Upload
panos-l-karvounis
View
219
Download
0
Embed Size (px)
Citation preview
8/3/2019 The Role of Domain Controllers
1/18
The Role of Domain Controllers
A domain controller holds a replica of the Active Directory directory for the domain to which it belongs.
It is also responsible for managing that directory.
The domain controller is responsible for replicating all changes made to their
Active Directory replica to the remainder of the domain controllers within the
domain.
Domain controllers also manage access to network resources in the
domain. They locate Active Directory objects, authenticate access to these objects,
validate user logon attempts, and authenticate user passwords
Domain controllers track user account information through Security Identifiers
(SIDs). a user attempts to log on to the system, a request to authenticate the useris sent to each domain controller within the domain.
Multiple domain controllers provide fault tolerance in your Active Directory
environment. In the Windows NT domain model, no changes could be made to the
domain database when the primary domain controller was unavailable.
Domain controllers also integrate with network services such as DNS, DHCP,
Kerberos security, and Remote Access. This in turn facilitates centralized
management and security.
Considerations for Multiple Domain Controllers
The number of domain controllers which are needed within your domain are determined by the
following factors:
The number of users in the domain
The number of computers in the domain
The application requirements in the domain
The level of fault tolerance required for the domain - at least two domain controllersshould exist in the domain.
http://www.tech-faq.com/what-is-dns.htmlhttp://www.tech-faq.com/what-is-dns.html8/3/2019 The Role of Domain Controllers
2/18
How to create the first domain controller
Use the steps below to create a domain controller
1. Log on to the member server that you want to configure as a domain controller
2. Click Start, click Run, and enter dcpromo in the Run dialog box. Click OK.
3. This action starts the Active Directory Installation Wizard.
4. On the initial Welcome page of the wizard, click next.
5. On the Operating System Compatibility page, click Next.
6. On the Domain Controller Type page, you are prompted to choose one of the options listed
below. Click Next after you have selected the appropriate option.
7. The options available on the Create New Domain Page are listed below. Once you have
made the appropriate selection, click Next
8. On the New Domain Name page, you have to enter the fully qualified domain name(FQDN) of the new domain. Click Next
9. On the NetBIOS Domain Name page, you have to verify whether the default NetBIOS
domain name should be used. You can accept the default name by clicking Next.
10. On the Database and Log Folders page, you have to specify a location for the Active
Directory database, and specify a location for the Active Directory log files. The locations that
you specify should preferably exist on an NTFS volume. Click Next.
11. On the Shared System Volume page, you need to specify the location of the SYSVOL
folder. This folder has to be located on a NTFS volume. Click Next.
12.On the DNS Registration Diagnostics page, you can choose one of the following options:
13. On the Permissions page, you have to choose the default permissions for user and group
objects.
14. On the Directory Services Restore Mode Administrator Password page, you have to enter
the appropriate password in the two password text boxes.
15. The Summary page lists all the configuration settings that you have specified while
navigating through the various pages of the Active Directory Installation Wizard. Once you
have verified that the correct settings have been specified, click Next
16.At this stage, the Active Directory Installation Wizard installs Active Directory.
17. On the Completing the Active Directory Installation Wizard page, click Finish. If this is the
first domain controller, it is placed in the Default-First-Site-Name default site.
8/3/2019 The Role of Domain Controllers
3/18
Backing up Domain Controllers
1. Log on to the domain
2. Click Start, All Programs, Accessories, System Tools, and then click Backup.
3.When the Welcome To The Backup Or Restore Wizard page opens, click Next.
4. In the Backup Or Restore page, choose the Backup Files And Settings option. Click Next.
5. When the What To Back Up page opens, choose the Let Me Choose What To Back Up
option. Click Next.
6. In the Items To Back Up page, select System State. Click Next.
7. When the Backup Type, Destination, And Name page opens, choose the appropriate option
in the Select The Backup Type box.
8. Choose the location for the backup in the Choose A Place To Save Your Backup box.
9. Enter a name for the backup job in the Type A Name For This Backup box. Click Next.
10. Click the Advanced button on the Completing The Backup Or Restore Wizard page.
11. When the Type Of Backup page opens, choose the Normal option for the backup type.
Click Next.
12. In the How To Back Up page, it is recommended to select the Verify Data After Backup
option.
13. If hardware compression is supported, and you are using a tape mechanism, click the Use
Hardware Compression, If Available option. Click Next.
14. When the Backup Options page opens, choose Replace The Existing Backups, and choose
Allow Only The Owner And The Administrator Access To The Backup Data And To Any Backups
Appended To This Medium. Click Next.
15. Select the Now option in the When To Back Up page. Click Next.
16. Click Finish
17. Click the Report button on the Backup Progress page to view a report on the backup job
just completed
Restoring Domain Controllers
When you restore system state data, including Active Directory to a domain controller, you basically
have to decide on the method of restore to perform. System state data can be restored on the domain
controller by one of the following methods:
Nonauthoritative restore: When a nonauthoritative restore is performed, Active
Directory is restored from backup media on the domain controller. This information is then
updated during replication from the other domain controllers. The nonauthoritative restore
method is the default method to restore system state data to a domain controller
Authoritative restore: In an authoritative restore, Active Directory is installed to the
point of the last backup job. This method is typically used to recover Active Directory objects
that were deleted in error. An authoritative restore is performed by first performing a
nonauthoritative restore, and then running the Ntdsutil utility prior to restarting the server.
You use the Ntdsutil utility to indicate those items that are authoritative. Items that are
marked as authoritative are not updated when the other domain controllers replicate to the
8/3/2019 The Role of Domain Controllers
4/18
particular domain controller. Instead, these items are replicated to the other domain
controllers.
How to restore system state data on a domain controller nonauthoritativerestore
1. Restart the local computer
2. During startup, press F8 to access the Windows Advanced Options.
3. Proceed to choose Directory Services Restore Mode. Press Enter
4. Choose the operating system that should be started at the Please Select The Operating
System To Start prompt. Press Enter
5. Log on to the domain using an account with Administrator privileges.
6. Click OK when a message appears stating that Windows is running in safe mode.
7. Click Start, All Programs, Accessories, System Tools, and then click Backup.
8. When the Welcome To The Backup Or Restore Wizard page opens, click Next.
9. In the Backup Or Restore page, choose the Restore Files And Settings option. Click Next.
10. On the What To Restore page, choose the data that should be restored. Click Next.
11. Verify that the media that contains the backup file is in the proper place.
12. Click Finish to start the nonauthoritative restore.
13. Click OK when a message appears stating that the restore will overwrite existing system
state data.
14. When the restore process completes, restart the computer.
How to restore system state data on a domain controller authoritative
restore method
1. You first have to perform a nonauthoritative restore of the system state data to the
domain controller. This restore method was outlined in the preceding section.
2. Proceed to restart the computer.
3. During startup, press F8 to access the Windows Advanced Options.
4. Proceed to choose Directory Services Restore Mode. Press Enter
5. Choose the operating system that should be started at the Please Select The Operating
System To Start prompt. Press Enter
6. Log on to the domain using an account with Administrator privileges.
7. Click OK when a message appears stating that Windows is running in safe mode.
8. Click Start, and then Command Prompt.
9. Enter and run Ntdsutil.
10. From the Ntdsutil: prompt, insert the following: authoritative restore. Press Enter
11. The authoritative restore: prompt opens next. This is where you specify what you want to
restore through its distinguished name. For example, if you want to restore an object, enter
restore object. To restore the Active Directory database, enter restore database.
