WINDOWS 2000 TROUBLE SHOOTING TCP/I P phần 9 pot

Advantages of OSPF Despite the fact that it is much more complex and requires more cal expertise to implement properly, OSPF has many advantages over RIPand other distance vector protoco

networks (such as ATM or X.25) OSPF has different protocols for cast and multicast network types

broad-OSPF uses the Dijkstra algorithm, which comes from the branch ofmathematics known as graph theory, to calculate the lowest-cost path to adestination from a given source

OSPF on a Broadcast Network

On a broadcast network, OSPF uses a packet called a Hello protocol

mes-sage, which is a broadcast message by which routers locate one another

A router is selected to be the Designated Router (DR), and all the otherrouters exchange routing information with the DR Then, the DR updatesneighboring routers

The DR is elected by an exchange of Hello packets Each packetincludes the current DR, the sending router’s router ID, and its routerpriority (which can be set during configuration of OSPF) The router withthe highest priority is selected to be the DR If more than one router hasthe same priority, the one that has the highest router ID will become theDR

A backup DR is also elected for multiaccess networks, so if the DRbecomes unavailable, connectivity will not be lost

Configuring an OSPF router with a priority of 0 means it cannot become a

DR There must be at least one router on the multiaccess network that has

a priority of 1 or above Otherwise, no router can become DR and the linkstate database cannot be synchronized, resulting in no traffic being passedacross that network

OSPF on a Nonbroadcast Network

On a network using a nonbroadcast architecture, such as ATM, OSPF has

to be initially configured manually with the addresses of neighboringrouters A DR is also used, but rather than sending the routing informa-tion via broadcast or multicast, it is sent point to point, between the DRand the other routers This means a greater number of virtual

NOTE

WARNING

connections are required for complete connectivity, making it more plex and more resource-intensive than a broadcast network implementa-tion.

com-OSPF on a Point-to-Point NetworkOSPF can also be used on a dedicated point-to-point network such as T-1leased lines, connecting only two routers IP multicast addresses are usedfor the OSPF messages

OSPF’s Hierarchical Routing StructureThe routing tables used by a distance vector protocol like RIP have a flatstructure, and every RIP router on the internetwork must contain anentry for every network The networks are not divided into areas orgroups; all are seen as individual entities—thus the “flat” description

Link state protocols like OSPF create a hierarchical structure by dividingthe internetwork into areas Every OSPF router belongs to an area, identi-

fied by a 32-bit number, expressed in dotted decimal called the area ber This greatly reduces the size of the routing table for each router,

num-since it only has to keep entries for its area

Although the area address is in the same format as an IP address, it is anentirely different number, assigned by the administrator It has no

relationship to the network ID, although if the networks in an area are all inone subnetted network ID, you could, for convenience, use the network ID

as the Area ID Windows 2000 allows you to configure up to 16 areas for

an interface

There is also a backbone area designated as area 0.0.0.0 The router

that connects an area to the backbone area is called an Area Border Router (ABR) This router is a member of its area and contains routing

information for that area, but also is a member of area 0.0.0.0 and canroute between the two areas See Figure 11.12 for an illustration of this

The ABR has a separate link state database for each area to which itbelongs, and SPF calculations are performed independently for each area

NOTE

OSPF Areas

An area can consist of one or more networks or subnets The advantage

of splitting the internetwork into areas is that you reduce the bandwidthused for routing so that it is proportionate to the size of the area ratherthan the size of the internetwork as a whole

ABRs can summarize the routes within their areas Route

summariza-tion means that each ABR communicates a single route for its area to thebackbone router Thus, the Area 0.0.0.0 routing table contains only thenumber of routes that correspond to the number of areas, rather than allroutes for each area In Figure 11.12, Area 0.0.0.0’s database would berequired to contain only four routes, regardless of how many routers androutes exist within each of the four areas

Route summarization also decreases recalculations of routes

Whenever a network is added or removed, each OSPF router must culate the database By using areas, if a new network is added to Area0.0.1.1, the routers in other areas will not be required to recalculate sincethe summarized route is still valid

recal-Figure 11.12 The hierarchical structure of OSPF routing architecture.

Area 0.0.1.1

Area 0.0 0.1 Area 0.0.1.0

Area 0.1.0.0

Area 0.0.0.0(The backbonearea)

OSPF Router ClassificationsOSPF routers on the internetwork are designed as one of the following:

■ ABR Area Border Router (routes between the area to which it

belongs and the backbone area)

■ IR Internal Router (routes within its area).

■ BR Backbone Router (Area 0.0.0.0 router).

