Presentation is loading. Please wait.

Presentation is loading. Please wait.

Agenda Network Architecture Setup and Configuration

Published byClementine McCoy Modified over 8 years ago

Similar presentations

Presentation on theme: "Agenda Network Architecture Setup and Configuration"— Presentation transcript:

1 Windows XP Home Networking Dennis Morgan Program Manager Core Networking Microsoft

2 Agenda Network Architecture Setup and Configuration
Internet Connection Sharing Internet Connection Firewall Network Bridge Application Compatibility Network Address Translation Diagnostics

3 Network Architecture There will be multiple networked PCs and Intelligent Appliances (IA) in the home and small business PCs and devices will be connected over multiple network media that are bridged IP will be the dominant protocol inside the home Configuration and setup will be simple or automatic PCs and devices will securely connect to the Internet via dedicated or PC gateway

4 Network Architecture Internet Residential gateway (PC or device)

5 Why not this architecture?
Internet Hub Insecure Network architecture is public

6 Setup and Configuration
Out of Box Experience (OOBE) Runs on first-boot Auto Configuration Network Setup Wizard Configuration tool for setting-up a Home or Small Business network Runs on down-level clients New Connection Wizard Dial-up, VPN

7 Network Setup Wizard Sets-up a machine as an ICS host or a client on the network TCP/IP settings Unifies workgroup IE settings UPnP Configures network shares File and Printer shares XP, Me, 98 SE and 98 Gold

8 Internet Connection Sharing
Provides Network Services NAT – share a single Internet connection DHCP – allocation of private addresses DNS – resolution of home network addresses Simple checkbox UI Discovery and Control via Universal Plug and Play Location aware group policy

9 ICS Discovery and Control
ICS server announces itself on the network UPnP service (UPnP IG compliant) Beacon for auto-discovery ICS clients automatically discover and use the ICS server Allows clients to discover ICS host and its connection state to the ISP Allows clients to control connection state of ICS host Down level client available via NSW

10 Internet Connection Firewall
Uses connection flow information to prevent unsolicited inbound connections Thwarts standard scans Simple checkbox UI Advanced Options Logging ICMP Location aware group policy ICMP options disabled by default: Type Allow outgoing destination unreachable Type Allow outgoing source quench Type Allow redirect Type 8 – Allow incoming echo requests Type 10 – Allow incoming router request Type 11 – Allow outgoing time exceeded Type 12 – Allow outgoing parameter problem Type Allow incoming timestamp request Type 17 – Allow incoming mask request

11 Network Bridge Allows users to deploy multiple media types in the home to create a seamless network Layer 2 media bridge built to IEEE 802.1D-1990 specification Supports Ethernet, HomePNA, IEEE 1394 and wireless network devices Includes Spanning Tree Algorithm (STA) Location aware group policy

12 Application Compatibility
Large test matrix of applications Approx. 100 apps tested in Millennium Approx. 150 apps in XP matrix Application Layer Gateway (ALG) API Extensibility model for 3rd party protocols Provided via the platform SDK

13 Network Address Translation

14 What Is NAT? Network Address Translation
Multiplexes the address space behind the NAT Edits source address and ports in IP traffic All network traffic leaving the public side of the NAT appears originate from one IP address Internet

15 Deployment Blockers Peer to Peer applications Multi-player games
Remote Assistance File Sharing Multi-player games XP and Broadband Enabled Experiences Real Time Communication

16 What is the solution? Program the NAT with Universal Plug and Play
UPnP is an industry initiative Provides method for discovering services Provides methods for interacting with devices and services Internet Gateway Device working group defining schema for gateways Includes method for creating and removing port mappings

17 Changes for Applications
Many applications will just work DirectPlay games Remote Assistance Windows Messenger New applications use UPnP Use UPnP for port reservation Use the public address in exchanges with peers Existing applications Provide script to create a static port mapping

18 Windows client support
Windows XP has native support Windows Me has support requires update to UPnP control point software; available via Windows Update Windows 98SE & 98 Gold control point available as part of XP Home Networking package APIs available in platform SDK

19 Diagnostics

20 Repair Features Multiple Entry Points Performs Common Repair Tasks
Status Icon Connections Folder PC Health Performs Common Repair Tasks IP Address Renew ARP and DNS Cache Flush WINS Refresh DNS re-register

21 Network Status Features
Network Connection Status Icon Error icon shows broken connection, no connection or signal, or invalid address Normal icon shows auto-config address, and Ad Hoc wireless mode Tool tips describe simple problems Network Monitor tab in Taskman Network information displayed on connection folder page Support Tab Added to Status Dialog of connection Replaces WinIPconfig.

22 DGNet Features Works with PC Health to gather system information
Three Levels of Display Results User Selectable Test System Properties Network Adapter, modem and VPN information Application Test IE Proxy, News Server, Mail Server

23 Wireless

24 Wireless LAN Trends Increased WLAN bandwidth Reduced cost of equipment
11Mbps for Wi-Fi 22Mbps and 54Mbps coming Reduced cost of equipment $95 per Wi-Fi card, $200 per Access Point Increased use of laptops and PDAs Mobile users Growth of Wi-Fi embedded in laptops Wi-Fi is growing rapidly

25 Wireless LAN Scenarios
Enterprise Want secure user authentication and key distribution Want to support guest access to the Internet Public places (Airports, Malls, etc) Want user authentication for billing Home Want simple, no new wires network Roaming Want transparent roaming Current Situation Enterprise No user authentication No encryption key management protocol, either unencrypted or encrypted using a single encryption key. Keys are distributed manually, e.g. visit each machine to change the keys. Public places No user authentication, done by forcing web to their web page. Assumes web is the first thing a user does. Not transparent to the user. Roaming Re configure at each location. Need to know configuration at each location.

