•What is an IP address?

A: Every machine on the Internet has a unique identifying number, called an IP Address

•What is a subnet mask?

A subnet mask allows you to identify which part of an IP address is reserved for the network, and which
part is available for host use.

A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network
address and host address

•What is ARP?

ARP is the Address Resolution Protocol. The ARP protocol maps addresses between the Data Link Layer
and the Network Layer of the OSI Model.

•What is ARP Cache Poisoning?

ARP  cache poisoning, also known as ARP spoofing, is the process of falsifying the source Media Access
Control (MAC) addresses of packets being sent on an Ethernet network.

•What is the ANDing process?

In order to determine whether a destination host is local or remote, a computer will perform a simple
mathematical computation referred to as an AND operation. While the sending host does this operation
internally, understanding what takes place is the key to understanding how an IP-based system knows
whether to send packets directly to a host or to a router.

•What is a default gateway? What happens if I don't have one?

A gateway is a node (a router) on a TCP/IP Network that serves as an access point to another network. ...

•What is an RFC? Name a few if possible (not necessarily the numbers, just the ideas behind them)

RFC is an acronym for Request for Comments and official documents from the Internet Engineering Task
Force (IETF) with an unlimited distribution

•What is DHCP? What are the benefits and drawbacks of using it?

DHCP minimizes configuration errors caused by manual IP address configurationDHCP minimizes

configuration errors caused by manual IP address configuration.

Reduced network administration

•What is the DHCPNACK and when do I get one? Name 2 scenarios.

Recently I saw a lot of queries regarding when the Microsoft DHCP server issues a NAK to DHCP clients.

For simplification purposes, I am listing down the possible scenarios in which the server should NOT issue a
NAK. This should give you a good understanding of DHCP NAK behavior.
 When a DHCP server receives a DHCPRequest with a previously assigned address specified, it first checks
to see if it came from the local segment by checking the GIADDR field. If it originated from the local
segment, the DHCP server compares the requested address to the IP address and subnet mask belonging
to the local interface that received the request.

DHCP server will issue a NAK to the client ONLY IF it is sure that the client, "on the local subnet", is asking
for an address that doesn't exist on that subnet.

The server will send a NAK EXCEPT in the following scenarios:-

1. Requested address from possibly the same subnet but not in the address pool of the server:-

This can be the failover scenario in which 2 DHCP servers are serving the same subnet so that when one
goes down, the other should not NAK to clients which got an IP from the first server.

2. Requested address on a different subnet:-

If the Address is from the same superscope to which the subnet belongs, DHCP server will ACK the
REQUEST.

•What ports are used by DHCP and the DHCP clients?

Requests are on UDP port 68, Server replies on UDP 67

•What is DHCPINFORM?

DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options. While PPP remote access
clients do not use DHCP to obtain IP addresses for the remote access connection, Windows 2000 and
Windows 98 remote access clients use the DHCPInform message to obtain DNS server IP addresses, WINS
server IP addresses, and a DNS domain name. The DHCPInform message is sent after the IPCP negotiation
is concluded.

The DHCPInform message received by the remote access server is then forwarded to a DHCP server. The
remote access server forwards DHCPInform messages only if it has been configured with the DHCP Relay
Agent..

•Describe the integration between DHCP and DNS.

Traditionally, DNS and DHCP servers have been configured and managed one at a time. Similarly, changing
authorization rights for a particular user on a group of devices has meant visiting each one and making
configuration changes. DHCP integration with DNS allows the aggregation of these tasks across devices,
enabling a company's network services to scale in step with the growth of network users, devices, and policies,
while reducing administrative operations and costs.

This integration provides practical operational efficiencies that lower total cost of ownership. Creating a DHCP
network automatically creates an associated DNS zone, for example, reducing the number of tasks required of
network administrators. And integration of DNS and DHCP in the same database instance provides unmatched
 consistency between service and management views of IP address-centric network services data.

