CCNA 1 Chapter 4 V4.0 Answers

CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
CCNA 1 Chapter 4 V4.0
Labels: CCNA 1 Chapter 4 V4.0
1) Which definition describes the term Internet?
a group of PCs connected together on a LAN
a group of PCs connected together by an ISP
* a network of networks that connects countries around the world
a worldwide collection of networks controlled by a single organization
2) What type of connection point is a point of presence (POP)?
between a client and a host
between two local networks
between a computer and a switch
* between an ISP and a home-based LAN
3) What is the term for the group of high-speed data links that interconnect ISPs?
Internet LAN
ISP backbone
Internet gateways
Internet providers
* Internet backbone
4) Which device can act as a router, switch, and wireless access point in one package?
hub
bridge
modem
repeater
* ISR
5) What are three characteristics of business class ISP service? (Choose three.)
* fast connections
* extra web space
free Windows upgrade
cheapest cost available to all users
* additional e-mail accounts
replacement hardware at no cost
6) What is a major characteristic of asymmetric Internet service?
Download speeds and upload speeds are equal.
Download speeds are slower than upload speeds.
* Upload speeds and download speeds are different.
Upload speeds and download speeds are irrelevant.
7) Which three elements are required to successfully connect to the Internet? (Choose
three.)
* an IP address
file sharing enabled
* a network connection
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
server services enabled
* access to an Internet service provider
an address obtained directly from the RIR
8) What term describes each router through which a packet travels when moving
between source and destination networks?
NOC
ISP
* hop
segment
9) What does the tracert command test?
NIC functionality
the ISP bandwidth
* the network path to a destination
the destination application functionality
10) What type of end-user connectivity requires that an ISP have a DSLAM device in
their network?
analog technology
cable modem technology
* digital subscriber line technology
wireless technology
11) Why would an ISP require a CMTS device on their network?
* to connect end users using cable technology
to connect end users using analog technology
to connect end users using wireless technology
to connect end users using digital subscriber line technology

12

Refer to the graphic. What type of cabling is shown?
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
STP
UTP
coax
*Fiber

13.Refer to the graphic. What type of cabling is shown?
STP
* UTP
coax
fiber
14) Which two places are most appropriate to use UTP cabling? (Choose two.)
between buildings
* in a home office network
where EMI is an issue
in a cable TV network
* inside a school building
in a manufacturing environment with hundreds of electrical devices
15) What does adherence to cabling standards ensure?
data security
no loss of signal
no electromagnetic interference
* reliable data communications

16. Refer to the graphic. What type of cable is shown?
* crossover
eight coax channels
multimode fiber
single-mode fiber
straight-through
17) What connector is used to terminate Ethernet unshielded twisted pair (UTP)
cabling?
ST
BNC
RJ-11
* RJ-45
18) Which two characteristics describe copper patch panels? (Choose two.)
uses RJ-11 jacks
* uses RJ-45 jacks
supports only data transmissions
* allows quick rearrangements of network connections
forwards transmissions based on MAC addresses
19) What are two advantages of cable management? (Choose two.)
requires no preplanning
* aids in isolation of cabling problems
* protects cables from physical damage
provides compliance with future standards
provides a short-term solution for cable installation
20) What are two common causes of signal degradation when using UTP cabling?
(Choose two.)
installing cables in conduit
CCNA Discovery 4.1 - CCNA Discovery Answers
http://ccna-discovery-4.blogspot.com/
* having improper termination
losing light over long distances
installing low quality cable shielding
* using low quality cables or connectors
21) What are three commonly followed standards for constructing and installing
cabling? (Choose three.)
* pinouts
* cable lengths
connector color
* connector types
cost per meter (foot)
tensile strength of plastic insulator

How to Configure Windows Server 2003 DNS Service

To configure the Windows Server 2003 DNS service by using the Configure DNS Server Wizard, follow these steps:

