Installation and Configuration of a TCP/IP Windows NT Network
The goal of this article is to present a quick, tried and true method for installing a Windows NT network utilizing TCP/IP as the protocol. We are going to assume that this is a simple installation. No installation is ever quite this simple. However, providing for every situation is something you can only get from your own experience, and is not something you can get from a magazine article.
What we are going to cover is DHCP, WINS, and DNS installations. The network configuration is as follows. Two Windows NT 4.0 Servers are installed on the network along with forty workstations along with an IBM AS/400. For the IP address range we are going to use in this example network, we are going to use the reserved Class C address range. If the network is going to have an Internet connection, most smaller networks use address translation behind a firewall. In the case of having a direct connection, simply use the address range that your ISP gives you.
Our primary server name is going to be BART. HOMER is the name of the server used to host the Intranet, and the AS/400’s name is MARGE. The TCP/IP domain name is vf.net and the Windows NT domain name is VFNET. These servers all will have assigned static IP addresses. See the network diagram below (Figure 1).
BART is installed as a Primary Domain Controller. BART has the DHCP, DNS, and WINS services installed on it. HOMER has IIS installed on it, and it offers HTTP, and FTP services. It is also an Exchange 5.0 server for e-mail. Normally a second Windows NT server will be backup for DNS and WINS, however, since many installations will not have more than one server, this will not be covered. There is also a network printer called Maggie.
Figure 1.
All of these services install from the same point in on the server. Under the Control Panel, select the Network icon. The services tab is where we will install DHCP, DNS, and WINS. But first, we will need to install TCP/IP. The Protocol tab will allow you to Add the TCP/IP protocol. After installation, you will be prompted for the TCP/IP properties. Our server address is going to be 192.168.1.1 with a subnet of 255.255.255.0. The DNS tab allows you to insert the Host Name and the Domain Name (Figure 2). You will also put the IP address of the DNS server itself under the DNS Service Search Order. The WINS Tab will be configured with its own IP address as the Primary WINS server, and Enable DNS for Windows Resolution should in most cases be checked.
DHCP, DNS and WINS are all installed under the Services Tab. This installation is simple. Select the Add button, and one by one select Microsoft DHCP Server, Microsoft DNS Server, and finally Microsoft WINS Server. The DHCP service installs with the DHCP Relay service. This is not necessary in a simple installation with only one subnet and can be removed. However, in any network with a more complicated network, it should be left installed.
The WINS service requires no other installation or configuration. Should you need to verify its workings, you can use the WINS Manager under Administrative Tools (Figure 3). This will give you diagnostics information and a few preferences to change.
For a smaller network there are usually no requirements for specific workstations to have specific IP addresses on an internal network. Only the servers should. Occasionally in an Intranet situation, a few users will install Personal Web Services on their workstation. This will be supported by the WINS to DHCP mapping. Alternatively, these users could also change over to static IP addresses. Because of this, there should be very few reasons for most networks not to use DHCP.
The DHCP Manager is where the Scope, or range of addresses used by clients, will be created. Considering that for our example network we are using the Class C address range 192.168.1.1 to 192.168.1.255, and we only have forty workstations, we can create a larger scope then necessarily required. A good idea when creating a subnet is to reserve an amount of addresses for future server expansion. In this case, we are going to reserve up to the address .32. We will create the scope to include 128 addresses. That gives our address range of 192.168.1.32 to 192.168.1.160. Go to Scope, Create (Figure 4). Enter the Start and End Addresses, the Subnet Mask of 255.255.255.0, and the name of the scope. The Lease duration default is normally appropriate.
After you hit OK you will be prompted to make the scope active. Allow it to activate. Next, you need to configure a few global options. Highlight the new scope under Local Machine, select DHCP Options, Global. You will want to set option 006 DNS Servers and give it a value to match the server address of 192.168.1.1 after hitting the Edit Array button (Figure 5). Next, option 044, WINS/NBNS Server. This will give you a prompt that you must set option 046. Hit OK, and then again put in the Server Address. Now, option 046 WINS/NBT Node Type should be set to H-Node 0x8. H-Node means that first name resolution is attempted by accessing the WINS server. If there is no response, then it tries to broadcast throughout the local subnet to find the requested machine name.
With DHCP enabled, all the workstations may now be installed onto the network. For Windows 95 machines, simply installing the Client for Microsoft Networks, TCP/IP, and the driver for the network card. Recommended computer names for each client are last four digits of the serial number of the PC and user names. The workgroup name should be the same as the domain name. Windows NT 4.0 Workstations may also be installed with the TCP/IP protocol. More in depth discussions on client installation are covered by their respective Resource Kits.
