Structure and functions of networks nodes

Don't use plagiarized sources. Get Your Custom Essay on
Structure and functions of networks nodes
Just from $13/Page
Order Essay

Physical and channel levels

Protocol and applied level of network

Splitting network on subnets

Installation of DHCP server

Installation of DNS, WINS, IIS servers

Local network of an enterprise covers 120 personal computers of users and 15 servers on the base of PC Intel platform, which are situated on the four floors of the office building.

Every floor is designed on the base of specification 100 BASE-TX, wiring is represented by cable UTP Cat 5e. Network’s speed is provided at the rate of 100 Mbps and network uses the same kind of Ethernet channel level packets. Besides client computers, network also contains printers. Maximum number of printers per floor is 10 items.

Switching is executed on each floor in wiring closet, one per floor. Wiring closets contain switchboards, patch -panels and 19″ UPS. The distance from closet to working area of client computers does not exceed 90 meters.

For providing high switching speed network uses HP procurve switch 2324 on 24 ports. Because the total number of connections is 40 and there has to be a reserve for future connections, the number of 48 ports would satisfy future requirements of the network. Both switches are connected by high speed channel of 1 Gbps by means of using special modules. All three floors have the same type equipment.

On the ground floor there is also Intel router in wiring closet. Switchboards of all floors are connected to this router and it is used for providing internet connection.

Access to resources and to network is realized on the base of TCP/IP protocol. It will be pointless to install additional protocols. Server computers use Windows 2000 Server as an operation system and all network services are installed and set up on this operation system.

NOTE in Windows 2000, memory is more important than ever. The minimum requirement for… Professional is 64MB, and 128MB is recommended. Windows 2000 Server has a minimum requirement of 128MB and 256MB recommended.”(from Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.18)

Security of network resources is provided by directory service Active Directory: “Active Directory is an essential and inseparable part of the Windows 2000 network architecture that improves on the domain architecture of the Windows NT® 4.0 operating system to provide a directory service designed for distributed networking environments. Active Directory lets organizations efficiently share and manage information about network resources and users. In addition, Active Directory acts as the central authority for network security, letting the operating system readily verify a user’s identity and control his or her access to network resources. Equally important, Active Directory acts as an integration point for bringing systems together and consolidating management tasks.

Combined, these capabilities let organizations apply standardized business rules to distributed applications and network resources, without requiring administrators to maintain a variety of specialized directories Active Directory provides a single point of management for Windows-based user accounts, clients, servers, and applications. It also helps organizations integrate systems not using Windows with Windows-based applications, and Windows-compatible devices, thus consolidating directories and easing management of the entire network operating system. Companies can also use Active Directory to extend systems securely to the Internet. Active Directory thus increases the value of an organization’s existing network investments and lowers the overall costs of computing by making the Windows network operating system more manageable, secure, and interoperable..” (from Active Directory Overview (

Moreover, managing and administrating large multi-domain networks is difficult. Because of this, Microsoft has introduced the Active Directory in Windows 2000. The Active Directory can replace NT domains, but also can serve as an upgrade” (Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.265)

OS Windows 9x or Windows 2000/XP Professional are used as clients which are the members of domain.

WINS-server is installed and is functioning on one server-computer for addressing to network resources and to computers by their NetBIOS names. DNS server is used for providing functioning of directory service ActiveDirectory and for providing access to internet. In order to automatize registration and other operations with IP addresses in local net, network uses authorized DHCP-server in the domain. Access to corporative data inside net and from its filials is provided by Web-server on the base of Internet Information Services.

Structure and functions of networks nodes

Physical and channel levels

Let’s take a closer look on the equipment and structure of physical and channel level. In local network on client computers network adapters of 100 Mbps are used, which work in the full duplex mode. Horizontal subsystem is designed by cable UTP Cat 5e in decorative boxes.

On each floor wiring closets installed. For design of network and connection of floor switchboards with central Intel router it was decided to use optical fiber cable and extension modules or cascading switches of HP series J4817A procurve switch 2324 (24 ports RJ45). The use of HP J4817A switches is the most advantageous decision in category price/quality if compare to such switches as Cisco, 3 com and Intel. In each wc of the floor two HP J4817A procurve switch 2324 switches are cascading, so reserve of ports is also planned for expanding network and adding client computers in future.

On the ground floor two decisions may be made, depending on the loading on server: connection servers into ports of switches RJ45 10/100 and connection to ports 1 Gbps through extension modules. The second decision is more advantageous for domain controller and file servers of network. For servers and internet services the speed of 100 Mbps would be enough.

Protocol and applied level of network

Local network uses several servers on the base of OS Windows 2000. In the research there would be developed recommendations and setup preferences for network services such as Active Directory, DNS, DHCP, WINS and IIS. For simplicity of realization, increasing security level and efficiency services are installed on different servers.

The first stage of installation-is installation of operation systems Windows 2000 Server. During installation Network preferences should be defined: Access service, Client of Microsoft Network, Protocol TCP/IP. Static addresses will be discussed later, now it’s important to mark that servers on which given services will be functioning must have static IP address. Services WINS and DHCP have to chosen for installation, IIS is setup by default, that’s why its installation has to be canceled everywhere and only be left on that server, where it’ll be functioning. DNS service will be installed with Active Directory later.