1. Click Start, point to Administrative Tools, and then click DNS to open the DNS MMC snap-in.
2. In the navigation pane, click the DNS Server object for your server, right-click the server object, and then click Configure a DNS server to start the Configure DNS server Wizard.
3. Click Next, click one of the following options, and then click Next:
   • Create a forward lookup zone (recommended for small networks)
     This server is authoritative for the DNS names for local resources but forwards all other queries to an ISP or other DNS servers. The Wizard will configure the root hints but not create a reverse lookup zone.
   • Create forward and reverse lookup zones (recommended for large networks)
     This server can be authoritative for forward and reverse lookup zones. It can be configured to perform recursive resolution, forward queries to other DNS servers, or both. The wizard configures the root hints.
   • Configure root hints only (recommended for advanced users only)
     The wizard configures the root hints only. You can configure forward and reverse lookup zones and forwarders later.
4. If you clicked Create a forward lookup zone or Create forward and reverse lookup zone in step 3, use one of the following procedures to complete the steps.

Create a Forward Lookup Zone

If you create a forward lookup zone, you can either use your server to maintain the zone, or use the Internet service provider’s (ISP) DNS to maintain the zone, in which case the local server maintains a copy of the zone downloaded from the ISP. The following procedure creates a forward lookup zone which is maintained by your server:

1. Click This server maintains the zone, and then click Next.
2. In the Zone name box, type the name of the zone. Make sure that the name is the same as the fully qualified domain name (FQDN) DNS domain name for which the zone is authoritative. Click Next.
3. Click one of the following three options:
   1. Click Allow only secure dynamic updates if the zone is integrated into Active Directory.
   2. Click Allow any dynamic updates for all other zones (that is, zones that are not necessarily integrated into Active Directory).
   3. Click Do not allow dynamic updates if all updates to this zone are to be made manually. Click Next.
4. Click Yes, it should forward queries to DNS servers with the following IP address to forward queries for names external to your network to another DNS server located elsewhere on the Internet. Typically, you use this option if you use your ISP’s DNS server for external name resolution queries. Type the forwarding DNS server’s IP address.If you do not want to resolve names outside your network by forwarding queries to an external server, click No, it should not forward queries. Click Next, and then click Finish.

Create Forward and Reverse Lookup Zones

To configure forward and reverse lookup zones, follow these steps:

1. Click Create forward and reverse lookup zones (recommended for large networks), and then click Next.
2. Click Yes, create a forward lookup zone now (recommended), and then click Next.
3. Click Primary zone, click to select the Store the zone in Active Directory (available only if DNS server is a domain controller) check box, and then click Next.
4. Click the appropriate replication scope option, and then click Next.
5. In the Zone name box, type the name of the zone. Make sure that the name is the same as the fully qualified domain name (FQDN) DNS domain name for which the zone is authoritative. Click Next.
6. Click one of the following three options:
   1. Click Allow only secure dynamic updates if the zone is integrated into Active Directory.
   2. Click Allow any dynamic updates for all other zones (that is, zones that may not be integrated into Active Directory).
   3. Click Do not allow dynamic updates if all updates to this zone are to be made manually.
   4. Click Next.
7. Click Yes, create a reverse lookup zone now, and then click Next.
8. Click Primary zone, click to select the Store the zone in Active Directory (available only if DNS server is a domain controller) check box, and then click Next.
9. Click the appropriate zone replication method, and then click Next.
10. Click Network ID, and then type the Network ID portion of your IP address that is exposed to the internet. For example, if your IP address is 10.10.10.10, and the subnet mask is 255.255.255.0, the network address portion of the IP address is 10.10.10. Click Next
11. Click the appropriate zone dynamic update method, and then click Next.
12. Click Yes, it should forward queries to DNS servers with the following IP address to forward queries for names external to your network to another DNS server located elsewhere on the Internet. Typically you would use this option if you use your ISP’s DNS server for external name resolution queries. Type the forwarding DNS server’s IP address in the space below.If you prefer not to resolve names outside your network by forwarding queries to an external server, click No, it should not forward queries. Click Next, and then click Finish.

