Microsoft Windows XP Networking Inside Out
.pdf
1: Windows XP Networking
Part 1: Windows XP Networking
3 Chapter
between individual LANs in a wider WAN environment. However, FDDI is rapidly being supplanted in this role by switched Ethernet networks.
●IP over Asynchronous Transfer Mode (ATM). IP over ATM is a collection of software components that provide IP on an ATM network. ATM is a packet-switching network technology that provides high-speed data transmission in both LAN and WAN environments. ATM networks are capable of transmission speeds of approximately 1 Gbps.
●LAN Emulation (LANE). LANs also work with ATM, so ATM can work with another Ethernet or Token Ring network. You can think of LANE as a type of network bridge between different components, and Windows XP Professional can be a LANE client.
tip You can learn more about how Windows XP Professional supports LANE and IP over ATM as well as FDDI and Token Ring by searching Windows XP Help And Support on the Start menu.
Installing NICs
Once you have made a decision about the kind of network you will use, your immediate task is to install the NICs in the computers that will become network clients. If you have a collection of computers that are already equipped with Ethernet cards (or onboard Ethernet built into the computers’ motherboards), your task is complete (assuming you’ve decided to use Ethernet). However, if you want to install Ethernet, HomePNA, wireless, or Powerline NICs, you’ll need to carefully read the NIC manufacturer’s setup instructions. The setup process can vary according to the brand of NIC you are installing and the type of connection (internal PCI slot or external USB port) you are using. Keep these points in mind:
●If you are installing an internal device, shut down the computer, and unplug it from the AC outlet. Never open a computer case and install internal components with the computer still plugged into the wall because you might get an electrical shock. Also, turn off all components connected to the computer, such as your monitor or printer, or disconnect the peripherals from the computer. It’s also advisable to use a wrist grounding strap to reduce the possibility of discharging harmful static electricity inside the computer. A wrist grounding strap, as its name implies, attaches to your wrist and drains static electricity from your body to a grounded object in your surroundings (to which it’s also attached). Alternatively, periodically touch a grounded object in your vicinity before touching the components of your computer. Although this alternative method is not guaranteed to prevent harmful static buildup, it suffices in most cases.
68
1: Windows XP Networking
Chapter 3: Creating Network Connections
●For internal devices, follow the manufacturer’s installation instructions. Also, check your computer’s documentation—opening the computer’s case might void some or all of your warranty. If you are not familiar with installing internal components, consider getting some help or even taking the computer to a service center.
●For USB NICs, follow the manufacturer’s instructions. You might need to install software before attaching the NIC to the USB port.
●Once installed, Windows XP can automatically detect and install most NICs, but you should follow the manufacturer’s instructions for installing the manufacturer’s driver or other utilities. Check to see if the manufacturer has specific instructions for computers running Windows XP.
To learn more about hardware installation and configuration, see Microsoft Windows XP Inside Out by Ed Bott and Carl Siechert (Microsoft Press, 2001).
Managing Network Connections
Once you have installed the NIC, the connection appears as Local Area Connection in the Network Connections window under the LAN Or High-Speed Internet heading. If you select the connection and look at the Details section in the task pane in the Network Connections window, you will see such information as whether the connection is enabled and the brand of NIC that is used for the connection. For the icon to appear enabled, the NIC must be connected to the network or hub. If it is not, you’ll see an X over the icon and a status message, as shown in Figure 3-6.
Chapter 3
Figure 3-6. The condition of the network connection and any appropriate error messages appear in the Network Connections window.
You can manage the network connection as well as the NIC from this location. The connection should rarely need your attention, but there is valuable information you can gain from the Network Connections window that can help you troubleshoot problems should any occur.
69
1: Windows XP Networking
Part 1: Windows XP Networking
Checking the Status of the Connection
If you double-click the connection in the Network Connections window (or right-click the connection and choose Status), you’ll see a simple status dialog box like the one shown in Figure 3-7. The General tab displays the current connection status, the duration of the network connection, and the current speed of the connection. Under Activity, you can see the total packets sent and received. You can also access the connection’s properties and disable the connection using the buttons provided.
3 Chapter
Figure 3-7. The General tab of the Local Area Connection Status dialog box provides you with helpful information about the status of the connection.
If you select the Support tab, shown in Figure 3-8, the fields displayed are Address Type (automatic or manual), IP Address, Subnet Mask, and Default Gateway (if any). If you click the Details button, you can see the DNS and WINS server addresses. You can also find this information at the command prompt by typing ipconfig and pressing Enter. If you want to see detailed IP information, type ipconfig /all.
To learn more about ipconfig and other helpful tools see “Using Command-line Tools Included in Windows XP,” page 345.
Notice the Repair button on the Support tab as well. If your connection is not working, you can click the Repair button and Windows XP will attempt to fix the connection. The Repair option primarily works in cases where a DHCP server is used. When you click Repair, Windows XP
●Broadcasts a request for a new DHCP address lease, and if that fails, regenerates its IP address using APIPA.
