will be discussed later, now it’s important to mark that servers on which given services will be functioning must have static IP address. Services WINS and DHCP have to chosen for installation, IIS is setup by default, that’s why its installation has to be canceled everywhere and only be left on that server, where it’ll be functioning. DNS service will be installed with Active Directory later.
After installation of network servers Active Directory has to be installed by utility dcpromo: “use Active Directory promotion (Dcpromo.exe) to add domain controllers to Windows 2000 server forests.”(from How Dcpromo.exe Adds Display Specifiers to Active Directory Forests available on web: (http://support.microsoft.com/?kbid=308592).
Domain’s name ELBRYN.COM is chosen for corporation. NetBIOS name of ELBRYN domain will be used by WINS service. After reloading domain’s controller we set servers of the domain by program System/Network identification. Using the same method later domain members-personal computers with Operation system Windows 2000/XP Professional are added. After reloading of servers it’s important to finish setting parameters of TCP/IP protocol of network connections of servers. Then addresses of DNS and WINS servers are added to all servers.
Splitting network on subnets
Local network uses IP addresses with networks address 208.32.16.0/24. After splitting network on 4 subnets and connecting them through router it’s important to revise and redefine nets addresses.
For splitting network of 255 addresses on 4 ranges the following mask is used: 255.255.255.192 which corresponds to binary value of 11111111.11111111.1111111.11000000 where first two bits are used for sub-nets addressing, and 6 ending bits are used for nodes addressing. So, every subnet may consist of (64-2=62) 62 functioning computers. First and last address of sub-net’s range cannot be used for nodes and one address of each range will be used by router’s port. So there are 61 available addresses for networks nodes. This quantity satisfies the task, as it was asked to connect up to 40 nodes (computers or printers) on the 1-3 floors and 45 nodes on the ground level.
For chosen splitting on 4 sub-nets the following sub-nets and rages are got:
208.32.16.0-255.255.255.192, addresses 208.32.16.1-208.32.16.62 (third floor)
208.32.16.64-25.255.255.192, addresses 208.32.16.65-208.32.16.126 (second floor)
208.32.16.128-255.255.255.192, addresses 208.32.16.129-208.32.16.190 (first floor)
208.32.16.192-255.255.255.192, addresses 208.32.16.193-208.32.16.254 (ground level).
The last addresses of each range will be used for router’s port. These are the following addresses: 208.32.16.62, 208.32.16.126, 208.32.16.190, 208.32.16.254
Besides for domain controller the following address is used 208.32.16.232, server DHCP 208.32.16.230, server WINS 208.32.16.231, server IIS 208.32.16.233. Also network will have the following feature: addresses starting from 208.32.16.230 and ending with 208.32.16.254 would be given by DHCP server to “rent.” So, there would be 230-193=37 addresses left, which is enough for 30 existing client computers.
Installation of DHCP server
For setting DHCP service corresponding equipment is launched and then the work of server in the domain ELBRYN is authorized. It order to do it, administrator has to log in the system on that server under user’s name, which is in the group Enterprise administrators or in the group Domain administrators. After server authorization four domains for giving and registration of addresses of clients are created. “If a physical LAN has more than one logical subnet, how can different groups of clients be allocated addresses on different subnets?
One way to do this is to preconfigure each client with information about what group it belongs to. A DHCP feature designed for this is the user class option. To do this, the client software must allow the user class option to be preconfigured and the server software must support its use to control which pool a client’s address is allocated from. (DHCP FAQ (http://www.dhcp-handbook.com/dhcp_faq.html#iaplh)
In order to create domain, wizard is used. In nets 208.32.16.0, 208.32.16.64, 208.32.16.128 elimination range is used only from one (last) address of range, because it’s assigned to router’s port as it was mentioned above. All other nodes, including printers may be set up on automatic receiving of address from DHCP server: “as Most routers incorporate a DHCP server to automatically configure all the computers on your LAN. (Les Freed PC Magazine Guide to Home Networking p.41)
In the wizard for defining lock-router for clients the following addresses are defined. For example, for the third floor router’s address 208.32.16.62 is used, for the second floor- 208.32.16.126, etc. In domain settings for all domains we define WINS addresses and DNS which were assigned and chosen above. In order to shorten traffic in the net, “rent” period is chosen to be 10 days. This period may be changed then if the importance will appear. For the ground floor elimination range will be between 208.32.16.230-208.32.16.254. In the case of using new servers in future, last would have to be assigned additionally addresses from this range.