How to Secure the ISA Server Computer with Security Configuration Wizard

The Microsoft Windows Server 2003 operating system with Service Pack 1 (SP1) includes an attack surface reduction tool called the Security Configuration Wizard (SCW). Depending on the server role you select, the SCW determines the minimum functionality required, and disables functionality that is not required.
When you install Windows Server 2003 SP1 on the ISA Server computer, you can install the SCW and use the wizard to harden the computer.
The SCW guides you through the process of creating, editing, applying, or rolling back a security policy based on the selected roles of the server. The security policies that are created with the SCW are .xml files that, when applied, configure services, network security, specific registry values, audit policy, and if applicable, Internet Information Services (IIS). The SCW includes a role for ISA Server computers.
To apply the appropriate ISA Server roles, perform the following steps

1. On the ISA Server computer, click Start, point to Administrative Tools, and then click Security Configuration Wizard.
2. In the Security Configuration Wizard, on the Welcome page, click Next.
3. On the Configuration Action page, select Create a new security policy.
4. On the Select Server page, in Server, type the name or IP address of the ISA Server computer.
5. On the Processing Security Configuration Database page, click Next.
6. On the Welcome page of the Role-based Service Configuration page, click Next.
7. On the Select Server Roles page, select the following, and then click Next:
   1. Select Microsoft Internet Security and Acceleration Server 2004, if you are hardening a computer running the ISA Server services (for ISA Server Enterprise Edition, an array member).
   2. Select Remote Access/VPN Server, if you will be using the ISA Server computer for virtual private network (VPN) functionality.
      
      
      On the Select Client Features page, select the default client roles, as appropriate. No special client roles are specifically required for hardening ISA Server. Then, click Next.
8. On the Select Administration and Other Options page, select the following options:
   1. Select Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition: Configuration Storage, if the Configuration Storage server is installed on this computer (for ISA Server Enterprise Edition only).
   2. Select Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition: Client installation share, if the Firewall Client share is installed on this computer.
   3. Select Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition: MSDE Logging, if ISA Server advanced logging options are installed on this computer.
   4. Select Remote Access Quarantine Agent, if you will enable quarantine for ISA Server. (You must have selected the Remote Access/VPN Server server role in step 7.)
9. On the Select Additional Services page, select the appropriate services and click Next.
10. Click Next until you finish the wizard.

Source : http://technet.microsoft.com/hi-in/library/cc302501(en-us).aspx

How to configure a remote access policy in Windows Server 2003

How to configure a remote access policy

By default, two remote access policies are available in Windows Server 2003:

• Connections to Microsoft Routing and Remote Access server
  This policy matches every remote access connection that is made to the Routing and Remote Access service.
• Connections to other access servers
  This policy matches every incoming connection, regardless of the network access server type.

Windows Server 2003 uses the Connections to other access servers policy only when one of the following conditions is true:

• The Connections to Microsoft Routing and Remote Access server policy is unavailable.
• The order of the policies has been changed.

To configure a new remote access security policy, follow these steps:

1. Click Start, point to Programs, point to Administrative Tools, and then click Routing and Remote Access.
2. Expand Server_Name, and then click Remote Access Policies. Note If you have not configured remote access, click Configure and Enable Routing and Remote Access on the Action menu, and then follow the steps in the Routing and Remote Access Server Setup Wizard.
3. Create a new remote access policy. The following example steps illustrate how to create a new remote access policy that explicitly grants remote access permissions to a specific user on certain days. This policy implicitly blocks access on other days.
   
   1. Right-click Remote Access Policies, and then click New Remote Access Policy.
   2. In the New Remote Access Policy Wizard, click Next.
   3. In the Policy name box, type Test Policy, and then click Next.
   4. On the Access Method page, click Dial-up, and then click Next.
   5. On the User or Group Access page, click User or Group, and then click Next. Note If you want to configure the remote access policy for a group, click Add, type the name of the group in the Enter Object Names To Select box, and then click OK.
   6. On the Authentication Methods page, make sure that only the Microsoft Encrypted Authentication version 2 (MS-CHAPv2) check box is selected, and then click Next.
   7. On the Policy Encryption Level page, click Next.
   8. Click Finish. A new policy named Test Policy appears in the Remote Access Policies node.
   9. In the right pane, right-click Test Policy, and then click Properties.
   10. In the Test Policy Properties dialog box, make sure that Grant remote access permission is selected.
   11. Click Edit Profile, click to select the Allow access only on these days and at these times check box, and then click Edit.
   12. Click Denied, click Monday through Friday from 8:00 A.M. to 4:00 P.M., clickPermitted, and then click OK.
   13. Click OK to close the Edit Dial-in Profile dialog box.
   14. Click OK to close the Test Policy Properties dialog box. The Test Policy policy is in effect.
   15. Repeat steps a through h to create another remote access policy named Test Block Policy.
   16. In the right pane, right-click Test Block Policy, and then click Properties.
   17. In the Test Block Policy Properties dialog box, click Deny remote access permission. The Test Block Policy policy is in effect.
4. Quit Routing and Remote Access.

