Title: 70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: Planning Network Data Flow
170-293 MCSE Guide to Planning a Microsoft
Windows Server 2003 Network, Enhanced Chapter
3 Planning Network Data Flow
2Objectives
- Describe the three types of network traffic
- Understand unique characteristics of Ethernet
- Use physical components of a network to control
data flow - Monitor network performance
- Optimize network settings
- Use network troubleshooting utilities
3Types of Network Traffic
- Network traffic is defined as packets of data
sent on the network -
- Three types of IPv4 packets
- Unicast
- Broadcast
- Multicast
4Unicast Packets
- A unicast packet is addressed to a single
computer - The destination IP address in a unicast packet is
a Class A, B, or C IP address - This type of traffic can communicate on the
Internet and perform file and printer sharing in
the network
5Broadcast Packets
- Local broadcasts are used by applications to
announce status and ensure that all interested
hosts are informed - Broadcast packets are inefficient because they
are processed by all hosts on a subnet - On a busy host this may reduce performance levels
6Activity 3-1 Analyzing a Broadcast
- The purpose of this activity is to view the
contents of a broadcast packet
7Multicast Packets
- Multicast packets are addressed to a group of
computers using a Class D IP address - Multicast packets are an improvement over
broadcast packets because multicast packets are
processed by all hosts up to only the Internet
layer rather than up to the Application layer - This reduces the processing load on busy hosts
8Ethernet
- Ethernet is the most common network technology
used for LAN connectivity - Popularity of Ethernet is due to its high
performance and low price - Three important Ethernet concepts are
- Collisions
- Collision domains
- Transmission modes
9Collisions
- If two computers happen to transmit information
on the network at the same time, then a collision
results - Ethernet uses Carrier Sense Multiple
Access/Collision Detection (CSMA/CD) as the
access method to determine which computer is
allowed to send data on the network and when - When a collision occurs, the two computers that
are transmitting data stop and wait for a random
period of time before resending
10Transmission Modes
- A transmission mode is how data is sent on the
network - Ethernet networks are capable of transmitting at
- Half-duplex mode
- can send data or receive data, but cannot do both
at the same time - Full-duplex mode
- can transmit and receive information at the same
time
11Activity 3-2 Viewing Ethernet Settings
- The purpose of this activity is to view various
Ethernet settings
12Media
- Media is the physical component that connects all
of the devices together - The most common media types used in computer
networks are - Twisted-pair
- Fiber optic
- Coaxial
13Media (continued)
- Twisted-pair cabling is the most common type of
cabling used in computer networks - On an Ethernet network, it can carry data at up
to 1 Gbps at a maximum distance of 100 meters
over a single segment
14Media (continued)
- Fiber-optic cabling is used for network backbones
where twisted-pair cabling cannot transmit the
distance needed - On an Ethernet network, it can carry data at up
to 10 Gbps for a 2 kilometers - Two fibers are required for each connection one
for sending data, the other for receiving
15Media (continued)
- Coaxial cabling was common on older Ethernet
networks, but has been removed from most networks
- Coaxial cable cannot transmit in full-duplex mode
- Coaxial cabling is now expensive compared to
twisted-pair cabling
16Media (continued)
- Wireless connectivity is not part of the Ethernet
standard very popular now - A major cost savings in wireless implementations
is the lack of cabling installation - Security is a concern with wireless connectivity
17Hubs
- A hub acts as a central connection point on a
network that allows multiple computers to
communicate with each other - A hub can also be used to extend the network for
greater distance - A hub operates at the Physical layer of the OSI
model and is responsible for media
characteristics and electrical signaling
18Latency
- When a signal passes through a hub, it takes a
small amount of time for the signal to be
regenerated - The delay between receiving the signal and
sending it out again is called latency
19Latency (continued)
- When many hubs are linked, a high level of
latency is introduced and the carrier sense
portion of CSMA/CD becomes unreliable - When the latency is high, the number of
collisions increases because a computer at one
end of the collision domain can begin sending a
packet while another computer at the other end is
sending a packet at the same time
20Switches
- A switch divides network traffic based on MAC
addresses - Switches can operate at full-duplex
- Switches operate at the Data Link layer of the
OSI model - Switches can perform tasks that deal with full
packets of data and MAC addresses
21Switches (continued)
- A switch has several benefits over a hub
- Each port on a switch is a separate collision
domain allowing the division of large networks
and a reduction in the number of collisions - A switch can direct traffic only to the port to
which the destination computer is attached, which
reduces overall levels of network traffic - Switches can connect dissimilar network
architectures, such as Ethernet and wireless
22Switches (continued)
23Switches (continued)
24Routers
- Routers are used to move traffic between networks
- A router operates at the Network layer of the OSI
model which allows the control of network traffic
based on logical IP addresses - Routers maintain a list of IP networks called a
routing table - Routers are more scalable than switches
- Routers can control traffic for hundreds of
thousands of computers, whereas switches normally
can track thousands of computers
25Monitoring and Optimizing Network Performance
- A bottleneck is any point in the communication
process that cannot perform at the same level as
other components - Bottlenecks can occur in the physical network or