■ ASBR Autonomous System Border Router (used on global

internetworks, such as the Internet, to add another layer of thehierarchy An Autonomous System, or AS, represents an entireenterprise network within the global internetwork)

AS numbers are allocated by the Internet Assigned Numbers Authority(IANA), as they must be globally-unique

OSPF uses 32-bit router identification numbers (router IDs) ratherthan the routers’ IP addresses to keep track of individual routers on theinternetwork This is because each router will have more than one IPaddress

The administrator assigns the router ID It is common practice, although in

no way required, to use the router’s lowest IP address for its router ID

The Protocols Used by OSPFThe following protocols are used within OSPF:

Common header protocol The common header used for OSPF

messages includes the version number, type, packet length, therouter ID, Area ID, a checksum, and an authentication field(messages can be sent with password authentication or noauthentication)

Hello protocol The Hello protocol is used on broadcast networks

to discover the identities and routes of neighboring routers

NOTE

TIP

Exchange protocol The Exchange protocol uses database

description packets in a master-slave relationship The mastersends the database description packets, and the slave sends anacknowledgment

Flooding protocol The Flooding protocol is used when a link

changes state, as when the link between two routers goes down.The router that is responsible for the changed link issues the newlink state information, and the updated information is sent inregular intervals until an acknowledgment is received

Aging Link State Records protocol The Aging Link State Records

protocol is used to remove old, outdated records from thedatabase When the record is originally issued, its age is set as 0

It is incremented by 1 every second and on each hop, and when itsage matches the designated maximum, the router removes it andinforms neighboring routers of the change

Advantages of OSPF

Despite the fact that it is much more complex and requires more cal expertise to implement properly, OSPF has many advantages over RIPand other distance vector protocols:

techni-■ More efficient calculation of routes

■ Faster convergence

■ Support for load balancing

■ Low bandwidth utilization

■ No routing loops or count-to-infinity problems

■ Hierarchical structure isolates instability within an area

■ More scalability, appropriate for larger networks

■ Secure password authenticated transmission of updatemessages

Windows 2000 as an IP Router

A Windows 2000 multihomed host computer is configured as an IP router

to provide packet forwarding for other TCP/IP computers by enabling theRRAS service and setting up a routed IP network This can be a staticrouted network, a RIP for IP routed internetwork, or an OSPF routedinternetwork For more information about installing RRAS, see Chapter 9,

“Troubleshooting Remote Access in a Windows 2000 TCP/IP Network.”The Windows 2000 router supports both RIP (versions 1 and 2) andOSPF dynamic routing protocols

Installing Routing Protocols

The Windows 2000 router supports dynamic routing, using RIP or OSPF

To install the RIP or OSPF protocol, open the RRAS management console

In the left console pane, expand the name of the RRAS server, expand IPRouting, and right-click General Select New Routing Protocol, as shown

in Figure 11.13

Figure 11.13 Adding a dynamic routing protocol to the Windows 2000 router.

You will be given a choice to select either RIP or OSPF Make theappropriate choice, and the protocol will be added You can now configure

it by right-clicking on its name, which will show up in the left consolepane under IP Routing

Windows 2000 Router Management Tools

Windows 2000 provides built-in router management tools for the tration of the static, RIP, or OSPF router A Windows 2000 router can beadministered locally or remotely from another Windows 2000 computerrunning RRAS

adminis-Remote Router Administration

Windows 2000 allows you to administer a remote Windows 2000 routervia the RRAS management console To do so, open the RRAS MMC, and

in the left pane of the console tree, right-click Server Status, then AddServer A dialog box as shown in Figure 11.14 will appear

Figure 11.14 Use the Add Server dialog box to select the computer(s) to

administer remotely

As you can see, you can select “The following computer:” and type inthe name of the Windows 2000 router computer, you can select to admin-ister all RRAS computers in a designated domain, or you can browse theActive Directory to find the computer to be administered

If you choose to browse the Directory, you will see a dialog box likethe one displayed in Figure 11.15

If you elect to administer all RRAS servers in the domain, the names

of all Windows 2000 computers in the domain running RRAS will be played in the left console of the MMC, as shown in Figure 11.16

dis-You may notice in Figure 11.16 that there are three Windows 2000computers running RRAS in the tacteam domain One of them, DS2000,

is marked with a red and white “X” to indicate that this computer is not arouter or RRAS server and cannot be administered remotely (DS2000 is aWindows 2000 Professional workstation)

You can now add new interfaces and routing protocols, and managethe routing components on the remote Windows 2000 router computerjust as you could locally.

Figure 11.15 You can browse the Directory to find Windows 2000 routers or

RAS servers

Figure 11.16 Windows 2000 RRAS computers that can be remotely

administered are displayed

Using ICMP Router Discovery

You can use the Internet Control Message Protocol (ICMP), a TCP/IP

utili-ty, to configure IP host computers with the IP addresses of local routers(and establish a method for the hosts to detect that a router is down) To

do so, implement router solicitation and advertisement

ICMP router discovery messages are discussed in RFC 1256

Here’s how it works:

1 Host computers send router solicitation messages to discoverthe routers on their networks

2 Routers send router advertisement messages in response to thesolicitations The routers also send advertisements on a regularbasis (unsolicited) to inform the host computers that the routersare still up and available

To enable ICMP router discovery, open the RRAS console, and in theleft pane of the console tree, under the Windows 2000 router on whichyou wish to enable discovery messages, click General under IP Routing

In the right console pane, right-click the name of the router interface youwish to enable for ICMP, then click Properties Select the General tab, asshown in Figure 11.17, and check the “Enable router discovery advertise-ments” check box

Here, you can set the lifetime of the advertisement (the time afterwhich a router will be considered to be down or unavailable) in minutes.You can also set the minimum and maximum rates for sending of ICMPadvertisements by the router “Level of preference” refers to the level ofpreference for this Windows 2000 router to be the default gateway forhost computers on the network

Using the Netshell Utility (NETSH)

NETSH is a command-line utility included with Windows 2000, withwhich you can configure routes, interfaces, and routing protocols onWindows 2000 RRAS routers The NETSH utility will allow you to displaythe configuration of routers that are running on Windows 2000 RRAScomputers, and supports scripting so that you can run commands asbatch files for a particular router

NOTE

NETSH is used for management of other services, such as DHCP andWINS To change the NETSH context to routing, use the routing com-mand within NETSH, as shown in Figure 11.18.

