2.13. Identifying the Purpose of Network Services and Protocols
As mentioned earlier, protocols are rules of behavior that network services and applications follow. Each service or application is designed for a specific purpose. As important as it is that you know the port number of the most common network services, it's equally important that you understand the purpose of each of the services and what they bring to the network. In this section we identify the most common network services and protocols and describe their purpose.
2.13.1. Critical Information
You should be glad that you don't have to know every one of the services in an average network, because there are hundreds of them. You should, however, be able to list the most common of these services and their purpose in the network.
Be able to identify the purpose of the most common protocols and services. In addition, you should know how the protocols and services work together in the network. In the following sections, we discuss the most common network services and describe the purpose of each one.
2.13.1.1. Domain Name System (DNS)
Domain Name System (DNS), as its name implies, is a service that resolves names in a network. Specifically, DNS resolves hostnames to IP addresses. This is an important service because the IP addresses are then used to route packets into the correct network and finally to the correct computer or computers.
2.13.1.2. Network Address Translation (NAT)
Network Address Translation (NAT) is a service that translates one set of IP addresses to another set of IP addresses. NAT is most often used between a private network and the Internet, but it can also be used in other ways, such as to translate a group of global internal addresses to a group of global external addresses. NAT is a service that can be run on a computer, a router, or a specialized device that only provides network address translation.
2.13.1.3. Internet Connection Sharing (ICS)
Internet Connection Sharing (ICS) is a service that allows you to connect one computer (the host computer) to a network (such as the Internet) and then connect other computers to that computer to give them access to the Internet as well. ICS requires that the host computer contain two network interface cards. ICS can often act as a small DHCP server, issuing the clients an IP address. For example, if you have a small office that contains 10 client computers but no server, you can connect one host computer to the Internet and let the other computers connect to it to make their connection to the Internet.
2.13.1.4. Windows Internet Name Services (WINS)
Windows Internet Name Services (WINS) is a dynamic database that resolves NetBIOS names to IP addresses. It is used on Microsoft networks, but other clients can make use of a WINS database by employing a WINS proxy. NetBIOS names are registered by clients and servers in a Microsoft network and then used to determine the services that each computer can perform for the network. Microsoft networks can use multiple WINS servers for fault tolerance and load balancing.
2.13.1.5. Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is a management protocol that you can use to gather information about a network. SNMP can gather information about the servers, routers, switches, and other network equipment. Typically, a server is installed with SNMP management software and then devices can be installed with SNMP agent software. The agent software can be programmed by the management software to gather information about devices in the network and report it back to a centralized management information base (MIB). You can use SNMP software by itself on a commandline interface, or you can use third-party tools to make the process simpler.
2.13.1.6. Network File Systems (NFS)
Network File Systems (NFS) is a file system developed and used by Sun Microsystems that allows all network users to access shared files stored on computers of different types. NFS uses an interface called Virtual File Systems (VFS), which runs on top of the TCP/IP protocol suite. Users can work with the shared files as if they were stored locally on their hard disks. NFS standards are publicly available.
2.13.1.7. Zero Configuration (Zeroconf)
Zero Configuration (Zeroconf) is not intended for use on large networks, but it is a handy tool to use to form an ad hoc network to connect devices for a conference or meeting when tools to create a more proper configuration (such as Active Directory or DNS) are not available. Zeroconf should not be used if security is a concern, since it is very limited in this regard. Zeroconf can allocate addresses without a DHCP server and translate between domain names without a DNS server.
2.13.1.8. Server Message Block (SMB)
Server Message Block (SMB) is a message format used by DOS and Windows to share files, directories, and services. Many network products have used SMB in the past and continue to use SMB, including Windows for Workgroups, Windows NT, and LAN Manager. SMB is used as a "common denominator" by many products and applications to facilitate file sharing among different operating system platforms.
2.13.1.9. AppleTalk File Protocol (AFP)
AppleTalk File Protocol (AFP) is Apple's version of a client/server file sharing protocol to be used on an AppleTalk network. AFP servers and clients can talk to each other, but any other protocol first has to be translated to talk to an AFP client or server. AFP over TCP/IP allows Apple users to access AFP servers over TCP/IP networks.
2.13.1.10. Line Printer Daemon (LPD)
Line Printer Daemon (LPD) is software that is stored in a print server that receives the request to print from an LPR client and queues the file to be printed as soon as the print device becomes available. It was originally developed for Unix, but has since become the de facto cross-platform printing protocol.
2.13.2. Exam Essentials
Know the name resolution services. You should know the name resolution protocols and services that a network uses. DNS is used for hostname resolution and WINS is used for NetBIOS name resolution. You should also know when each of the name resolution services might be necessary in a network.
List the protocols used to share information in a network. You should know the major protocols that are used to share information in a network. SMB is primarily used for Microsoft networks but can be used by other platforms as well. NFS is used by Sun systems and AFP is used by Apple systems.
Understand the LPD printing protocol. The LPD printing protocol is the protocol that is used on print servers. It was first developed for use with Unix but has been adopted as a standard for remote printing. The client uses the LPR service and protocol to connect to print servers that use LPD.
Understand the SNMP management protocol. The SNMP protocol can be used to gather information about computers and other devices in a network. This protocol uses a management station to store data and agents to collect data. The SNMP protocol and service can be used by itself on a commandline interface or it can be incorporated into third-party software for easier use.
Describe the Zeroconf protocol. Zeroconf is a protocol that can be used in very small networks where security is not a concern. Zeroconf can allocate IP addresses without the use of a DHCP server and resolve hostnames without using a DNS server. Zeroconf is not considered secure and should not be used in an environment where security is a priority.