12. Push Enter for the authoritative restore to start.
13. Enter quit to exit out of Ntdsutil.
14. Restart the domain controller and reconnect it to the network.
8/3/2019 The Role of Domain Controllers
5/18
15.All changes from the other domain controllers that were not marked as authoritative are
replicated to this particular domain controller. The changes that are marked as authoritative
are replicated from this particular domain controller to the remainder of the domain
controllers.
What is DHCP?
The DHCP is engaged in assigning unique dynamic IP addresses and the corresponding subnet
masks and default gateways to TCP/IP running computers within a particularserver network.
How does the DHCP work?In a network, a DHCP server manages a pool of IP addresses, as well as default gateway details,
DNS details and other information for the clients network configuration.
When a new computer is introduced into a DHCP server-enabled network, it will send a query to
the DHCP server requesting all the necessary information. When the query reaches the DHCP
server, it will grant the new computer a new IP address and a lease - a time frame for which the
computer can use this IP address, as well as other configuration details. The whole process takes
place immediately after the new computer boots, and to be successful, it has to be completed
before initiating IP based communication with other hosts in the network.
DHCP allocation methodsDepending on its configuration, the DHCP server can work in 3 ways:
Dynamic allocationWhen the DHCP server is configured to use dynamic allocation, this means that it uses a lease
policy. This way, when an assigned IP address from the available pool is no longer used, it will be
transferred back to the pool, making it available for someone else to use
Automatic allocationAs soon as a client connects, the DHCP server provides him with an IP address from the IP address
pool. However, when automatic allocation is used, the DHCP server keeps a database of previous
IP grants, and tries to give the client the same IP address he used the last time, if available.
Static allocation
. With the static allocation, the DHCP sever keeps a database with all clients' LAN MAC addressesand gives them an IP address only if their MAC address is in the database.
http://www.ntchosting.com/server.htmlhttp://www.ntchosting.com/server.htmlhttp://www.ntchosting.com/databases/database.htmlhttp://www.ntchosting.com/server.htmlhttp://www.ntchosting.com/databases/database.html8/3/2019 The Role of Domain Controllers
6/18
What is DNS?translates the name into its corresponding IP address (e.g. the domain name NTC Hosting.com is
translated to 66.40.65.49). Thanks to the DNS, we do not need to bother to remember
complicated numeric combinations to reach a certain website - we can use its meaningful and
much easier to remember domain name instead.
Conditional forwarders
Conditional forwarders are DNS servers that only forward queries for specific domainnames. Instead of forwarding allqueries it cannot resolve locally to a forwarder, a
conditional forwarder is configured to forward a query to specific forwarders based on thedomain name contained in the query. Forwarding according to domain names improves
conventional forwarding by adding a name-based condition to the forwarding process.
The conditional forwarder setting for a DNS server consists of the following:
The domain names for which the DNS server will forward queries.
One or more DNS server IP addresses for each domain name specified.
RADIUSRemote Authentication Dial In User Service (RADIUS) is a networking protocolthat provides
centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect
and use a network service
RADIUS ROLES:
1. to authenticate users or devices before granting them access to a network,
2. to authorize those users or devices for certain network services and
3. to account for usage of those services.
http://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/AAA_protocolhttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/AAA_protocol8/3/2019 The Role of Domain Controllers
7/18
RAID
RAID (an acronym forredundant array of independent disks; originally redundant array of
inexpensive disks) is a storage technology that combines multipledisk drivecomponents into a logical
unit. Data is distributed across the drives in one of several ways called "RAID levels", depending on what
level ofredundancyand performance (via parallel communication) is required.
RAID is now used as an umbrella termforcomputer data storageschemes that can divide and
replicatedata among multiple physical drives. The physical drives are said to be in a RAID,[5]which is
accessed by the operating systemas one single drive. The different schemes or architectures are named
by the word RAID followed by a number (e.g., RAID 0, RAID 1). Each scheme provides a different
balance between two key goals: increase data reliabilityand increase input/outputperformance.
RAID PROBLEMS
10.1 Correlated failures
10.2 Atomicity
10.3 Write cache reliability
10.4 Equipment compatibility
10.5 Data recovery in the event of a failed array
10.6 Drive error recovery algorithms
10.7 Recovery time is increasing
http://en.wikipedia.org/wiki/Disk_drivehttp://en.wikipedia.org/wiki/Disk_drivehttp://en.wikipedia.org/wiki/Redundancy_(engineering)http://en.wikipedia.org/wiki/Redundancy_(engineering)http://en.wikipedia.org/wiki/Parallel_communicationhttp://en.wikipedia.org/wiki/Umbrella_termhttp://en.wikipedia.org/wiki/Umbrella_termhttp://en.wikipedia.org/wiki/Computer_data_storagehttp://en.wikipedia.org/wiki/Computer_data_storagehttp://en.wikipedia.org/wiki/Computer_data_storagehttp://en.wikipedia.org/wiki/Data_(computing)http://en.wikipedia.org/wiki/Data_(computing)http://en.wikipedia.org/wiki/RAID#cite_note-RAS-4http://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Data_reliabilityhttp://en.wikipedia.org/wiki/Data_reliabilityhttp://en.wikipedia.org/wiki/Input/outputhttp://en.wikipedia.org/wiki/Input/outputhttp://en.wikipedia.org/wiki/RAID#Correlated_failureshttp://en.wikipedia.org/wiki/RAID#Atomicityhttp://en.wikipedia.org/wiki/RAID#Write_cache_reliabilityhttp://en.wikipedia.org/wiki/RAID#Equipment_compatibilityhttp://en.wikipedia.org/wiki/RAID#Data_recovery_in_the_event_of_a_failed_arrayhttp://en.wikipedia.org/wiki/RAID#Drive_error_recovery_algorithmshttp://en.wikipedia.org/wiki/RAID#Recovery_time_is_increasinghttp://en.wikipedia.org/wiki/Disk_drivehttp://en.wikipedia.org/wiki/Redundancy_(engineering)http://en.wikipedia.org/wiki/Parallel_communicationhttp://en.wikipedia.org/wiki/Umbrella_termhttp://en.wikipedia.org/wiki/Computer_data_storagehttp://en.wikipedia.org/wiki/Data_(computing)http://en.wikipedia.org/wiki/RAID#cite_note-RAS-4http://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/Data_reliabilityhttp://en.wikipedia.org/wiki/Input/outputhttp://en.wikipedia.org/wiki/RAID#Correlated_failureshttp://en.wikipedia.org/wiki/RAID#Atomicityhttp://en.wikipedia.org/wiki/RAID#Write_cache_reliabilityhttp://en.wikipedia.org/wiki/RAID#Equipment_compatibilityhttp://en.wikipedia.org/wiki/RAID#Data_recovery_in_the_event_of_a_failed_arrayhttp://en.wikipedia.org/wiki/RAID#Drive_error_recovery_algorithmshttp://en.wikipedia.org/wiki/RAID#Recovery_time_is_increasing8/3/2019 The Role of Domain Controllers
8/18
10.8 Operator skills, correct operation
Internet Information Services (IIS)
Internet Information Services (IIS) formerly called Internet Information Server is a web
serverapplication and set of feature extension modules created byMicrosoft for use withMicrosoft
Windows. IIS 7.5 supports HTTP,HTTPS,FTP,FTPS,SMTP and NNTP. It is an integral part ofWindows
Serverfamily of products, as well as certain editions ofWindows XP,Windows Vista and Windows 7. IIS is
not turned on by default when Windows is installed.
Features
The architecture of IIS 7 is modular. Modules, also called extensions, can be added or removed
individually so that only modules required for specific functionality have to be installed. IIS 7 includes
native modules as part of the full installation. These modules are individual features that the server uses
to process requests and include the following:[23]
HTTP modules Used to perform tasks specific to HTTP in the request-processing pipeline, such as
responding to information and inquiries sent in client headers, returning HTTP errors, and redirecting
requests.
Security modules Used to perform tasks related to security in the request-processing pipeline, such as
specifying authentication schemes, performing URL authorization, and filtering requests.
Content modules Used to perform tasks related to content in the request-processing pipeline, such as
processing requests for static files, returning a default page when a client does not specify a resource in a
request, and listing the contents of a directory.
http://en.wikipedia.org/wiki/RAID#Operator_skills.2C_correct_operationhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Microsofthttp://en.wikipedia.org/wiki/Microsofthttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTPShttp://en.wikipedia.org/wiki/HTTPShttp://en.wikipedia.org/wiki/HTTPShttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/FTPShttp://en.wikipedia.org/wiki/FTPShttp://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocolhttp://en.wikipedia.org/wiki/Network_News_Transfer_Protocolhttp://en.wikipedia.org/wiki/Network_News_Transfer_Protocolhttp://en.wikipedia.org/wiki/Windows_Serverhttp://en.wikipedia.org/wiki/Windows_Serverhttp://en.wikipedia.org/wiki/Windows_Serverhttp://en.wikipedia.org/wiki/Windows_XPhttp://en.wikipedia.org/wiki/Windows_Vistahttp://en.wikipedia.org/wiki/Windows_Vistahttp://en.wikipedia.org/wiki/Windows_7http://en.wikipedia.org/wiki/Windows_7http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-22http://en.wikipedia.org/wiki/RAID#Operator_skills.2C_correct_operationhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Web_serverhttp://en.wikipedia.org/wiki/Microsofthttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/Microsoft_Windowshttp://en.wikipedia.org/wiki/HTTPhttp://en.wikipedia.org/wiki/HTTPShttp://en.wikipedia.org/wiki/File_Transfer_Protocolhttp://en.wikipedia.org/wiki/FTPShttp://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocolhttp://en.wikipedia.org/wiki/Network_News_Transfer_Protocolhttp://en.wikipedia.org/wiki/Windows_Serverhttp://en.wikipedia.org/wiki/Windows_Serverhttp://en.wikipedia.org/wiki/Windows_XPhttp://en.wikipedia.org/wiki/Windows_Vistahttp://en.wikipedia.org/wiki/Windows_7http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-228/3/2019 The Role of Domain Controllers
9/18
Compression modules Used to perform tasks related to compression in the request-processing pipeline,
such as compressing responses, applying Gzip compression transfer coding to responses, and
performing pre-compression of static content.
Caching modules Used to perform tasks related to caching in the request-processing pipeline, such as
storing processed information in memory on the server and using cached content in subsequent requestsfor the same resource.
Logging and Diagnostics modules Used to perform tasks related to logging and diagnostics in the
request-processing pipeline, such as passing information and processing status to HTTP.sys for logging,
reporting events, and tracking requests currently executing in worker processes.
IIS 6.0 and higher support the following authenticationmechanisms:[24]
Anonymous authentication
Basic access authentication
Digest access authentication Integrated Windows Authentication
UNC authentication
.NET Passport Authentication (Removed in Windows Server 2008 and IIS 7.0)[25]
Certificate authentication
IIS 7.5 includes the following additional or enhanced security features:[26]
Client Certificate Mapping
IP Security
Request Filtering
URL Authorization
Authentication changed slightly between IIS 6.0 and IIS 7, most notably in that the anonymous user which
was named "IUSR_{machinename}" is a built-in account in Vista and future operating systems and
named "IUSR". Notably, in IIS 7, each authentication mechanism is isolated into its own module and can
be installed or uninstalled.[25]
Microsoft Cluster Server
Microsoft Cluster Server(MSCS) is software designed to allow servers to work together as acomputer
cluster, to provide failover and increased availability of applications, orparallelcalculating power in case
ofhigh-performance computing (HPC)clusters (as insupercomputing)
http://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-23http://en.wikipedia.org/wiki/Basic_access_authenticationhttp://en.wikipedia.org/wiki/Digest_access_authenticationhttp://en.wikipedia.org/wiki/Integrated_Windows_Authenticationhttp://en.wikipedia.org/wiki/.NET_Passport_Authenticationhttp://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-6_to_7_changes-24http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-25http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-25http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-6_to_7_changes-24http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-6_to_7_changes-24http://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Parallel_computerhttp://en.wikipedia.org/wiki/High-performance_computinghttp://en.wikipedia.org/wiki/Supercomputinghttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-23http://en.wikipedia.org/wiki/Basic_access_authenticationhttp://en.wikipedia.org/wiki/Digest_access_authenticationhttp://en.wikipedia.org/wiki/Integrated_Windows_Authenticationhttp://en.wikipedia.org/wiki/.NET_Passport_Authenticationhttp://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-6_to_7_changes-24http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-25http://en.wikipedia.org/wiki/Internet_Information_Services#cite_note-6_to_7_changes-24http://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Computer_clusterhttp://en.wikipedia.org/wiki/Parallel_computerhttp://en.wikipedia.org/wiki/High-performance_computinghttp://en.wikipedia.org/wiki/Supercomputing8/3/2019 The Role of Domain Controllers
10/18
Microsoft has three technologies for clustering: Microsoft Cluster Service (MSCS), Component Load
Balancing (CLB) (part of Application Center 2000), and Network Load Balancing Services(NLB).
In Windows Server 2008 and Windows Server 2008 R2 the MSCS service has been renamed
to Windows Server Failover Clusteringand the Component Load Balancing (CLB) feature has been
deprecated.
Server clusters overview
A server cluster is a group of independent computer systems, known as nodes, workingtogether as a single system to ensure that critical applications and resources remainavailable to clients. These nodes must be running Microsoft Windows Server 2003,Enterprise Edition or Microsoft Windows Server 2003, Datacenter Edition. Clusteringallows users and administrators to access and manage the nodes as a single system ratherthan as separate computers. For more information about nodes, see Nodes.
A server cluster can consist of up to eight nodes and may be configured in one of threeways: as a single node server cluster, as a single quorum device server cluster, or as amajority node set server cluster. For more information about these three server clustermodels, see Choosing a Cluster Model.
Every node may be attached to one or more cluster storage devices. For most versions ofWindows Server 2003, Enterprise Edition or Windows Server 2003, Datacenter Edition, thechoices for cluster storage include iSCSI, Serial Attached SCSI, parallel SCSI, and FibreChannel. The following table provides details about the storage you can use with eachversion of the operating system, along with the maximum number of nodes you can havewith each storage type:
Cluster application types
Applications that run in a server cluster fall into one of four categories:
Cluster-unaware applications
These types of applications do not interact with the server cluster at all but can still fail over. Failure
detection is limited. The Cluster service protects these applications mainly against hardware
failures.
Cluster-aware applications
These types of applications are characterized by superior failure detection. The Cluster service can
protect these applications not only against hardware but also against software failures.
Cluster management applications
These types of applications, which include Cluster Administrator and Cluster.exe, allow
administrators to manage and configure clusters. For more information, seeServer Cluster
Components.
Custom resource types
Resource types provide customized cluster management and instrumentation for applications,
services, and devices. For more information, seeResource types.
http://en.wikipedia.org/wiki/Network_Load_Balancing_Serviceshttp://en.wikipedia.org/wiki/Windows_Server_2008http://en.wikipedia.org/wiki/Windows_Server_2008_R2http://en.wikipedia.org/w/index.php?title=Windows_Server_Failover_Clustering&action=edit&redlink=1http://technet.microsoft.com/en-us/library/cc783671(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc739522(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc759467(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc759467(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc759467(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc776340(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc776340(WS.10).aspxhttp://en.wikipedia.org/wiki/Network_Load_Balancing_Serviceshttp://en.wikipedia.org/wiki/Windows_Server_2008http://en.wikipedia.org/wiki/Windows_Server_2008_R2http://en.wikipedia.org/w/index.php?title=Windows_Server_Failover_Clustering&action=edit&redlink=1http://technet.microsoft.com/en-us/library/cc783671(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc739522(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc759467(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc759467(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc776340(WS.10).aspx8/3/2019 The Role of Domain Controllers
11/18
Simple Mail Transfer Protocol (SMTP)
Simple Mail Transfer Protocol (SMTP) is an Internet standard forelectronic mail (e-mail) transmission
across Internet Protocol (IP) networks. SMTP was first defined by RFC 821 (1982, eventually
declared STD10),[1] and last updated byRFC 5321 (2008)[2]which includes theextended SMTP(ESMTP)
additions, and is the protocol in widespread use today. SMTP is specified for outgoing mail transport anduses TCPport 25. The protocol for new submissions is effectively the same as SMTP, but it uses port 587
instead. SMTP connections secured by SSL are known by the shorthand SMTPS, though SMTPS is not a
protocol in its own right.
While electronicmail serversand othermail transfer agents use SMTP to send and receive mail
messages, user-level client mail applications typically only use SMTP for sending messages to a mail
server forrelaying. For receiving messages, client applications usually use either the Post Office
Protocol (POP) or theInternet Message Access Protocol (IMAP) or a proprietary system (such as
Microsoft Exchange orLotus Notes/Domino) to access their mail box accounts on a mail server.
The Hypertext Transfer Protocol (HTTP)
The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative,
hypermedia information systems.[1] HTTP is the foundation of data communication for theWorld Wide
Web.
The standards development of HTTP was coordinated by the Internet Engineering Task Force (IETF) and
the World Wide Web Consortium (W3C), culminating in the publication of a series ofRequests for
Comments(RFCs), most notablyRFC 2616 (June 1999), which defines HTTP/1.1, the version of HTTP in
common use.
HTTP session
An HTTP session is a sequence of network request-response transactions. An HTTP client initiates a
request by establishing aTransmission Control Protocol(TCP) connection to a particularporton a server(typically port 80; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for
a client's request message. Upon receiving the request, the server sends back a status line, such as
"HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested resource, an
error message, or some other information.[1]
Request message
http://en.wikipedia.org/wiki/Internet_standardhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://tools.ietf.org/html/rfc821http://en.wikipedia.org/wiki/Internet_standardhttp://en.wikipedia.org/wiki/Internet_standardhttp://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#cite_note-rfc821-0http://tools.ietf.org/html/rfc5321http://tools.ietf.org/html/rfc5321http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#cite_note-rfc5321-1http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#cite_note-rfc5321-1http://en.wikipedia.org/wiki/Extended_SMTPhttp://en.wikipedia.org/wiki/Extended_SMTPhttp://en.wikipedia.org/wiki/Extended_SMTPhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Computer_port_(software)http://en.wikipedia.org/wiki/Secure_Sockets_Layerhttp://en.wikipedia.org/wiki/SMTPShttp://en.wikipedia.org/wiki/SMTPShttp://en.wikipedia.org/wiki/Mail_serverhttp://en.wikipedia.org/wiki/Mail_serverhttp://en.wikipedia.org/wiki/Mail_serverhttp://en.wikipedia.org/wiki/Mail_transfer_agenthttp://en.wikipedia.org/wiki/Mail_relayhttp://en.wikipedia.org/wiki/Post_Office_Protocolhttp://en.wikipedia.org/wiki/Post_Office_Protocolhttp://en.wikipedia.org/wiki/Internet_Message_Access_Protocolhttp://en.wikipedia.org/wiki/Internet_Message_Access_Protocolhttp://en.wikipedia.org/wiki/Lotus_Noteshttp://en.wikipedia.org/wiki/IBM_Lotus_Dominohttp://en.wikipedia.org/wiki/IBM_Lotus_Dominohttp://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#cite_note-ietf2616-0http://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/Internet_Engineering_Task_Forcehttp://en.wikipedia.org/wiki/World_Wide_Web_Consortiumhttp://en.wikipedia.org/wiki/Requests_for_Commentshttp://en.wikipedia.org/wiki/Requests_for_Commentshttp://en.wikipedia.org/wiki/Requests_for_Commentshttp://tools.ietf.org/html/rfc2616http://tools.ietf.org/html/rfc2616http://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/TCP_and_UDP_porthttp://en.wikipedia.org/wiki/TCP_and_UDP_porthttp://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbershttp://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#cite_note-ietf2616-0http://en.wikipedia.org/wiki/Internet_standardhttp://en.wikipedia.org/wiki/E-mailhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://tools.ietf.org/html/rfc821http://en.wikipedia.org/wiki/Internet_standardhttp://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#cite_note-rfc821-0http://tools.ietf.org/html/rfc5321http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#cite_note-rfc5321-1http://en.wikipedia.org/wiki/Extended_SMTPhttp://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/Computer_port_(software)http://en.wikipedia.org/wiki/Secure_Sockets_Layerhttp://en.wikipedia.org/wiki/SMTPShttp://en.wikipedia.org/wiki/Mail_serverhttp://en.wikipedia.org/wiki/Mail_transfer_agenthttp://en.wikipedia.org/wiki/Mail_relayhttp://en.wikipedia.org/wiki/Post_Office_Protocolhttp://en.wikipedia.org/wiki/Post_Office_Protocolhttp://en.wikipedia.org/wiki/Internet_Message_Access_Protocolhttp://en.wikipedia.org/wiki/Lotus_Noteshttp://en.wikipedia.org/wiki/IBM_Lotus_Dominohttp://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#cite_note-ietf2616-0http://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/World_Wide_Webhttp://en.wikipedia.org/wiki/Internet_Engineering_Task_Forcehttp://en.wikipedia.org/wiki/World_Wide_Web_Consortiumhttp://en.wikipedia.org/wiki/Requests_for_Commentshttp://en.wikipedia.org/wiki/Requests_for_Commentshttp://tools.ietf.org/html/rfc2616http://en.wikipedia.org/wiki/Transmission_Control_Protocolhttp://en.wikipedia.org/wiki/TCP_and_UDP_porthttp://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbershttp://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#cite_note-ietf2616-08/3/2019 The Role of Domain Controllers
12/18
The request message consists of the following:
A request line, such as GET /images/logo.png HTTP/1.1, which requests a resource
called /images/logo.png from the server.
Headers, such as Accept-Language: en
An empty line.
An optional message body.
