HOUR 15
Connecting to the Internet: Key Supporting Operations
What You’ll Learn in This Hour:
• Operations of the DNS
• How to obtain and manage domain names
• Private and public name servers
• How to obtain and manage IP addresses
• How to use DHCP
• How to build a website
In this hour, we examine several key (read: required) supporting operations to those described in Hour 14, “Connecting to the Internet: Initial Operations.” The first subject deals with the Internet Domain Name System (DNS). Next, the subject of Internet Protocol (IP) addressing (introduced in Hour 3, “Getting Data from Here to There: How Networking Works”) is examined in the context of providing guidance on obtaining addresses and using them to perform subnetting. As part of this subject, the Dynamic Host Configuration Protocol (DHCP) is examined. This hour closes with a discussion of the World Wide Web (Web), with some ideas on cost-effective ways to create your own website.
The DNS
The purpose of the DNS is to provide name server operations, which entails mapping (correlating) a user-friendly name to a routable address. This service is quite helpful because a user is not tasked with remembering the abstract address of a host computer with whom he wishes to communicate. Rather, the sending user need only know an easy-to-remember text-oriented value (a name) of the recipient. The name is keyed in during a session or “clicked” in a web or email window; then it’s relayed to a name server, which looks up and returns an associated address to the requester.
Now is the time to clear up a common error associated with names and addresses. If you were to ask me, “What’s your email address?” I would respond by giving you an email name, but not an email address. For example, one of the email names I use is [email protected]. This identifier is not an address. Consequently, the correct way to ask the question is, “What’s your email name?” Or, to be picky, “What’s your email domain name?”
On the other hand, my address, which in this situation is managed by GoDaddy.com (and changes with each logon) is an IP address (discussed in Hour 3). It’s much easier to deal with domain names than it is with IP addresses. Thus, the job of a name server is to store names, the associated addresses, and provide this information to the user community.
DNS is an extraordinary service. It allows the assignment of domain names to groups of users in the Internet community without regard to physical locations or addresses. One of my companies, IEI-Press.com, is located in Hayden, Idaho. Later, it might move to Santa Fe, New Mexico. All web names and associated websites use DNS names, so changes aren’t necessary for any of the names. Of course, I might change routing arrangements with IP addresses, but this aspect of the operations remains transparent to the general Internet user community. They don’t need to know my IP address to get traffic to me. They only need my domain name.
The DNS stores other information as well, such as a list of mail or file servers that are set up to service a specific Internet domain. In addition, authoritative name servers are established for each domain. These servers are responsible for keeping accurate information about names, addresses, other servers, and so on for their respective domains. With this approach, there’s no need for a central, Internet-wide server to keep track of these changes.
Domain Name Space
DNS is organized into a naming hierarchy; a general example is shown in Figure 15.1. The domain name space is the scheme used to identify domains that are at different levels in the DNS domain hierarchical tree. The domain name space also defines how the down-level names of hosts (meaning individual computers and other devices on a network) are determined. Each host on a network (such as the Internet) is identified with a fully qualified domain name (FQDN).
FIGURE 15.1 DNS hierarchy
The domain namespace is divided into different levels, or domains. (Domain names can be up to 63 characters in length and must begin with a letter of the alphabet.
Numerical entries and hyphens are also legal characters for domain names.) The domain namespace resembles an inverted tree. At the base of the DNS tree is the root domain. The Internet root domain is represented by a period.
The highest levels of DNS are the top-level domains (TLDs). These consist of suffixes such as .com and .edu. Two broad categories of TLDs exist. One category is the country code two-letter label, such as jp for Japan, and it’s designated as ccTLD. The other category is collectively called generic TLD (or gTLD). Following are some of the top-level domain names available. (You can go to www.icann.org/ for a complete list.)
• .com—Used by commercial organizations. For example, informit.com is the domain name for InformIT. One of my sites is UylessBlack.com.
• .edu—Reserved for educational institutions. For example, une.edu is the domain name of the University of New England.
• .org—Used by noncommercial organizations and institutions. For example, gsusa.org is the domain name of the Girl Scouts of America.
• .gov—Reserved by the United States for governmental entities. For example, senate.gov is the domain for the U.S. Senate.
• .net—To be used by companies involved in the Internet infrastructure, such as Internet service providers (ISPs).
• Country names—To be used by countries. Examples include bs for the Bahamas, ga for Gabon, and uk for the United Kingdom.
• .biz—Added to accommodate businesses.
• .info—Can be used for informational websites (or just about anybody looking for a domain name).
• .aero—For aerospace companies.
• .pro—Used by professional groups, such as lawyers and accountants.
