book

Windows Server® 2008 TCP/IP Protocols and Services

by Joseph Davies

January 2008

Intermediate to advanced

624 pages

14h 16m

English

Microsoft Press

Read now

Unlock full access

Who Should Read This Book
Disclaimer: Third-Party Sites

What Is New in This Edition
LAN Encapsulations
Ethernet IIEthernet II Header and TrailerThe Ethernet Interframe GapEthernet Minimum Frame SizeIEEE 802.3IEEE 802.3 Header and TrailerIEEE 802.2 LLC HeaderDifferentiating an Ethernet II Frame from an IEEE 802.3 FrameIEEE 802.3 SNAPSpecial Bits on Ethernet MAC AddressesThe Individual/Group BitThe Universal/Locally Administered BitRouting Information Indicator Bit
IEEE 802.5IEEE 802.5 Header and TrailerIEEE 802.2 LLC HeaderIEEE 802.5 SNAPSpecial Bits on Token Ring MAC AddressesThe Individual/Group BitThe Universal/Locally Administered BitFunctional Address BitRouting Information Indicator Bit
FDDI Frame FormatFDDI Header and TrailerIEEE 802.2 LLC HeaderPayloadFDDI SNAPSpecial Bits on FDDI MAC Addresses
IEEE 802.11 Frame FormatIEEE 802.11 Header and TrailerIEEE 802.2 LLC HeaderPayloadFrame Control FieldIEEE 802.11 SNAP
WAN Encapsulations
PPP on Asynchronous LinksPPP on Synchronous LinksPPP Maximum Receive UnitPPP Multilink Protocol
Frame Relay EncapsulationFrame Relay Address Field
Overview of ARPThe ARP or Neighbor Cache
Address ResolutionFrame Padding and EthernetThe Neighbor CacheUpdating the Neighbor CacheDuplicate Address DetectionOffending Node Runs Windows Server 2008 or Windows VistaOffending Node Runs a Previous Version of WindowsDuplicate Address Detection and DHCPDuplicate Address Detection and the Defending NodeNeighbor Unreachability DetectionNeighbor Cache Entry StatesARP Registry Values
PPP Connection ProcessPhase 1: PPP Configuration Using LCPPhase 2: AuthenticationPhase 3: CallbackPhase 4: Protocol Configuration Using NCPs
LCP OptionsLCP Negotiation Process
PAPCHAPMS-CHAP v2EAPEAP-MS-CHAP v2EAP-TLSPEAP
IPCPCompression Control ProtocolMPPE and MPPCEncryption Control Protocol
PPPoE Discovery StagePPPoE Session Stage
Introduction to IPIP ServicesIP MTU
VersionInternet Header LengthType Of ServiceRFC 791 Definition of the TOS FieldPrecedenceDelayThroughputReliabilityCostReservedRFC 2474 Definition of the TOS FieldExplicit Congestion Notification and the TOS FieldTotal LengthIdentificationFlagsFragment OffsetTime-To-LiveSetting the TTL with PingProtocolHeader ChecksumSource AddressDestination AddressOptions and Padding
Fragmentation FieldsIdentificationDon’t Fragment FlagMore Fragments FlagFragment OffsetFragmentation ExampleReassembly ExampleFragmenting a FragmentAvoiding FragmentationSetting the DF Flag with PingSetting the IP Payload Size with PingUsing Ping to Do Source FragmentationFragmentation and Translational Bridging EnvironmentsFragmentation and TCP/IP for Windows Server 2008 and Windows Vista
CopyOption ClassOption NumberEnd Of Option ListNo OperationRecord RouteRecord Route ProcessingSetting the Record Route Option with PingStrict and Loose Source RoutingStrict Source Route OptionSetting the Strict Source Route Option with PingLoose Source Route OptionSetting the Loose Source Route Option with PingIP Router AlertInternet TimestampSetting the Internet Timestamp Option with Ping
ICMP Message Structure
ICMP Echo and Echo ReplyICMP Destination UnreachableNetwork Monitor ExamplePMTU DiscoveryAdjusting the PMTURouters That Do Not Support PMTUICMP Source QuenchICMP RedirectICMP Router DiscoveryICMP Router AdvertisementICMP Router SolicitationICMP Time ExceededICMP Parameter ProblemICMP Address Mask Request and Address Mask Reply
Ping OptionsNetwork Monitor Example
Network Monitor ExampleTracert Options
Pathping Options
Introduction to IP Multicast and IGMPIP Multicasting OverviewHost SupportSending IP Multicast TrafficReceiving IP Multicast TrafficRouter SupportThe Multicast-Enabled IP InternetworkThe Internet’s Multicast-Enabled Backbone
IGMP Version 1 (IGMPv1)Host Membership ReportHost Membership QueryIGMPv1 Message StructureNetwork Monitor ExamplesIGMP Version 2 (IGMPv2)The Leave Group MessageThe Group-Specific Query MessageThe Multicast QuerierIGMPv2 Message StructureNetwork Monitor ExampleIGMP Version 3 (IGMPv3)IGMPv3 Host Membership QueryIGMPv3 Host Membership Report
TCP/IP ProtocolRouting And Remote Access ServiceInterfaces in IGMP Router ModeInterfaces in IGMP Proxy ModeMulticast Group Members on IGMP Router Mode InterfacesMulticast Sources on IGMP Router Mode Interfaces
The Disadvantages of IPv4
Basics of IPv6 Address SyntaxTypes of AddressesTypes of Unicast AddressesGlobalLink-Local AddressesUnique Local AddressesIPv6 Interface IdentifiersDNS Support
IPv6ICMPv6Neighbor DiscoveryMulticast Listener Discovery
Introduction to UDP
Introduction to TCP
End Of Option List and No OperationMaximum Segment Size OptionTCP Window Scale OptionSelective Acknowledgment OptionThe SACK-Permitted OptionThe SACK OptionTCP Timestamps Option
The TCP Connection
Segment 1: The Synchronize (SYN) SegmentSegment 2: The SYN-ACK SegmentSegment 3: The ACK SegmentResults of the TCP Connection