●Flushes Address Resolution Protocol (ARP) entries.
70
1: Windows XP Networking
Chapter 3: Creating Network Connections
●Flushes NetBIOS and DNS local caches.
●Reregisters with WINS and DNS (if applicable).
Figure 3-8. The current IP configuration is displayed on the Support tab.
Understanding Connection Protocols and Services
If you right-click the connection in Network Connections and choose Properties, you can access the Properties dialog box for that connection. On the General tab, you’ll see a list of the services and protocols that are configured for the connection. By default, a LAN connection includes the following:
●Client for Microsoft Networks. This service enables the computer to participate on a Microsoft network.
●File and Printer Sharing for Microsoft Networks. This service allows the client to share files and printers on the network.
●QoS Packet Scheduler. The Quality of Service packet scheduler manages network traffic and related traffic functions.
●Internet Protocol (TCP/IP). TCP/IP enables the client to participate on a TCP/IP network (see “Understanding TCP/IP in Depth,” page 24, to learn more).
These services and protocols are all you need to participate on a standard network providing TCP/IP and Microsoft networking services. However, in network environments where other protocols and services are used (such as NetWare), you can install additional services and protocols from the General tab. See Chapter 18, “Interconnectivity with Other Systems,” to learn more about Windows XP interoperability with other network operating systems.
Chapter 3
71
1: Windows XP Networking
Part 1: Windows XP Networking
Network Authentication
3 Chapter
If you access the Local Area Connection Properties dialog box in Network Connections, you’ll find an Authentication tab. The Authentication tab, shown in Figure 3-9, enables you to configure authenticated network access for both wired and wireless Ethernet networks if network authentication is required on your network.
The authentication option you see in the figure uses the IEEE 802.1x standard that provides network authentication of devices based on their port or connection to the network, which is why you find the 802.1x option in the connection’s Properties dialog box.
Using 802.1x, you can require authentication using Extensible Authentication Protocol (EAP). EAP is a highly secure authentication standard for both wired and wireless Ethernet networks. Different EAP types are available for authentication including Message Digest 5 (MD5)–Challenge or a smart card or digital certificate. If you are using a smart card or digital certificate, click the Properties button to configure the option you want to use. To implement the 802.1x standard, each network client should use the authentication settings on this tab to ensure security.
You can choose to have the computer attempt to authenticate itself to the network using computer information when a user is not currently logged on. You can also choose to have the computer attempt to connect to the network as a guest when neither computer information nor a signed on user are present.
To learn more about the 802.1x standard with wireless Ethernet networks, see Chapter 19, “Wireless Networking.”
Figure 3-9. You can use 802.1x authentication by configuring the Authentication tab.
72
1: Windows XP Networking
Chapter 3: Creating Network Connections
Getting to Know 802.1x
The 802.1x standard defines authenticated network access for wireless and wired Ethernet networks. The 802.1x standard is built on port-based network access control, which can authenticate computers and other network devices that are physically connected to a port on the LAN. It provides a highly secure method because it takes network security to a deeper level than a simple user name and password. With 802.1x, the port you are connecting from must also be authenticated, or network access will fail.
When 802.1x is in use, there is one physical LAN port that is viewed as two logical ports for authentication purposes. The first logical port is considered the uncontrolled port and allows data exchange between the client attempting to authenticate and the authenticating server. If the authentication succeeds, the second port, called the controlled port, allows data to be exchanged between the authenticated LAN client and the rest of the network. This additional security layer goes beyond the standard user name and password authentication to the IP port authentication, which is usually based on certificate credentials. The user as well as the computer must be authenticated at different security levels for network access to be available. If you are interested in the many details of 802.1x, visit the IEEE Web site at www.ieee.org and search for 802.1x.
Chapter 3
Bindings and Provider Order
If you open Network Connections and choose Advanced Settings on the Advanced menu, the Advanced Settings dialog box opens and displays advanced settings for adapters and bindings as well as provider order. These settings give you a summary of what protocols work with (are bound to) what connections and how different services are accessed on your network. The advanced settings are valuable because adjusting them might increase performance, especially if your computer resides in a network where several different services or protocols are used.
On the Adapters And Bindings tab of the Advanced Settings dialog box, shown in Figure 3-10 on the next page, you see a listing of connections and bindings for the LAN connection. Notice that if you select a connection or binding, you can adjust its order in the list by clicking the up arrow and down arrow buttons to the right of the list. When Windows XP participates on the network, the connections and bindings are used in the order listed. For example, if you have three connections, Windows XP attempts to use those connections for network communication in the order they appear in this list. So, for best network performance, you should move the connections and bindings you use most often to the top of the list. If you use your LAN connection
73
1: Windows XP Networking
Part 1: Windows XP Networking
more than any remote access connections, the LAN connection should be ordered first in the list, as shown in Figure 3-10. Under Bindings For Local Area Connection, if you have more than one protocol bound to a service, order the protocols by their relative importance and disconnect any protocols not needed for a given service by clearing their check boxes. Each protocol adds to the overhead of the network, so turning off those that are unused will improve performance.