How To Create a Roaming User Profile in Windows Server 2003

Creating a roaming user profile is a two-step process. First you create a test user profile, and then you copy the test user profile to a network server.

Create a Test Profile

To create a test profile for the roaming user, follow these steps:

1. Log on as Administrator.
2. Click Start, point to Administrative Tools, and then click Computer Management.
3. In the console tree, expand Local Users and Groups, and then click Users.
4. Right-click Users, and then click New User.
5. Type a name and password for the user.
6. Click to clear User must change password at next logon.
7. Click Create, and then click Close.
8. Quit the Computer Management snap-in.
9. Log off the computer.
10. Log on as the test user account that you created in step 7. A user profile is automatically created on the local computer in the drive:\Documents and Settings\username folder (where drive is the drive on which Windows is installed).
11. Configure the desktop environment, including appearance, shortcuts, and Start menu options.
12. Log off, and then log on as Administrator.

Copy the Test Profile

To copy the test profile to a network server, follow these steps:

1. Create a folder on a network drive in which you can store network profiles. For example:
   \\server_name\Profiles\user_name
2. Click Start, point to Control Panel, and then click System.
3. Click the Advanced tab, and then click Settings in the User Profiles section of theSystem Properties dialog box.
4. Under Profiles Stored On This Computer, click the profile for the user that you created in the “Create a Test Profile” section of this article, and then click Copy To.
5. In the Copy Profile To dialog box, type the network path to the folder.
6. Under Permitted to Use, click Change.
7. Type the name of the user account that you created in the “Create a Test Profile” section, and then click OK.
8. Click OK three times.
9. Click Start, point to Administrative Tools, and then click Computer Management.
10. In the console tree, expand Local Users and Groups, and then double-click Users.
11. Double-click the user account that you created in the “Create a Test Profile” section.
12. Click the Profile tab. In the Profile path box, type the path to the network profile folder. For example, type \\server_name\Profiles\user_name.
13. Click OK.
14. Quit the Computer Management snap-in.

NOTE: To make this profile mandatory, rename the Ntuser.dat file as Ntuser.man in the user’s profile folder.

NAT Configuration

NAT can be configured in various ways. In the example below, the NAT router is configured to translate unregistered (inside, local) IP addresses, that reside on the private (inside) network, to registered IP addresses. This happens whenever a device on the inside with an unregistered address needs to communicate with the public (outside) network.

• An ISP assigns a range of IP addresses to your company. The assigned block of addresses are registered, unique IP addresses and are called inside global addresses. Unregistered, private IP addresses are split into two groups. One is a small group (outside local addresses) that will be used by the NAT routers. The other, much larger group, known as inside local addresses, will be used on the stub domain. The outside local addresses are used to translate the unique IP addresses, known as outside global addresses, of devices on the public network. 

 

IP addresses have different designations based on whether they are on the private network (stub domain) or on the public network (Internet), and whether the traffic is incoming or outgoing.