Segment 1: The FIN-ACK from TCP Peer 1Segment 2: The ACK from TCP Peer 2Segment 3: The FIN-ACK from TCP Peer 2Segment 4: The ACK from TCP Peer 1
Controlling the TIME WAIT state in Windows Server 2008 and Windows Vista
Basic TCP Data Flow Behavior
Delayed AcknowledgmentsCumulative for Contiguous DataSelective for Noncontiguous Data
Send WindowSent/ACKed DataSent/UnACKed DataUnsent/Inside DataUnsent/OutsideSliding the Send WindowZero Send WindowReceive WindowRcvd/ACKed/Retr DataRcvd/ACKed/NotRetr DataRcvd/UnACKed DataNotRcvd/Inside DataNotRcvd/Outside DataSliding the Receive WindowShrinking the WindowReceive Window Auto-Tuning
The Nagle AlgorithmSilly Window SyndromeReceiver-Side SWS AvoidanceSender-Side SWS Avoidance
Slow Start AlgorithmCongestion Avoidance AlgorithmCompound TCPExplicit Congestion NotificationECN ExampleECN Support in WindowsLimited Transmit
Retransmission Time-Out and Round-Trip TimeCongestion Collapse
Retransmission Behavior for New ConnectionsDead Gateway DetectionForward RTO-RecoveryUsing the Selective Acknowledgment (SACK) TCP OptionUsing SACKs to Indicate Duplicate Received Packets
Using the TCP Timestamps OptionKarn’s AlgorithmKarn’s Algorithm and the Timestamps Option
Fast RecoverySACK-based Loss RecoveryNewReno Support for Fast Recovery
DHCP MessagesDHCP Message FormatDHCP Options
Obtaining an Initial LeaseRenewing a LeaseChanging SubnetsDetecting Unauthorized DHCP ServersUpdating DNS Entries
DNS MessagesDNS Name Query Request and Name Query Response MessagesDNS Update and Update Response Messages
Resolving Names to AddressesResolving Addresses to NamesResolving AliasesDynamically Updating DNSTransferring Zone Information Between DNS Servers
NetBT Name Service MessagesNetBIOS Name Service MessagesNetBIOS Name RepresentationQuestion RR Format
Resolving NetBIOS Names to IP AddressesRegistering NetBIOS NamesRefreshing NetBIOS NamesReleasing NetBIOS Names
RADIUS MessagesRADIUS Message StructureRADIUS AttributesVendor-Specific Attributes
Authentication of Network AccessAccounting of Network AccessRADIUS Proxy Forwarding
IPsec HeadersAuthentication HeaderAH Transport ModeAH Tunnel ModeEncapsulating Security Payload (ESP)ESP Transport ModeESP Tunnel Mode
ISAKMP SAIPsec SASecurity Parameters IndexCreating SAsMain ModeQuick Mode
ISAKMP HeaderSA PayloadProposal PayloadTransform PayloadVendor ID PayloadNonce PayloadKey Exchange PayloadNotification PayloadDelete PayloadIdentification PayloadHash PayloadCertificate Request PayloadCertificate PayloadSignature Payload
AuthIP MessagesAuthIP and IKE CoexistenceExamples of AuthIP and IKE NegotiationTwo Windows Vista-based IPsec Peers in Request ModeWindows Vista-based IPsec Peer in Request Mode and a Windows XP-based IPsec Peer in Request ModeWindows Vista-based IPsec Peer in Request Mode and a Windows XP-based IPsec Peer in Require Mode
PPTPPPTP Data EncapsulationPPTP Control ConnectionPPTP Control Connection CreationPPTP Control Connection MaintenancePPTP Control Connection Termination
L2TP/IPsec Data EncapsulationL2TP Control ConnectionL2TP Connection CreationL2TP Connection MaintenanceL2TP Connection Termination
SSTP-based VPN Connection Creation Process
Types of IP Addresses
Converting from Binary to DecimalConverting from Decimal to BinaryIP Addresses in the IP Header
A History Lesson: IP Address ClassesClass AClass BClass CAdditional Address ClassesClass DClass ERules for Enumerating Address PrefixesRules for Enumerating Usable Host IDsSubnets and the Subnet MaskThe Subnet MaskSubnet Masks in Dotted Decimal RepresentationPrefix Length Representation of Subnet MasksExpressing Address PrefixesDetermining the Address PrefixHow to SubnetStep 1: Determining the Number of Host BitsStep 2: Defining the Subnetted Address Prefixes (Binary Method)Step 2a: Enumerating the Subnetted Address Prefixes (Binary)Step 2b: Enumerating IP Address Ranges for Each Subnetted Address Prefix (Binary)Step 3: Defining the Subnetted Address Prefixes (Decimal Method)Step 3a: Enumerating the Subnetted Address Prefixes (Decimal)Step 3b: Enumerating IP Address Ranges for Each Subnetted Address Prefix (Decimal)All-Zeros and All-Ones SubnetsVariable-Length SubnettingExample of Variable-Length SubnettingReserve Half of the IP Addresses for Future UseObtain Three Address Prefixes with up to 8190 IP AddressesObtain 31 Address Prefixes with up to 254 IP AddressesObtain 64 Address Prefixes with only 2 IP AddressesVariable-Length Subnetting and RoutingSupernetting and CIDRViews on CIDR AllocationA Range of Class C Address prefixesAn Address SpaceCIDR and RoutingPublic and Private AddressesPublic AddressesIllegal or Overlapping AddressesPrivate AddressesAutomatic Private IP Addressing
Network BroadcastSubnet BroadcastAll-Subnets-Directed BroadcastLimited Broadcast
Mapping IP Multicast Addresses to MAC AddressesEthernet and Fiber Distributed Data InterfaceToken Ring
DHCPDNSGeneral Networking Concepts and TechnologiesIP SecurityIP Version 6L2TPMicrosoft Windows ArchitectureMicrosoft Windows Networking TechnologiesNetwork SecurityPPPRADIUSTCP/IPVirtual Private Networks