Figure 11.17 Enabling router discovery advertisement messages.

Figure 11.18 Use the NETSH command to display routing information.

Table 11.3 lists some of the commands available in the IP routing text.

con-Table 11.3 Netshell IP Routing Commands

Command Description

delete Deletes a configuration entry from a table

igmp Changes to 'routing ip igmp' context

ospf Changes to 'routing ip ospf' context

relay Changes to 'routing ip relay' context

reset Resets IP routing to clean state

routerdiscovery Changes to 'routing ip routerdiscovery' context

Update Updates autostatic routes on an interface

Standard TCP/IP tools, such as PING, TRACERT, and PATHPING, arethe common starting point for troubleshooting an IP routing problem SeeChapter 4, “Windows 2000 TCP/IP Internals,” for more information onhow to use these command-line utilities

Router Configuration

Proper configuration of the router(s) will prevent many problems

Configuring Windows 2000 as an IP router, for either static routing orusing RIP or OSPF, is a relatively painless procedure, but it is importantthat you follow the steps exactly and don’t change settings unless youknow what effect it will have

Preconfiguration Check List

Remember that before installing and configuring IP routing, you mustensure that the following have been done:

■ Install the proper hardware (the Windows 2000 computer acting

as a router must have two network interfaces) and the driversfor the hardware Check the Windows 2000 HCL to ensurecompatibility of the hardware

■ TCP/IP must, of course, be installed and configured

■ The RRAS service must also be enabled and configured (seeChapter 9 for more information on proper installation of RRAS)

■ Determine whether you will set up the Windows 2000 router forstatic or dynamic routing

■ Determine which routing protocols will be used on the network

Configuring Windows 2000 Static IP Routing

Deployment of static routing on a Windows 2000 router is relatively ple You should first analyze the internetwork topology, to determinewhere each network is and where routers and TCP/IP host computers arelocated on the networks Then, a unique network ID is assigned to each

sim-IP network, and sim-IP addresses are assigned to each router interface

Common practice is to give the lowest IP addresses for the network ID tothe routers Thus, for network 192.168.1.0 (a class C network defined by asubnet mask of 255.255.255.0), the router (default gateway) address thatwould be assigned is 192.168.1.1 This is not required, but is an industrytradition

Default routes can be configured on peripheral routers, although this

is not required A default route is used for sending packets to a tion for which there is no route available in the routing table

destina-Nonperipheral routers (internal routers) should have routes to remotenetworks added to their routing tables as static routes Each route shouldinclude the following:

These static routes should be entered in the routing tables of eachnonperipheral router.

Routes are added using the command-line ROUTE utility To make a routepersistent across system reboots, use the –p option

Troubleshooting Static Routing Configuration

If the router is not forwarding data properly in a static routing ment, you should do the following:

environ-1 First, confirm that IP routing is enabled on the Windows 2000router, by checking the RRAS management console

2 Use IPCONFIG at the command line to ensure that the TCP/IPconfiguration for the interface is correct Use standard TCP/IPtools such as PING to verify connection to hosts on the networksegment

3 Ensure that the default route is configured correctly The defaultroute is used for sending packets to destinations that are

unknown to the router Be sure that the route set as thegateway for the route is reachable and is on the same network

as the interface

Routers should be configured to use a static IP address, instead of getting

an IP address via DHCP

Configuring RIP for IP

Remember that RIP is most appropriately used for medium-sized works (those consisting of 10 to 50 networks) RIP can be used with mul-tipath networks, where there is more than one pathway a packet couldtake between two endpoints on the network RIP will also work in an envi-ronment where the network topology changes, and networks are addedand removed

internet-TIP

NOTE

In designing the RIP network, keep in mind the maximum hop countlimitation of 15 This limits the number of routers through which a pack-

et must go to reach any destination from any source, for practical

pur-poses, to 14 (called the maximum physical router diameter).

As in deploying static routing, you should first analyze the work, assign network IDs, and assign IP addresses, following the samebasic rules discussed earlier Then, decide whether to use RIPv1 or RIPv2

internet-on each Windows 2000 computer functiinternet-oning as a router Add the priate RIP protocol to each Windows 2000 router interface, as shown inFigure 11.19

appro-Figure 11.19 Adding the RIP protocol to a router interface.

Once the protocol has been added, right-click the Interface name inthe right console pane of the MMC, and select Properties to configure it(see Figure 11.20)

To configure RIPv2, do the following:

1 In Outgoing Packet Protocol on the General tab of the Propertiessheet: a) select RIPv2 broadcast if there are version 1 RIP

routers on this network, or b) select RIPv2 multicast if all RIProuters on the network are version 2 routers

2 In Incoming Packet Protocol, select RIP, version 1 and 2 if it is amixed RIP environment, and RIP, version 2 only if there are onlyRIPv2 routers on this network

Figure 11.20 RIP Properties dialog box.