• Most computers on the stub domain communicate with each other using the inside local addresses.
• Some computers on the stub domain communicate a lot outside the network. These computers have inside global addresses, which means that they do not require translation.
• When a computer on the stub domain that has an inside local address wants to communicate outside the network, the packet goes to one of the NAT routers.
• The NAT router checks the routing table to see if it has an entry for the destination address. If it does, the NAT router then translates the packet and creates an entry for it in the address translation table. If the destination address is not in the routing table, the packet is dropped.
• Using an inside global address, the router sends the packet on to its destination.
• A computer on the public network sends a packet to the private network. The source address on the packet is an outside global address. The destination address is an inside global address.
• The NAT router looks at the address translation table and determines that the destination address is in there, mapped to a computer on the stub domain.
• The NAT router translates the inside global address of the packet to the inside local address, and sends it to the destination computer.

NAT overloading utilizes a feature of the TCP/IP protocol stack, multiplexing, that allows a computer to maintain several concurrent connections with a remote computer (or computers) using different TCP or UDP ports. An IP packet has a header that contains the following information:

• Source Address - The IP address of the originating computer, such as 201.3.83.132
• Source Port - The TCP or UDP port number assigned by the originating computer for this packet, such as Port 1080
• Destination Address - The IP address of the receiving computer, such as 145.51.18.223
• Destination Port - The TCP or UDP port number that the originating computer is asking the receiving computer to open, such as Port 3021

The addresses specify the two machines at each end, while the port numbers ensure that the connection between the two computers has a unique identifier. The combination of these four numbers defines a single TCP/IP connection. Each port number uses 16 bits, which means that there are a possible 65,536 (2¹⁶) values. Realistically, since different manufacturers map the ports in slightly different ways, you can expect to have about 4,000 ports available.

Dynamic NAT and Overloading

Here's how dynamic NAT works:

• An internal network (stub domain) has been set up with IP addresses that were not specifically allocated to that company by IANA (Internet Assigned Numbers Authority), the global authority that hands out IP addresses. These addresses should be considered non-routable since they are not unique.
• The company sets up a NAT-enabled router. The router has a range of unique IP addresses given to the company by IANA.
• A computer on the stub domain attempts to connect to a computer outside the network, such as a Web server.
• The router receives the packet from the computer on the stub domain.
• The router saves the computer's non-routable IP address to an address translation table. The router replaces the sending computer's non-routable IP address with the first available IP address out of the range of unique IP addresses. The translation table now has a mapping of the computer's non-routable IP address matched with the one of the unique IP addresses.
• When a packet comes back from the destination computer, the router checks the destination address on the packet. It then looks in the address translation table to see which computer on the stub domain the packet belongs to. It changes the destination address to the one saved in the address translation table and sends it to that computer. If it doesn't find a match in the table, it drops the packet.
• The computer receives the packet from the router. The process repeats as long as the computer is communicating with the external system.

Here's how overloading works:

• An internal network (stub domain) has been set up with non-routable IP addresses that were not specifically allocated to that company by IANA.
• The company sets up a NAT-enabled router. The router has a unique IP address given to the company by IANA.
• A computer on the stub domain attempts to connect to a computer outside the network, such as a Web server.
• The router receives the packet from the computer on the stub domain.
• The router saves the computer's non-routable IP address and port number to an address translation table. The router replaces the sending computer's non-routable IP address with the router's IP address. The router replaces the sending computer's source port with the port number that matches where the router saved the sending computer's address information in the address translation table. The translation table now has a mapping of the computer's non-routable IP address and port number along with the router's IP address.
• When a packet comes back from the destination computer, the router checks the destination port on the packet. It then looks in the address translation table to see which computer on the stub domain the packet belongs to. It changes the destination address and destination port to the ones saved in the address translation table and sends it to that computer.
• The computer receives the packet from the router. The process repeats as long as the computer is communicating with the external system.
• Since the NAT router now has the computer's source address and source port saved to the address translation table, it will continue to use that same port number for the duration of the connection. A timer is reset each time the router accesses an entry in the table. If the entry is not accessed again before the timer expires, the entry is removed from the table.

In the next section we'll look at the organization of stub domains.

Stub Domains

Look at this table to see how the computers on a stub domain might appear to external networks.

