70291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 12: Routing

1
70-291 MCSE Guide to Managing a Microsoft
Windows Server 2003 Network, Enhanced Chapter
12 Routing
2
Objectives

• Configure Windows Server 2003 as a router
• Interpret and manage routing tables
• Describe the function of dynamic routing
• Implement a dynamic routing protocol on Windows
  Server 2003
• Control traffic sent through a router using
  packet filters
• Create and configure demand-dial connections for
  routing
• Troubleshoot routing

3
Configure Routers

• A router is a network device that moves packets
  from one network to another
• TCP/IP, IPX/SPX, and AppleTalk can be routed
• Windows Server 2003 can be used as a router
• Windows Server 2003 does not support IPX/SPX
  routing
• Cheaper to configure existing server as a router
  than buying a dedicated piece of hardware

4
Configuring Routers (continued)
5
Configuring Routers (continued)
6
Activity 12-1 Configuring RRAS as a Router

• Objective Configure Windows Server 2003 as a
  router
• Both network cards should be correctly configured
  with IP addresses
• Use Routing and Remote Access tool
• Use Configure and Enable Routing and Remote
  Access tool

7
Routing Tables

• Responsible for making intelligent decisions
  about how to move packets from one network to
  another in the fastest way possible
• List of networks known to the router
• Each network entry called a route
• Windows Server 2003 automatically configures
  default gateway route and routes to local
  networks from TCP/IP properties for each network
  interface
• Static routing is used when security is required
  otherwise dynamic routing is used

8
Routing Tables (continued)
9
Routing Tables (continued)
10
Routing Tables (continued)
11
Activity 12-2 Configuring a Static Route

• Objective Configure a static route to a remote
  network
• Start ? Run ? cmd
• Execute route print command
• Execute route add command
• Execute route print command

12
Routing Protocols

• Responsible for calculating best path from one
  network to another and advertising routes for
  dynamic routing
• Each routing protocol uses a different algorithm
• Each protocol advertises different amounts of
  information and with a different frequency
• Two protocols are used in Windows Server 2003 for
  IP routing
• Routing Information Protocol (RIP)
• Open Shortest Path First (OSPF)

13
RIP

• Simplest of the two routing protocols and most
  popular
• No configuration necessary under most
  circumstances
• Distance-vector routing protocol
• Does not differentiate between different link
  speeds
• Each router sends broadcast packet every 30
  seconds

14
RIP (continued)

• Many options that can be configured
• Type of events to be logged can be configured
• Configure from which IP addresses this router
  accepts updates
• Can use broadcasts or multicasts when sending
  information to other RIP routers
• Rip routers advertise the routes learned from
  other routers

15
RIP (continued)
16
RIP (continued)
17
RIP (continued)

• Can force authentication between routers when
  announcements are sent
• Password for authentication is plain text
• Can configure which incoming and outgoing routes
  are accepted
• Split-horizon processing stops information from
  going back in the direction it was received from
• Poison-reverse processing marks a network as
  unreachable if it goes down

18
RIP (continued)
19
RIP (continued)
20
RIP (continued)
21
Activity 12-3 Installing and Using RIP

• Objective Configure your server as a RIP router
• Use Routing and Remote Access Tool
• Create a new routing protocol
• Create a new interface
• See what routes are learned by the new router

22
OSPF

• Link-state routing algorithm
• Determines the best path from one network to
  another based on a configurable value called cost
• More flexible than RIP
• Not normally implemented on Windows Server 2003
• An OSPF router sends only changes in its routing
  table when communicating with other routers

23
Filtering Router Traffic

• Can control packets allowed to pass between
  routed networks using packet filters
• Packet filters are directional
• Packet filters are used to filter network traffic
  based on criteria such as
• Protocol
• Source address
• Destination address
• Port number

24
Filtering Router Traffic (continued)
25
Configuring Packet Filters
26
Configuring Packet Filters (continued)
27
Configuring Packet Filters (continued)
28
Activity 12-4 Creating a Packet Filter

• Objective Create and test an unbounded packet
  filter to block ICMP request packets
• Use the cmd utility
• Use Routing and Remote Access Tool
• Create a new inbound and outbound filter

29
Demand-dial Connections

• Used to establish a connection between two
  routers only when there is data to send
• Traditionally used to minimize the amount of
  phone time used on dial-up connections between
  routers
• Can also be used to initiate VPN connections
  between Windows routers
• Can be created for PPPoE connections

30
Creating Demand-dial Connections

• For a demand-dial connection to function
  properly
• Enable the server to perform demand-dial routing
• Configure a port to allow demand-dial routing
• Create a demand-dial interface
• New demand-dial connections are created using the
  Demand-Dial Interface Wizard

31
Creating Demand-dial Connections (continued)

• A user account with remote access permission is
  required to establish a demand-dial connection
• Avoid sending plain-text passwords
• At least one static route is required to trigger
  the demand-dial interface

32
Activity 12-5 Creating a Demand-dial Connection

• Objective Create a demand-dial VPN connection
• Add a new demand-dial interface
• Complete the resulting Wizard tool

33
Configure Demand-dial Settings

• Most options can be configured during creation,
  but some options can be configured only after
  creation
• You can configure security settings and idle
  timeout
• You can configure a set of dial-out hours

34
Configure Demand-dial Settings (continued)
35
Configure Demand-dial Settings (continued)
36
Demand-dial Filters

• With the default configuration, a demand-dial
  connection is triggered by any IP traffic that
  needs to be routed
• Filters control which types of network traffic
  trigger a demand-dial connection
• Configured the same way as a firewall rule
• Can be used with a dial-up Internet connection to
  ensure that the connection is not dialed except
  for allowed traffic

37
Demand-dial Filters (continued)
38
Demand-dial Filters (continued)
39
Activity 12-6 Configuring Demand-dial Filters

• Objective Configure demand-dial filters to
  control the activation of demand-dial connections
• Use Routing and Remote Access Utility
• Create a new demand-dial filter
• Test the new filter

40
Troubleshooting Routing

• Most problems result from an incorrect
  configuration
• First place to check for problems is the routing
  table
• A remote router may prevent a packet from
  reaching its destination network
• Can use the tracert command to see the path a
  packet takes from one router to another

41
Troubleshooting Routing (continued)
42
Summary

• Windows Server 2003 can be configured as a
  low-cost router for TCP/IP and AppleTalk
• Each router maintains a routing table that stores
  routes to local and remote networks
• Entries in the routing table may be configured
  automatically, using the route command, using the
  Routing and Remote Access snap-in, or by using a
  dynamic routing protocol

43
Summary (continued)

• RIP is a distance-vector routing algorithm that
  calculates paths based on hops
• OSPF is a link-state routing algorithm that
  calculates paths based on a configurable metric
  called cost
• Packet filters may be applied to network
  interfaces on a router to control the flow of IP
  packets
• Demand-dial connections are activated only when
  network traffic requires them
• The tracert command may be used to list the
  routers a packet crosses to reach a destination
  computer