Troubleshooting RIP Configuration

Some of the more common RIP configuration problems include incorrectroutes in the mixed RIP (version 1 and 2) environment, silent hosts notgetting route updates, auto-static updates not working properly, and hostroutes and/or default routes not being propagated to other routers

Problems with Mixed RIP Versions

When a network includes some routers running RIPv1 and others ning RIPv2, the version 2 routers must be configured to send broadcasts

run-if you want the version 1 routers to receive their announcements If youhave this problem, ensure that your RIPv2 router interfaces are all set tobroadcast their announcements, not multicast

Problems with Silent HostsRIP listeners (silent hosts) cannot receive multicast announcements Ifyou have silent RIP hosts that fail to receive announcements, confirm thatthe silent hosts are using RIPv1 and that the RIPv2 routers on the net-work are set to send broadcast, not multicast, announcements.

Problems with Autostatic Updates

If you have demand-dial routing interfaces using auto-static updates (seeChapter 9 for more information about RRAS demand dial), the demand-dial interfaces need to be set to broadcast announcement messagesinstead of multicasting

Autostatic updates are used with demand-dial routing over a remoteaccess link The “auto” in the term refers to the automatic adding of therequested routes as static routes in the routing table upon an explicitrequest via RRAS or the NETSH utility The demand-dial link must beconnected

If an autostatic request is made, existing autostatic routes that are inthe table are deleted Then, the update is requested from other routers

This can lead to problems: If other routers don’t response to the updaterequest, the router cannot replace the routes it has deleted This couldcause loss of connectivity to remote networks

Problems with Propagation of Host and Default RoutesRIP does not propagate host and default routes by default You mustspecifically enable propagation, which can be done by right-clicking theInterface name in the right console pane of the RRAS MMC, selectingProperties, and then selecting Advanced See Figure 11.21

The RIP Properties box is also used to set Security on the updateannouncement messages and to specify RIP neighbors and determine therouter’s behavior in regard to those neighbors

Configuring OSPF

The OSPF dynamic routing protocol is installed similarly to RIP, via theNew Protocol selection, when you right-click the General tab under IPRouting in the RRAS management console

Once the protocol is enabled, configure it by following these steps:

1 Click on OSPF in the left pane console tree

2 In the right pane, right-click the interface you want to configure,and choose Properties

3 Select the “Enable OSPF for this address” check box on theGeneral tab Where it says Area ID, click the ID of the area towhich this interface belongs

4 Set the priority of the router over the interface in “Routerpriority.”

5 Use the scroll arrows to set the cost of sending a packet over theinterface under Cost

6 Type in a password, if password protection is enabled for thatarea

7 Select the OSPF interface type under Network type

If this interface has more than one IP address configured, select the IPAddress box on the General tab and configure OSPF for each address

The OSPF Interface Properties dialog box appears in Figure 11.22

Figure 11.21 Setting RIP to propagate host and default routes in the Advanced

Properties box

TIP

OSPF Password Protection

All OSPF routers in the Area must use the same password To set thepassword, click OSPF in the left pane of the console tree, and selectProperties On the General tab, type the correct password in thePassword box Remember that OSPF passwords are case-sensitive

Windows 2000 Router Logging

You can enable router logging for the Windows 2000 router to assist you

in troubleshooting routing problems You can either enable event logging,

to log router events in the system log in Event Viewer, or enable trace ging, which will log information to a file (or you can do both)

log-Using Event Logging

You can enable event logging on the Event Logging tab on the Propertiessheet of a remote access server Choose the RRAS server, right-click andselect Properties, then select the Event Logging tab, as shown in Figure11.23

Figure 11.22 The OSPF Interface dialog box showing the contents of the

General tab

You can choose the level of information you wish to be logged to thesystem log There are four levels: logging of errors only, logging of errorsand warning messages, logging of the maximum possible amount of infor-mation, or no logging (disabled).

The default setting is logging of errors and warning messages

Remember that logging uses a great deal of system resources andshould be used only when necessary and disabled when the problem hasbeen addressed

Using the Tracing Function

The Windows 2000 router supports tracing, a feature that can be used fortroubleshooting complex network routing problems When you enable tracing

in Windows 2000 Server, the tracing information will be logged to files

Figure 11.23 You can select from four levels of event logging in the RRAS

server Properties sheet

NOTE

To enable the tracing feature, it is necessary to edit the Windows 2000Registry.

Editing the Windows 2000 Registry incorrectly can cause serious damage tothe operating system, including making your computer unbootable Alwaysback up important data before you make changes to the Registry

To enable tracing, open the following Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing Tracing is enabled separately for each routing protocol, by setting theappropriate Registry values Each of the routing protocols appears as asubkey in the Registry, under the Tracing key Select the protocol forwhich you wish to enable tracing (for example, OSPF)

Tracing can be enabled or disabled while the router is running

Configure the following Registry value entries for each protocol key toenable tracing for that protocol:

■ EnableFileTracing (value type is REG_DWORD) Set

EnableFileTracing to 1 (the default value is 0) to enable loggingtracing information to a file

■ FileDirectory (value type is REG_EXPAND_SZ ) To change the

default location of the tracing files, set the FileDirectory value tothe desired path The filename for the log file is the name of thecomponent for which tracing is enabled Tracomg log files are

placed in the systemroot\Tracing folder by default.