DNS is the method for which a computer can map the name or a computer system to its TCP/IP address. It is a database kept on DNS servers. This article is not to explain how DNS works, but to quickly and easily show how to setup a standard DNS server under Windows NT. Most consultants do not have the time to do much more than a quick standard installation. Those that have more time can refer to the various published books on the DNS service, RFCs such as 1035.
To start the DNS Manager, it is under Start, Programs, Administrative Tools. When you first start the DNS Manager, there will be no entries, even though the DNS service has started. Under the DNS menu, select the option for New Server.
Enter the IP address for your Windows NT server (Figure 3). After selecting OK, you will be prompted for this to be a Primary or Secondary Zone (Figure 4). Select Primary.
Your next screen will be a prompt for the zone name (Figure 5), and the file to use as the database file. Our example uses VF.NET as our domain name. BART will be the name of our Windows NT Server.
Some basic records are then filled in for our use (Figure 6). These records are the Name Server record (NS), the Start of Authority (SOA) and the first A record, which consists of the server’s name and address.
The first thing you should do is to double click the SOA record to get to its properties (Figure 7). Make sure that the Primary Name Server DNS Name is the correct one for your server and that the name of the Responsible Person is the primary technical contacts email address for your network. Note that there is no @ sign in the address. The serial number shown is very important. Every time you wish to have your files replicated to other DNS servers, this serial number must be unique. The normal way to do it is to make it the current date (12041997 for example). The other defaults are usually acceptable.
You must create the reverse resolution domain. Highlight the server address, in this case 192.168.1.1, and then DNS, New Zone. Now you will enter as the name of the new zone the reverse of the primary three numbers followed by in-addr.arpa. In our case this will be 1.168.192.in-addr.arpa as the name, and accept the file name also (Figure 8). This domain will be created just as the above, and again, you must check the SOA record to ensure you have the correct names for the contact and serial number!
Next highlight the zone name, and select properties. Go to the WINS Reverse Lookup tab, and click the Use WINS Reverse Lookup. Then enter your domain name under DNS Host Domain (Figure 9).
We are now ready to start adding default records. Any other servers in your network will need to be added as new hosts. Right click on the zone you wish to add a host to (This should be VF.NET) and select ADD HOST. Enter just the name of the hosts, the IP address, and make sure that the Add Associated PTR Record box is checked.
Note that your servers should be using static IP addresses. They should not be assigned addresses by DHCP; this is for the workstations.
These are best known as “aliases” for existing servers. An example is best. When someone types in his or her web browser www.vf.net, nothing will currently show up. There isn’t a server with that name. How are they supposed to know that its bart.vf.net? Well, why not just name the server www.vf.net? Then you would need a separate server for mail and for FTP services. Instead we alias the server. Now it is possible to have many names for the same server. Right click on the domain, and select New Record. Select CNAME Record, type in your alias (WWW, MAIL, or FTP for our examples), and then give it the full name of the host. Repeat for all necessary items. You should now have several CNAMES listed for a single host A record.
A mail exchanger record (MX) needs to be created. This record will tell a remote SMTP server which server to deliver mail to for your domain name. Create by right clicking on the domain, and then selecting New Record (Figure 11). Select the MX record type, then fill in the host name mail, the DNS name mail.vf.net, and give it a preference number of 1. In special circumstances, you may need to have multiple mail servers, in this case, add another MX record, with the secondary server having a higher preference number. If you will have multiple mail records, you may wish to have the primary start with a higher number such as 10. This way you can add new mail servers to be the primary easily. Please note that we gave the mail server name mail.vf.net even though the real name of the mail server is HOMER. The MX record’s Mail Exchange Server name must be either an A (host) record or a CNAME record to another host name. There is a report that some mail clients have trouble when pointing to a CNAME record.
A WKS record, or Well Known Service, is another type of record. The WKS record lists what services are available on a particular server, such as telnet, finger, ftp, and many others. This type of record isn’t usually needed. If you think you may need this type of record, or many of the various other types, you will want to find some of the major resource materials for Domain Name Service.
Your final configuration should show the domain as shown in Figure 5. It is doubtful you will need more records than this in most installations. Enterprise wide systems may need backup DNS servers, and many other advanced features, however, that is for another article.
I sincerely hope that this article has been a help to you. While many consultants and Windows NT professionals know about trust relationships, and creating user accounts, TCP/IP is in general a bit more complicated. And, since there are so many variables, coming to some sort of usual method for us to use simplifies later maintenance. I try to make sure that all the engineers in my company follow these basic procedures, so that anyone may follow up and not be completely in the dark on the network configuration of a client.