Windows Server 2003 DNS supports DHCP by means of the dynamic update of DNS zones. By integrating DHCP
and DNS in a DNS deployment, you can provide your network resources with dynamic addressing information
stored in DNS. To enable this integration, you can use the Windows Server 2003 DHCP service.
The dynamic update standard, specified in RFC 2136: Dynamic Updates in the Domain Name System (DNS
UPDATE), automatically updates DNS records. Both Windows Server 2003 and Windows 2000 support dynamic
update, and both clients and DHCP servers can send dynamic updates when their IP addresses change.
Dynamic update enables a DHCP server to register address (A) and pointer (PTR) resource records on behalf of
a DHCP client by using DHCP Client FQDN option 81. Option 81 enables the DHCP client to provide its FQDN to
the DHCP server. The DHCP client also provides instructions to the DHCP server describing how to process DNS
dynamic updates on behalf of the DHCP client.
The DHCP server can dynamically update DNS A and PTR records on behalf of DHCP clients that are not
capable of sending option 81 to the DHCP server. You can also configure the DHCP server to discard client A
and PTR records when the DHCP client lease is deleted. This reduces the time needed to manage these records
manually and provides support for DHCP clients that cannot perform dynamic updates. In addition, dynamic
update simplifies the setup of Active Directory by enabling domain controllers to dynamically register SRV
resource records.
If the DHCP server is configured to perform DNS dynamic updates, it performs one of the following actions:

 The DHCP server updates resource records at the request of the client. The client requests the DHCP
server to update the DNS PTR record on behalf of the client, and the client registers A.

 The DHCP server updates DNS A and PTR records regardless of whether the client requests this action or
not.

By itself, dynamic update is not secure because any client can modify DNS records. To secure dynamic updates, you
can use the secure dynamic update feature provided in Windows Server 2003. To delete outdated records, you can
use the DNS server aging and scavenging feature.

what is the difference between dhcp and dns.

DHCP (Dynamic Host Configuration Protocol) is what your router or ISP uses to assign an IP address to
your computer. Without DHCP, you would have to manual assign an IP address to your computer.

DNS (Domain Name Service) is a service that takes seb site names like yahoo.com and converts them to
their IP addresses. A computer is unable to find a site by its name. It has to know what the IP address is.
Kind of like a mailman can not deliver your mail based only on your name. He has to be able to match that
name with your address.

•What options in DHCP do you regularly use for an MS network?

1. Automatic providing IP address

2. Subnet mask
3. DNS server
4. Domain name
5. Default getaway or router
•What are User Classes and Vendor Classes in DHCP?

Vendor-defined classes are used for managing DHCP options assigned to clients identified by vendor type.
User-defined classes are used for managing DHCP options assigned to clients identified by a common need
for a similar DHCP options configuration.
After defining an option class, individual scopes must be configured with any class-related options to be
provided to clients.

Create a New User or Vendor Option Class

1. Start DHCP Manager.

2. In the console tree, click the applicable DHCP server branch.
3. Right-click the server, and then click Define User Classes to create a new user class, or click
Define Vendor Classes to create a new vendor class.
4. Click Add.
5. In the New Class dialog box, type a descriptive identifying name for the new option in the Display
name box. You may also add additional information to the Description box.
6. Type in the data to be used by the DHCP Server service for matching the class ID provided by
DHCP clients under ID or ASCII. To enter the data as hexadecimal byte numeric values, click the
left side of the text box. To enter data as American Standard Code for Information Interchange
(ASCII) text character values, click the right side of the text box.
7. Click OK, and then click Close.

Configure a DHCP Scope with the New Class ID

1. In DHCP Manager, double-click the appropriate DHCP scope.

2. Right-click Scope Options and then click Configure Options.
3. Click Advanced.
4. Click to select the check box or boxes next to the features you want to use with the new vendor or
user class.
5. Click OK.

To Set the Specified DHCP Class ID String for Client Computers

Client computers that connect to a Windows 2000-based DHCP server can use the following command to
set the specified DHCP class ID string:
ipconfig /setclassid adapter_name class_id
 For example, to configure an adapter called "Local Area Connection" with a user class ID called
"myuserclass", type ipconfig /setclassid Local Area Connection myuserclass at a command prompt, and
then press ENTER.

This identifies the "Local Area Connection" interface to receive the DHCP options configured for
"myuserclass" on the DHCP server.

NOTE: Class IDs in ASCII are case sensitive, and must match the class identifying data entered in the Edit
Class dialog box used to create the new user or vendor option class.