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing devices
on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations,printers, modem racks, and more."[1]It is used mostly in network management
systems tomonitornetwork-attached devices for conditions that warrant administrative attention. SNMP is
a component of theInternet Protocol Suiteas defined by the Internet Engineering Task Force (IETF). It
consists of a set ofstandardsfor network management, including anapplication layerprotocol, a
database schema, and a set ofdata objects.[2]
SNMP exposes management data in the form of variables on the managed systems, which describe the
system configuration. These variables can then be queried (and sometimes set) by managing
applications.
An SNMP-managed network consists of three key components:
Managed device
Agent software which runs on managed devices
Network management system (NMS) software which runs on the manager
Protocol details
SNMP operates in theApplication Layerof the Internet Protocol Suite (Layer 7of the OSI model). The
SNMP agent receives requests on UDP port 161. The manager may send requests from any available
source port to port 161 in the agent. The agent response will be sent back to the source port on the
manager. The manager receives notifications (Traps andInformRequests) on port 162. The agent may
http://en.wikipedia.org/wiki/List_of_HTTP_headershttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-ESNMP-0http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-ESNMP-0http://en.wikipedia.org/wiki/Network_management_systemshttp://en.wikipedia.org/wiki/Network_management_systemshttp://en.wikipedia.org/wiki/Network_monitoringhttp://en.wikipedia.org/wiki/Network_monitoringhttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internet_Engineering_Task_Forcehttp://en.wikipedia.org/wiki/Technical_standardhttp://en.wikipedia.org/wiki/Technical_standardhttp://en.wikipedia.org/wiki/Technical_standardhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Protocol_(computing)http://en.wikipedia.org/wiki/Protocol_(computing)http://en.wikipedia.org/wiki/Logical_schemahttp://en.wikipedia.org/wiki/Data_objecthttp://en.wikipedia.org/wiki/Data_objecthttp://en.wikipedia.org/wiki/Data_objecthttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-RFC_3411-1http://en.wikipedia.org/wiki/Application_Layerhttp://en.wikipedia.org/wiki/Application_Layerhttp://en.wikipedia.org/wiki/Application_Layerhttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Layer_7http://en.wikipedia.org/wiki/Layer_7http://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Traphttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#InformRequesthttp://en.wikipedia.org/wiki/List_of_HTTP_headershttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-ESNMP-0http://en.wikipedia.org/wiki/Network_management_systemshttp://en.wikipedia.org/wiki/Network_management_systemshttp://en.wikipedia.org/wiki/Network_monitoringhttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internet_Engineering_Task_Forcehttp://en.wikipedia.org/wiki/Technical_standardhttp://en.wikipedia.org/wiki/Application_layerhttp://en.wikipedia.org/wiki/Protocol_(computing)http://en.wikipedia.org/wiki/Logical_schemahttp://en.wikipedia.org/wiki/Data_objecthttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-RFC_3411-1http://en.wikipedia.org/wiki/Application_Layerhttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Layer_7http://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#Traphttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#InformRequest8/3/2019 The Role of Domain Controllers
13/18
generate notifications from any available port. When used withTransport Layer Security orDatagram
Transport Layer Securityrequests are received on port 10161 and traps are sent to port 10162.[3].
SNMPv1 specifies five coreprotocol data units(PDUs). Two other
PDUs, GetBulkRequestand InformRequestwere added in SNMPv2 and carried over to SNMPv3.
All SNMP PDUs are constructed as follows:
IP
headerUDP header version community PDU-type request-id error-status error-index variable bindings
Routing
Routing is the process of selecting paths in a network along which to send network traffic. Routing is
performed for many kinds of networks, including the telephone network(Circuit switching), electronic data
networks (such as the Internet), and transportation networks. This article is concerned primarily with
routing in electronic data networks using packet switchingtechnology.
In packet switching networks, routing directspacket forwarding, the transit of logically addressed packets
from their source toward their ultimate destination through intermediate nodes, typically hardware devices
called routers, bridges,gateways,firewalls, orswitches. General-purpose computers can also forward
packets and perform routing, though they are not specialized hardware and may suffer from limited
performance. The routing process usually directs forwarding on the basis ofrouting tableswhich maintain
a record of the routes to various network destinations. Thus, constructing routing tables, which are held inthe router'smemory, is very important for efficient routing. Most routing algorithms use only one network
path at a time, but multipath routing techniques enable the use of multiple alternative paths.
Routing, in a more narrow sense of the term, is often contrasted withbridgingin its assumption
thatnetwork addressesare structured and that similar addresses imply proximity within the network.
Because structured addresses allow a single routing table entry to represent the route to a group of
devices, structured addressing (routing, in the narrow sense) outperforms unstructured addressing
http://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-2http://en.wikipedia.org/wiki/Protocol_data_unithttp://en.wikipedia.org/wiki/Protocol_data_unithttp://en.wikipedia.org/wiki/Protocol_data_unithttp://en.wikipedia.org/wiki/PSTNhttp://en.wikipedia.org/wiki/PSTNhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Transport_networkhttp://en.wikipedia.org/wiki/Transport_networkhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Gateway_(telecommunications)http://en.wikipedia.org/wiki/Gateway_(telecommunications)http://en.wikipedia.org/wiki/Firewall_(computing)http://en.wikipedia.org/wiki/Network_switchhttp://en.wikipedia.org/wiki/Computerhttp://en.wikipedia.org/wiki/Routing_tablehttp://en.wikipedia.org/wiki/Routing_tablehttp://en.wikipedia.org/wiki/Computer_storagehttp://en.wikipedia.org/wiki/Computer_storagehttp://en.wikipedia.org/wiki/Multipath_routinghttp://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Network_addresshttp://en.wikipedia.org/wiki/Network_addresshttp://en.wikipedia.org/wiki/Network_addresshttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Datagram_Transport_Layer_Securityhttp://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#cite_note-2http://en.wikipedia.org/wiki/Protocol_data_unithttp://en.wikipedia.org/wiki/PSTNhttp://en.wikipedia.org/wiki/Circuit_switchinghttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Transport_networkhttp://en.wikipedia.org/wiki/Packet_switchinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Node_(networking)http://en.wikipedia.org/wiki/Router_(computing)http://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Gateway_(telecommunications)http://en.wikipedia.org/wiki/Firewall_(computing)http://en.wikipedia.org/wiki/Network_switchhttp://en.wikipedia.org/wiki/Computerhttp://en.wikipedia.org/wiki/Routing_tablehttp://en.wikipedia.org/wiki/Computer_storagehttp://en.wikipedia.org/wiki/Multipath_routinghttp://en.wikipedia.org/wiki/Bridging_(networking)http://en.wikipedia.org/wiki/Network_address8/3/2019 The Role of Domain Controllers
14/18
(bridging) in large networks, and has become the dominant form of addressing on the Internet, though
bridging is still widely used within localized environments.
Topology distribution
In a practice known as static routing (or non-adaptive routing), small networks may use manually
configured routing tables. Larger networks have complextopologies that can change rapidly, making the
manual construction of routing tables unfeasible. Nevertheless, most of thepublic switched telephone
network(PSTN) uses pre-computed routing tables, with fallback routes if the most direct route becomes
blocked (seerouting in the PSTN). Adaptive routing, or dynamic routing, attempts to solve this problem by
constructing routing tables automatically, based on information carried by routing protocols, and allowing
the network to act nearly autonomously in avoiding network failures and blockages.