3 Chapter
Figure 3-10. Order the adapters and bindings so that the connection or binding used most often is at the top of the list.
On the Provider Order tab, shown in Figure 3-11, the same rule applies. You see a list of network providers and the services they provide. Make sure the services used most often are at the top of each list.
Figure 3-11. Order the network providers so that the most commonly used services are listed first.
74
1: Windows XP Networking
Chapter 3: Creating Network Connections
Bridging Network Connections
As mentioned earlier in this chapter, HomePNA and Powerline networks can have some problems connecting to a shared DSL or cable connection without additional hardware. However, Windows XP comes to the rescue by using bridging software to eliminate the need for a dedicated hardware bridge. This software solution, called Network Bridge, is found in Network Connections.
Suppose that your computer resides between two different IP subnets or even two simple portions of an office network. For simplicity’s sake, also assume that there are two workgroups in your office. One workgroup contains the marketing group, and the other contains the sales group. Both network segments are Ethernet segments, but your computer is outfitted with two NICs so it can communicate with each segment. One NIC communicates with the marketing group, and the other NIC communicates with the sales group.
Although this configuration might sound strange, it actually happens often, especially when small networks add additional workgroups or subnets. For this reason, Windows XP provides the capability to act as an inexpensive network bridge. This bridge provides a connection between the two segments. In the past, you needed to buy a hardware network bridge or router to accomplish the same task, but the Network Bridge feature in Windows XP gives you a simple software solution.
You can also bridge different network segments. For example, perhaps your home network consists of an Ethernet network and a HomePNA network. You can install both NICs on a Windows XP computer and let Windows XP bridge the two networks to create one IP subnet. Obviously, the network bridge provided in Windows XP is designed to be a simple and inexpensive software bridging solution, not a solution for a large IP network. Once you bridge the two segments, computers on each segment can then communicate with each other seamlessly. All data flows through the network bridge, but this process is invisible to the user.
It is important to note that a network bridge is designed to solve specific segment problems: It is not a solution that is routinely needed in a home or small office network. For example, if you have a wired Ethernet network and you want to add wireless functionality using a wireless access point, you can simply connect the wireless access point to a hub or switch port on the wired network—it serves as the network bridge.
If you do need to create a network bridge, you’ll need to log on to the computer that will serve as the bridge with an administrator account. You can bridge Ethernet connections (including HomePNA and Powerline), but you cannot bridge an Ethernet connection with a VPN connection or with a dial-up connection.
Chapter 3
75
1: Windows XP Networking
Part 1: Windows XP Networking
3 Chapter
caution Never bridge a private network with a connection that has a public Internet address. This opens your private network to the Internet. Instead, use ICS to share the Internet connection with other users on the network. See Chapter 10, “Managing Workgroup Connections,” to learn how to set up ICS.
To create a network bridge, follow these steps:
1Log on with an administrator account and open Network Connections. You should be logging on to the computer that holds both subnets or network types because this is the machine that will need to run Network Bridge for the rest of the network.
2For both of the connections you plan to bridge, open the Properties dialog box of the connection, and select the Advanced tab.
3Turn off Internet Connection Sharing and Internet Connection Firewall if they are enabled for either connection. Click OK.
4In Network Connections, select the two connections you want to bridge by holding down the Ctrl key and clicking each connection so that they are both selected.
5Release the Ctrl key. Right-click the selected adapters and choose Bridge Connections.
Windows XP creates the network bridge. When the process is complete, the bridge appears in Network Connections along with the LAN connections that now appear under the Network Bridge heading, as shown in Figure 3-12.
tip If you prefer using a wizard, the Add A Network Connection Wizard can also walk you through the bridging steps.
You can add remote connections to Network Bridge at any time by right-clicking the Network Bridge icon and choosing Properties. The Network Bridge Properties dialog box appears, as shown in Figure 3-13. You can only have one network bridge on a Windows XP computer, but the bridge can support multiple connections (up to 64).
note The computer that contains the network bridge must be turned on at all times for the two network segments to be bridged. Otherwise, the segments will not be connected.
76
1: Windows XP Networking
Chapter 3: Creating Network Connections
Figure 3-12. The Tiles view shows the network bridge and its two connections, and provides brief status information as well.
Chapter 3
Figure 3-13. You can manage the bridged adapters from the General tab of the Network Bridge Properties dialog box.
tip You can more easily add or remove connections from Network Bridge by right-clicking the connection and choosing Remove From Bridge or Add To Bridge.
77