For additional information about DHCP, click the article number below to view the article in the Microsoft
Knowledge Base:

169289  (http://support.microsoft.com/kb/169289/EN-US/ ) DHCP (Dynamic Host Configuration Protocol)

Basics

•How do I configure a client machine to use a specific User Class?

The command to configure a client machine to use a specific user class is

ipconfig /setclassid "<Name of your Network card>" <Name of the class you created on DHCP and you
want to join (Name is case sensitive)>

Eg: ipconfig /setclassid " Local Area Network" Accounting

•What is the BOOTP protocol used for, where might you find it in Windows network infrastructure?

BootP (RFC951) provides

* a unique IP address to the requester (using port 67) similar to the DHCP request on port 68 AND
* can provide (where supported) the ability to boot a system without a hard drive (ie: a diskless client)

Apple OS X 10.* Server supports BootP (albeit) renamed as NetBoot. The facility allows the Admin to
maintain aselected set of configurations as boot images and then assign sets of client systems to share(or
boot from) that image. For example Accounting, Management, and Engineering departments have
elements in common, but which can be unique from other departments. Performing upgrades and
maintenanceon three images is far more productive that working on all client systems individually.

Startup is obviously network intensive, and beyond 40-50 clients, the Admin needs to carefully subnet the
infrastructure, use gigabit switches, and host the images local to the clients to avoid saturating the
network. This will expand the number of BootP servers and multiply the number of images, but the
productivity of 1 BootP server per 50 clients is undeniable :)
 Sunmicro, Linux, and AIX RS/600 all support BootP. Todate, Windows does not support booting "diskless
clients".
•DNS zones – describe the differences between the 4 types.

Dns zone is actual file which contains all the records for a specific domain.

i)Forward Lookup Zones :-

This zone is responsible to resolve host name to ip.

ii)Reverse Lookup Zones :-

This zone is responsible to resolve ip to host name.

iii)Stub Zone :-

Stubzone is read only copy of primary zone.but it contains only 3 records viz

the SOA for the primary zone, NS record and a Host (A) record.

•DNS record types – describe the most important ones.

A (Host) Classic resource record. Maps hostname to IP(ipv4)

PTR Maps IP to hostname (Reverse of A (Host)

AAAA Maps hostname to ip (ipv6)

Cname Canonical name, in plain English an alias.such as Web Server,FTP Server, Chat Server

NS Identifies DNS name servers. Important for forwarders

MX Mail servers, particularly for other domains.MX records required to deliver internet email.

_SRV Required for Active Directory. Whole family of underscore service, records, for example, gc = global
catalog.

SOA Make a point of finding the Start of Authority (SOA) tab at the DNS Server.
For more knowledge

Srv records :- A SRV or Service Record is a category of data in the DNS specifying information on available
services. When looking up for a service, you must first lookup the SRV Record for the service to see which
server actually handles it. Then it looks up the Address Record for the server to connect to its IP Address.

Authoritative Name Server [NS] Record :-A Zone should contain one NS Record for each of its own DNS
servers (primary and secondary). This mostly is used for Zone Transfer purposes (notify). These NS Records
have the same name as the Zone in which they are located.
 SOA :-This record is used while syncronising data between multiple computers.A given zone must have
precisely one SOA record which contains Name of Primary DNS Server,Mailbox of the Responsible
Person,Serial Number: Used by Secondary DNS Servers to check if the Zone has changed. If the Serial
Number is higher than what the Secondary Server has, a Zone Transfer will be initiated,Refresh Interval:
How often Secondary DNS Servers should check if changes are made to the zone,Retry Interval: How often
Secondary DNS Server should retry checking, if changes are made - if the first refresh fails,Expire Interval:
How long the Zone will be valid after a refresh. Secondary Servers will discard the Zone if no refresh could
be made within this interval.Minimum (Default) TTL: Used as the default TTL for new Records created
within the zone. Also used by other DNS Server to cache negative responses (such as Record does not exist,
etc.).

•Describe the process of working with an external domain name?

If you host Web sites on this server and have a standalone DNS server acting as a primary
(master) name server for your sites, you may want to set up your control panel's DNS server to
function as a secondary (slave) name server:

To make the control panel's DNS server act as a secondary name server:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode.
3. Specify the IP address of the primary (master) DNS server.
4. Click Add.
5. Repeat steps from 1 to 5 for each Web site that needs to have a secondary name server
on this machine.