After installation of network servers Active Directory has to be installed by utility dcpromo: “use Active Directory promotion (Dcpromo.exe) to add domain controllers to Windows 2000 server forests.”(from How Dcpromo.exe Adds Display Specifiers to Active Directory Forests available on web: (

Domain’s name ELBRYN.COM is chosen for corporation. NetBIOS name of ELBRYN domain will be used by WINS service. After reloading domain’s controller we set servers of the domain by program System/Network identification. Using the same method later domain members-personal computers with Operation system Windows 2000/XP Professional are added. After reloading of servers it’s important to finish setting parameters of TCP/IP protocol of network connections of servers. Then addresses of DNS and WINS servers are added to all servers.

Splitting network on subnets

Local network uses IP addresses with networks address After splitting network on 4 subnets and connecting them through router it’s important to revise and redefine nets addresses.

For splitting network of 255 addresses on 4 ranges the following mask is used: which corresponds to binary value of 11111111.11111111.1111111.11000000 where first two bits are used for sub-nets addressing, and 6 ending bits are used for nodes addressing. So, every subnet may consist of (64-2=62) 62 functioning computers. First and last address of sub-net’s range cannot be used for nodes and one address of each range will be used by router’s port. So there are 61 available addresses for networks nodes. This quantity satisfies the task, as it was asked to connect up to 40 nodes (computers or printers) on the 1-3 floors and 45 nodes on the ground level.

For chosen splitting on 4 sub-nets the following sub-nets and rages are got:, addresses (third floor), addresses (second floor), addresses (first floor), addresses (ground level).

The last addresses of each range will be used for router’s port. These are the following addresses:,,,

Besides for domain controller the following address is used, server DHCP, server WINS, server IIS Also network will have the following feature: addresses starting from and ending with would be given by DHCP server to “rent.” So, there would be 230-193=37 addresses left, which is enough for 30 existing client computers.

Installation of DHCP server

For setting DHCP service corresponding equipment is launched and then the work of server in the domain ELBRYN is authorized. It order to do it, administrator has to log in the system on that server under user’s name, which is in the group Enterprise administrators or in the group Domain administrators. After server authorization four domains for giving and registration of addresses of clients are created. “If a physical LAN has more than one logical subnet, how can different groups of clients be allocated addresses on different subnets?

One way to do this is to preconfigure each client with information about what group it belongs to. A DHCP feature designed for this is the user class option. To do this, the client software must allow the user class option to be preconfigured and the server software must support its use to control which pool a client’s address is allocated from. (DHCP FAQ (

In order to create domain, wizard is used. In nets,, elimination range is used only from one (last) address of range, because it’s assigned to router’s port as it was mentioned above. All other nodes, including printers may be set up on automatic receiving of address from DHCP server: “as Most routers incorporate a DHCP server to automatically configure all the computers on your LAN. (Les Freed PC Magazine Guide to Home Networking p.41)

In the wizard for defining lock-router for clients the following addresses are defined. For example, for the third floor router’s address is used, for the second floor-, etc. In domain settings for all domains we define WINS addresses and DNS which were assigned and chosen above. In order to shorten traffic in the net, “rent” period is chosen to be 10 days. This period may be changed then if the importance will appear. For the ground floor elimination range will be between In the case of using new servers in future, last would have to be assigned additionally addresses from this range.

Because the server DHCP is installed in last subnet in its own segment it can serve only in its own segment, because while connected, client sends wide request for search of the DHCP server, which is not transmitted by router to other IP subnets. So first, three subnets do not have DHCP server in their segment. In order to organize automatic receiving of addresses in these segments Agent of retranslation has to be set up correctly in router. Agent has to administer three subnets:,, 208.32.16. 128. In properties of agent the following DHCP server address has to be defined: Agent receives wide client’s request for DHXCP search, Agent receives this message and readdresses it to server, further message exchange is executed with server by means of Agent.

Installation of DNS, WINS, IIS servers

As it was said above DNS server was set up with domain’s controller and ELBRYN.COM. zone is integrated into Active Directory. Server is used for permitting internet names in IP addresses. It receives clients’ requests on the interface For effective use of server it’s recommended to organize resending of non-recursive requests to DNS server of internet service provider. In order to keep actual client names in ELBRYN.COM zone dynamic update of nodes records of DNS with DHCP server has to be organized. So, when computer will be renamed, new record nodes will be created in ELBRYN.COM, zone automatically.

By default, the Domain Controllers (DCs) group has full control of all DNS zones and records. Because the DHCP Server service runs under the domain controller’s computer account, it has full control of all DNS zones and records. Because of this, the DHCP Server service has the authority to update or delete any DNS record that is registered in a secure Active Directory-integrated zone (this includes records that were securely registered by other Windows 2000-based computers, including domain controllers).