Because the server DHCP is installed in last subnet in its own segment it can serve only in its own segment, because while connected, client sends wide request for search of the DHCP server, which is not transmitted by router to other IP subnets. So first, three subnets do not have DHCP server in their segment. In order to organize automatic receiving of addresses in these segments Agent of retranslation has to be set up correctly in router. Agent has to administer three subnets: 208.32.16.0, 208.32.16.64, 208.32.16. 128. In properties of agent the following DHCP server address has to be defined: 208.32.16.230. Agent receives wide client’s request for DHXCP search, Agent receives this message and readdresses it to server, further message exchange is executed with server by means of Agent.
Installation of DNS, WINS, IIS servers
As it was said above DNS server was set up with domain’s controller and ELBRYN.COM. zone is integrated into Active Directory. Server is used for permitting internet names in IP addresses. It receives clients’ requests on the interface 208.32.16.232. For effective use of server it’s recommended to organize resending of non-recursive requests to DNS server of internet service provider. In order to keep actual client names in ELBRYN.COM zone dynamic update of nodes records of DNS with DHCP server has to be organized. So, when computer will be renamed, new record nodes will be created in ELBRYN.COM, zone automatically.
By default, the Domain Controllers (DCs) group has full control of all DNS zones and records. Because the DHCP Server service runs under the domain controller’s computer account, it has full control of all DNS zones and records. Because of this, the DHCP Server service has the authority to update or delete any DNS record that is registered in a secure Active Directory-integrated zone (this includes records that were securely registered by other Windows 2000-based computers, including domain controllers).
To minimize the potential of name hijacking, Microsoft does not recommend that you install the DHCP Server service configured to perform DDNS update on a DC. Instead, install the DHCP Server service on a separate server, and not a domain controller.” (from Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) on a Domain Controller (http://support.microsoft.com/?kbid=255134)
In order the requests to be solved correctly by DNS server it’s essential to install and set reverse zones, which correspond to subnets created earlier: 0.16.32.208.in-addr.arpa., 64.16.32.208.in-addr.arpa., 128.16.32.208.in-addr.arpa., 192.16.32.208.in-addr.arpa. So there are 4 zones of reverse viewing. They have to be created before the start of DHCP server’s work and before client computers start working, if it’s possible. In order to provide the work of WWW.andFTP servers, pseudo names are created (records of CNAME type:.”.. CNAME: The Value field gives the canonical name for a particular host; it is used to define aliases….” (from Peterson, Larry L. Computer Networks: A Systems Approach)) in zone ELBRYN.COM. In order clients to be able to call them by the addresses www.elbryn.comand ftp.elbryn.com.
In order to check the settings and functioning of server, administrator can test it by entering its properties and clicking on test button. Also the work of the server can be checked by use of nslookup utility.
If the server is set up correctly, then resources can be called not by NetBIOS name but by DNS name of the computer. Lots of Windows 2000/XP applications use DNS names for working in domain, as Active Directory service is based on DNS service.
Server WINS doesn’t require additional settings after installation, because there are no other servers in the net and their replication is unnecessary, that’s why partners by replication are absent. Server is responsible for permitting NetBIOS names in IP addresses. Because all nets nodes are h-nodes (0x8) and they use WINS as default, so there have to be no nodes in the net that would use wide method of registration and permitting NetBIOS names. Such setting is provided by corresponding settings from DHCP server domain. Use of WINS allows organizing registration and permitting names in the net with several segments and decreases wide traffic in the net. It also eases the work of the master browser of network which is responsible for keeping the list of computers, domains and work groups. Master browser receives list of computers from the WINS server.
Server IIS is installed only on one server of the net: “Before installing IIS, the system must be configured securely and all extra components that could cause unauthorized access must be removed. (from Seth Fogie, Cyrus Peikari Securing Information Internet Serve. http://www.informit.com/articles/article.asp?p=29310&seqNum=2)
In order to provide secure work of server in Internet, the default site is stopped and new site is created which works on port 80. All necessary documents and pages are hosted in the site folder on the hand with scenarios according to tasks. Then access of anonymous user is set permitted to folders of general use. Access of anonymous user is set denied to the folders of restricted use and NTFS permissions are set. On FTP sever all necessary documents and programs are hosted for general use with public access to data. As an additional security access to some virtual catalogs is set only for a definite range of addresses. it’s made in the properties of those virtual catalogs on the bookmark: security in the program Internet services dispatcher.
Conclusion
For the work with file servers and internet services there was chosen a net 100 BASE-TX, realized on commutators HP J4817A procurve switch 2324, cascaded by gigabyte connection channels. It allows realization of fast addressing to the resources and allows providing of a high speed of commutation. Network uses Intel router.
For net’s nodes there were chosen real names in the range 0-255 which is not effective and expensive solution according to the following reasons: Windows services need increased security and this solutions requires installation of Firewall on every computer or on the router, it also requires considerable means for the rent of internet addresses and there is no opportunity to “spy” use of internet resources and statistics. There exist an alternative variant which supposes the use of private addresses 192.168.x.x for nodes and real addresses on router. Also it’s important to organize publication of WWW, FTP services on router.
The use of Active Directory allows increasing the security of work in the net; it also allows to increase efficiency of resource management by means of centralized management and group policies. For every section or group of computers it’s important to create group policy and organize administration of users and computers: settings of working environment, software settings, restriction of access to network, restrictions of IpSec:.”.. performance that many have come to expect from NT Windows 2000 Professional offers these new and enhanced features: Internet protocol Security (IPSec) Windows file protection in the event that an application overwrites a a protocol standard for system file. encrypting IP packets..” (Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.102)
The use of DHCP server allowed to automatize IP address processes and parameters of TCP/IP protocol to net’s nodes and register the use of these addresses. After changing configuration of servers and routers it would be enough just to reset parameters of the following domain.
The use of WINS allowed decreasing client traffic, allows providing the work of nodes in different segments and ease net’s viewing for any Windows-clients.
During network’s exploitation, problems with domain controller are possible, that’s why there has to be a reserve domain’s controller. Weak unit of the network is also a router, that’s why Uninterruptible Power Supply unit and reserving of device will be needed as well. In order to avoid this type of problems it would be advantageous to connect all nodes only on switches, by 1 Gbit/sec channels through central switchboard. It will also allow fastening the work of the net as time won’t be spent on processing of encapsulated IP-packages in the frames of Ethernet.
References
Books:
Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics Morgan Kaufmann 2003
Les Freed PC Magazine Guide to Home Networking Wiley 2004
Peterson, Larry L. Computer Networks: A Systems Approach Morgan Kaufmann 2003
Tanenbaum, Andrew S. Computer Networks, Fourth Edition Prentice Hall PTR 2002
Comer, Douglas E. Droms, Ralph E. Computer Networks and Internets, Fourth Edition Prentice Hall 2003
Panko, Raymond Corporate Computer and Network Security Prentice Hall 2003
Web resources:
Seth Fogie, Cyrus Peikari Securing Information Internet Serve available on web: http://www.informit.com/articles/article.asp?p=29310&seqNum=2
Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) on a Domain Controller http://support.microsoft.com/?kbid=255134
DHCP FAQ http://www.dhcp-handbook.com/dhcp_faq.html#iaplh
How Dcpromo.exe Adds Display Specifiers to Active Directory Forests available on web: http://support.microsoft.com/?kbid=308592
Active Directory Overview available on web: http://www.microsoft.com/windows2000/server/evaluation/features/dirlist.asp
Get Professional Assignment Help Cheaply
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Why Choose Our Academic Writing Service?
- Plagiarism free papers
- Timely delivery
- Any deadline
- Skilled, Experienced Native English Writers
- Subject-relevant academic writer
- Adherence to paper instructions
- Ability to tackle bulk assignments
- Reasonable prices
- 24/7 Customer Support
- Get superb grades consistently
Online Academic Help With Different Subjects
Literature
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Finance
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
Computer science
Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!
Psychology
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
Nursing
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Sociology
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
Business
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
Statistics
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Law
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
What discipline/subjects do you deal in?
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Are your writers competent enough to handle my paper?
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
What if I don’t like the paper?
There is a very low likelihood that you won’t like the paper.
Reasons being:
- When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
- We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.
In the event that you don’t like your paper:
- The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
- We will have a different writer write the paper from scratch.
- Last resort, if the above does not work, we will refund your money.
Will the professor find out I didn’t write the paper myself?
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
What if the paper is plagiarized?
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
When will I get my paper?
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
Will anyone find out that I used your services?
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
How our Assignment Help Service Works
1. Place an order
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
2. Pay for the order
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
3. Track the progress
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
4. Download the paper
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!
