Network Fault-Tolerance Solutions One area of component failure is the network interface.. Monitoring and Troubleshooting Network Activity In this chapter: ■ Using Network Monitor ■ Mon
Trang 1You are not required to have a diskette drive installed to perform an ASR backup, but you are
required to have a diskette drive installed to perform an ASR restore.You can create the ASR
diskette after the Wizard completes by copying the files asr.sif and asrpnp.sif (located in the %system-root%\Repair directory) to a diskette If you do not have a floppy disk drive installed in your system,
you will see the warning in Figure 7.58.This does not mean that the ASR process will fail; it just
means that you will need to create the diskette manually later Click OK to close the warning
dialog box
If you are performing an ASR backup without using a diskette, next, you will see the warning
shown in Figure 7.59 Click OK to close the dialog box.
Performing an ASR Restore
An ASR restore is a fairly straightforward process Boot from your original Windows Server 2003
CD-ROM If a third-party storage driver needs to be loaded, press F6 when prompted to load the driver.To begin the ASR recovery process, press F2 when prompted, as shown in Figure 7.60.
Next, you will be prompted to insert the ASR diskette into the floppy drive, as shown in Figure 7.61
Figure 7.57 Creating the ASR Diskette
Figure 7.58 No Floppy Drive Warning
Figure 7.59 ASR Diskette Warning Message
Trang 2The ASR process will begin partitioning and formatting your server’s boot and system parti-tions/volumes, as well as any other partitions or volumes that contained operating system files.This process will automatically re-create the operating system as it existed at the time the ASR set was created If the backup media that is part of the ASR set cannot be located, you will be prompted for its location Once the ASR restore is complete, the system will reboot
Planning for Fault Tolerance
Fault tolerance is the ability to encounter failures and continue to function Fault tolerance is created
by using a combination of redundancy (the duplication of components or resources), efficient
distri-bution of workload, proper planning, proper procedures, and training When all of these are done correctly and in the right proportions, high availability is the result
To properly plan for fault tolerance, examine all of the possible areas a failure could occur that would affect continuous operation.The following are the most common areas of failure:
Figure 7.60 Text-Mode ASR Prompt
Figure 7.61 Insert the ASR Diskette Prompt
Trang 3■ Hardware (disk, RAM, CPU, power supply, cooling fans, and network)
■ Infrastructure (power feeds, environmental, and wide-area communications)
■ Operational (documentation, change of media, and procedures)
■ Functional (placing too many critical processes into a failure-susceptible area)
One fault-tolerant-related phrase you may have heard before is five nines, which is a reference to the larger scale of nines measure of computer system availability first developed by Jim Gray.The scale
of nines refers to the percentage of downtime allowed per year, described by the number of nines in the availability statistic Five nines refers to an achievable level of reliability in the middle scale.Table 7.2 illustrates the amount of downtime each level of “nines” means per year
Table 7.2 The Scale of Nines and What Five-Nines Means
Name Percentage of Uptime per Year Effective Downtime per Year
One nine 90% 36 days, 12 hours
Two nines 99% 3 days, 15 hours, 36 minutes
Three nines 99.9% 8 hours, 45 minutes, 36 seconds
Four nines 99.99% 52 minutes, 34 seconds
Five nines 99.999% 5 minutes, 15 seconds
Six nines 99.9999% 31.5 seconds
Seven nines 99.99999% 3.2 seconds
Eight nines 99.999999% 0.32 second
Nine nines 99.9999999% 0.03 second
Five nines reliability is commonly discussed because it is possible to achieve given current tech-nology.The primary factor with the scale of nines is cost Higher levels of availability are becoming possible to achieve, but they usually come at a steep price
Network Fault-Tolerance Solutions
One area of component failure is the network interface If a system has one interface to a network, and a component of that interface fails (the switch, the cable, or the NIC), the whole interface fails
As a result, it is a good idea to build redundancy into your network interfaces
Several manufacturers sell NICs that have two or more ports Using the appropriate drivers, these cards usually support either a failover configuration or a load-balanced configuration, which work as follows:
■ Failover Keeps one port idle and waiting, while the other port(s) handle communica-tions If a component of that interface fails, the idle port comes online and takes over for the failed port A failover configuration can be used with switches or nonswitched net-work hubs
■ Load-balanced configuration Uses multiple ports simultaneously and spreads the com-munication load among the ports In the event of an interface failure, the comcom-munications
Trang 4load is reassigned to the remaining active ports A load-balanced configuration yields higher availability and performance but can be used only in conjunction with higher-end intelligent switches
Some network topology issues can affect network availability as well When designing a net-work, keep in mind all of the potential failure points, including routers, switches, bridges, and wide area network (WAN) components