■ FileTracingMask (value type is REG_DWORD) This setting

indicates how much tracing information is logged to the file

■ MaxFileSize (value type is REG_DWORD) Set this value to

change the size of the log file The default value is 10000 (64K)

WARNING

TIP

Tracing uses a significant amount of system resources Use it sparingly foridentification of network problems After you capture the trace, disabletracing Never leave tracing enabled on multiprocessor systems

Troubleshooting Common Windows 2000 Routing Problems

Now that we have discussed how IP routing works in a static, RIP, orOSPF environment, let’s look at some of the common problems that arisewith Windows 2000 computers configured to perform IP routing

Troubleshooting Static Routing

Because static routing is much less complex than dynamic routing, bleshooting is in some ways simplified The standard TCP/IP command-line utilities can be used for many troubleshooting tasks Remember thatstatic routing is appropriate for small, simple internetworks (no morethan 10 subnetworks) For best results, there should be only one pathavailable between any two endpoints, and the internetwork topologyshould not change often

trou-Using PING and TRACERT

Test connectivity between the host computers using the TCP/IP utilitiesPING and TRACERT (as discussed in Chapter 4, “Windows 2000 TCP/IPInternals”) to ensure that routing paths are accessible

Using the ROUTE Command

As discussed earlier, static entries are made to the routing table using theROUTE command and its options You can also modify or delete routes,and make routes persistent over reboots

Static Routing and Routing Loops

A problem that can occur in a network using static routing happens whenyou configure two routers with default routes that point to one another Adefault route is used for data packets addressed to destinations thatreside on remote networks (networks not directly connected to the router)

If two neighboring routers have default routes that point to one another,

TIP

this can create a routing loop when packets are sent to unreachable tinations To prevent this problem, don’t configure neighboring routerswith default routes pointing to each other.

des-The following shows what a router loop might look like after doing atracert:

Troubleshooting RIP for IP

Testing and troubleshooting a RIP network can be done using tools thatare built into Windows 2000 Proper planning and multiphased deploy-ment that includes testing of each added feature will make problem isola-tion and solutions easier

Viewing RIP Neighbors

The ability to view the Windows 2000 router’s RIP neighbors is useful forverifying that the router is receiving RIP announcements from all of itsneighboring RIP routers To view RIP neighbors, open the RRAS manage-ment console, and in the left pane of the console tree, right-click RIP andselect Show Neighbors, as shown in Figure 11.24

Figure 11.24 To view the neighboring RIP routers, right-click RIP and select

Show Neighbors

This will allow you to see the IP address of RIP neighbors, the RIP sion each is using, and bad packets and bad routes for each

ver-Viewing the Routing Table

The Windows 2000 routing table can be viewed either via the line utility ROUTE PRINT or through the RRAS graphical interface, as dis-cussed earlier in this chapter Examine the routing table and confirm thatall routes that should be learned from RIP are entered in the table

command-Summary: Common RIP Problems

Following are some tips for troubleshooting problems that commonlyoccur when using RIP routing

RIP Router Does Not Receive Routes Properly

If a Windows 2000 router that is using RIP does not receive the expectedroutes, it can be because of the way in which your network is subnetted.Variable-length subnet masking, or using supernetting in a networkwhere RIP, version 1 is deployed, can result in routes not being propagat-

ed properly This is because RIP, version 1 does not support length subnet masking; however, RIP, version 2 does support it

variable-The solutions to this problem are:

■ Don’t use variable-length subnetting or supernetting, or deployRIP, version 2 only on the network

■ If you are using authentication, ensure that all networkinterfaces are using the same password (passwords are case-sensitive)

■ Ensure that RIP route filtering, if enabled, is configuredproperly

■ If you have configured RIP neighbors, ensure that the correct IPaddresses are entered for unicast announcements

■ Ensure that packet filtering is not filtering out RIPannouncements

When password protection is enabled on a RIPv2 router, the password issent in plain text format This means any user with network sniffersoftware, such as the Microsoft Network Monitor, can capture the RIPv2announcements and view the password

WARNING

Troubleshooting OSPF

OSPF routing problems are often caused by improper configuration

pre-venting adjacencies from forming properly Adjacencies are the

relation-ships between adjacent OSPF routers When the protocol is configuredproperly, all OSPF routers will learn the lowest-cost routes from theiradjacent OSPF routers after convergence takes place If the adjacenciesdon’t form, the link state database can’t be updated and synchronized Ifyou find that the databases for the DR and BDR are not synchronized,verify that the adjacencies have formed, as discussed in the next section.Adjacency Problems

Some factors to consider if the proper adjacencies don’t form are:

■ Ping the neighboring router to be sure you have an IPconnection

■ Use TRACERT to determine the route to the neighboring router

■ Ensure that there are no routers between neighboring routers

■ Enable OSPF logging and check the log file for errors

■ Ensure that if authentication is enabled, the same password isbeing used by both routers