26 Windows XP Simplifies Wireless
Zero configuration Automatically scans for network Automatically configures Wi-Fi NIC Secure LAN access IEEE 802.1X Supports different credentials, limited access & guest accounts Roaming Alternative IP configuration Network location awareness

27 Summary Windows XP brings Millennium parity to the 2000 code base
Windows XP makes networking accessible to consumers Simplified set-up and diagnostics Focus on key scenarios Windows XP is the best platform ever for always connected and broadband connectivity ICS, Bridge, Firewall Roaming, wireless support

28

29 Backup slides

30 Call to Action IHVs/ISVs
Use UPnP to detect and configure Internet gateway take NAT into consideration when writing protocols Compatibility: test early, test often Plan now for IPv6 IHVs: ensure network cards report promiscuous mode properly

31 Resources Home Networking feedback – hnetfb@microsoft.com
Writing NAT friendly apps – Universal Plug and Play website –

32 Network Address Translation

33 What is Network Address Translation (NAT)?
Multiplexes the address space behind the NAT Edits source address and ports in IP traffic All network traffic leaving the public side of the NAT appears originate from one IP address

34 How NAT works Client NAT Server Default gateway is the NAT
NAT Server Src: :5205 Dest: :80 Src: :3123 Dest: :80 Gateway: Default gateway is the NAT NAT maps internal source address and port with specific external source address Modifies packet with NAT’s external address and new source port Forwards packet to server Response packet internal destination is resolved by NAT based on port state table

35 Working with NAT is critical
Many firewalls are based on NAT With 24 x 7 connectivity, the # of personal firewalls deployed will increase. Windows® ICS is widely deployed There are lots of other NATs from lots of vendors Cable modems DSL modems ISDN routers Other combo router/gateway/edge devices Forcing NAT to edit protocols does not scale with either the # of protocols or the # of NAT solutions

36 Things that break with NAT
Using IP addresses in data payloads Using port numbers in payloads Assuming that you can always send or receive on a specific port, range of ports, or sequence of ports Assuming hosts will keep the same IP address throughout a conversation Assuming that your application can receive unsolicited inbound connections Assuming that all application clients have the same view of the network that you have

37 Building NAT friendly protocols
Don’t rely on embedded address and port information Use fully qualified domain names and/or user names where possible Let DNS do the work Don’t make assumptions about addresses and ports staying the same Avoid having unsolicited inbound connections in your protocol Encrypted protocols should avoid having the checksum cover the IP header Test your protocol with ICS and other NATs Remember IPv6

38 Wireless Zero Configuration
Automatically scans for wireless LANs nearby Configure NIC to match available network User can setup one or more preferred networks Possible to disable non-preferred networks If no networks nearby configure NIC to peer-to-peer mode Possible to disable peer-to-peer mode or force it Integrated with security If security fails find another network to use

39 LAN Access Security IEEE 802.1X Supported on Ethernet and 802.11
Standard protocol for authenticated network access Supported on Ethernet and User and machine authentication using Radius Same as used for dial-up and VPN authentication Windows 2000 Internet Authentication Server can be integrated with Active Directory user database Level of network access is under admin control No access (don’t even get an IP address) Complete access Guest access Supports distribution of encryption keys to clients

40 Roaming Alternative IP configuration
DHCP + static IP configuration Automatic switch between configurations Extended Windows 2000 auto DHCP renew Check IP address on roaming Extended Windows 2000 reconfiguration support on IP address change QoS reservations updated IE proxy settings re-detected IP prefers fastest network interface E.g. 11Mbps wireless and 100Mbps Ethernet

41 Roaming Network location extensions to Winsock
Applications that want to be network aware E.g. Firewall, IE Information about the network connectivity the machine has Speed, interface type, network type (e.g. connected to the Interface), ICS information, 802.1X information Connectivity change notification

42

Download ppt "Agenda Network Architecture Setup and Configuration"

Similar presentations

Model # USR8000A (Rev 02) U.S. Robotics Broadband Router.

Model # USR8000A (Rev 02) U.S. Robotics Broadband Router.
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Windows XP Home Networking. 2 Windows XP The dominant client operating system from Microsoft today Strong security features make it a wise upgrade for.

Windows XP Home Networking. 2 Windows XP The dominant client operating system from Microsoft today Strong security features make it a wise upgrade for.
A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 11 Windows on a Network.

A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 11 Windows on a Network.
Internet Gateway Device (IGD)

Internet Gateway Device (IGD)
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.

Allied Telesyn Wireless LAN Solutions AT-WL2411 Access Point AT-WR2411 Wireless LAN PCMCIA Card.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 11: Planning Network Access.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Wireless Network Selo TE UGM. Wireless Networking Wireless Networking (Wi-Fi) Wireless Networking (Wi-Fi) Introduction and Benefits Introduction and Benefits.

Wireless Network Selo TE UGM. Wireless Networking Wireless Networking (Wi-Fi) Wireless Networking (Wi-Fi) Introduction and Benefits Introduction and Benefits.
Wi-Fi Structures.

Wi-Fi Structures.
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Twelve Implementing Terminal.

Similar presentations

Ads by Google