In all but the smallest networks, it is a good idea to have redundant functionality for critical ser-vices If you are using AD, make sure that you have more than one domain controller and DNS server If you are using WINS, create a secondary WINS server and have it replicate with the pri-mary WINS server If you are using DHCP, create a secondary DHCP server on each subnet and configure each with the appropriate scopes Following these guidelines will ensure continued opera-tion of these services in the event of failures
Internet Fault-Tolerance Solutions
Many of the Internet fault-tolerance solutions are the same as general network fault-tolerance solu-tions, but there are a few extra considerations
Network Load Balancing (NLB), discussed in the previous chapter, is a set of features included with all versions of Windows Server 2003 that can increase the redundancy, performance, and avail-ability of Web sites
Most medium and large networks access the Internet through a proxy server If your environment
includes a proxy server, consider building redundancy into it A secondary proxy server may be in order
The actual communication circuits and Internet Service Providers (ISPs) are other potential points of failure It is common for large companies and organizations to have multiple WAN circuits and even multiple circuits to more than one ISP.This increases cost but also reduces the likelihood
of a communications failure in an area usually outside your control
Disk Fault-Tolerance Solutions
The most common hardware component that fails is the hard drive Even though modern disk drives commonly operate for months or years without incident, failure is a given As a result, disk fault-toler-ance solutions are some of the most well-developed and reliable technologies, and they employ some
of the oldest and most simple techniques.These solutions were discussed earlier in Chapter 5
Server Fault-Tolerance Solutions
The server is our final point of consideration for fault-tolerance.There are two basic methods for
introducing fault-tolerance on a server: hardware redundancy and virtualization (called clustering).
Clustering was covered earlier in Chapter 6
Modern server hardware is designed around increasing performance and reliability Higher-end (more complicated and expensive) servers often include many built-in redundancy features It is pos-sible to find servers that support spare RAM and CPUs, redundant power supplies and cooling fans, built-in hardware RAID support, and many other features integrated into the basic system In
addi-tion, many components in modern higher-end servers are hot-swappable, meaning the power does
not need to be turned off in order to remove or change the component
Trang 5Another hardware component that is often overlooked but is easily acquired and implemented is
a redundant power source Ideally, you want duplicate power sources all the way back to duplicate utility companies, but that is usually not possible What is possible is the installation of an
Uninterruptible Power Supply (UPS) and the software to communicate with it Size a UPS by the amount of power it must provide and the length of time needed to run when on battery.The more equipment on a UPS or the longer the required runtime, the “larger” the UPS must be In very large environments, consider multiple UPSs operating in parallel (never “daisy-chain” UPSs) and possibly a backup generator
Trang 6Monitoring and Troubleshooting Network Activity
In this chapter:
■ Using Network Monitor
■ Monitoring and Troubleshooting Internet Connectivity
■ Monitoring IPSec Connections
Introduction
Managing a network involves a great deal of planning, design, and implementation Even the most efficient networks require analysis and monitoring to validate your network design Once your network is implemented, you will need to identify baselines for net-work activity, and be prepared to recognize abnormal behavior, and diagnose unex-pected changes and troubleshoot problems with your network Understanding your network will also provide you with the information necessary to plan for growth by examining trends and identifying the effects of adding hosts
As challenging as it is to manage a regular local area network (LAN), we are expanding our scope of responsibility by allowing access to the Internet, and allowing our employees to access our networks from their homes, other businesses, and even hotels and coffee houses With that perspective in mind, you spent all that time and effort to create a secure and reliable environment, and now you have clients transmitting company data from a network about which you know nothing.That fact alone makes it imperative that you implement strong security policies to protect loss of corporate data, and understand how to support and monitor the traffic in and out of your LAN from the Internet It also places a burden on you to provide highly available and fast Internet access to support the telecommuters and any other remote clients that use the Internet
to access the corporate LAN
Due to the ever growing complexity with network design, and the large quantity of data flow on today’s networks, we must understand the traffic and the tools that we use
to capture and analyze that traffic One of the most valuable tools we have at our
dis-Chapter 8
291
Trang 7posal is Network Monitor In this chapter, you will become familiar with network monitor and how
to use Network Monitor to view your network traffic and identify information about the network traffic Network Monitor is a great tool to help understand and troubleshoot connectivity problems