■ Ensure that the Hello interval and Dead interval are set to thesame value for both routers

■ Ensure that the neighboring routers both have the same AreaID

■ Ensure that packet filtering isn’t set to filter out OSPF messages

Windows 2000 routers running OSPF have authentication enabled bydefault The default password is 12345678, but can (and should) bechanged

Problems with Bad OSPF Routes or No Routes

If no summarized OSPF routes are being received for an area, be surethat the Area Border Router is properly configured, with the correct net-work ID and subnet mask

Be sure that all ABRs are connected to the backbone area (Area0.0.0.0) physically or logically through a virtual link Make sure there arenot any routers that connect two areas without going through the back-bone area to do so

NOTE

Resetting the Windows 2000 Router

To reset the RRAS service to its original defaults, you must have theappropriate permissions Open the RRAS console and right-click on thename of the RRAS computer you want to reset Select Disable Routingand Remote Access

Now right-click the computer name again, and choose Configure andEnable Routing and Remote Access This will invoke the RRAS wizard

Follow the steps of the wizard, and start the RRAS service when prompted.Settings will be returned to the defaults, based on the options youchoose in the wizard setup

Resetting the RRAS service will delete IP routing protocols and theirconfiguration information

Summary

In this chapter, we began with an overview of IP routing concepts Welooked at how routers work, whether dedicated devices or Windows 2000computers were functioning as routers We discussed how routers makerouting decisions, and provided an example of simple routing in an IPnetwork

We discussed the difference between direct routing, which involvessending packets to a destination that is on the same subnet as the send-ing computer, and indirect routing, where the destination address is on adifferent address and the packet must go through one or more gateways(routers) to reach it

Then we examined the concept of a default gateway—defined as an IPaddress to which packets whose destination IP address has a differentnetwork ID are sent, to begin their journey across the internetwork to thecorrect subnet and finally, to the correct destination host We learnedthat using a default gateway eliminates the need for all hosts to maintainhuge, extensive routing tables, since the default gateway takes over thattask for all the hosts on its subnet We also discussed how Windows 2000allows us to assign multiple default gateways to a network interface,which function as “backup” gateway routes if the first gateway goes down.Next, we discussed routing interfaces We learned that a Windows

2000 router can be connected to one or more subnets via NICs, modems,ISDN terminal adapters, or other WAN connection devices

WARNING

We then talked about routing tables, and the three types of routesthat can be entered into a routing table:

Then we looked at each column of information contained in the ing table:

rout-■ Destination address

■ Network mask

■ Gateway address

■ Interface name

■ Metric, or “cost” of the route

■ Routing Protocol (if any) being usedNext, we examined in detail the features of the Windows 2000 router,including multiprotocol routing for IP, IPX, and AppleTalk; support fordynamic routing protocols RIP and OSPF; packet filtering; ICMP routerdiscovery and advertisement; IGMP multicast services; and unicast rout-ing

We talked about the difference between static and dynamic routing,and the advantages of using dynamic routing protocols such as OSPF orRIP in simplifying administration and maintenance of the routing table

We talked about how to use the ROUTE utility and its subcommands

to add, delete, and change routes, and make other configuration tions We discussed the lack of fault tolerance in static routing, and

modifica-learned that it is really suitable only for small internetworks containing

10 or fewer networks

We then discussed the dynamic routing protocols and their istics and configuration First we talked about RIP for IP, and its imple-mentation as an Interior Gateway Protocol within individual networksthat make up the Internet We talked about how RIP uses announcementmessages to propagate routing table information to other RIP routers onthe internetwork, and how RIP can also use triggered updates to sendinformation more quickly when a change such as the failure of a routeroccurs

character-We examined the features built into the Windows 2000 RIP tation that help to prevent problems such as routing loops These include

implemen-the split horizon and poison reverse algorithms, along with implemen-the use of gered updates for situations where three or more gateways are involved(and thus split horizon and poison reverse may not prevent the problem).

trig-We also talked about RIP listening, a feature (also referred to as SilentRIP) that allows TCP/IP host computers that aren’t routers to “hear” theRIP announcement messages, although it does not send RIP messages ofits own

We learned that both gateways (routers) and TCP/IP hosts can ment RIP, and that a host that uses RIP is assumed to have a routingtable We also talked about the importance of the metric, a number thatdesignates the relative “cost” of using that route to reach that particulardestination Then we discussed some preventative medicine: how todeploy RIP in stages in order to make the transition to RIP routing easier.Finally, we summarized the advantages and disadvantages of RIP

imple-Advantages discussed include its simplicity of setup when compared toOSPF and other link state protocols, and its history as a longtime indus-try standard Disadvantages we pointed out include the hop count limitthat makes any network requiring 16 or more “hops” unreachable, andthe excessive network traffic caused by RIP announcements, along withthe possibility of data loss due to slow convergence

Along with slow convergence, we discussed a couple of other problems

to which RIP is prone: routing loops and the count-to-infinity problem Wealso touched on the issue of rogue RIP routers, from which RIPv1 offers

no protection

Next, we discussed the difference between distance vector algorithmsused by RIP and link state algorithms This brought us to the secondsupported dynamic routing protocol: OSPF We talked about the advan-tages of OSPF over RIP, how it supports load balancing and multipathrouting and can be used with either broadcast or nonbroadcast networkarchitectures