Source Computer	Source Computer's IP Address	Source Computer's Port	NAT Router's IP Address	NAT Router's Assigned Port Number
A	192.168.32.10	400	215.37.32.203	1
B	192.168.32.13	50	215.37.32.203	2
C	192.168.32.15	3750	215.37.32.203	3
D	192.168.32.18	206	215.37.32.203	4

As you can see, the NAT router stores the IP address and port number of each computer in the address translation table. It then replaces the IP address with its own registered IP address and the port number corresponding to the location, in the table, of the entry for that packet's source computer. So any external network sees the NAT router's IP address and the port number assigned by the router as the source-computer information on each packet.
You can still have some computers on the stub domain that use dedicated IP addresses. You can create an access list of IP addresses that tells the router which computers on the network require NAT. All other IP addresses will pass through untranslated.
The number of simultaneous translations that a router will support are determined mainly by the amount of DRAM (Dynamic Random Access Memory) it has. But since a typical entry in the address-translation table only takes about 160 bytes, a router with 4 MB of DRAM could theoretically process 26,214 simultaneous translations, which is more than enough for most applications.
IANA has set aside specific ranges of IP addresses for use as non-routable, internal network addresses. These addresses are considered unregistered (for more information check out RFC 1918: Address Allocation for Private Internets, which defines these address ranges). No company or agency can claim ownership of unregistered addresses or use them on public computers. Routers are designed to discard (instead of forward) unregistered addresses. What this means is that a packet from a computer with an unregistered address could reach a registered destination computer, but the reply would be discarded by the first router it came to.
There is a range for each of the three classes of IP addresses used for networking:

• Range 1: Class A - 10.0.0.0 through 10.255.255.255
• Range 2: Class B - 172.16.0.0 through 172.31.255.255
• Range 3: Class C - 192.168.0.0 through 192.168.255.255

Although each range is in a different class, your are not required to use any particular range for your internal network. It is a good practice, though, because it greatly diminishes the chance of an IP address conflict.

Security and Administration

Implementing dynamic NAT automatically creates a firewall between your internal network and outside networks, or between your internal network and the Internet. NAT only allows connections that originate inside the stub domain. Essentially, this means that a computer on an external network cannot connect to your computer unless your computer has initiated the contact. You can browse the Internet and connect to a site, and even download a file; but somebody else cannot latch onto your IP address and use it to connect to a port on your computer.
In specific circumstances, Static NAT, also called inbound mapping, allows external devices to initiate connections to computers on the stub domain. For instance, if you wish to go from an inside global address to a specific inside local address that is assigned to your Web server, Static NAT would enable the connection.

 

Static NAT (inbound mapping) allows a computer on the stub domain to maintain a specific address when communicating with devices outside the network.

Some NAT routers provide for extensive filtering and traffic logging. Filtering allows your company to control what type of sites employees visit on the Web, preventing them from viewing questionable material. You can use traffic logging to create a log file of what sites are visited and generate various reports from it.

NAT is sometimes confused with proxy servers, but there are definite differences between them. NAT is transparent to the source and to destination computers. Neither one realizes that it is dealing with a third device. But a proxy server is not transparent. The source computer knows that it is making a request to the proxy server and must be configured to do so. The destination computer thinks that the proxy server IS the source computer, and deals with it directly. Also, proxy servers usually work at layer 4 (transport) of the OSI Reference Model or higher, while NAT is a layer 3 (network) protocol. Working at a higher layer makes proxy servers slower than NAT devices in most cases.

NAT operates at the Network layer (layer 3) of the OSI Reference Model -- this is the layer that routers work at.

A real benefit of NAT is apparent in network administration. For example, you can move your Web server or FTP server to another host computer without having to worry about broken links. Simply change the inbound mapping at the router to reflect the new host. You can also make changes to your internal network easily, because the only external IP address either belongs to the router or comes from a pool of global addresses.
NAT and DHCP (dynamic host configuration protocol ) are a natural fit. You can choose a range of unregistered IP addresses for your stub domain and have the DHCP server dole them out as necessary. It also makes it much easier to scale up your network as your needs grow. You don't have to request more IP addresses from IANA. Instead, you can just increase the range of available IP addresses configured in DHCP to immediately have room for additional computers on your network.