To minimize the potential of name hijacking, Microsoft does not recommend that you install the DHCP Server service configured to perform DDNS update on a DC. Instead, install the DHCP Server service on a separate server, and not a domain controller.” (from Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) on a Domain Controller (

In order the requests to be solved correctly by DNS server it’s essential to install and set reverse zones, which correspond to subnets created earlier:,,, So there are 4 zones of reverse viewing. They have to be created before the start of DHCP server’s work and before client computers start working, if it’s possible. In order to provide the work of WWW.andFTP servers, pseudo names are created (records of CNAME type:.”.. CNAME: The Value field gives the canonical name for a particular host; it is used to define aliases….” (from Peterson, Larry L. Computer Networks: A Systems Approach)) in zone ELBRYN.COM. In order clients to be able to call them by the addresses www.elbryn.comand

In order to check the settings and functioning of server, administrator can test it by entering its properties and clicking on test button. Also the work of the server can be checked by use of nslookup utility.

If the server is set up correctly, then resources can be called not by NetBIOS name but by DNS name of the computer. Lots of Windows 2000/XP applications use DNS names for working in domain, as Active Directory service is based on DNS service.

Server WINS doesn’t require additional settings after installation, because there are no other servers in the net and their replication is unnecessary, that’s why partners by replication are absent. Server is responsible for permitting NetBIOS names in IP addresses. Because all nets nodes are h-nodes (0x8) and they use WINS as default, so there have to be no nodes in the net that would use wide method of registration and permitting NetBIOS names. Such setting is provided by corresponding settings from DHCP server domain. Use of WINS allows organizing registration and permitting names in the net with several segments and decreases wide traffic in the net. It also eases the work of the master browser of network which is responsible for keeping the list of computers, domains and work groups. Master browser receives list of computers from the WINS server.

Server IIS is installed only on one server of the net: “Before installing IIS, the system must be configured securely and all extra components that could cause unauthorized access must be removed. (from Seth Fogie, Cyrus Peikari Securing Information Internet Serve.

In order to provide secure work of server in Internet, the default site is stopped and new site is created which works on port 80. All necessary documents and pages are hosted in the site folder on the hand with scenarios according to tasks. Then access of anonymous user is set permitted to folders of general use. Access of anonymous user is set denied to the folders of restricted use and NTFS permissions are set. On FTP sever all necessary documents and programs are hosted for general use with public access to data. As an additional security access to some virtual catalogs is set only for a definite range of addresses. it’s made in the properties of those virtual catalogs on the bookmark: security in the program Internet services dispatcher.


For the work with file servers and internet services there was chosen a net 100 BASE-TX, realized on commutators HP J4817A procurve switch 2324, cascaded by gigabyte connection channels. It allows realization of fast addressing to the resources and allows providing of a high speed of commutation. Network uses Intel router.

For net’s nodes there were chosen real names in the range 0-255 which is not effective and expensive solution according to the following reasons: Windows services need increased security and this solutions requires installation of Firewall on every computer or on the router, it also requires considerable means for the rent of internet addresses and there is no opportunity to “spy” use of internet resources and statistics. There exist an alternative variant which supposes the use of private addresses 192.168.x.x for nodes and real addresses on router. Also it’s important to organize publication of WWW, FTP services on router.

The use of Active Directory allows increasing the security of work in the net; it also allows to increase efficiency of resource management by means of centralized management and group policies. For every section or group of computers it’s important to create group policy and organize administration of users and computers: settings of working environment, software settings, restriction of access to network, restrictions of IpSec:.”.. performance that many have come to expect from NT Windows 2000 Professional offers these new and enhanced features: Internet protocol Security (IPSec) Windows file protection in the event that an application overwrites a a protocol standard for system file. encrypting IP packets..” (Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics p.102)

The use of DHCP server allowed to automatize IP address processes and parameters of TCP/IP protocol to net’s nodes and register the use of these addresses. After changing configuration of servers and routers it would be enough just to reset parameters of the following domain.

The use of WINS allowed decreasing client traffic, allows providing the work of nodes in different segments and ease net’s viewing for any Windows-clients.

During network’s exploitation, problems with domain controller are possible, that’s why there has to be a reserve domain’s controller. Weak unit of the network is also a router, that’s why Uninterruptible Power Supply unit and reserving of device will be needed as well. In order to avoid this type of problems it would be advantageous to connect all nodes only on switches, by 1 Gbit/sec channels through central switchboard. It will also allow fastening the work of the net as time won’t be spent on processing of encapsulated IP-packages in the frames of Ethernet.



Donald, Lisa MCSE 2000 JumpStart: Computer Network Basics Morgan Kaufmann 2003

Les Freed PC Magazine Guide to Home Networking Wiley 2004

Peterson, Larry L. Computer Networks: A Systems Approach Morgan Kaufmann 2003

Tanenbaum, Andrew S. Computer Networks, Fourth Edition Prentice Hall PTR 2002

Comer, Douglas E. Droms, Ralph E. Computer Networks and Internets, Fourth Edition Prentice Hall 2003

Panko, Raymond Corporate Computer and Network Security Prentice Hall 2003

Web resources:

Seth Fogie, Cyrus Peikari Securing Information Internet Serve available on web:

Installing Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) on a Domain Controller


How Dcpromo.exe Adds Display Specifiers to Active Directory Forests available on web:

Active Directory Overview available on web: