354
Chapter 6

Configuring Networking
FIGURE 6.17 Windows Firewall Settings, General tab
FIGURE 6.18 Windows Firewall Settings, Exceptions tab
65348.book Page 354 Monday, October 22, 2007 4:27 PM
Configuring Wireless Networking
355
Advanced tab Finally we have the Advanced tab. The Advanced tab has but two options.
You can select which networks to use Windows Firewall with, leaving the unselected network
open to all traffic, and you can restore the firewall defaults. Restoring the defaults removes all
the exceptions you may have added and returns the firewall to its original state.
Configuring Wireless Networking
Wireless networking has come on strong in the past few years. Wireless networking is
defined by the IEEE 802.11 standard. Also known as Wi-Fi, 802.11 comes in three flavors:
a, b, and g. The differences relate mainly to the operating frequency and the available
bandwidth.
Understanding Your Wireless Network
Table 8.2 outlines the various frequencies and bandwidths of the 802.11 standards.
To utilize wireless networking in a permanent setting where a wireless network needs to
exist full time, you need both a Wireless Access Point (WAP) and a wireless NIC in each com-
puter. A wireless network that uses a WAP is known as an infrastructure network. All the
devices must support the same standard of Wi-Fi; in other words, 802.11b NICs can only talk
with 802.11b access points. It is not uncommon to find WAPs and wireless NICs that support
multiple standards. When running in infrastructure mode, the WAP is hard-wired to the phys-
ical network. All wireless clients must connect to a WAP in order to communicate with other
wired and wireless devices.
You can also create an ad hoc network using 802.11 wireless NICs. In an ad hoc network,
several machines with wireless cards can communicate with one another without the use of an
access point. Each machine in effect acts as both an access point and as a client. Ad hoc net-

works are great for small meetings or for transferring large files from one machine to another
in an area where a network connection is unavailable.
TABLE 6.2 802.11 Wireless Type, Frequencies, and Bandwidth
Wireless Type Frequency Max Data Rate
802.11a 5.15–5.825GHz 54Mb/sec
802.11b 2.4–2.5GHz 11Mb/sec
802.11g 2.4–2.5GHz 54Mb/sec
65348.book Page 355 Monday, October 22, 2007 4:27 PM
356
Chapter 6

Configuring Networking
In either type of wireless network, you need several key pieces of information in order to
have your machine participate:
Service set identifier The service set identifier (SSID) is basically the name of the wireless net-
work to which you are connecting. Depending on the security of the wireless network, the
SSID may be broadcast for anyone with a wireless NIC to see. In some cases, to provide a more
secure environment, the SSID will not be discoverable, so you must already know the SSID to
connect to the wireless network.
Security type When wireless networks are set up, the administrator needs to decide whether
to use security. With an unsecured network, any person in range of the access point can con-
nect to the wireless network and the resources on the wired network beyond. In many cases,
administrators of wireless networks will choose to utilize security to prevent unauthorized
access. With the security also comes data encryption. Several kinds of wireless security are
available; the kind your organization is using will be based on the capabilities of the WAP that
is being used. We will discuss wireless security and the requirements to connect to each one in
the next section.
Configuring Wireless Network Security
You configure security on a wireless network by managing the properties for that wireless net-
work connection. The pros, cons, and details of these various security methods are beyond

the scope of this book; what is important is that you know how to configure Windows Vista
to match the corresponding settings in use on your network. Managing wireless connection
is done via the Manage Wireless Networks applet, which is available, like all other network
applets in Windows Vista, via the Network and Sharing Center. To open the Manage Wireless
Networks applet, shown in Figure 6.19, first launch the Network and Sharing Center and then
select Manage Wireless Networks from the task list on the left side of the screen.
Right-clicking on an available wireless network connection and selecting Properties opens
the Wireless Network properties dialog box. To configure wireless security, select the Security
tab. Depending on the type of security and encryption in use, you will see different options on
this tab.
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is part of the 802.11 standard and is a means of securing a
wireless network. The purpose of WEP is to make the communication between the computer’s
NIC and the access point more secure than that of a standard radio broadcast. If the access
point you are connecting to is using WEP, you need to configure Windows Vista for WEP
and provide the correct security key and key index. To do so, open the Manage Wireless
Networks applet from the Network and Sharing Center, right-click the network you want
to set up, select Properties, and then select the Security tab. To configure WEP, set Security
Type to Shared and select WEP as the Encryption Type. Doing so displays the WEP options
shown in Figure 6.20.
65348.book Page 356 Monday, October 22, 2007 4:27 PM
Configuring Wireless Networking
357
FIGURE 6.19 The Manage Wireless Networks applet
FIGURE 6.20 The WEP options for wireless network security
65348.book Page 357 Monday, October 22, 2007 4:27 PM
358
Chapter 6

Configuring Networking

WEP encryption uses a shared key encryption; that is, you have to enter the same key in the
access point and on the wireless client. On an access point, you can enter up to four different
keys, only one of which is used to secure the wireless connection. That is the purpose of the
Key Index setting; it tells Windows Vista which key you have entered. If you correctly match
both pieces of information in Windows Vista to that of the access point, you will be able to
connect to the wireless network.
The problem with WEP is that it’s weak. There are numerous, free programs available on
the Internet that can crack your WEP encryption in less than 60 seconds, allowing unautho-
rized users access to your network. Does that mean WEP is useless? It’s like the old saying,
locks only stop honest criminals. If you use WEP, a casual user who stumbles across your wire-
less network probably won’t take the time to hack you. On the other hand, if a malicious user
wants into your network, WEP will not stop them from achieving this goal.
Wi-Fi Protected Access (WPA)
To address the weakness of WEP security, the Wi-Fi Alliance introduced a new wireless secu-
rity standard called Wi-Fi Protected Access (WPA). If you use WPA, your wireless networks
are much less susceptible to hacking. Two types of WPA are available: WPA-Personal and
WPA-Enterprise. With WPA-Personal you need to specify a password, on both the access
point and the NIC to secure the communication. This password should be long—at least
20 characters—and contain a mix of upper- and lowercase letters, numbers, and special
characters. Again, as long as the settings on the access point and Windows Vista match,
you will be able to communicate wirelessly.
WPA-Enterprise is a bit more complicated. In order to implement the enterprise flavor of
WPA, you need a Remote Authentication Dial-In User Service (RADIUS) server to authenti-
cate your users. Using a RADIUS server also enables you to use smart cards for user authen-
tication. Smart cards add an extra layer of security since that requires you have a physical card
and know a password to access the wireless network. This is a solution appropriate only for
larger businesses because of its expense and complexity.
Summary
Most companies and homes these days use some form of networking. This can mean a wired
or wireless connection, and often this means access to the Internet. People use networks for

just about everything, from banking to communication to shopping. Because of the increased
popularity, networks have become more critical than ever before. We have also had recent
breakthroughs in networking technology and equipments. All this increased network reliance
and innovation has forced operating systems to keep up. Without at least a passing under-
standing of networking, you will have a hard time configuring any operating system, and Win-
dows Vista is no exception.
65348.book Page 358 Monday, October 22, 2007 4:27 PM
Exam Essentials
359
This chapter examined network configuration as it relates to Windows Vista. We looked at
the new hub of network configuration and management, the Network and Sharing Center. We
learned how to view information on network discovery, network file sharing, and network
printer sharing and how to change their configurations.
We also looked at IP and the two protocols available, IPv4 and IPv6. For both technologies
we examine the requirements and configuration options you need to understand in order to
get Windows Vista working on an IP network.
We talked about DNS and DHCP and how you go about configuring Windows Vista to
utilize these network services.
Next we looked at configuring connections to remote networks and computers. Using VPN,
you can connect to remote networks, and using Remote Desktop and Remote Assistance, you
can connect directly to the desktops of other machines.
We looked briefly at how you configure wireless networks in Windows Vista. We also looked
at setting up your wireless connections to work with different kinds of wireless security.
Finally we took a quick look at two tools that will help you to secure Windows Vista on a
network: IPSec and Windows Firewall.
Exam Essentials
Know how to configure the IP protocols. You should understand how to configure a machine
with an IP address, subnet mask, and default gateway and be able to explain the function that each
of these items provides. Understand the difference between IPv4 and IPv6.
Know how to navigate the Network and Sharing Center. You should be able to identify

when you should go to the Network and Sharing Center to find current status and make config-
uration changes. Know how to access file sharing, Public folder, and printer sharing configuration
options in the interface. Also understand how to read the setup and view network discovery infor-
mation. Be familiar with the configuration changes necessary to share media on the local network
using Windows Media Player.
Know how to configure Windows Vista to work with network services. You should be
able to configure Windows Vista to use both DNS and DHCP. You should also understand
where to go to view this configuration information.
Understand how to configure wireless networks. You need to know how to get Windows
Vista to participate in a wireless network. You also need to understand how to configure wire-
less security.
Understand the network security options. Understand IPSec and how you configure Win-
dows Vista to work with it. In addition, you need to know what Windows Firewall does and
how to configure it.
65348.book Page 359 Monday, October 22, 2007 4:27 PM
360
Chapter 6

Configuring Networking
Review Questions
1. In Windows Vista, nearly all network configuration settings can be managed from a single
Control Panel applet. What is the applet?
A. Network and Sharing Center
B. Internet Options
C. Windows Firewall
D. Administrative Tools
2. After the initial setup of a Windows Vista machine, you notice that you cannot access any local
network resources, such as shared folders, but you can access the Internet. You’ve verified that
IP settings and DNS settings are all correct. What feature do you need to check?
A. IPSec

B. Windows Firewall
C. Network Discovery
D. DHCP
3. In a small office, your users have a need to share files with one another; these files are mixed
file types and need to be updated in an ad hoc fashion. What is the simplest, yet secure, method
for users to share these files with one another?
A. Install SharePoint Server.
B. Enable Public Folder Sharing on each PC.
C. Have the users e-mail one another the files.
D. Use a third-party file sharing application.
4. You are creating a file share for users on the network. You want to give them the ability to read
the files from the share as well as write to the share with new files. What permission setting
should you use?
A. Read Write
B. Contributor
C. Reader
D. Change
5. You have a user who cannot access her small office’s network-connected printer. Before any
work is done, you ask the user to run IPConfig and read you the IP address of the PC before
you begin troubleshooting and looking up the IP address of the network printer. The user
reads you the following address: 2001:0:4136:e388:2cff:bd8:b9c4:3337, and the printer’s IP
address is 192.168.64.12. What is the first step in correcting the connectivity issues?
A. Check whether IPv4 is installed and configured correctly for the computer.
B. Add a second network card to the computer with a 192.168.65.x address.
C. Check Windows Firewall for blocked ports.
D. Attach a local printer to the computer; Windows Vista does not support network printing
in IPv6.
65348.book Page 360 Monday, October 22, 2007 4:27 PM
Review Questions
361