Examples of adaptive-routing algorithms are the Routing Information Protocol (RIP) and the Open-
Shortest-Path-First protocol (OSPF). Adaptive routing dominates the Internet. However, the configuration
of the routing protocols often requires a skilled touch; networking technology has not developed to the
point of the complete automation of routing.[citation needed]
[edit]Distance vector algorithms
Main article: Distance-vector routing protocol
Distance vector algorithms use the Bellman-Fordalgorithm. This approach assigns a number, the cost, to
each of the links between each node in the network. Nodes will send information from point A to point B
via the path that results in the lowest total cost(i.e. the sum of the costs of the links between the nodes
used).
The algorithm operates in a very simple manner. When a node first starts, it only knows of its immediate
neighbours, and the direct cost involved in reaching them. (This information, the list of destinations, the
total cost to each, and the next hop to send data to get there, makes up the routing table, ordistance
table.) Each node, on a regular basis, sends to each neighbour its own current idea of the total cost to get
to all the destinations it knows of. The neighbouring node(s) examine this information, and compare it to
what they already 'know'; anything which represents an improvement on what they already have, they
insert in their own routing table(s). Over time, all the nodes in the network will discover the best next hop
for all destinations, and the best total cost.
When one of the nodes involved goes down, those nodes which used it as their next hop for certain
destinations discard those entries, and create new routing-table information. They then pass this
information to all adjacent nodes, which then repeat the process. Eventually all the nodes in the network
receive the updated information, and will then discover new paths to all the destinations which they can
still "reach".
[edit]Link-state algorithms
Main article: Link-state routing protocol
When applying link-state algorithms, each node uses as its fundamental data a map of the network in the
form of a graph. To produce this, each node floods the entire network with information about what other
nodes it can connect to, and each node then independently assembles this information into a map. Using
http://en.wikipedia.org/wiki/Static_routinghttp://en.wikipedia.org/wiki/Network_topologyhttp://en.wikipedia.org/wiki/Public_Switched_Telephone_Networkhttp://en.wikipedia.org/wiki/Public_Switched_Telephone_Networkhttp://en.wikipedia.org/wiki/Public_Switched_Telephone_Networkhttp://en.wikipedia.org/wiki/Routing_in_the_PSTNhttp://en.wikipedia.org/wiki/Routing_in_the_PSTNhttp://en.wikipedia.org/wiki/Adaptive_routinghttp://en.wikipedia.org/wiki/Routing_protocolhttp://en.wikipedia.org/wiki/Routing_Information_Protocolhttp://en.wikipedia.org/wiki/OSPFhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=3http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=3http://en.wikipedia.org/wiki/Distance-vector_routing_protocolhttp://en.wikipedia.org/wiki/Bellman-Fordhttp://en.wikipedia.org/wiki/Bellman-Fordhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=4http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=4http://en.wikipedia.org/wiki/Link-state_routing_protocolhttp://en.wikipedia.org/wiki/Maphttp://en.wikipedia.org/wiki/Graph_(mathematics)http://en.wikipedia.org/wiki/Static_routinghttp://en.wikipedia.org/wiki/Network_topologyhttp://en.wikipedia.org/wiki/Public_Switched_Telephone_Networkhttp://en.wikipedia.org/wiki/Public_Switched_Telephone_Networkhttp://en.wikipedia.org/wiki/Routing_in_the_PSTNhttp://en.wikipedia.org/wiki/Adaptive_routinghttp://en.wikipedia.org/wiki/Routing_protocolhttp://en.wikipedia.org/wiki/Routing_Information_Protocolhttp://en.wikipedia.org/wiki/OSPFhttp://en.wikipedia.org/wiki/Wikipedia:Citation_neededhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=3http://en.wikipedia.org/wiki/Distance-vector_routing_protocolhttp://en.wikipedia.org/wiki/Bellman-Fordhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=4http://en.wikipedia.org/wiki/Link-state_routing_protocolhttp://en.wikipedia.org/wiki/Maphttp://en.wikipedia.org/wiki/Graph_(mathematics)8/3/2019 The Role of Domain Controllers
15/18
this map, each router then independently determines the least-cost path from itself to every other node
using a standard shortest pathsalgorithm such asDijkstra's algorithm. The result is a tree rooted at the
current node such that the path through the tree from the root to any other node is the least-cost path to
that node. This tree then serves to construct the routing table, which specifies the best next hop to get
from the current node to any other node.
[edit]Optimised Link State Routing algorithm
Main article: Optimized Link State Routing Protocol
A link-state routing algorithm optimised formobile ad-hoc networks is the Optimised Link State Routing
Protocol (OLSR).[1] OLSR is proactive; it uses Hello and Topology Control (TC) messages to discover and
disseminate link state information through the mobile ad-hoc network. Using Hello messages, each node
discovers 2-hop neighbor information and elects a set ofmultipoint relays(MPRs). MPRs distinguish
OLSR from other link state routing protocols.
[edit]Path vector protocol
Main article: Path vector protocol
Distance vector and link state routing are both intra-domain routing protocols. They are used inside
an autonomous system, but not between autonomous systems. Both of these routing protocols become
intractable in large networks and cannot be used inInter-domain routing. Distance vector routing is
subject to instability if there are more than a few hops in the domain. Link state routing needs huge
amount of resources to calculate routing tables. It also creates heavy traffic because of flooding.
Path vector routing is used for inter-domain routing. It is similar to distance vector routing. In path vector
routing we assume there is one node (there can be many) in each autonomous system which acts on
behalf of the entire autonomous system. This node is called the speaker node. The speaker node creates
a routing table and advertises it to neighboring speaker nodes in neighboring autonomous systems. The
idea is the same as distance vector routing except that only speaker nodes in each autonomous systemcan communicate with each other. The speaker node advertises the path, not the metric of the nodes, in
its autonomous system or other autonomous systems. Path vector routing is discussed in RFC 1322; the
path vector routing algorithm is somewhat similar to the distance vector algorithm in the sense that each
border router advertises the destinations it can reach to its neighboring router. However, instead of
advertising networks in terms of a destination and the distance to that destination, networks are
advertised as destination addresses and path descriptions to reach those destinations. A route is defined
as a pairing between a destination and the attributes of the path to that destination, thus the name, path
vector routing, where the routers receive a vector that contains paths to a set of destinations. The path,
expressed in terms of the domains (or confederations) traversed so far, is carried in a special path
attribute that records the sequence of routing domains through which the reachability information has
passed.
[edit]Comparison of routing algorithms
Distance-vector routing protocols are simple and efficient in small networks and require little, if any,
management. However, traditional distance-vector algorithms have poorconvergenceproperties due to
the count-to-infinity problem.