Below the top-level domains are the second-level domains. These secondary domains consist of company, institutional, and private domains used to access a site on the Web, such as informit.com (InformIT’s domain name). Under the second-level domains are subdomains, which divide a larger secondary domain into geographical or functional units. For example, if I have a company that uses the secondary domain name of mydomain.com, and my business is divided into two distinct divisions (sales and admin), I could create two subdomains: sales.mydomain.com and admin.mydomain.com. The domain namespace and the second-level domains mentioned here are shown in Figure 15.1.
This example also shows how a high-level authority in the tree can assign to a lower level the responsibility for administering part of the name space. My zone of authority might start at mydomain.com and extend downward. My name server has responsibility for part of this zone. But, as the system administrator, I might want the sales and administrative departments to manage their own part of our DNS. These two departments receive a zone delegation from me; they then form delegated subzones.
Within each zone of authority, name servers are placed to manage the data. This data is organized into resource records (RRs), and contains specific information, such as domain name = IP address.
DNS Root Name Servers
Currently, 13 well-known root name servers reside in the Internet (see Table 15.1). The job of a root name server is to answer a DNS request and redirect the request to a specific TLD and its name server(s). The root name servers are configured to know the TLD servers, such as .com and .gov. In turn, each TLD has its own servers that know the next level down in the naming hierarchy.
Does this mean that each time we send an email, a query is sent to a root name server to obtain an associated IP address? Not at all. With rare exceptions, a local name server has already cached (stored) this information.
TABLE 15.1 DNS Root Name Servers
How DNS Works
Now that you have a feel for the DNS namespace, let’s look at how DNS resolves IP addresses to FQDNs and vice versa. First, there are two types of DNS servers: master and slave. (Be aware that not all vendors use these terms.) The master server, or the first DNS server you bring up on your network, stores the local name server database: records for each host that provides the hosts FQDN and the accompanying IP address. So as far as creating records and fine-tuning the database are concerned, this is done on the master DNS server. Because a master is responsible for a certain part of the DNS database, it’s referred to as the authoritative name server of its zone of authority.
A slave DNS stores a copy of the master DNS database. This operation not only provides two options for computers attempting to resolve FQDNs, but it adds some redundancy to the network. DNS service will continue even if the master DNS server goes down.
So, the DNS server will attempt to resolve FQDNs when requested by a network client (meaning a client in the DNS server’s zone of authority). The client computers are capable of making requests of the DNS server because of an entity called the resolver. The resolver is built into applications such as web browsers that execute FQDN to IP address resolution services.
When a client computer attempts to resolve an FQDN to an IP address, the resolver checks a local cache and determines if the FQDN-to-IP address resolution information is available. If the information is in the cache, the process is over and client computer resolves the FQDN to an IP address.
If the information isn’t available in the cache, the resolver software uses the IP address of the local DNS server, which is found in the client computer’s IP settings, and sends a request to this server.
When the name to be resolved is for a host that is on the local network, the DNS server looks up the name in the DNS database and returns the appropriate IP address to the requesting computer. If the name is for a computer not on the local domain, two things can happen: The name can be resolved using the cache that the local DNS server maintains, or the server caches or remembers hostnames that it has previously resolved with the help of other DNS servers (such as those on the Internet). If the information is in this cache, the DNS server provides it to the requesting client.
When the information isn’t cached on the DNS server, the DNS server contacts the server for the hostname’s top-level domain. The root server uses the hostname to determine the IP address of the authoritative DNS server for the domain that the particular host belongs. After this DNS server has the IP address of the other domain’s DNS server, it can query that server, which then supplies the FQDN-to-IP address resolution information. The local DNS server can then pass this information on to the original requesting host.
As mentioned, the client side of the operation is called a DNS resolver. It’s responsible for starting the query that leads to a translation of a domain name into an IP address. The name-to-address mapping might entail the checking of several name servers to find the needed information. However, because resolvers store most recently used information, the hit is usually local.
Getting a Domain Name
Before you can configure a DNS server, you need a domain name. Also, if your company is going to have a presence on the Internet (particularly the World Wide Web), you need a domain name.
You can apply for domain names that end in .com, .org, or .net by contacting a domain name registration provider. (Sites ending in two-letter country codes are handled by other providers.) Whether you choose to be a .com, .org, or .net depends on the type of business you’re conducting. Nonprofits use .org, whereas .com is best for most businesses. If the domain name you want to use isn’t available in the .com realm, you can take advantage of the new suffix .biz for your business domain name.
Several registration providers are available on the Web. Some vendors not only provide DNS registration and maintenance services, but also email, file storage, and website support. One of my providers is GoDaddy.com, which provides good service.
When you apply for your domain name, you also need to know how your domain will handle DNS services. Your options include deploying your own DNS servers; using the DNS servers provided by the ISP that’s connecting you to the Internet; using the servers at your web host provider; or simply using the servers provided by the company that sold you your domain name.