6. You have just installed Windows Vista on a new laptop, and you are configuring it for your
customer’s internal network. There is no DHCP server, so you need to manually configure a
static IPv4 address. Your customer sent you information for the new PC, saying it should be
set with an IP address of 192.168.65.30/16 and a default gateway of 192.168.10.1. What do
you enter as the subnet for this IP address?
A. 255.255.255.128
B. 255.255.255.0
C. 255.255.0.0
D. 255.0.0.0
7. In order for a PC to communicate with computers on its local network as well as a remote
network, what pieces of information must be supplied to the network interface? (Choose all
that apply).
A. IP address
B. WINS
C. Default gateway
D. IPSec filter
E. DNS IP address
F. Subnet mask
8. For an IPv6 IP address of 2001:fe32:4136:e388:2cff:bd8:b9c4:3337, with a subnet prefix
length of 32, what is the subnet?
A. 2001
B. 2001:fe32
C. 2001:fe32:4136:e388
D. b9c4:3337
9. You are configuring a Windows Vista computer that will be used in two different networks:
one at the user’s company network and one used at the user’s home office. The company net-
work issues IP addresses via DHCP; the home office uses static IP addresses. How do you con-
figure the computer’s network connections to always work regardless of location without user
intervention, and with the least amount of work?
A. Install two network cards. Configure one for each network.

B. Write a batch script to change the network settings based on location; have the user run the
script when they change locations.
C. Install a DHCP server at the regional sales office.
D. Configure the network card’s connection settings to use DHCP, and configure its alternate
configuration to use a static IP address.
65348.book Page 361 Monday, October 22, 2007 4:27 PM
362
Chapter 6

Configuring Networking
10. Several new Windows Vista computers were ordered and delivered to a remote office. The
users in the office unpacked, set up, and powered up their own machines. You get a call shortly
afterward saying that, while users can connect to one another, they cannot connect to the Inter-
net. Additionally, they cannot use existing network printers, nor can they connect to their file
server. There is no DHCP on the network in their office; what configuration change must take
place to resolve this issue?
A. Assign static IP addresses with the correct subnet masks.
B. Reconfigure the network location to Public.
C. Have the users disable Windows Firewall.
D. Install IPv4.
11. You have set up a new inkjet printer and installed it on your local Windows Vista computer.
There are two other computers that connect to the wireless LAN and use the Internet through
the home router. You would like to allow others to use this new printer without connecting
to the USB cable now connected to your computer. What should you do?
A. Turn Printer Sharing on.
B. Turn Windows Firewall off.
C. Go to the Properties of the Printer and select Share.
D. Provide the other users with your password.
12. What Windows Vista feature allows a single connection, such as a dial-up modem connection,
to be shared among multiple computers from a single computer on the local network?

A. File Sharing
B. Internet Connection Sharing
C. Remote Desktop
D. IPSec
13. What information do you need to configure a connection to a wireless network running WEP?
A. The security key and the password
B. The security key and the key index
C. The password and the RADIUS connection information
D. The key index and the password
14. Which of the following are valid IPv6 addresses? (Choose all that apply.)
A. 2001:0:4136:e388:2cff:bd8:b9c4:3337
B. 3ffe:0501:0008:0000:0260:97ff:fe40:efab
C. ff02::1
D. 2626:E3D7:0000:0000:0000:51F4:9BC8:C0A8:6420
65348.book Page 362 Monday, October 22, 2007 4:27 PM
Review Questions
363
15. A user is trying to write a file to your computer’s Public folder but is receiving an error. He
knows he can access the share because he can see and open files from the Public folder from
his computer. What can you do?
A. Set the Public folder permissions to Modify for that user.
B. Modify the properties of the share.
C. Change the Network and Sharing Center option Public Folder Sharing to Turn On Sharing
So Anyone with Network Access Can Open, Change, and Create Files.
D. Change the Network and Sharing Center option File Sharing to Turn On File Sharing.
16. You want to set up a share, but need to restrict access to those who have accounts on the local
computer. This will prevent all users but those who have an account from getting access to the
share. What should you do to achieve this configuration?
A. Go to the Network and Sharing Center and turn on Network Discovery.
B. Go to the Network and Sharing Center and turn on File Sharing.

C. Go to the Network and Sharing Center and turn off Password Protected Sharing.
D. Go to the Network and Sharing Center and turn on Password Protected Sharing.
17. Users are trying to access a file share on your computer, but they get prompted for a password.
You want users to access the file share without the need for a local account. What can you do
to avoid a prompt for a user name and password?
A. Modify the permissions of the share to Contributor.
B. Change the permissions of the individual files to Modify.
C. Open port 445 in the Windows Firewall.
D. Open Network and Sharing Center and set Password Protected Sharing to off.
18. You installed a wireless network in your home, via the addition of an 802.11a wireless access
point. You need to configure your Windows Vista machine to use the wireless network. After
obtaining the security information for the access point and configuring your 802.11b wire-
less card with the correct settings, you cannot access the wireless network. What needs to be
changed?
A. Install an 802.11a wireless card in your machine.
B. Update the drivers for your network card.
C. Unblock the corresponding ports in Windows Firewall.
D. Install IPv6; 802.11b is only supported on IPv6 networks.
65348.book Page 363 Monday, October 22, 2007 4:27 PM
364
Chapter 6

Configuring Networking
19. You have traveled to a conference with several coworkers; all of you have 802.11g wireless
cards in your laptops. During the evening, you find that you are all working on various shared
documents and need to be able to quickly move files back and forth between your machines.
How can this be accomplished with the least amount of effort?
A. Purchase a wireless access point.
B. Create an ad hoc wireless network between your machines.
C. Use crossover cables between your Ethernet ports.