http://en.wikipedia.org/wiki/Shortest_path_problemhttp://en.wikipedia.org/wiki/Shortest_path_problemhttp://en.wikipedia.org/wiki/Dijkstra's_algorithmhttp://en.wikipedia.org/wiki/Dijkstra's_algorithmhttp://en.wikipedia.org/wiki/Tree_(graph_theory)http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=5http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=5http://en.wikipedia.org/wiki/Optimized_Link_State_Routing_Protocolhttp://en.wikipedia.org/wiki/Mobile_ad-hoc_networkhttp://en.wikipedia.org/wiki/Mobile_ad-hoc_networkhttp://en.wikipedia.org/wiki/Routing#cite_note-0http://en.wikipedia.org/wiki/Mobile_ad-hoc_networkhttp://en.wikipedia.org/wiki/Multipoint_relayhttp://en.wikipedia.org/wiki/Multipoint_relayhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=6http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=6http://en.wikipedia.org/wiki/Path_vector_protocolhttp://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Inter-domainhttp://en.wikipedia.org/wiki/Inter-domainhttp://tools.ietf.org/html/rfc1322http://tools.ietf.org/html/rfc1322http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=7http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=7http://en.wikipedia.org/wiki/Distance-vector_routing_protocolshttp://en.wikipedia.org/wiki/Convergence_(routing)http://en.wikipedia.org/wiki/Count-to-infinity_problemhttp://en.wikipedia.org/wiki/Count-to-infinity_problemhttp://en.wikipedia.org/wiki/Shortest_path_problemhttp://en.wikipedia.org/wiki/Dijkstra's_algorithmhttp://en.wikipedia.org/wiki/Tree_(graph_theory)http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=5http://en.wikipedia.org/wiki/Optimized_Link_State_Routing_Protocolhttp://en.wikipedia.org/wiki/Mobile_ad-hoc_networkhttp://en.wikipedia.org/wiki/Routing#cite_note-0http://en.wikipedia.org/wiki/Mobile_ad-hoc_networkhttp://en.wikipedia.org/wiki/Multipoint_relayhttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=6http://en.wikipedia.org/wiki/Path_vector_protocolhttp://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Inter-domainhttp://tools.ietf.org/html/rfc1322http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=7http://en.wikipedia.org/wiki/Distance-vector_routing_protocolshttp://en.wikipedia.org/wiki/Convergence_(routing)http://en.wikipedia.org/wiki/Count-to-infinity_problem8/3/2019 The Role of Domain Controllers
16/18
This has led to the development of more complex but more scalable algorithms for use in large networks.
Interior routing mostly uses link-state routing protocolssuch asOSPF and IS-IS.
A more recent development is that of loop-freedistance-vector protocols (e.g., EIGRP). Loop-free
distance-vector protocols are as robust and manageable as naive distance-vector protocols, but avoid
counting to infinity, and have good worst-caseconvergence times.
[edit]Path selection
Path selection involves applying a routing metricto multiple routes, in order to select (or predict) the best
route.
In the case of computer networking, the metric is computed by a routing algorithm, and can cover such
information asbandwidth,network delay,hop count, path cost, load, MTU, reliability, and communication
cost (see e.g. this survey for a list of proposed routing metrics). The routing table stores only the best
possible routes, whilelink-stateor topological databases may store all other information as well.
Because a routing metric is specific to a given routing protocol, multi-protocol routers must use some
external heuristic in order to select between routes learned from different routing protocols.Cisco'srouters, for example, attribute a value known as the administrative distance to each route, where smaller
administrative distances indicate routes learned from a supposedly more reliable protocol.
A local network administrator, in special cases, can set up host-specific routes to a particular machine
which provides more control over network usage, permits testing and better overall security. This can
come in handy when required to debug network connections or routing tables.
[edit]Multiple agents
In some networks, routing is complicated by the fact that no single entity is responsible for selecting
paths: instead, multiple entities are involved in selecting paths or even parts of a single path.
Complications or inefficiency can result if these entities choose paths to optimize their own objectives,which may conflict with the objectives of other participants.
A classic example involves traffic in a road system, in which each driver picks a path which minimizes
their own travel time. With such routing, theequilibrium routes can be longer than optimal for all drivers. In
particular, Braess paradox shows that adding a new road can lengthen travel times for all drivers.
In another model, for example used for routing automated guided vehicles (AGVs) on a terminal,
reservations are made for each vehicle to prevent simultaneous use of the same part of an infrastructure.
This approach is also referred to as context-aware routing.[2]
The Internet is partitioned into autonomous systems(ASs) such asinternet service providers (ISPs), each
of which has control over routes involving its network, at multiple levels. First, AS-level paths are selected
via the BGPprotocol, which produces a sequence of ASs through which packets will flow. Each AS may
have multiple paths, offered by neighboring ASs, from which to choose. Its decision often involves
business relationships with these neighboring ASs,[3]which may be unrelated to path quality or latency.
Second, once an AS-level path has been selected, there are often multiple corresponding router-level
paths, in part because two ISPs may be connected in multiple locations. In choosing the single router-
level path, it is common practice for each ISP to employ hot-potato routing: sending traffic along the path
http://en.wikipedia.org/wiki/Link-state_routing_protocolhttp://en.wikipedia.org/wiki/Link-state_routing_protocolhttp://en.wikipedia.org/wiki/OSPFhttp://en.wikipedia.org/wiki/OSPFhttp://en.wikipedia.org/wiki/IS-IShttp://en.wikipedia.org/wiki/IS-IShttp://en.wikipedia.org/wiki/Distance-vector_protocolshttp://en.wikipedia.org/wiki/Distance-vector_protocolshttp://en.wikipedia.org/wiki/EIGRPhttp://en.wikipedia.org/wiki/Convergence_(routing)#Convergence_timehttp://en.wikipedia.org/wiki/Convergence_(routing)#Convergence_timehttp://en.wikipedia.org/wiki/Convergence_(routing)#Convergence_timehttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=8http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=8http://en.wikipedia.org/wiki/Metrics_(networking)http://en.wikipedia.org/wiki/Metrics_(networking)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Network_delayhttp://en.wikipedia.org/wiki/Network_delayhttp://en.wikipedia.org/wiki/Hop_counthttp://en.wikipedia.org/wiki/MTU_(networking)http://rainer.baumann.info/public/tik262.pdfhttp://en.wikipedia.org/wiki/Link-statehttp://en.wikipedia.org/wiki/Link-statehttp://en.wikipedia.org/wiki/Link-statehttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Administrative_distancehttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=9http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=9http://en.wikipedia.org/wiki/Nash_equilibriumhttp://en.wikipedia.org/wiki/Nash_equilibriumhttp://en.wikipedia.org/wiki/Braess_paradoxhttp://en.wikipedia.org/wiki/Automated_guided_vehiclehttp://en.wikipedia.org/wiki/Routing#cite_note-1http://en.wikipedia.org/wiki/Routing#cite_note-1http://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Border_Gateway_Protocolhttp://en.wikipedia.org/wiki/Border_Gateway_Protocolhttp://en.wikipedia.org/wiki/Routing#cite_note-2http://en.wikipedia.org/wiki/Routing#cite_note-2http://en.wikipedia.org/wiki/Hot-potato_routinghttp://en.wikipedia.org/wiki/Hot-potato_routinghttp://en.wikipedia.org/wiki/Link-state_routing_protocolhttp://en.wikipedia.org/wiki/OSPFhttp://en.wikipedia.org/wiki/IS-IShttp://en.wikipedia.org/wiki/Distance-vector_protocolshttp://en.wikipedia.org/wiki/EIGRPhttp://en.wikipedia.org/wiki/Convergence_(routing)#Convergence_timehttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=8http://en.wikipedia.org/wiki/Metrics_(networking)http://en.wikipedia.org/wiki/Bandwidth_(computing)http://en.wikipedia.org/wiki/Network_delayhttp://en.wikipedia.org/wiki/Hop_counthttp://en.wikipedia.org/wiki/MTU_(networking)http://rainer.baumann.info/public/tik262.pdfhttp://en.wikipedia.org/wiki/Link-statehttp://en.wikipedia.org/wiki/Ciscohttp://en.wikipedia.org/wiki/Administrative_distancehttp://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=9http://en.wikipedia.org/wiki/Nash_equilibriumhttp://en.wikipedia.org/wiki/Braess_paradoxhttp://en.wikipedia.org/wiki/Automated_guided_vehiclehttp://en.wikipedia.org/wiki/Routing#cite_note-1http://en.wikipedia.org/wiki/Autonomous_system_(Internet)http://en.wikipedia.org/wiki/Internet_service_providerhttp://en.wikipedia.org/wiki/Border_Gateway_Protocolhttp://en.wikipedia.org/wiki/Routing#cite_note-2http://en.wikipedia.org/wiki/Hot-potato_routing8/3/2019 The Role of Domain Controllers
17/18
that minimizes the distance through the ISP's own networkeven if that path lengthens the total distance
to the destination.