We will discuss the identification and resolution for Internet connectivity problems We will focus
on Network Address Translation (NAT), name resolution, and IP addressing issues In addition to trou-bleshooting and monitoring regular network traffic, we will also focus on monitoring network traffic that is encrypted IP Security (IPSec) is based on open standards that are used to provide reliable trans-mission of encrypted data and authentication of data over IP We will discuss how to use IPSec
Security Monitor console to monitor and troubleshoot IPSec connections on your network
Using Network Monitor
As a network administrator, you are tasked with understanding your network One of the primary functions of the network is the reliable delivery of data In addition to reliability, you must provide security and ensure that the data is accessible by those who are intended to receive it Network Monitor provides network administrators with a window to the information being delivered over the network
Network Monitor captures the frames of data as they are delivered over the wire, time stamps them, and provides statistical data about those frames After you have captured the frames of data, Network Monitor will decode the headers and provide an easy-to-read summary of the type of packet, the source, the destination, and if the data is not encrypted, the data in the packet as well In this section we will install Network Monitor After we install Network Monitor, we explain the general layout of the main console, and then look at some captured frames We look at how to filter captured data by setting capture filters and capture triggers, and then view more concise data using display filters
Installing Network Monitor
There are two versions of Network Monitor.The full featured version ships with both Microsoft Systems Management Server (SMS) and the limited version.The limited version is included with the operating system, but is not installed in Windows Server 2003 by default Installing Network
Monitor is actually a simple task—it is installed as a Windows Component via Add/Remove
Programs
Use the following steps to install Network Monitor During the installation, the driver for Network Monitor is automatically installed
Install Network Monitor
You will need the Windows Server 2003 product disc during the installation It will be helpful to have other machines available to you after the example is complete to see network traffic and per-form the captures
1 Navigate to Control Panel | Add or Remove Programs.The Add or Remove
pro-grams dialog is displayed
2 Select Add/Remove Windows Components from the shortcut bar.
3 The Windows Components Wizard is displayed (see Figure 8.1).
Trang 84 Select the item Management and Monitoring Tools as shown in Figure 8.1, and click the Details button
5 The Management and Monitoring Tools dialog is shown as in Figure 8.2 Click the check box next to Network Monitor Tools and click OK
6 The Windows Components Wizard is displayed again (see Figure 8.3), this time with the check box next to Management and Monitoring Tools checked and gray
7 Click Next to apply the changes and install the necessary software components.You will see what appears to be several components that you did not choose appear in the Status messages seen above the progress bar in Figure 8.4.This is part of a routine and there is no need for alarm Only the necessary components for Network Monitor will be installed
Figure 8.1 Windows Components Wizard
Figure 8.2 Management and Monitoring Tools
Trang 98 During the installation process, if the installation files for Windows Server 2003 are not accessible on the machine or existing network connections, then you will be prompted for the Windows Server 2003 setup disk as shown in Figure 8.5 If the installation files are located on the hard disk or a network share, you should still click OK and then you’ll be able to enter the path on the next screen
Figure 8.3 Windows Components Wizard after Selecting the Network Monitoring Subcomponent
Figure 8.4 Configuring Components
Figure 8.5 Insert Disk
Trang 109 When the installation is complete, you will see the Completing the Windows Components Wizard message (see Figure 8.6) Click Finish
In this example, we installed the operating system component version of Network Monitor
Now it is possible to capture and view frames of data from your network We can now become more familiar with using Network Monitor and understand how to use it effectively.Let’s take a
look at how to capture frames Click Start | Administrative Tools | Network Monitor.The
first time you launch Network Monitor, you will see a message informing you that you must select
a network to monitor, or Network Monitor will select one for you, as shown in Figure 8.7
Figures 8.8 and 8.9 show the dialog that you will use to select the network on which you will monitor traffic using this instance of Network Monitor If you are capturing data from multiple LANS simultaneously, you must install and configure one adapter for each network and start a unique
instance of Network Monitor for each adapter.You must select the network for each instance of
Network Monitor by selecting Capture | Networks and selecting the appropriate network.The
net-work for newly installed adapters will not be available until you restart Netnet-work Monitor
Figure 8.6 Windows Components Wizard—Completing the Windows Components Wizard
Figure 8.7 Microsoft Network Monitor Console