D. Without an access point, this cannot be done. Use writable media.
20. You have File Sharing enabled with no password protection and you are concerned about the
security when you connect to a public Wi-Fi network. What can you do to decrease the risk to
your computer?
A. Turn off wireless networking and disconnect from the network.
B. Customize the network to the Public network location type.
C. Customize the network to the Private network location type.
D. Turn off File Sharing.
65348.book Page 364 Monday, October 22, 2007 4:27 PM
Answers to Review Questions
365
Answers to Review Questions
1. A. The Network and Sharing Center is the central configuration point for nearly all network
configuration tasks.
2. C. Verify that Network Discovery is turned on. If this feature is turned off, the PC will not be
able to access network resources, nor will other computers be able to locate network resources
on the local PC.
3. B. In Windows Vista, Public Folder Sharing is a built-in set of folders designed for sharing files
between users on the same network. By default, this feature is disabled; it can be enabled from
the Network and Sharing Center.
4. B. The Contributor permission allows the user or group to access, read, and modify the files.
This includes adding new files and deleting files that they added in the folder.
5. A. Based on the two different IP addresses, the PC may not have an IPv4 address, and the
printer may not be capable of IPv6 communication. Windows Vista will run IPv4 and IPv6
concurrently on the same adapter; enabling and configuring IPv4 on the PC is the first step in
making sure the user can print to the networked printer.
6. C. The /16 in the IP address denotes a subnet specifying that the first two octets are the net-
work address and the second two octets are the client portion of the IP address.
7. A, C, F. For basic communications, a computer needs an IP address, a subnet mask, and a
default gateway (to talk to other networks). DNS, while helpful, only provides friendly name

resolution to DNS addresses, and is not required for network communication. WINS is an out-
dated name resolution system, and IPSec provides security, but not communication.
8. B. Not unlike a subnet mask for IPv4, the subnet prefix denotes how many bits (starting at the
left) of the address is the network address and how many are the client address. Since an IPv6
address is 128 bits, with 16 bits per hexadecimal grouping, a subnet prefix of 32 bits will use
the first two hex groups, 2001:fe32, to denote the network address, and the rest is the client
address.
9. D. While all of these solutions could work, option D makes use of Windows Vista’s built-in
capability to store multiple configurations for a single network interface.
10. A. The computers can communicate with one another because they used the autoconfiguration
IP address (169.254.x.y) and subnet (255.255.0.0). Remember that Windows Vista network
connections default to using a DHCP server. If there is no DHCP server, and no static IP has
been defined, Windows will use the autoconfiguration feature to attempt to connect to local
network resources.
11. A. To share your printers with other users on the network, just turn Printer Sharing on in the
Network and Sharing Center.
12. B. Internet Connection Sharing (ICS) allows configuration of a single connection, such as a
dial-up modem connection, on one machine, and allows other users on other computers in the
same network to utilize that connection.
65348.book Page 365 Monday, October 22, 2007 4:27 PM
366
Chapter 6

Configuring Networking
13. B. For WEP, all that is needed is the security key and the key index. These two pieces of
information must be set on the wireless access point and on each computer to enable wire-
less connectivity.
14. A, B, C. An IPv6 address consists of eight hexadecimal values. If the value of any one of the
subsets is 0, it can be compressed to two colons; multiple consecutive sets of 0s can be com-
pressed to a single set of colons or a single 0. Therefore, the only invalid address is option D;

it has too many values.
15. C. The Public Folder Sharing option can be set to turn off sharing, turn on sharing for read-
only access, or allow updates and modifications to files in the folder.
16. D. When Password Protected Sharing is on, only users who have user credentials on the local
machine will have access to the shares on the computer.
17. D. If you do not have a concern with limiting access to these files, you can enable file sharing
to everyone via the Network and Sharing Center by setting Password Protected Sharing to off.
For more information, please see Chapter 6, “Configuring Networking.”
18. A. The 802.11a/b/g protocols are all different; for two wireless devices to communicate, they
must be running the same version of the 802.11 protocol.
19. B. Most wireless devices support both infrastructure configurations and ad hoc network con-
figurations. In this case, creating a temporary ad hoc network between your computers will
solve your file-sharing problem.
20. C. The Public network location type will help protect you from a potentially unsafe network.
Using the Public network location type will turn off settings that could allow malicious users
access to your machine.
65348.book Page 366 Monday, October 22, 2007 4:27 PM

Chapter

7

Troubleshooting and
Repairing Networking

MICROSOFT EXAM OBJECTIVES COVERED
IN THIS CHAPTER:


Configure, Troubleshoot, and Repair Networking



Configure and troubleshoot network protocols.


Configure and troubleshoot network services at the
client.


Configure and troubleshoot Windows Vista by using
the Network and Sharing Center.


Configure and troubleshoot wireless networking.


Troubleshoot file and print sharing.