in server components - Network performance is limited by bottlenecks
26Network Performance Problems and Solutions
- The tools used to monitor network performance
include - Protocol analyzers
- Cable testers
- Task Manager
- Performance snap-in
27Protocol Analyzers
- Protocol analyzers can capture network traffic
and monitor network performance - A protocol analyzer can be used to look at each
packet in the communication process to see where
the problem lies - Network Monitor is a limited protocol analyzer
included with Windows Server 2003 - Ethereal is an alternative packet analyzer that
is very popular and free
28Cable Testers
- A cable tester checks the ability of a cable to
carry the electrical signals properly that are
sent by the computers - Each cable tester can verify the proper
installation of only certain types of cabling
29Task Manager
- Task Manager is a simple tool that can be used
to - Check memory
- Processor
- Network utilization
30Performance Snap-in
- The Performance snap-in located in Administrative
Tools can be used to generate graphs and log many
Windows Server 2003 performance indicators -
- The graphs generated by the Performance snap-in
can capture short- and medium-term information
31Activity 3-3 Monitoring Network Performance
- The purpose of this activity is to view network
utilization using Network Monitor, Task Manager,
and the Performance snap-in
32Optimizing Network Settings
- Network performance gains can be made by
modifying the network configuration of the servers
33Utilizing the Binding Process
- Binding is the process in which a network
protocol is configured to use a network adapter - When a protocol is added to a network connection,
it is bound to the network adapter and the
services that are part of that connection - Windows Server 2003 allows you to optimize your
network connectivity by - Adjusting the order in which protocols are used
- Defining the priority of network services
34Minimizing Network Protocols
- If a protocol is required to support older
clients, explore centralizing all services using
that protocol on a single server - This reduces the service advertisements produced
by other servers and reduces the processing
required on other servers
35Implementing the Maximum Transmission Unit (MTU)
Setting
- The Maximum Transmission Unit (MTU) setting sets
the maximum packet size that TCP/IP will try to
negotiate when creating a TCP connection - The default MTU setting is 1,500 bytes on an
Ethernet network
36Troubleshooting Utilities
- Windows Server 2003 has a wide variety of
utilities that can be used to troubleshoot
network problems - It is important to understand what each tool does
and when it is appropriate to use
37Ping
- Ping confirms that a host is active at an IP
address - Ping can be used to test for DNS resolution
problems - When you ping a host, the Ping utility indicates
how long it took for the remote host to respond
38Tracert
- The Tracert utility is used to view the routers
that a packet passes through between the local
host and a remote host - When using the Tracert utility to troubleshoot
Internet connectivity, look for the router that
stops responding this one is preventing users
from accessing a particular server
39Pathping
- Pathping can be used to view the routers used to
move a packet from the local host to a remote
host - However, the Pathping utility sends 100 packets
to each router in the path to provide a more
accurate measure of response times
40Activity 3-4 Testing for Network Congestion with
Pathping
- The purpose of this activity is to test to see if
the network is congested using the pathping
command
41Nbtstat
- Nbtstat is used to view NetBIOS over TCP/IP
statistics - It can view the list of NetBIOS services
available on the local host or remote hosts, and
it can view the local NetBIOS name cache
42Netstat
- Netstat displays TCP connection information and
various IP statistics, such as the number of UDP
and TCP packets and the IP routing table - Viewing TCP connections is useful for finding
rogue services
43Network Diagnostics
- Network Diagnostics can be used to view a variety
of settings on your server - It builds a list of information about your server
and tests services such as DNS and WINS to ensure
availability
44Activity 3-5 Viewing TCP Connections with Netstat
- The purpose of this activity is to view open
connections and running services with the Netstat
utility and view the current network
configuration with Network Diagnostics
45Ipconfig
- The ipconfig command can be used to
- View IP configuration information
- Release and renew IP addresses that are obtained
from a DHCP server - Flush the DNS cache because Windows Server 2003
caches all DNS lookups
46Netsh
- Netsh is a command-line utility that can be used
to modify and view IP configuration information - It is useful for remotely managing IP
configuration when Terminal Services is
unavailable and via scripts
47Nslookup
- Nslookup is used to query DNS servers
- Can be configured to query any DNS server you
want, making it easy to confirm the configuration
of a particular DNS server that is having problems
48Summary
- Types of network traffic unicast, broadcast, and
multicast - Ethernet is the most common network architecture
- A collision domain is an area of a network where
collisions occur - Transmission modes are half-duplex and
full-duplex - Hubs operate at the Physical layer of the OSI
model and send received data to all ports except
the one from which it was received
49Summary (continued)
- Switches operate at the Data Link layer of the
OSI model and control data flow based on MAC
addresses - Routers operate at the Network layer of the OSI
model and control data flow based on IP addresses - Tools used to identify bottlenecks include
protocol analyzers, cable testers, Task Manager,
and the Performance snap-in - Can optimize network settings by adjusting
bindings, minimizing number of protocols, and
adjusting MTU
50Summary (continued)
- IP troubleshooting utilities
- Ping
- Tracert
- Pathping
- Nbtstat
- Netstat
- Network Diagnostics
- Ipconfig
- Netsh,
- Nslookup