The cost of a domain name is quite nominal when you consider it can help increase the visibility of your company if used to establish your presence with a website. The fees for registering and maintaining your domain name vary among domain name registration providers. You should do a little research before you select a provider.
Also be advised that Internet Corporation for Assigned Names and Numbers (ICANN) limits the leasing of a particular domain name to 10 years. To find a list of ICANN-approved domain name providers, check out the ICANN site at www.internic.net.
Resource Records (RRs)
At the heart of a DNS name server are the resource records (RRs). The DNS standards define a variety of RRs. You and your team should check a vendor’s offerings to determine if the server software supports the RRs you need. Table 15.2 summarizes common RRs and their functions.
TABLE 15.2 Commonly Used RRs
Deploying DNS on the Network
All Network Operating Systems (NOSs) offer DNS support. You can add the DNS service to an existing network server (if it can handle the additional workload), or you can deploy a new server and add the DNS service as you initially load the NOS.
For a DNS server to operate correctly, you must configure it with at least one zone. The zone you create is called a forward lookup zone. A forward lookup zone allows for forward lookup queries, which allow a host to find the IP address using the hostname of a particular computer or device. (It finds the address because the DNS answers the host computer’s query.)
When you create the forward lookup zone, you must name it. The name of the zone will be the same as the DNS domain name for the portion of your network that this DNS server is authoritative. For example, if your DNS domain name for your portion of the network was marketing.mydomain.com, the zone name would be marketing.mydomain.com. If you have a network that operates at a higher level in the domain name space (no subdomain as in the marketing.mydomain.com example, where marketing is a subdomain), the forward lookup zone would be your domain name, such as mydomain.com.
When you deploy your DNS servers, you can set up a server that provides the DNS server and maintains the master copy of the DNS database. The forward lookup zone on that server is called the primary zone.
You can also deploy DNS servers that use a read-only replica of the primary zone database and are set up on the network to help the authoritative server for the zone. The replica zone used by these “helper” DNS servers is called the secondary zone.
You can also configure the authoritative DNS server with what’s called a reverse lookup. This type of zone resolves IP addresses to FQDNs (meaning that it does the reverse of a forward lookup zone). Reverse lookup zones are configured by entering the network ID of the network (which would be the network IP address provided by your ISP or another company that you acquired your IP address from). The resource record of PTR in Table 15.2 provides the information for reverse lookup.
IP Addresses
As discussed in Hour 3, IPv4 addresses consist of 32 bits of information and are written in dotted decimal notation consisting of four octets in the format x.x.x.x. We learned that the usable pool of these addresses has been divided into classes. For this hour, we expand on these topics.
Computers see IP addresses as a bit stream, meaning a stream of 1s and 0s. For example, the IP address 130.1.32.1 would be represented in binary notation as
10000010 00000001 00100000 00000001
Notice the bits have been divided into four groups of eight, or octets, just as the dotted decimal version of the address.
This is how you convert dotted decimal numbers to binary (bits). Each octet has 8 bits. The decimal value of the bits in an octet from left to right is
128 64 32 16 8 4 2 1
(As you see, the convention uses the base 2 numbering system.)
So, the decimal number 130 (the first octet in our address) is 128 + 2. This means that both the first bit (the 128 bit) and the seventh bit (the 2 bit) are turned on. (They’re represented by 1s in the binary format.) To convert the decimal to the binary, you mark the bits that are on with 1s and the rest with 0s. The result is 10000010.
Subnetting
If you and your design team are associated with a medium to large enterprise, it’s likely you’ll need to become familiar with subnetting. This term refers to the partitioning of a network into smaller parts. One reason for subnetting is to divide the traffic such that Ethernet packet collisions don’t create throughput and bottleneck problems. Routers are employed to manage the traffic and act as boundaries between the subnets, an idea shown in Figure 15.2. In this regard, subnetting limits an Ethernet collision domain to only part of a network.
FIGURE 15.2 Creating subnets with addresses
Subnetting also provides a means to use fewer IP addresses. A subnet, such as Subnet A in Figure 15.2, might have all its attached computers, servers, and so on (for example, 100 host machines) use a common set of high-order bits in the 32-bit IP address. This address prefix is sufficient to get all packets routed to these 100 machines. After all, they share the same prefix.
Thus, the router for Network Y could advertise to Network X, “You can reach—through me—any node whose IP address begins with 192.168. These first 16 bits are my network prefix length. You need not check the last 16 bits of the destination IP address in the packet header, because they’re private to me; they’re my host bits and are only meaningful to the subnets on which my hosts reside. You just forward all packets beginning with 192.168 to me. I’ll take care of those remaining 16 bits in my own routing tables.”
Thus, Network X doesn’t have to store 100 routing table entries for all those nodes sitting behind the router at Subnet A. It needs to store only one entry.
Subnetting is even more attractive than this simple example. Let’s assume that the 50 hosts in Subnet B share a common prefix, that of 192.169. Also, the 50 hosts in Subnet C share 192.170. Therefore, the router could advertise to Network X that all nodes with a prefix of 192 can be reached at this router, which is the actual example shown in Figure 15.2. In this admittedly simple illustration, by using the high-order digits in an address space, you can aggregate more and more addresses to one prefix. In this example, all 200 nodes have a prefix of 192. When the router at Network X receives a packet destined for 192, it doesn’t care about the remaining 24 bits in the address. That’s the concern of the router for Network Y.
Subnet Masks
How does the router at Network X know how long the prefix is, and therefore, how many bits it’s to examine in the destination address of an incoming packet? The answer is through the use of a subnet mask.
IP addresses don’t mean anything without an accompanying subnet mask. Devices on a network need to be capable of telling what part of the IP address is providing information related to which network the computer with a particular address is on. (Don’t forget the example and explanation for Figure 15.2.) The subnet mask determines this information. Devices on the network use the subnet mask to “mask” out the portion of the IP address that refers to the network (actually, the subnet) that the computer (or other device such as a router) is connected to.
Each class has a default subnet mask (with 1s defining the mask):
• Class A—255.0.0.0 or 11111111.00000000.00000000.00000000
• Class B—255.255.0.0 or 11111111.11111111.00000000.00000000
• Class C—255.255.255.0 or 11111111.11111111.11111111.00000000
If classful addresses are used, such as here, the mask can also identify both the network ID and the subnet ID. The network ID, such as 192 in Figure 15.2, represents the high-order (leading) bits that are common to all subnets associated with the network, such as your company’s entire routing domain and address space allocation.
Here’s an example of subnet mask operations, again using Figure 15.2 as a reference point with a slight alteration. The comparison of the mask to the IP address is performed with a bitwise AND process as follows:
This mask is aligned on an even octet boundary. It needn’t be, and it shouldn’t be if we’re attempting to exploit the flexibility of masking. Here, we alter the mask slightly:
Adding three bits to the mask extends the network/subnet space into the fourth octet of the IP address. Thus, the three high-order bits (base 10) values of 128, 64, and 32 equal 224. The host address has been constricted to the last five bits of the address space: in this case, a decimal value of 2.
I hope this level of detail about IP addresses and prefixes has done you more good than harm! At first glance, it’s not a simple subject, and it does require practice and experience to use subnetting effectively. The good news is that vendors’ equipment today contains a lot of software to help you with the task of setting up and managing IP addresses. Cisco and Microsoft, as examples, have done a fine job in providing the software and user manuals for the task at hand.
To that end, the next part of this hour discusses some more ideas about network addressing in the context of configuring them in your network.
Getting Your IP Addresses
The Internet Assigned Numbers Authority (IANA), which ICANN operates, is responsible for managing the allocation of IP addresses. IANA designates five regional Internet registries (RIRs) to oversee the management of IP addresses (address blocks) in specific regions of the world. If you want to obtain one or more IP addresses for public use, the typical approach is to work with your ISP or (in the United States) to contact the RIR known as the American Registry for Internet Numbers (ARIN). With either approach, you’ll then have other options, as described in the next section.
Many organizations choose to use private addresses, which the information technology (IT) staff typically manages. From Hour 3, we learned about the three classes of addresses:
• Class A—10.0.0.0 through 10.255.255.255
• Class B—172.16.0.0 through 172.31.255.255
• Class C—192.168.0.0 through 192.168.255.255
Configuring Network Devices with IP Addresses
One of the more important tasks for a network administrator is setting up an IP addressing plan. Part of this plan is to determine how many public IP addresses you need. As a general rule, you should “hide” your network and its machines from the public Internet. This means that your LAN will sit behind a firewall and a router (maybe in the same box). These devices (or device) require public addresses. The router performs address translation using NAT. If the firewall sits in front of the router, it also needs a public address. I strongly recommended you consult with your router or firewall vendor for guidance on your addressing plan.
One option for supplying hosts on the network with IP addresses is to configure each host with a static IP address and subnet mask. An alternative to static IP addressing is dynamically assigning IP addresses (and other Transmission Control Protocol/Internet Protocol [TCP/IP] configuration information) using the DHCP, which requires a network server to provide the service. DHCP clients on the network receive their IP addresses and subnet masks dynamically. We examine DHCP in more detail later in this hour.
Static IP Settings on Servers
Network servers that provide services such as DNS and DHCP (and other special servers such as web servers, mail servers, and in some cases print or file servers) are usually assigned a static IP address. It’s recommended you assign permanent IP addresses to machines providing critical services for the network, such as servers. For some nodes, such as DNS and DHCP servers, you must use static addresses.