To make the control panel's DNS server act as a primary for a zone:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode. The original resource records for the zone will be
restored.

If you host Web sites on this server and rely entirely on other machines to perform the Domain
Name Service for your sites (there are two external name servers - a primary and a secondary),
switch off the control panel's DNS service for each site served by external name servers.

To switch off the control panel's DNS service for a site served by an external name server:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch Off the DNS Service in the Tools group. Turning the DNS service off for
the zone will refresh the screen, so that only a list of name servers remains.

Note: The listed name server records have no effect on the system. They are only presented on
the screen as clickable links to give you a chance to validate the configuration of the zone
maintained on the external authoritative name servers.
 1. Repeat the steps from 1 to 3 to switch off the local domain name service for each site
served by external name servers.

If you wish to validate the configuration of a zone maintained on authoritative name servers:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Add to the list the entries pointing to the appropriate name servers that are authoritative
for the zone: click Add, specify a name server, and click OK. Repeat this for each name
server you would like to test.

The records will appear in the list.

1. Click the records that you have just created. Parallels Plesk Panel will retrieve the zone
file from a remote name server and check the resource records to make sure that
domain's resources are properly resolved.

•Describe the importance of DNS to AD.

When you install Active Directory on a server, you promote the server to the role of a domain
controller for a specified domain. When completing this process, you are prompted to specify a
DNS domain name for the Active Directory domain for which you are joining and promoting the
server.If during this process, a DNS server authoritative for the domain that you specified either
cannot be located on the network or does not support the DNS dynamic update protocol, you are
prompted with the option to install a DNS server. This option is provided because a DNS server is
required to locate this server or other domain controllers for members of an Active Directory
domain

•Describe a few methods of finding an MX record for a remote domain on the Internet.

In order to find MX Records for SMTP domains you can use Command-line tools such as
NSLOOKUP or DIG. You can also use online web services that allow you to perform quick
searches and display the information in a convenient manner.

•What does "Disable Recursion" in DNS mean?

In the Windows 2000/2003 DNS console (dnsmgmt.msc), under a server's Properties -> Forwarders tab is
the setting Do not use recursion for this domain. On the Advanced tab you will find the confusingly similar
option Disable recursion (also disables forwarders).

Recursion refers to the action of a DNS server querying additional DNS servers (e.g. local ISP DNS or the
root DNS servers) to resolve queries that it cannot resolve from its own database. So what is the difference
between these settings?

The DNS server will attempt to resolve the name locally, then will forward requests to any DNS servers
specified as forwarders. If Do not use recursion for this domain is enabled, the DNS server will pass the
query on to forwarders, but will not recursively query any other DNS servers (e.g. external DNS servers) if
the forwarders cannot resolve the query.
 If Disable recursion (also disables forwarders) is set, the server will attempt to resolve a query from its
own database only. It will not query any additional servers.

If neither of these options is set, the server will attempt to resolve queries normally:
... the local database is queried
... if an entry is not found, the request is passed to any forwarders that are set
... if no forwarders are set, the server will query servers on the Root Hints tab to resolve queries beginning
at the root domains.

•What could cause the Forwarders and Root Hints to be grayed out?

Win2K configured your DNS server as a private root server

•What is a "Single Label domain name" and what sort of issues can it cause?

Single-label names consist of a single word like "contoso".

• Single-label DNS names cannot be registered by using an Internet registrar.
• Client computers and domain controllers that joined to single-label domains require additional
configuration to dynamically register DNS records in single-label DNS zones. • Client computers
and domain controllers may require additional configuration to resolve DNS queries in single-
label DNS zones.
• By default, Windows Server 2003-based domain members, Windows XP-based domain
members, and Windows 2000-based domain members do not perform dynamic updates to
single-label DNS zones.
• Some server-based applications are incompatible with single-label domain names. Application
support may not exist in the initial release of an application, or support may be dropped in a
future release. For example, Microsoft Exchange Server 2007 is not supported in environments in
which single-label DNS is used.
• Some server-based applications are incompatible with the domain rename feature that is
supported in Windows Server 2003 domain controllers and in Windows Server 2008 domain
controllers. These incompatibilities either block or complicate the use of the domain rename
feature when you try to rename a single-label DNS name to a fully qualified domain name.

•What is the "in-addr.arpa" zone used for?

•What are the requirements from DNS to support AD?

When you install Active Directory on a member server, the member server is promoted to a domain
controller. Active Directory uses DNS as the location mechanism for domain controllers, enabling
computers on the network to obtain IP addresses of domain controllers.

During the installation of Active Directory, the service (SRV) and address (A) resource records are
dynamically registered in DNS, which are necessary for the successful functionality of the domain
controller locator (Locator) mechanism.

To find domain controllers in a domain or forest, a client queries DNS for the SRV and A DNS resource
records of the domain controller, which provide the client with the names and IP addresses of the domain
 controllers. In this context, the SRV and A resource records are referred to as Locator DNS resource
records.

When adding a domain controller to a forest, you are updating a DNS zone hosted on a DNS server with
the Locator DNS resource records and identifying the domain controller. For this reason, the DNS zone
must allow dynamic updates (RFC 2136) and the DNS server hosting that zone must support the SRV
resource records (RFC 2782) to advertise the Active Directory directory service. For more information
about RFCs, see DNS RFCs.

If the DNS server hosting the authoritative DNS zone is not a server running Windows 2000 or Windows
Server 2003, contact your DNS administrator to determine if the DNS server supports the required
standards. If the server does not support the required standards, or the authoritative DNS zone cannot be
configured to allow dynamic updates, then modification is required to your existing DNS infrastructure.

For more information, see Checklist: Verifying DNS before installing Active Directory and Using the Active
Directory Installation Wizard.

Important

• The DNS server used to support Active Directory must support SRV resource records for the Locator
mechanism to function. For more information, see Managing resource records.

• It is recommended that the DNS infrastructure allows dynamic updates of Locator DNS resource records
(SRV and A) before installing Active Directory, but your DNS administrator may add these resource records
manually after installation.

After installing Active Directory, these records can be found on the domain controller in the following
location: systemroot\System32\Config\Netlogon.dns

•How do you manually create SRV records in DNS?

Go to run ---> dnsmgmt.msc

rightclick on the zone you want to add srv record to and choose "other new record"
and choose service location(srv).....

•Name 3 benefits of using AD-integrated zones.

1. you can give easy name resolution to ur clients.

2. By creating AD- integrated zone you can also trace hacker and spammer by creating reverse zone.

3. AD integrated zoned all for incremental zone transfers which on transfer changes and not the entire zone.
This reduces zone transfer traffic.

4. AD Integrated zones suport both secure and dmanic updates.

5. AD integrated zones are stored as part of the active directory and support domain-wide or forest-wide
replication through application pertitions in AD.
•What are the benefits of using Windows 2003 DNS when using AD-integrated zones?

DNS supports Dynamic registration of SRV records registered by a Active Directory server or a domain
controller during promotion. With the help of SRV records client machines can find domain controllers in
the network.

1. DNS supports Secure Dynamic updates. Unauthorized access is denied.

2. Exchange server needs internal DNS or AD DNS to locate Global Catalog servers.

3. Active Directory Integrated Zone. If you have more than one domain controller (recommended) you
need not worry about zone replication. Active Directory replication will take care of DNS zone replication
also.

4. If your network use DHCP with Active Directory then no other DHCP will be able to service client
requests coming from different network. It is because DHCP server is authorized in AD and will be the
only server to participate on network to provide IP Address information to client machines.

5. Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both SRV record registration
and Dynamic Updates.

Using Microsoft DNS gives the following benefits:

If you implement networks that require secure updates.
If you want to take benefit of Active Directory replication.
If you want to integrate DHCP with DNS for Low-level clients to register their Host records in Zone
database.

•You installed a new AD domain and the new (and first) DC has not registered its SRV records in DNS. Name a few
possible causes.

•What are the benefits and scenarios of using Stub zones?

One of the new features introduced in the Windows Server 2003-based implementation of DNS
are stub zones. Its main purpose is to provide name resolution in domains, for which a local DNS
server is not authoritative. The stub zone contains only a few records: - Start of Authority (SOA)
record pointing to a remote DNS server that is considered to be the best source of information
about the target DNS domain, - one or more Name Server (NS) records (including the entry
associated with the SOA record), which are authoritative for the DNS domain represented by the
stub zone, - corresponding A records for each of the NS entries (providing IP addresses of the
servers). While you can also provide name resolution for a remote domain by either creating a
secondary zone (which was a common approach in Windows Server 2000 DNS implementation)
or delegation (when dealing with a contiguous namespace), such approach forces periodic zone
 transfers, which are not needed when stub zones are used. Necessity to traverse network in
order to obtain individual records hosted on the remote Name Servers is mitigated to some
extent by caching process, which keeps them on the local server for the duration of their Time-
to-Live (TTL) parameter. In addition, records residing in a stub zone are periodically validated
and refreshed in order to avoid lame delegations.

•What are the benefits and scenarios of using Conditional Forwarding?

The benefits are speed up name resolution in certain scenarios. According to research that is
forwarded to the correct server or with specific speed. And down where DNS queries are sent in
specific areas.

•What are the differences between Windows Clustering, Network Load Balancing and Round Robin, and scenarios
for each use?

I will make a few assumptions here: 1) By "Windows Clustering Network Load Balancing" you mean
Windows Network Load Balancing software included in Windows Server software a.k.a NLB., and 2) By
Round Robin, you mean DNS Round Robin meaning the absence of a software or hardware load balancing
device, or the concept of the Round Robin algorithm available in just about every load balancing solution.

Microsoft NLB is designed for a small number (4 - 6) of Windows Servers and a low to moderate number
of new connections per second, to provide distribution of web server requests to multiple servers in a
virtual resource pool. Some would call this a "cluster", but there are suttle differences between a clustered
group of devices and a more loosely configured virtual pool. From the standpoint of scalability and
performance, almost all hardware load balancing solutions are superior to this and other less known
software load balancing solutions [e.g. Bright Tiger circa 1998].

DNS Round Robin is an inherent load balancing method built into DNS. When you resolve an IP address
that has more than one A record, DNS hands out different resolutions to different requesting local DNS
servers. Although there are several factors effecting the exact resulting algorithm (e.g. DNS caching, TTL,
multiple DNS servers [authoritative or cached]), I stress the term "roughly" when I say it roughly results in
an even distribution of resolutions to each of the addresses specified for a particular URL. It does not
however, consider availability, performance, or any other metric and is completely static. The basic RR
algorithm is available in many software and hardware load balancing solutions and simply hands the next
request to the next resource and starts back at the first resource when it hits the last one.

NLB is based on proprietary software, meant for small groups of Windows servers only on private
networks, and is dynamic in nature (takes into account availability of a server, and in some cases
performance). "Round Robin", DNS or otherwise, is more generic, static in nature (does not take into
account anything but the resource is a member of the resource pool and each member is equal), and ranges
from DNS to the default static load balancing method on every hardware device in the market .

•How do I work with the Host name cache on a client computer?

•How do I clear the DNS cache on the DNS server?

In the command window type "ipconfig /flushdns"

•What is the 224.0.1.24 address used for?

•What is WINS and when do we use it?

WINS is windows internet name service who is use for

resolved the NetBIOS(computer name)name to IP address.This
is proprietary for Windows.You can use in LAN.
DNS is a Domain Naming System, which resolves Host names to
IP addresses. It uses fully qualified domain names. DNS is
an Internet standard used to resolve host names.
 

•Can you have a Microsoft-based network without any WINS server on it? What are the "considerations" regarding
not using WINS?

Yes, you can. WINS was designed to speed up information flow about the Windows workstations
in a network. It will work without it, and most networks do not utilize WINS servers anymore
because it is based on an old protocol (NetBUI) which is no longer in common use

•Describe the differences between WINS push and pull replications.

To replicate database entries between a pair of WINS servers, you must configure each WINS server as a pull
partner, a push partner, or both with the other WINS server.

 A push partner is a WINS server that sends a message to its pull partners, notifying them that it has
new WINS database entries. When a WINS server's pull partner responds to the message with a
replication request, the WINS server sends (pushes) copies of its new WINS database entries (also
known as replicas) to the requesting pull partner.
 A pull partner is a WINS server that pulls WINS database entries from its push partners by requesting
any new WINS database entries that the push partners have. The pull partner requests the new WINS
database entries that have a higher version number than the last entry the pull partner received during
the most recent replication.

•What is the difference between tombstoning a WINS record and simply deleting it?