Content preview from Windows Server® 2008 TCP/IP Protocols and Services

IPsec and Security Associations

A security association (SA) is the combination of security services, protection mechanisms, and cryptographic keys mutually agreed to by communicating peers. The SA contains the information needed to determine how the traffic is to be secured (the security services and protection mechanisms) and with which secret keys (cryptographic keys). There are two types of SAs that are created when IPsec peers communicate securely: the Internet Security Association and Key Management Protocol (ISAKMP) SA and the IPsec SA.

ISAKMP SA

The ISAKMP SA, also known as the main mode SA, is used to protect IPsec security negotiations. The ISAKMP SA is created by negotiating the ciphersuite used for protecting future ISAKMP traffic, exchanging ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

MCTS 70-642 Cert Guide: Windows Server® 2008 Network Infrastructure, Configuring

Publisher Resources

ISBN: 9780735624474Supplemental Content Catalog Page Errata

Windows Server® 2008 TCP/IP Protocols and Services

by Joseph Davies

IPsec and Security Associations

ISAKMP SA

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

MCTS 70-642 Cert Guide: Windows Server® 2008 Network Infrastructure, Configuring

Self-Paced Training Kit (Exam 70-642): Configuring Windows Server® 2008 Network Infrastructure

MCTS Windows Server® 2008 Network Infrastructure Configuration: Study Guide

MCITP Windows Server® 2008 Server Administrator: Study Guide

Publisher Resources

IPsec and Security Associations

ISAKMP SA

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

MCTS 70-642 Cert Guide: Windows Server® 2008 Network Infrastructure, Configuring

Self-Paced Training Kit (Exam 70-642): Configuring Windows Server® 2008 Network Infrastructure

MCTS Windows Server® 2008 Network Infrastructure Configuration: Study Guide

MCITP Windows Server® 2008 Server Administrator: Study Guide

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.