65348.book Page 367 Monday, October 22, 2007 4:27 PM

Networks have morphed and changed in the past few years.
Private-label protocols gave way to standardized TCP/IP, routers
became commonplace even in the home, and additional layers of
complexity, such as IPSec, IPv6, and software firewalls, were added. This is the age of the net-
work, and everything is connected. You have to provide seemingly unlimited uptime to your
users. If the network is down, it seems the computer is practically unusable. When problems arise
with access to resources, users will pound a path to your door. Using the advanced features of
networking in Windows Vista is great, but it’s not worth much if those technologies appear bro-
ken to your user base. Because of the increased reliance on these new technologies, it is now more
crucial than ever that they work correctly. You should be able to quickly diagnose and repair

problems that are causing the user to lose productivity due to network outages.
In this chapter, we will focus on the types of problems you can expect to see when working
with Windows Vista. By utilizing the skills found in the pages of this chapter, you will be well
on your way to understanding how to troubleshoot and repair problems that your users may
encounter.

Troubleshooting Network Protocols

When it comes to troubleshooting network protocols in Windows Vista, a strong understand-
ing of the inner workings of networking will get you halfway home. To round out your skills,
you just need to understand a few tools. Most of the time, networking problems will fall into
one of three categories:


Software: Most often a configuration problem


Physical: A failed NIC or cable


External problems: Failures of network devices such as routers
There isn’t much you can do about external problems that may occur, except determine that
Windows Vista is working and pass your findings on to the network administrator. We will
look at determining whether you have a software or physical problem and how to fix them, and
then we will look at a few steps you can take to further isolate external issues. Since IPv4 is the
most common protocol in use today, we will focus on it in our discussions. Most of the tools
and concepts we’ll look at will apply to IPv4 as well as IPv6, and where this is not true, we will
point out the differences. The most common complaint you will receive is that a user cannot
access a network resource; the resource most users complain about first is the Internet. In the
next sections we will explore some tools and techniques you can use to troubleshoot network

protocol problems.

65348.book Page 368 Monday, October 22, 2007 4:27 PM

Troubleshooting Network Protocols

369

Most of the time, the first step you will take is to verify whether the user is actually con-
nected to the network. Often the problem is with a network resource such as an e-mail server.
In these cases the Windows Vista client is connected to the network, but the resource being
down causes the users to think it is a network problem. It’s your job to confirm where the
problem lies, fix it if you can, and provide details on the issue to the next person who needs
to work on the problem if you can’t.
One of the easiest ways to verify network connectivity is to try to access a resource that is
unrelated to the one the user reported a problem with. For example, if the user cannot access
e-mail, see whether they can browse a website. If they can do one and not the other, the prob-
lem is likely not related to Windows Vista. One other thing you may want to check is whether
the network cable is plugged into the NIC. It seems basic, but this step can save countless hours
of troubleshooting only to discover this problem later. It is also probably a good idea to review
the basic settings on the machine to make sure everything is correct. Ensure they have a valid
IP, a default gateway, and DNS servers. You can see this information in the network proper-
ties, as discussed in Chapter 8, or by using a command-line tool called

ipconfig

, which we
will look at later in this chapter. Once these preliminary steps are complete, it is time to pull
a few tools out of your toolbox.


Using

ping

to Troubleshoot

ping

is a command-line tool that can help you verify connectivity and the availability of remote
network devices.

ping

sends an

Internet Control Message Protocol (ICMP)

message to another
device on the network and waits for that device to reply to the message.

ICMP is one of the protocols of the TCP/IP suite. This protocol is used mostly

for control messages between hosts

After the message is sent,

ping

times how long it takes for the message to make the round-
trip and provides this latency data in milliseconds. Without much analysis,


ping

provides you
with three very important pieces of information: whether the host you pinged is accessible,
whether the local system is able to communicate on the network, and an idea of the latency
between the local and remote system. You use

ping

by specifying the hostname or the IP
address you want to ping. By default,

ping

will send four separate ICMP messages and track
the round-trip time for each. It will also provide you with some statistics that you can use
when troubleshooting.
The following shows the results of running the

ping

command with no command-line
options to ping a server named cssrv01:

C:\>ping cssrv01
Pinging cssrv01.consortioservices.local [192.168.0.2]
with 32 bytes of data:

65348.book Page 369 Monday, October 22, 2007 4:27 PM


370

Chapter 7


Troubleshooting and Repairing Networking

Reply from 192.168.0.2: bytes=32 time=1ms TTL=128
Reply from 192.168.0.2: bytes=32 time<1ms TTL=128
Reply from 192.168.0.2: bytes=32 time<1ms TTL=128
Reply from 192.168.0.2: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 1ms, Average = 0ms

Let’s a take a closer look at these

ping

results. The first line tells us three things about the
host that was pinged: the

fully qualified domain name (FQDN)

, the IP address, and the amount
of data sent in each message—in this case, 32 bytes. This is followed by the results of each of
the four ICMP packets, complete with the amount of time the packet took to go from the local

host to the remote host and back. Finally we get a little statistical data about packet loss and
the minimum, average, and maximum time the packets took to make the loop. So what does
this mean? In this case, it tells us that the local machine is on the network and the server cssrv01
is also accessible on the network.
If everything is working, you will receive the output as shown previously with bytes, time,
and TTL, but you could also receive several different messages that could indicate a problem.
The following are some common

ping

replies that are less than desirable:

Destination Net Unreachable

This reply indicates that the network or subnet of the address
you pinged is not accessible or could not be found. This could indicate a problem with a net-
work device such as a router, or it could mean that your default gateway configuration is
incorrect or missing.