Simple deletion removes the records that are selected in the WINS console only from the local WINS
server you are currently managing. If the WINS records deleted in this way exist in WINS data replicated
to other WINS servers on your network, these additional records are not fully removed. Also, records that
are simply deleted on only one server can reappear after replication between the WINS server where
simple deletion was used and any of its replication partners.

Tombstoning marks the selected records as tombstoned, that is, marked locally as extinct and immediately
released from active use by the local WINS server. This method allows the tombstoned records to remain
present in the server database for purposes of subsequent replication of these records to other servers.
When the tombstoned records are replicated, the tombstone status is updated and applied by other WINS
servers that store replicated copies of these records. Each replicating WINS server then updates and
tombstones.
•Name the NetBIOS names you might expect from a Windows 2003 DC that is registered in WINS.

•Describe the role of the routing table on a host and on a router.

•What are routing protocols? Why do we need them? Name a few.

•What are router interfaces? What types can they be?

•In Windows 2003 routing, what are the interface filters?

•What is NAT?

In computer networking, the process of network address translation (NAT, also known as network
masquerading or IP-masquerading) involves re-writing the source and/or destination addresses of IP packets
as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a
private network to access the Internet using a single public IP address. According to specifications, routers
should not act in this way, but many network administrators find NAT a convenient technique and use it widely.
Nonetheless, NAT can introduce complications in communication between hosts.

 NAT(Network Address Translation) is most commonly used by broadband routers. NAT allows the
router to assign non-publically routable IP addresses to the computers on the network. When these
computers access the Internet, NAT modifies the request from the PC with the publically routable
address assigned to the router itself. This allows the request for a web page or whatever to get to it's
destination. When the request is answered, NAT receives the return and forwards it to the PC on the
network that originally requested it.

•What is the real difference between NAT and PAT?

In computer networking, network address translation (NAT, also known as network masquerading, native
address translation or IP masquerading) is a technique of transceiving network traffic through a router
that involves re-writing the source and/or destination IP addresses and usually also the TCP/UDP port
numbers of IP packets as they pass through. Checksums (both IP and TCP/UDP) must also be rewritten to
take account of the changes. Most systems using NAT do so in order to enable multiple hosts on a private
network to access the Internet using a single public IP address (see gateway). Nonetheless, NAT can
introduce complications in communication between hosts and may have a performance impact.

Port Address Translation (PAT) {also known as Network Address Port Translator (NAPT)}

Port Address Translation (PAT) is a feature of a network device that translates TCP or UDP
communications made between hosts on a private network and hosts on a public network. It allows a
single public IP address to be used by many hosts on the private network, which is usually called a Local
Area Network or LAN.

A PAT device transparently modifies IP packets as they pass through it. The modifications make all the
packets which it sends to the public network from the multiple hosts on the private network appear to
originate from a single host - the PAT device - on the public network.
 Translation method that allows the user to conserve addresses in the global address pool by allowing
source ports in TCP connections or UDP conversations to be translated. Different local addresses then map
to the same global address, with port translation providing the necessary uniqueness. When translation is
required, the new port number is picked out of the same range as the original following the convention of
Berkeley Standard Distribution (SD).

This prevents end stations from seeing connection requests with source ports apparently corresponding to
the Telnet, HTTP, or FTP daemon, for example. As a result, Cisco IOS PAT supports about 4000 local
addresses that can be mapped to the same global address.

•How do you configure NAT on Windows 2003?

•How do you allow inbound traffic for specific hosts on Windows 2003 NAT?

•What is VPN? What types of VPN does Windows 2000 and beyond work with natively?

•What is IAS? In what scenarios do we use it?

•What's the difference between Mixed mode and Native mode in AD when dealing with RRAS?

•What is the "RAS and IAS" group in AD?

•What are Conditions and Profile in RRAS Policies?

•What types or authentication can a Windows 2003 based RRAS work with?

•How does SSL work?

•How does IPSec work?

•How do I deploy IPSec for a large number of computers?

•What types of authentication can IPSec use?

•What is PFS (Perfect Forward Secrecy) in IPSec?

•How do I monitor IPSec?

•Looking at IPSec-encrypted traffic with a sniffer. What packet types do I see?

•What can you do with NETSH?

•How do I look at the open ports on my machine?

The next article in this series will cover Active Directory questions!