Consider two ISPs,A and B, which each have a presence in New York, connected by a fast link with
latency 5 ms; and which each have a presence in London connected by a 5 ms link. Suppose both ISPs
have trans-Atlantic links connecting their two networks, butA's link has latency 100 ms and B's has
latency 120 ms. When routing a message from a source inA's London network to a destination in B's
New York network,A may choose to immediately send the message to B in London. This savesA the
work of sending it along an expensive trans-Atlantic link, but causes the message to experience latency
125 ms when the other route would have been 20 ms faster.
A 2003 measurement study of Internet routes found that, between pairs of neighboring ISPs, more than
30% of paths have inflated latency due to hot-potato routing, with 5% of paths being delayed by at least
12 ms. Inflation due to AS-level path selection, while substantial, was attributed primarily to BGP's lack of
a mechanism to directly optimize for latency, rather than to selfish routing policies. It was also suggested
that, were an appropriate mechanism in place, ISPs would be willing to cooperate to reduce latency rather
than use hot-potato routing.[4]
Such a mechanism was later published by the same authors, first for the case of two ISPs[5] and then for
the global case.[6]
[edit]Route Analytics
As the Internet and IP networks become mission critical business tools, there has been increased interest
in techniques and methods to monitor the routing posture of networks. Incorrect routing or routing issues
cause undesirable performance degradation, flapping and/or downtime. Monitoring routing in a network is
achieved usingRoute analytics tools and techniques
NetBIOS
NetBIOS.It provides services related to the session layerof the OSI model allowing applications on
separate computers to communicate over a local area network. As strictly an API, NetBIOS is not
anetworking protocol. Olderoperating systemsran NetBIOS overIEEE 802.2 andIPX/SPXusing
the NetBIOS Frames (NBF) andNetBIOS over IPX/SPX (NBX) protocols, respectively. In modern
networks, NetBIOS normally runs overTCP/IP via the NetBIOS over TCP/IP (NBT) protocol. This results
in each computer in the network having both an IP address and a NetBIOS name corresponding to a
(possibly different) host name.
SYSVOL
In Microsoft Windows, the System Volume (Sysvol) is a shareddirectory that stores the server copy of
the domain's public files that must be shared for common access and replication throughout a domain. The term
SYSVOL refers to a set of files and folders that reside on the local hard diskof eachdomain controllerin a domain
and that are replicated by theFile Replication service (FRS). Network clients access the contents of the SYSVOL tree
http://en.wikipedia.org/wiki/New_York_Cityhttp://en.wikipedia.org/wiki/New_York_Cityhttp://en.wikipedia.org/wiki/Millisecondhttp://en.wikipedia.org/wiki/Londonhttp://en.wikipedia.org/wiki/Routing#cite_note-3http://en.wikipedia.org/wiki/Routing#cite_note-4http://en.wikipedia.org/wiki/Routing#cite_note-5http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=10http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=10http://en.wikipedia.org/wiki/Route_analyticshttp://en.wikipedia.org/wiki/Route_analyticshttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Application_programming_interfacehttp://en.wikipedia.org/wiki/Application_programming_interfacehttp://en.wikipedia.org/wiki/Networking_protocolhttp://en.wikipedia.org/wiki/Networking_protocolhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/IEEE_802.2http://en.wikipedia.org/wiki/IEEE_802.2http://en.wikipedia.org/wiki/IPX/SPXhttp://en.wikipedia.org/wiki/IPX/SPXhttp://en.wikipedia.org/wiki/NetBIOS_Frames_protocolhttp://en.wikipedia.org/w/index.php?title=NetBIOS_over_IPX/SPX&action=edit&redlink=1http://en.wikipedia.org/w/index.php?title=NetBIOS_over_IPX/SPX&action=edit&redlink=1http://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/NetBIOS_over_TCP/IPhttp://en.wikipedia.org/wiki/IP_addresshttp://www.webopedia.com/TERM/M/Microsoft_Windows.htmlhttp://www.webopedia.com/TERM/M/Microsoft_Windows.htmlhttp://www.webopedia.com/TERM/D/directory.htmlhttp://www.webopedia.com/TERM/D/directory.htmlhttp://www.webopedia.com/TERM/D/domain.htmlhttp://www.webopedia.com/TERM/H/hard_disk.htmlhttp://www.webopedia.com/TERM/H/hard_disk.htmlhttp://www.webopedia.com/TERM/D/domain_controller.htmlhttp://www.webopedia.com/TERM/D/domain_controller.htmlhttp://www.webopedia.com/TERM/F/File_Replication_service.htmlhttp://www.webopedia.com/TERM/F/File_Replication_service.htmlhttp://en.wikipedia.org/wiki/New_York_Cityhttp://en.wikipedia.org/wiki/Millisecondhttp://en.wikipedia.org/wiki/Londonhttp://en.wikipedia.org/wiki/Routing#cite_note-3http://en.wikipedia.org/wiki/Routing#cite_note-4http://en.wikipedia.org/wiki/Routing#cite_note-5http://en.wikipedia.org/w/index.php?title=Routing&action=edit§ion=10http://en.wikipedia.org/wiki/Route_analyticshttp://en.wikipedia.org/wiki/Session_layerhttp://en.wikipedia.org/wiki/OSI_modelhttp://en.wikipedia.org/wiki/Local_area_networkhttp://en.wikipedia.org/wiki/Application_programming_interfacehttp://en.wikipedia.org/wiki/Networking_protocolhttp://en.wikipedia.org/wiki/Operating_systemhttp://en.wikipedia.org/wiki/IEEE_802.2http://en.wikipedia.org/wiki/IPX/SPXhttp://en.wikipedia.org/wiki/NetBIOS_Frames_protocolhttp://en.wikipedia.org/w/index.php?title=NetBIOS_over_IPX/SPX&action=edit&redlink=1http://en.wikipedia.org/wiki/TCP/IPhttp://en.wikipedia.org/wiki/NetBIOS_over_TCP/IPhttp://en.wikipedia.org/wiki/IP_addresshttp://www.webopedia.com/TERM/M/Microsoft_Windows.htmlhttp://www.webopedia.com/TERM/D/directory.htmlhttp://www.webopedia.com/TERM/D/domain.htmlhttp://www.webopedia.com/TERM/H/hard_disk.htmlhttp://www.webopedia.com/TERM/D/domain_controller.htmlhttp://www.webopedia.com/TERM/F/File_Replication_service.html8/3/2019 The Role of Domain Controllers
18/18
by using the NETLOGON and SYSVOL shared folders. Sysvol uses junction points-a physical location on a hard disk
that points to data that is located elsewhere on your disk or otherstorage device-to manage a single instance store.
http://www.webopedia.com/TERM/S/storage_device.htmlhttp://www.webopedia.com/TERM/S/storage_device.htmlhttp://www.webopedia.com/TERM/S/storage_device.html