Each NOS (and client OS platform for that matter) provides its own mechanism for configuring a computer with a static IP address and subnet mask. In most cases, the IP address and subnet mask can be configured during the installation of NOS on the server or can be configured after the installation has been completed.
Let’s look at configuring a server running Windows Server 2003. The TCP/IP settings are configured in the Internet Protocol (TCP/IP) Properties dialog box (which you access via the Local Area Connection Properties dialog box for the server). Figure 15.3 shows the Internet Protocol (TCP/IP) Properties dialog box.
The IP address and subnet mask aren’t the only information you must provide when configuring a computer, such as a server for IP. You must also supply the default gateway for the server, which is the router interface connected to the segment where the server resides.
FIGURE 15.3 Entering an IP address and subnet mask on a Windows server
Another piece of information you must include in the configuration is the IP address of the primary DNS server used for name resolution by the server. Large networks might deploy multiple DNS servers, so there’s also the option of providing alternative DNS server IP addresses. In the case of Windows networks, you might also be deploying WINS servers, so the IP address of the WINS server would need to be included as well in the TCP/IP configuration of the server.
On a Windows network that’s running pre-Windows 2000 clients, you might need to deploy a Windows Internet Naming Service (WINS) server. Legacy Windows desktop operating systems still use NetBIOS names as the “friendly” naming system for the computers (as opposed to DNS on newer versions of the Windows OS). This means that clients on the network can eat up a lot of bandwidth sending out broadcasts that resolve NetBIOS names to IP addresses. A WINS server takes care of the NetBIOS name-to-IP address resolution and vice versa, which cuts down on client broadcasts and frees up valuable network bandwidth. As discussed in previous hours, NetBIOS is rarely used today. It’s mentioned here for those who are using old systems.
For more about networking in the Windows environment, see Sams Teach Yourself Microsoft Windows Server 2003 in 24 Hours and Sams Teach Yourself Microsoft Windows Server 2008 in 24 Hours.
You can see that the TCP/IP configuration for a server requires more information than just the IP address and subnet mask. Configuring a server with an incomplete TCP/IP configuration is asking for communication problems between the server and the rest of your network.
DHCP
DHCP evolved from a protocol called BOOTP. BOOTP was used to assign IP addresses to diskless workstations. It did not assign IP addresses dynamically, however, but pulled them from a static BOOTP file that the network administrator created and maintained.
DHCP allows you to dynamically assign IP addresses to your network computers and other devices. IP addresses are taken from a pool of addresses and assigned to computers either permanently or for a fixed time. Considering that you must configure every client computer on an IP network with such things as an IP address, a subnet mask, a default gateway address, and a DNS server address, there’s a significant margin for error.
DHCP simplifies much of the drudgery that would be involved in manual assignments of IP addresses. Most Network Operating Systems (NOSs)—including Sun Solaris, the various Linux distributions, Novell NetWare, and Microsoft Windows Server 2003 and 2008—provide the DHCP service.
So, how does DCHP work? Let’s look at how a DCHP client (which is what you call a computer that is configured to receive its IP address dynamically) requests an IP address from a DHCP server.
When a DHCP client boots up for the first time, it must look for an IP address to use for its sessions. The client broadcasts a DHCPDISCOVER message, which is a request for an IP lease that is sent to all DHCP servers (addressed to 255.255.255.255, meaning all nodes on the network). This broadcast message contains the hostname of the client and the MAC hardware address (the address burned into the computer’s NIC) of the client.
In the next step, a DCHP server (or servers, if more than one is available) on the subnet responds with a DHCPOFFER message that includes an offered IP address, an accompanying subnet mask, and the length of the lease (that is, the length of time the address can be used). The message also contains the IP address of the DHCP server, identifying the server. The DHCPOFFER message is also in the form of a broadcast because the client doesn’t have an IP address at this point.
When the client receives the first DHCPOFFER message (it might receive multiple offers, but it goes with the first appropriate offer it receives), it broadcast a DHCPREQUEST message to all DHCP servers on the network, showing that it’s accepting an offer. This broadcast message contains the IP address of the DHCP server whose offer the client accepted. Knowing which DHCP server was selected enables the other DHCP servers on the network to retract their offers and save their IP addresses for the next requesting client.
Finally, the DHCP server that supplied the accepted offer broadcasts an acknowledgment message to the client, a DHCPPACK message. This message contains a valid IP address and other TCP/IP configuration information, which the client stores. For example, a client running a Windows operating system stores the TCP/IP configuration information in its Windows registry.
The DHCP server can also send to the client (a) addresses of DNS servers (preferred and alternate), (b) the IP address of the default gateway to the Internet, and (c) preferred and alternate WINS servers.