Destination Host Unreachable

This indicates that the network the host is on was found suc-
cessfully but the host you specified could not be found. This could mean that the host you are
pinging is offline. This will also be the error you receive if you attempt to ping an IP address
that is part of your subnet but that is not in use.

Request Timed Out

When you receive the message that the request timed out, it means that
too much time has gone by and


ping

has not received a reply. The default timeout of

ping

is
4000 ms, which equals 4 seconds, and you can specify a different timeout using command-line
options. This does not necessarily indicate that a system is down; sometimes on slow networks
it could take longer than 4 seconds for a host to reply. However, most hosts should reply inside
of 4 seconds and if they don’t the latency may cause other unforeseen problems.
Most of the time using

ping

with the default settings is all you will have to do in order to
troubleshoot problems. However, you can use a good number of options to modify how the

ping

command works. Since many of these won’t be used, except in rare circumstances, we
will cover a few of the more useful parameters:

-a

The

-a


parameter allows you to specify an IP address and have

ping

attempt to resolve
the hostname that the IP belongs to. Without the

-a

parameter, if you ping an IP address the
first line of the

ping

output will just echo the IP address you specified.

65348.book Page 370 Monday, October 22, 2007 4:27 PM

Troubleshooting Network Protocols

371

-t

When using the

ping

command with the


-t

option, the utility will no longer send just
four packets—in fact, it will continue sending packets until you force it to stop. This is useful
if you just remotely rebooted a server or network device and you want

ping

to “watch” for
the host to come back online. To stop the utility when using the

-t

parameter, press Ctrl+C.

-w

This allows you to specify an amount of time, in ms, to wait before timing out. Once this
time has lapsed, if a reply has not been received you will see the “Request timed out” message
we discussed earlier. The default timeout is 4000 ms, or 4 seconds. When changing this option,
keep in mind that this timeout applied to each packet sent. Therefore, if you specify a timeout
of 30 seconds, that means

ping

could run for two minutes, assuming you used the default of
four packets and

ping


does indeed time out.
When using

ping

, you want to utilize an inside-out approach to troubleshooting. Start by ver-
ifying the components inside Windows Vista and then move outward on the network one step
at a time. Using the following steps, you can quickly determine where a network problems lies:

Step 1: Ping the loopback address

Start by pinging the loopback address, 127.0.0.1 for IPv4
or ::1 for IPv6. A reply here indicates that the TCP/IP suite on Windows Vista is operating.
If you fail at this step, you probably have some corruption in the default TCP/IP stack or some-
thing is incorrectly configured. Take some time to review your configuration.

Step 2: Ping the default gateway

Next, you will ping the IP address of the default gateway.
You do this for two reasons. First, if you can ping another host, it verifies that your system can
communicate on the network, meaning the NIC and network cable are all functioning. In real-
ity, you can accomplish this goal by pinging any host on the network, but the default gateway
is a known address and easy to find. Second, by pinging the default gateway, you kill two birds
with one address because this also verifies that the default gateway is up and accessible.
If you are unable to ping the default gateway, it could indicate a problem with hardware, con-
figuration, or the default gateway itself. Try pinging another host on the local subnet to verify
configuration and hardware. If that also fails, check your settings to verify everything is cor-
rect. If the settings are correct, you may need a new NIC or network cable. If the host replies,
your default gateway may be down. In this case, verify that you have the correct default gate-
way addresses configured and, if so, escalate the issue to a network administrator.


Step 3: Ping a remote host

If you have made it this far, you have determined that the client
can communicate on the network and with its default gateway. Next, you should attempt to
ping the address of a device on a different subnet or even the Internet. This will verify that your
default gateway and the other routers on the network are correctly routing packets. If you
make it here and this step fails, you can be pretty sure that Windows Vista is working correctly
and that the problems likely lies somewhere else on the network. At this point, you probably
need to hand over your findings to the network administrator for further investigation.

Using

tracert

to Troubleshoot

Another handy tool for troubleshooting network problems is

trace route

, the actual command
for which is

tracert

. As the name implies, the trace route tool will trace the network route
between the local machine and a remote device. Like

ping


,

tracert

sends ICMP packets to

65348.book Page 371 Monday, October 22, 2007 4:27 PM

372

Chapter 7


Troubleshooting and Repairing Networking

the remote host and waits for the reply; the difference comes in how it sends the packets.

tracert

will send a packet to each hop or route along the way to the destination and return the
statistics of each packet to the user. The first device pinged is your default gateway; when the
default gateway responds, it includes the IP address of the router that it will send the packet to
next.

tracert

then sends a packet to that router, which responds and returns the next router
along the way to the host. Eventually,


tracert

will send messages to all the routers along the
way, and one of them will return the IP address of the destination host. Once this happens, the
trace route tool will send one last message to the host.

tracert

sends out a lot more packets than

ping

and to a lot more hosts.
Because of this, it can take a while for

tracert

to run its course, especially

if there are a lot of hops or if there is high latency.