We learned that when OSPF is used on a broadcast network, it sendsHello messages, which are broadcast messages used by the OSPF routers

to locate each other The Hello packet contains the router’s priority andnetwork ID The Designated Router (DR) is selected by comparing priori-ties and router IDs and choosing the router with the highest priority or, ifthere is a “tie,” based on the highest network ID

We looked at how OSPF works on a nonbroadcast network like ATM,where it must be manually configured with the addresses of neighboringrouters We learned that the routing information is sent point-to-pointinstead of via broadcast or multicast, making this implementation morecomplex and costly in terms of resources than a broadcast networkimplementation

Then we discussed the hierarchical routing structure used by OSPF,through the designation of areas, as opposed to the flat routing tablestructure of RIP We learned that each area is given a unique Area ID,which is a 32-bit number, and that there must be a “backbone area” withthe Area ID of 0 (or 0.0.0.0 as expressed in Microsoft’s OSPF implementa-tion) We also examined the roles that routers can play in an OSPF:

■ ABR (Area Backbone Router)

■ IR (Internal Router)

■ BR (Backbone Router)

■ ASBR (Autonomous System Border Router)Then we talked about the protocols used within OSPF: the commonheader protocol, the Hello protocol, and the Exchange protocol, along withthe flooding protocol and the aging link state record protocol

This brought us to a discussion of the advantages of OSPF over RIP,which include:

■ More efficient calculation of routes

■ Faster convergence

■ Support for load balancing

■ Low bandwidth utilization

■ No routing loops or count-to-infinity problems

■ Hierarchical structure isolates instability within an area

■ More scalable; appropriate for larger networks

■ Secure password authenticated transmission of updatemessages

Next, we addressed the installation and configuration of the Windows

2000 IP router We looked at how to set up static routes, and how toinstall both RIP and OSPF We discussed the Windows 2000 router man-agement tools, and learned about remote administration of a router run-ning on another server through RRAS, as well as how to use the Netshellutility at the command line to configure routes, interfaces, and protocols

We took a look at a preconfiguration check list, ensuring that before

we attempt to install and configure IP routing on a Windows 2000 server,

we have the proper hardware, software drivers, and services installed

We addressed common problems with Silent RIP hosts, as well as theproblems that occur in a mixed RIPv1 and RIPv2 environment Then wetalked about problems with autostatic updates on demand-dial remoteaccess routers, and how to enable propagation so that host and defaultroutes (which are not propagated by default) will be propagated on thenetwork

We discussed password protection of update information on OSPFrouters, learning that all OSPF routers on the internetwork must use thesame password, and that it is case-sensitive.

Then we looked at how to use Windows 2000 logging features to

gath-er information that is helpful in troubleshooting routing problems Wediscussed the two types of logging:

■ Event Logging which logs routing events to the System log in

Event Viewer and is enabled through the RRAS console

■ Tracing which logs routing information to a file and must be

enabled by editing the Registry

We discussed use of the common TCP/IP utilities, like TRACERT andPING, to ensure that the routing paths are accessible, and saw what arouting loop looks like in a TRACERT display

Next, we discussed how to set and view RIP neighbors, and what to dowhen RIP routers do not receive routes properly from other routers

After that, we examined OSPF troubleshooting issues, learning thatmany OSPF routing problems are due to failure of adjacencies to form,and the steps to take if you suspect an adjacency problem

We talked about bad route information stemming from incorrect figuration of the Area Border Router, and the necessity that all ABRs beconnected to the backbone area (Area 0)

con-Then we learned how to reset the Windows 2000 RRAS service to itsoriginal default settings, deleting all IP routing protocols and their config-urations and allowing us to “start from scratch” if necessary, in rebuild-ing our routing tables

FAQs

Q: What special factors must be considered when deploying RIP on a

nonbroadcast network such as Frame Relay?

A: RIP was really designed as a broadcast and multicast-based protocol,

so configuration for a nonbroadcast network requires specialplanning The configuration method differs according to whethervirtual circuits appear as separate adapters on the Windows 2000computer, or the adapter appears as a single adapter for all virtualcircuits

The single adapter model is called NBMA (nonbroadcast multipleaccess) In this case, the Frame Relay adapter interface should beconfigured to use unicast for sending RIP announcement messages toRIP neighbors If the Frame Relay network uses spoke-and-hub

topology, you must disable split horizon on the hub router’s interface,

or the spoke routers will not receive routes from one another

With the multiple adapter model, each circuit has a separatenetwork ID and appears as a point-to-point link The endpoints have

IP addresses assigned from a designated network ID In this case, youcan use broadcast or multicast announcements Broadcast should beused if the endpoints are both on the same network ID; use multicast

if they are not

Q: When password authentication is enabled on a RIPv2 router, what

happens if an announcement message is received with a passwordthat doesn’t match the one set for the interface?