Configuring a Network Client for DHCP
Configuring a network client or server as a DHCP server is straightforward. A client (or server for that matter) provides a dialog box that allows you to configure settings related to the computer’s network connection.
For example, Figure 15.4 illustrates that the server being configured in the figure can be made a DHCP client by clicking on the Obtain an IP Address Automatically option button. That’s all there is to it. The computer then becomes a DHCP client.
FIGURE 15.4 Operating systems provide various GUIs that make it easy to configure the TCP/IP properties for the computer.
Other client and NOS platforms also typically provide a GUI that allows you to configure the computer as a DHCP client. Figure 15.4 shows the Ethernet Device dialog box on a computer running Linux Red Hat. Note that this dialog box gives you the option of configuring the computer as a DHCP client or as a static IP address.
A real time-saver related to deploying DHCP on your network is that most network clients are configured as DHCP clients by default. So you usually don’t have to configure TCP/IP on the clients. This allows you to spend your time setting up the pool of addresses and the other configuration settings that the DHCP server requires.
Deploying DHCP on the Network
The most practical (and time-effective) way to assign IP addresses, subnet masks, and other TCP/IP configuration information to network clients is via the DHCP. This means you have to configure a DHCP server on your network. Networks of any size—particularly those that are divided into subnets—might require multiple DHCP servers.
On routed networks, you can configure a server as a DHCP Relay Agent, which relays DHCP broadcasts to DHCP clients on other subnets. This allows you to forgo placing a DHCP server on every subnet. You might also have to configure the routers to pass the DHCP requests from the relay agents.
Most network platforms, including Windows Server 2003 and 2008, UNIX/Linux, and Novell NetWare, provide the DHCP service as part of their NOS. So you can configure DHCP in any NOS environment.
DHCP servers provide the IP address range (and the subnet mask to be used) to their clients based on the scope that the administrator configures on the DHCP server. The scope is the range of addresses to be assigned to the DHCP clients on the network. Figure 15.5 shows the New Scope Wizard on a server running Windows Server 2003. Notice that this screen allows you to enter the start and end IP address of the scope and the subnet mask to be used.
You can also configure exclusions from the scope, which allows you to configure a scope that contains your entire IP address pool. You can then exclude the addresses that you’ve assigned statically to the DHCP server and other servers or devices on the network, such as routers. Not only can you configure exclusions, but you can configure reservations—a reservation meaning that a particular device on the network, such as a print server, will always be assigned the same IP address. This is particularly helpful when users are employing the IP address of printer. (The IP address is dynamically assigned but it doesn’t change.)
When a server gives an IP address, subnet mask, and other TCP/IP configuration information to a DHCP client, it’s referred to as a lease. When you configure the DHCP server’s scope, you must also determine how long the IP addresses will be leased to the clients.
FIGURE 15.5 You must configure a scope on the DHCP server.
Lease time is up to you. Long leases can be a security liability because the IP addresses are static and might be discerned by a hacker monitoring network traffic. On the other hand, short leases cause a great deal of network traffic because of the broadcast messages and eat up network bandwidth. You’ll have to balance the use of your bandwidth with security considerations when setting the lease time.
Another consideration is related to the number of DHCP servers you deploy on the network. As mentioned, routed networks require DHCP servers on each subnet or the use of DCHP relay agents. Larger networks might also require that you use multiple DHCP servers to break up the total pool of addresses available. This also builds some redundancy into your network in case a DHCP server goes down. The other DHCP server on the network can pick up the slack and ensure that all the network DHCP clients have IP addresses.
The Web
The Web is considered by some people to be one of the most significant inventions of the past few centuries. I would not rank it ahead of the light bulb or the transistor, but it clearly has changed the way we do business, as well as how we play.
The term “Web” in the title has led to some confusion. Newcomers to the Web sometimes think it’s a network unto itself. It’s not. It runs over the Internet, and most of its activities take place in L_7 of the Internet/OSI model.
The architecture of the Web is based on a system that allows a user to access hypertext documents via the conventional TCP/IP protocol stack. Hypertext is text, but unlike conventional text, hypertext interlinks documents, images, videos, and so on. The term is meant to convey “more than just text.” This is evident when you place your mouse over a hyperlink. It might produce a bubble, a blowup with text; it might invoke the running of a video clip; or it might do nothing until you click on it.
We navigate through and around all this information using hyperlinks. A hyperlink, embedded in a document, is a reference to another part of the document—perhaps a different document, perhaps in a different computer, or even in a different network. The term “link” doesn’t refer to the L_2 links we’ve examined in this book, such as a DSL link or an Ethernet link. Rather, it refers to a logical navigational link. For example, when you click on a hyperlink, a web browser (software in L_7) “navigates” you to a different part of a document, a different part of a website, a different computer, or perhaps a different domain.