Once complete, you will have a picture of all the devices and the route between the local
and remote host. The following are the results returned from pinging Google.com from a Win-
dows Vista machine:

C:\>tracert google.com
Tracing route to google.com [64.233.167.99]
over a maximum of 30 hops:
1 1 ms 1 ms <1 ms 192.168.35.1
2 2 ms 2 ms 2 ms 10.35.16.1

3 56 ms 56 ms 56 ms clsp-dsl-gw06-198.clsp.qwest.net
[67.42.184.198]
4 56 ms 56 ms 56 ms clsp-agw1.inet.qwest.net
[67.42.184.93]
5 56 ms 56 ms 56 ms cls-core-01.inet.qwest.net
[205.171.152.65]
6 56 ms 56 ms 56 ms cls-core-02.inet.qwest.net
[205.171.152.58]
7 69 ms 70 ms 70 ms kcm-core-02.inet.qwest.net
[205.171.8.198]
8 82 ms 83 ms 82 ms cer-core-01.inet.qwest.net
[67.14.8.10]
9 83 ms 83 ms 100 ms chx-edge-01.inet.qwest.net
[205.171.139.162]
10 82 ms 83 ms 84 ms 63.144.64.134
11 83 ms 90 ms 83 ms 216.239.46.5
12 84 ms 84 ms 83 ms 66.249.94.135
13 83 ms 92 ms 89 ms 72.14.232.70

65348.book Page 372 Monday, October 22, 2007 4:27 PM

Troubleshooting Network Services at the Client

373

14 84 ms 83 ms 84 ms py-in-f99.google.com
[64.233.167.99]

Trace complete.


The host trace route was run on was a member of the 192.168.35.0 subnet, so as you can
see in the previous output, the first device is the default gateway for that subnet. The second
address is a private IP address, so it’s safe to assume that it’s another router on the internal net-
work. Hops 3 through 9 all return the name of the device, which will happen if DNS can resolve
the name. As you can see, these are all qwest.net routers, which happens to be the ISP for the
Windows Vista machine. Next, you will see in hops 10 to 13 only IP addresses; chances are
these are routers on the Internet. Finally, you see a reply from the host we specified.

tracert

is one of those tools that, for the desktop administrator, has limited usefulness. It
is designed to troubleshoot network problems, not operating system issues. However, it is often
useful to gain a better understanding of a potential problem. If at any time

tracert

hits a hop
where the router is inaccessible, you will receive the following:

11 83 ms 90 ms 83 ms 216.239.46.5
12 84 ms 84 ms 83 ms 66.249.94.135
13 * * * Request timed out.
The asterisk (*) indicates a timeout. You will notice this timeout happened after hop 12,
which means the packet made 12 hops, successfully connected to the 66.249.94.135 router,
and then timed out. In turn this means the next router in the route is unavailable for one reason
or another. Providing the trace route information to your network administrator can be more
helpful than just telling them that a ping has timed out, for example.
Troubleshooting Network Services
at the Client
We talked about configuring DHCP and DNS in Chapter 6. When it comes to troubleshooting

these services, there are a few tools at your disposal to help to find out why a user may be expe-
riencing problems. In the next sections, we will take a look at these tools and at a few tech-
niques you can use to solve problems that may occur with DNS and DHCP.
Troubleshooting DNS
When clients are having DNS problems, the most likely complaint will be an inability to access net-
work resources. Remember, DNS resolves friendly resource names, such as ExSrv01, into an IP
address so the computer can communicate with it. When this service is having problems, Windows
Vista will be unable to obtain IP addresses for resources and hence will be unable to communicate
with resources. The first thing you need to do is to verify that you are in fact having trouble with
65348.book Page 373 Monday, October 22, 2007 4:27 PM
374
Chapter 7

Troubleshooting and Repairing Networking
DNS. You can do this by using ping, as we discussed earlier. If you can’t ping a resource by name
but you can ping resources by IP address, you might have a DNS problem. If ping -a fails to return
a resource’s name, you might have a DNS problem. If you’re able to resolve the NetBIOS name but
not the FQDN of the resource, you might have a DNS problem.
The first step is to verify that the client is pointing to the correct DNS servers and to make
sure these servers are accessible. In other words, look at the client configuration and ping the
DNS servers. If you are unable to connect to the DNS servers, you may need to escalate the
issues to the network administrator. Beyond these basic steps, one of the most useful tools for
DNS troubleshooting is nslookup.
Introducing nslookup
nslookup, short for name server lookup, is a tool that allows you to resolve names and IP
addresses specifically using DNS as the resolver. This is important because there are several
other ways that Windows Vista can resolve names to IP addresses and we want to narrow our
focus to just DNS resolution. nslookup also has some advanced features that allow you to
specify specific DNS servers or resolve different types of records. In reality, there is a wealth
of information available from nslookup, but a good portion of the data is better suited to

troubleshooting problems that may exist on a DNS server or with the DNS architecture. Much
of this is beyond the scope of this book, so our focus will be on the options of the nslookup
command that allow us to do some simple troubleshooting from the perspective of the Win-
dows Vista client.
Using nslookup to Troubleshoot DNS
You can run nslookup in one of two modes: interactive or noninteractive. In noninteractive
mode, you simply run the program and pass in the name of the resource or IP address you want
to resolve. When using nslookup noninteractively, there are two parameters that you can specify:
host The first parameter you pass into the nslookup command specifies the name or IP
address of the host that you want to resolve.
server Using this parameter you can specify a specific DNS server. Omitting this parameter
will cause nslookup to use the default DNS server configured in the system’s IP settings. This
is a handy feature that allows administrators to connect to and troubleshoot the DNS server
that a user connects to even if is not the administrator’s DNS server.
The following shows the results of running the nslookup command noninteractively to
return information about an Internet domain:
C:\>nslookup consortioservices.com
Server: cssrv01.consortioservices.local
Address: 192.168.0.2:53
Non-authoritative answer:
Name: consortioservices.com
Address: 67.41.72.126
65348.book Page 374 Monday, October 22, 2007 4:27 PM
Troubleshooting Network Services at the Client
375
When running nslookup in noninteractive mode, you receive some brief but very useful
information. The first piece of data tells you which DNS server nslookup used to resolve the
IP address. This confirms that the DNS server is up and we are able to connect. The second
piece of information is the results of your DNS query. In this case, we receive the name and
the IP address of the resource we wanted; this tells us that DNS is working.

