Network Structure and Functions of Term Paper

Excerpt from Term Paper :

After server authorization four domains for giving and registration of addresses of clients are created. "If a physical LAN has more than one logical subnet, how can different groups of clients be allocated addresses on different subnets?

One way to do this is to preconfigure each client with information about what group it belongs to. A DHCP feature designed for this is the user class option. To do this, the client software must allow the user class option to be preconfigured and the server software must support its use to control which pool a client's address is allocated from. (DHCP FAQ (

In order to create domain, wizard is used. In nets,, elimination range is used only from one (last) address of range, because it's assigned to router's port as it was mentioned above. All other nodes, including printers may be set up on automatic receiving of address from DHCP server: "as Most routers incorporate a DHCP server to automatically configure all the computers on your LAN. (Les Freed PC Magazine Guide to Home Networking p.41)

In the wizard for defining lock-router for clients the following addresses are defined. For example, for the third floor router's address is used, for the second floor-, etc. In domain settings for all domains we define WINS addresses and DNS which were assigned and chosen above. In order to shorten traffic in the net, "rent" period is chosen to be 10 days. This period may be changed then if the importance will appear. For the ground floor elimination range will be between In the case of using new servers in future, last would have to be assigned additionally addresses from this range.

Because the server DHCP is installed in last subnet in its own segment it can serve only in its own segment, because while connected, client sends wide request for search of the DHCP server, which is not transmitted by router to other IP subnets. So first, three subnets do not have DHCP server in their segment. In order to organize automatic receiving of addresses in these segments Agent of retranslation has to be set up correctly in router. Agent has to administer three subnets:,, 208.32.16. 128. In properties of agent the following DHCP server address has to be defined: Agent receives wide client's request for DHXCP search, Agent receives this message and readdresses it to server, further message exchange is executed with server by means of Agent.

Installation of DNS, WINS, IIS servers

As it was said above DNS server was set up with domain's controller and ELBRYN.COM. zone is integrated into Active Directory. Server is used for permitting internet names in IP addresses. It receives clients' requests on the interface For effective use of server it's recommended to organize resending of non-recursive requests to DNS server of internet service provider. In order to keep actual client names in ELBRYN.COM zone dynamic update of nodes records of DNS with DHCP server has to be organized. So, when computer will be renamed, new record nodes will be created in ELBRYN.COM, zone automatically.

By default, the Domain Controllers (DCs) group has full control of all DNS zones and records. Because the DHCP Server service runs under the domain controller's computer account, it has full control of all DNS zones and records. Because of this, the DHCP Server service has the authority to update or delete any DNS record that is registered in a secure Active Directory-integrated zone (this includes records that were securely registered by other Windows 2000-based computers, including domain controllers).

To minimize the potential of name hijacking, Microsoft does not recommend that you install the DHCP Server service configured to perform DDNS update on a DC. Instead, install the DHCP Server service on a separate server, and not a domain controller." (from Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) on a Domain Controller (

In order the requests to be solved correctly by DNS server it's essential to install and set reverse zones, which correspond to subnets created earlier:,,, So there are 4 zones of reverse viewing. They have to be created before the start of DHCP server's work and before client computers start working, if it's possible. In order to provide the work of WWW.andFTP servers, pseudo names are created (records of CNAME type:.".. CNAME: The Value field gives the canonical name for a particular host; it is used to define aliases...." (from Peterson, Larry L. Computer Networks: A Systems Approach)) in zone ELBRYN.COM. In order clients to be able to call them by the addresses www.elbryn.comand

In order to check the settings and functioning of server, administrator can test it by entering its properties and clicking on test button. Also the work of the server can be checked by use of nslookup utility.

If the server is set up correctly, then resources can be called not by NetBIOS name but by DNS name of the computer. Lots of Windows 2000/XP applications use DNS names for working in domain, as Active Directory service is based on DNS service.

Server WINS doesn't require additional settings after installation, because there are no other servers in the net and their replication is unnecessary, that's why partners by replication are absent. Server is responsible for permitting NetBIOS names in IP addresses. Because all nets nodes are h-nodes (0x8) and they use WINS as default, so there have to be no nodes in the net that would use wide method of registration and permitting NetBIOS names. Such setting is provided by corresponding settings from DHCP server domain. Use of WINS allows organizing registration and permitting names in the net with several segments and decreases wide traffic in the net. It also eases the work of the master browser of network which is responsible for keeping the list of computers, domains and work groups. Master browser receives list of computers from the WINS server.

Server IIS is installed only on one server of the net: "Before installing IIS, the system must be configured securely and all extra components that could cause unauthorized access must be removed. (from Seth Fogie, Cyrus Peikari Securing Information Internet Serve.

In order to provide secure work of server in Internet, the default site is stopped and new site is created which works on port 80. All necessary documents and pages are hosted in the site folder on the hand with scenarios according to tasks. Then access of anonymous user is set permitted to folders of general use. Access of anonymous user is set denied to the folders of restricted use and NTFS permissions are set. On FTP sever all necessary documents and programs are hosted for general use with public access to data. As an additional security access to some virtual catalogs is set only for a definite range of addresses. it's made in the properties of those virtual catalogs on the bookmark: security in the program Internet services dispatcher.


For the work with file servers and internet services there was chosen a net 100 BASE-TX, realized on commutators HP J4817A procurve switch 2324, cascaded by gigabyte connection channels. It allows realization of fast addressing to the resources and allows providing of a high speed of commutation. Network uses Intel router.

For net's nodes there were chosen real names in the range 0-255 which is not effective and expensive solution according to the following reasons: Windows services need increased security and this solutions requires installation of Firewall on every computer or on the router, it also requires considerable means for the rent of internet addresses and there is no opportunity to "spy" use of internet resources and statistics. There exist an alternative variant which supposes the use of private addresses 192.168.x.x for nodes and real addresses on router. Also it's important to organize publication of WWW, FTP services on router.

The use of Active Directory allows increasing the security of work in the net; it also allows to increase efficiency of resource management by means of centralized management and group policies. For every section or group of computers it's important to create group policy and organize administration of users and computers: settings of working environment, software settings, restriction of access to network, restrictions of IpSec:.".. performance that many have come to expect from NT Windows 2000 Professional offers these new and enhanced features: Internet protocol Security (IPSec) Windows file protection in the event that an application overwrites a a protocol standard for system file. encrypting IP packets.." (Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.102)

The use of DHCP server allowed to automatize IP address processes and parameters of TCP/IP protocol to net's nodes and register the use of these addresses. After changing configuration of servers and routers it would be enough just to reset parameters of the following domain.

The use of WINS allowed decreasing client traffic, allows providing the work of nodes in different…

Cite This Term Paper:

"Network Structure And Functions Of" (2005, February 20) Retrieved January 18, 2018, from

"Network Structure And Functions Of" 20 February 2005. Web.18 January. 2018. <>

"Network Structure And Functions Of", 20 February 2005, Accessed.18 January. 2018,