Multi-homing

As businesses rely more and more on the Internet, having multiple points of connection to the Internet is fast becoming an integral part of their network strategy. Multiple connections, known as multi-homing, reduces the chance of a potentially catastrophic shutdown if one of the connections should fail.
In addition to maintaining a reliable connection, multi-homing allows a company to perform load-balancing by lowering the number of computers connecting to the Internet through any single connection. Distributing the load through multiple connections optimizes the performance and can significantly decrease wait times.
Multi-homed networks are often connected to several different ISPs (Internet Service Providers). Each ISP assigns an IP address (or range of IP addresses) to the company. Routers use BGP (Border Gateway Protocol), a part of the TCP/IP protocol suite, to route between networks using different protocols. In a multi-homed network, the router utilizes IBGP (Internal Border Gateway Protocol) on the stub domain side, and EBGP (External Border Gateway Protocol) to communicate with other routers.
Multi-homing really makes a difference if one of the connections to an ISP fails. As soon as the router assigned to connect to that ISP determines that the connection is down, it will reroute all data through one of the other routers.
NAT can be used to facilitate scalable routing for multi-homed, multi-provider connectivity. For more on multi-homing, see Cisco: Enabling Enterprise Multihoming.

How to Configure DCHP in Windows 2003 Server

DHCP stands for Dynamic Host Configuration Protocol and it is designed for minimizing the Administration of the IP addresses in a big network. DHCP server can be setup with the appropriate and required settings in a computer network. A DHCP server can assign the IP address, gateway, DNS, DHCP, subnet mask, Router, Proxy server’s IP address from its predefined pool of the addresses. Once DHCP server has been configured, it automatically assigns the IP addresses to the client computers.

DHCP server holds a database of the IP addresses for a leased duration. Manual settings and changes in an enterprise network can be a nightmare. DHCP provides centralized control and management of your computer network.

Before your implement DHCP server in your network you need to review security issues, identify the range of the IP addresses, which you want to assign, determine the correct subnet mask, decide the duration of the leased addresses, identify the IP address of the router, gateway computer, DNS and WINS. This article will help you to setup and configure DHCP server in Windows 2003 Server.


In this Administrative tools of the Windows 2003 Sever perform the following actions.

Setup

* Click DHCP in the Administrative Tools or in the “Manager Your Servers” Window.
* In the Scope window, enter the scope name and description and click next.
* In the next window, you will be asked to define the range of the IP addresses that the scope will distribute to the network computers.
* Enter the start IP address, end IP address, length and subnet mask and click next.
* In the next Window, you will need to add exclusions i.e. you can add any IP addresses that you don’t want to be distributed to the network computers. After adding the range of the exclusive IP addresses click next. (You can assign the exclusive IP address manually to the company’s router, gateway or any other device. These IP addresses will not be distributed to the network computers.)
* In the next window, you need to enter the lease duration. It is recommended that you add longer lease duration for the fixed computer networks and the shorter leased time for the remote connections and Laptops.
* On the next screen, you will be given the choice to configure these options for the DHCP scope now or later. Check “Yes I want to configure these options now” and click next.
* On the next screen, you need to enter the Router’s IP address from the exclusive list, which we defined on the above steps. After you add the router’s address click next.
* In the next window, DNS settings can be entered i.e. IP address, domain name and server name.
* On the screen next to DNS, WINS server settings can be entered.
* On the next window, you need to activate the scope. Click “Yes I want to activate the scope now”.
* That’s all. You have successfully setup the DHCP in your Windows 2003 Server.

Configurations

After you have successfully setup the DHCP server, you may need to configure the multiple options based up the requirements of your network. For configuring the Exclusions after setting up the DHCP server, please follow the below steps.

In the DCHP main windows right click the Address Pool on the left side and click “Add Exclusions”. Here you can define the range of the IP addresses which you don’t want to distribute among the network computers.

If you want to reserve an IP address for a client computer, you can configure it by the following steps. For reserving the IP addresses for client computer, you need to know the MAC address of that client.

In the DHCP main window, right click Reservations in the left side. Provide the required parameters for fixing the IP addresses for the client computers.

You need to explore the various features of the DHCP server as you can configure multiple other options.