Keep in mind that nslookup makes no attempt to connect to the resource
you are querying. When you receive a response from nslookup, it only means
that the resource was found in DNS—it does not mean the resource is avail-
able. Use the ping command to further determine whether the host is
online.
If nslookup is unable to connect to the DNS server specified or the default server, you will
receive a timeout error. Here are the results if you run nslookup and the client is pointed to
the incorrect IP address for a DNS server or if the DNS server is down:
C:\>nslookup consortioservices.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.25.66:53
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
In this case, the DNS server with an IP of 192.168.25.66 is offline, and this causes nslookup
to time out. At this point, you should escalate the issue to a network administrator.
If you want to get more details, you can run nslookup interactively. To do so, you just
run nslookup from the command line without any parameters. This will switch you to the
interactive nslookup command prompt. This is a great mode to use if you need to look up
several pieces of information. If you enter a hostname or an IP address at the nslookup
prompt, it will result in the same output as running nslookup noninteractively. The power
of interactive mode comes in the extra options you have for querying DNS. When you
resolve the IP address of a hostname in DNS, you are looking up the Address (A) record for
that host. The A record is just an entry of the host’s name and its IP address. There are many
different record types that DNS stores—for example, the Mail Exchanger (MX) record con-
tains the IP address of the mail server for an Internet domain. It is this address that will be

used when sending e-mail to a specific domain. To look up a different type of record, you
use the set type option of nslookup, which tells the program to return details for the type
of record you specified instead of the A record.
65348.book Page 375 Monday, October 22, 2007 4:27 PM
376
Chapter 7

Troubleshooting and Repairing Networking
The following shows the commands you would need to enter to look up the MX record for
a domain, and then Exercise 7.1 explains how to use nslookup to resolve some DNS records:
C:\>nslookup
Default Server: snafu2k.snafu.local
Address: 192.168.0.10:53
> set type=MX
> consortioservices.com
Server: snafu2k.snafu.local
Address: 192.168.0.10:53
Non-authoritative answer:
consortioservices.com MX preference = 0, mail exchanger =
mail.consortioservices.com
consortioservices.com nameserver = dns11.register.com
consortioservices.com nameserver = dns12.register.com
mail.consortioservices.com internet address = 67.41.72.126
dns11.register.com internet address = 216.21.234.76
dns12.register.com internet address = 216.21.226.76
>
EXERCISE 7.1
Using nslookup Interactively
In this exercise, you will use nslookup/exe to resolve a hostname to an IP address and to look
up an MX record for an Internet domain.

1. At a command prompt, type nslookup.exe.
65348.book Page 376 Monday, October 22, 2007 4:27 PM
Troubleshooting Network Services at the Client
377
2. Enter the name of an Internet domain, for example microsoft.com, and press Enter.
You should receive the results of a DNS query that returns the IP address or addresses
for that domain.
3. Change the record type for your query to MX by typing set type=MX and pressing Enter.
The only confirmation that the previous command was successful will be that you
receive no errors and are returned to the > prompt.
4. Enter the same Internet domain you used in step 2.
EXERCISE 7.1 (continued)
65348.book Page 377 Monday, October 22, 2007 4:27 PM
378
Chapter 7

Troubleshooting and Repairing Networking
nslookup is a powerful DNS troubleshooting utility, but most of its features are more than
you will need to troubleshoot DNS from the Windows Vista client. In general, a simple non-
interactive query will be enough to determine whether the client is getting DNS resolution.
Troubleshooting DHCP
DHCP is simple; if a DHCP server is available and you have configured Windows Vista to
use DHCP, you should get your IP address and related settings at boot time. If something is
wrong with DHCP, you will probably get an automatic IP address or no IP address at all.
When this happens, you can try a few tricks in order to correct the problem. The tool you
will most likely use to troubleshoot and repair DHCP problems is ipconfig.
Introducing ipconfig
ipconfig is another command-line tool that is useful for network troubleshooting. On the
surface, ipconfig provides you with information about the IP settings for the computer. In
fact, if you’re using DHCP, it’s one of the only places you will be able to find out which IP

address has been assigned. Running the ipconfig command without any parameters will
return a basic output of information about the IP address, subnet mask, and default gateway
for each of the network cards installed in the system.
The following shows the results of running ipconfig with no additional parameters:
C:\>ipconfig
This should return information about the mail servers this domain used to accept and send
e-mail over the Internet. If you don’t receive a list of mail servers, this probably means that
this domain is not set up to send e-mail, in which case you should try Microsoft.com.
EXERCISE 7.1 (continued)
65348.book Page 378 Monday, October 22, 2007 4:27 PM