A: Any announcement whose password does not match the one set is

considered to be from an unauthorized router, and the message isdiscarded

Q: What types of networks are most likely to use OSPF instead of RIP? A: Large enterprise networks and very large internetworks, such as

corporate campuses and global networks Microsoft documentationgenerally recommends that OSPF be used for internetworks thatinclude more than 50 networks OSPF is also appropriate for networks

in which the topology changes frequently, and those that include morethan one path between pairs of endpoints

Q: How does the RRAS router view the network routing equipment? A: Windows 2000 sees this equipment as a series of interfaces, devices,

and ports An interface can be a LAN interface (typically a networkinterface card, or NIC); a demand-dial interface, which is a logicalinterface representing a point-to-point connection; or an IP-in-IPtunnel interface that forwards IP multicast traffic from one area of theintranet to another area of the intranet across a part of the intranetthat does not support multicast forwarding or routing

Devices are defined as both physical devices such as modems andISDN terminal adapters, and virtual devices such as an establishedVPN PPTP and L2TP are seen as devices by RRAS Devices can bemultiport or single port

A port is a channel located on a device that represents one to-point connection A modem is a single-port device, so the port andthe device will be the seen as one entity With multiport devices, like amodem bank or a two-channel ISDN terminal adapter, each point-to-point connection occurs over a separate port

point-Q: How do you prevent invalid routes from external sources (RIP routes

or static routes) from being propagated into an OSPF autonomoussystem?

A: The Autonomous System Boundary Routers can be configured to use

route filters To do so, first you must enable Autonomous SystemBoundary Router on the General tab of OSPF properties for theinterface being configured Then you can configure the external routefilters either to limit allowed routes to those specified on a list, or todiscard routes that match those on a specified list External routefilters can only be used for filtering of routes that come from non-OSPF sources

Troubleshooting Selected Services on

a Windows 2000 TCP/IP Network

Solutions in this chapter:

■ IIS Services

■ FTP Services

Chapter 12

599

In this book, we’ve examined how TCP/IP connectivity works, and

addressed some of the problems that can occur with Windows 2000 puters using the TCP/IP protocol We’ve looked at general network con-nectivity problems such as IP addressing problems, NetBIOS name

com-resolution problems, and DNS/DDNS problems We then discussed ices such as remote access and routing

serv-In this chapter, we’ll look at troubleshooting issues pertaining to some

of the special services included with Windows 2000 Server products thatare dependent on the TCP/IP protocols

Internet Information Server 5.0 now comes with Windows 2000 Server,and we will look at the services it includes: Microsoft’s Web server, itscompanion FTP server, and the NNTP news server We’ll look at some ofthe problems that may be encountered when running these server servic-

es, what you can do to prevent them, and how to address them whenthey do occur

Troubleshooting IIS Problems

Internet Information Services (IIS) is Microsoft’s software for creating andmanaging Web sites IIS also includes other Internet services, such as FileTransfer Protocol (FTP) and Network News Transfer Protocol (NNTP).Microsoft has added a number of new features to IIS version 5.0,which is included in Windows 2000 Server family products IIS 5.0 is fullyintegrated with the operating system, and includes support for ActiveServer Pages (ASP), Windows Media Services (WMS), and DistributedAuthoring and Versioning

Table 12.1 describes some of the differences between IIS 4.0 and IIS 5.0

Feature or Procedure Changes in IIS 5.0

Running applications IIS 4: Applications could be run in a separate process

or in the same process as IIS

IIS 5: You can group applications together intopooled processes to increase performance Bydefault, Web services run in a separate process, andother applications run in a pooled process

Table 12.1 Comparison of Features in IIS, Versions 4 and 5

Continued

Along with this added functionality comes added complexity and thepotential for brand new problems that you may not have encounteredwith previous versions of IIS We’ll look at some common IIS 5.0 trou-bleshooting scenarios in this section.

Feature or Procedure Changes in IIS 5.0

Custom error files IIS 4: If you created custom error files, they were

stored in <drive letter>:\winnt\Help\common

IIS 5: Custom error files have moved to <drive ter>:\winnt\Help\iisHelp\common They now havethe extension bak

let-HTML Internet ServicesManager

IIS 4: A Web-based administration tool that wasavailable from the Start menu

IIS 5: To start the Web-based administration tool,you must open a Web browser and type the domainname and the assigned port number for the

Administration Site

ASP Buffering IIS 4: Buffering was turned off by default

IIS 5: Buffering is turned on by default

ASP File Security IIS 4: If an include file was located in a virtual root

that was mapped to a physical path, ASP did not usethe security credentials of the physical path toprocess that file

IIS 5: ASP does use the physical path's security dentials to process include files

cre-Configuration tion storage

informa-IIS 4: some of the configuration information wasstored in IIS keys in the Registry and some of theconfiguration information was stored in themetabase

IIS 5: More of this configuration information isstored in a new hierarchical database called themetabase

Security administration Security administration has been simplified in IIS 5

by the addition of wizards

Log Files

The Web and FTP servers can be configured to log information about serverand user activity, which can be helpful in troubleshooting Web site problems

NOTE

Figure 12.1 Open the Properties sheet for a Web or FTP site to enable logging.

Some IIS events will also be logged to the system log in Event Viewer IISsite logging is configurable and more extensive

Enabling Site Logging

To enable site activity logging, perform the following steps:

1 Open the Internet Services Manager console from theAdministrative Tools menu

2 Choose a Web or FTP site, as shown in Figure 12.1 Right-clickits name and select Properties