Yes, domain. The DNS is key to the proper functioning of the Web. And the Web uses a uniform resource locator (URL) to correlate a hyperlink to a domain name. For example, let’s assume that a hyperlink of uylessblack exists in a document on your computer screen. If you were to click on this name, it would use a uniform resource identifier (URI) to find where this resource is available and the L_7 protocol needed to retrieve it. Strictly speaking, uylessblack isn’t a complete URL. It’s a shorthand notation for say, UylessBlack.com. The reason for this notation is to simplify the text on the screen.
Let’s take another example. Maybe you key in “Uyless Black” in your search window. This isn’t a URL, but your browser (depending on the vendor) will examine the search window’s contents and translate it to a full URL. Currently, I am logged onto AOL. I just keyed in “Uyless Black.” The AOL software created this URL:
http://search.aol.com/aol/search?query=uyless+Black&s_it=spelling
The URL also includes a number of pages with links to websites about my work.
What does all this jargon have to do with making your computer network more effective? In the final analysis, it’s the DNS and TCP/IP that make the Web so effective. In fairness, we should also mention two other Internet specifications: HTML and HTTP.
HTML
The Hypertext Markup Language (HTML) is the code used to define the content and look of web documents. HTML code is stored in a text file that contains markup tags. These tags direct a web browser about how to display a page. This file can be created by using a conventional notepad or a word processing package. Here is an example of HTML code:
The first tag in the HTML document is <html>. This tag informs the browser about the start of an HTML document. The last tag in the document is </html>, which informs the browser of the end of the HTML document. The text between the <head> tag and the </head> tag is header information, which isn’t displayed by the browser. The text between the <title> tags is the title of the document, which is displayed by the browser. The text between the <body> tags is the text that will be displayed onscreen.
A lot of HTML tags must be written to translate into an attractive and effective website. I am, by heart and soul, a software programmer. But I know that writing code isn’t an effective or monetarily productive way for me to spend my waking hours. I no longer write code, and I don’t write HTML for my websites.
You can create a website even if you don’t know HTML. The tools for this task are called what you see is what you get (WYSIWYG) editors. You can use, say, Microsoft’s FrontPage or Macromedia’s Dreamweaver instead of writing a lot of HTML code.
HTTP
The Hypertext Transfer Protocol (HTTP) is used to retrieve hypertext documents that have been linked. HTTP relies on URLs to identify which resources it accesses and transports. It operates on a client/server model, with the client as the user (using a web browser) and the server as the website. The server stores HTML files.
HTTP operates in L_7 of the OSI model and uses TCP (not User Datagram Protocol [UDP]). The HTTP client initiates a request for, say, an HTML file. This request is usually a “Get” message, which asks the server to return a copy of the identified resource. In turn, the HTTP server is listening on port 80 for the request. Upon receiving the request, it responds with status information and the file. If a problem occurs, it returns an error message.
These operations appear simple and straightforward. But client/server architectures must account for users doing the following: (a) canceling a request; (b) clicking on a different request; (c) double- (triple-, quadruple-) clicking a hyperlink to initiate multiple requests. The HTTP standards describe why and how some of the HTTP commands (verbs) should be idempotent: multiple identical requests should have the same effect as only one request. The Internet Requests for Comment (RFCs) define the rules for achieving idempotent services.
Ideas for Establishing a Website
If you are well versed in and enjoy software programming, you might consider putting up your own site. By writing all the HTML tags, you’ll surely become an expert on the intricacies of web architecture. That stated, I recommend you avail yourself of the many packages and offerings from vendors. Let other companies do the coding for you.
This part of Hour 15 walks you through the tasks involved in setting up a website through shared hosting: contracting with a vendor to host your website. These explanations use Windows as examples. Linux and other systems have similar procedures.
To begin, we assume that you and your team have chosen a company to provide this service. Your first task is administrative: setting up an account. Typically, an end user license agreement is signed, followed by creating a username and password.
Next, if you’ve not already done so, your vendor asks for a domain name to be associated with your website. You must choose at least one name—ideally, one that reflects your company or your product. Also, it’s a small matter to associate more than one domain name with the same website, as long as the domain names have been registered with the Internet authorities. Usually, your web host vendor can help you with obtaining your domain names.
As part of the process, your domain name(s) are assigned to a name server. “Buying” domain names through various vendors is a highly competitive business, and the company through which you buy your domain name will most likely be the company that provides you with name servers. But that need not be the case. At any time, you can change the vendor who manages your domain name and charges you for the service.
You can check on your name servers by navigating to www.internic.net/whois.html and executing a Whois query on your domain name. My query on BlacksStreets.com revealed the following:
Domain Name: BLACKSSTREETS.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com
Name Server: NS41.DOMAINCONTROL.COM
Name Server: NS42.DOMAINCONTROL.COM
Server Name: NS41.DOMAINCONTROL.COM
IP Address: 216.69.185.21
Registrar: WILD WEST DOMAINS, INC.
Whois Server: whois.wildwestdomains.com
Referral URL: http://www.wildwestdomains.com
As part of the setup process, you’ll likely be asked if you have an SSL certificate that you want to apply to your site. This certificate (described in Hour 20, “Security,” in more detail) authenticates your website to visiting browsers. It’s a tool for building trust with your web users.
The hosting company maintains information on your account, which includes a variety of items, including IP addresses, domain names, security profiles, and of course, data on what services your web pages provide your users and how they appear on computer screens. These aspects of web hosting are known by names such as the hosting control center, or simply, “The Store.” Whatever they’re called, and depending on how well they’re designed, they can give you extensive, yet user-friendly control mechanisms for your website.
Rolling Your Own, Rolling with Templates, or Rolling with Your Vendor
A web host account comes in many colors. At one end of the spectrum is (a) your writing of HTML code and your uploading it to your web server. In the middle is (b) your using of vendor-provided templates or macros that translate to HTML code. At the other end of the spectrum is (c) your explaining to the vendor what you want with the vendor creating the HTML code from scratch.
I don’t recommend that you use a web provider and opt for (a). If you choose to roll your own, don’t bring in a third party to add to your expense. Besides, if the web provider has an ounce of sense, your code won’t be trusted in the first place!
But you can certainly write the HTML code and (depending on the web vendor) upload to the web server. If you so choose, open Windows Notepad and key in the HTML code. Then save your file as index.html. If you’re not using Windows Notepad, most software packages allow you to key in text and save it in an appropriate format to be acceptable to HTML. For example, Microsoft Word allows you to key in the code and then save it as an HTML file.
Whatever or whomever creates the HTML files must move them to your hosting account. If your vendor has done the coding, the files will be placed in the proper locations transparently to you. If you have the code, you’ll likely use FTP to move the files to your vendor’s servers. The vendor will provide you with this information.
After all this work, you should be in business. For testing, you can key in your web domain name, and your web home page should appear on your screen. If it doesn’t appear, or the images aren’t displayed correctly, take these actions. If you opted for (c), your hosting provider is at fault. Call and complain. If you opted for (a) or (b), chances are good that your HTML tags are faulty or the domain path isn’t correct. In either situation, you still need to work with your hosting vendor.
All the web hosting vendors with whom I’ve had experience furnish extensive statistics about visits to a website. If the site is selling online, the statistics include what and how much was sold. In addition, it’s relatively easy to set up hyperlinks to credit card companies or middlemen, such as PayPal. As well, most of these companies offer your “hosting account” email services. Some of them provide you tools to alter your web pages with simple screen entries. If you’re selling online, some allow you to dynamically change the products and prices from your computer.
Summary
This hour was devoted to Internet domain names, URLs, IP addresses, and the Web. To conclude this hour, we have good news and bad news. First, the good news: The vendor choices for hosting your website are many, with each offering an array of services. Second, the bad news: The vendor choices for hosting your website are many, with each offering a wide array of services.
Whom do you choose? In spite of the marketing and sales pitches of the web hosting vendor, the effectiveness of your website will rest on the ingenuity and creativity of the HTML programmer(s). How can you access this acumen before code is put to paper? You can’t. But you can gain a sense of the competency of the company by how it has interacted with you during your initial contacts. If alarm bells ring during this time, make sure you’ve not yet signed a contract.
Q&A
Q. What is an email address?
A. Strictly speaking, no such thing exists. It’s correctly called an email name (perhaps a screen name), which DNS then translates into an IP address. However, don’t look down on your friends if they use the term “email address.” It’s a commonly accepted term.
Q. Why might a computer configured with a static IP address not be communicating on the network?
A. A simple typo, such as an incorrect subnet mask or default DNS server IP address, can prevent a computer from communicating on a network. Always check your TCP/IP configuration for your device. When you’ve inadvertently used the same IP address on more than one device, neither device will be able to communicate on the network.
Q. How does the deployment of DHCP reduce TCP/IP configuration errors?
A. Because the DHCP server dynamically assigns IP addresses, subnet masks, and other TCP/IP-related information such as default gateways to nodes on the network, the possibility of errors related to statically entering this data on each computer is diminished.
Q. How should I determine the domain name that I want to register for my company?
A. Make the domain name descriptive of your organization. It can be the company name or a term that describes what the company does. The domain name should be easy to remember (long or complex domain names aren’t effective marketing strategies) and should be as unique as possible. Spend some time on the Web using a site that allows you to search for whether your domain name is available. You might also want to check out what types of companies have names similar to the one you want to use.