** Private IP Address Spaces (by IANA ; Internet Assigned Numbers Authority)

   10.0.0.0 ~ 10.255.255.255     A Single class A network number
   172.16.0.0 ~ 172.31.255.255   16 contiguous class B network numbers
   192.168.0.0 ~ 192.168.255.255   255 contiguous class C network numbers

**  APIPA (Automatic Private IP Addresses)  

    169.254.0.1 ~ 169.254.255.254  

The DoD and OSI models

* The Host-to-Host layer's main purpose is to shield the upper-layer applications from the complexities of the network.  This layer says to the upper layer, "Just give me your data stream, with any instructions, and I'll begin the process of getting your information ready to send."  Two protocols at this layer ; TCP and UDP

* The Internet Protocol (IP) essentially is the Internet layer (DOD model).  The other protocols found here (such as icmp, arp, rarp) merely exist to support IP.

Port Numbers ; TCP and UDP must use port numbers to communicate with the upper layers.  Port numbers keep track of different conversations crossing the network simultaneously.  Originating-source port numbers are dynamically assigned by the source host, which will be some some number starting at 1024.  1023 and below (1~1023) are defined in RFC 1700, which is called well-known port numbers.

ICMP ; The Internet Control Message Protocol works at the Network layer and is used by IP for many different services.  ICMP is a management protocol and messaging service provider for IP.  Its messages are carried as IP datagrams.

ARP ; The Address Resolution Protocol finds the hardware address of a host from a known IP address. 
When IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet or Token Ring, of the destination's hardware address on the local network.  (It has already been informed by upper-layer protocols of the destination's IP address.)  If IP doesn't find the destination host's hardware address in the ARP cache, it uses ARP to find this information.  
** hardware address ; media access control (MAC) address ; Ethernet address ; physical address

RARP ; When an IP machine happens to be a diskless machine, it has no way of initially knowing its IP address, but it does know its MAC address.  The Reverse Address Resolution Protocol (RARP) discovers the identity of the IP address for diskless machines by sending out a packet that includes its MAC address and a request for the IP address assigned to that MAC address.  A designated machine, called a RARP server, responds with the answer, and the identity crisis is over.   RARP uses the information it does know about the machine's MAC address to learn its IP address and completed the machine's ID portrait.

DNS

Resolver (Client) ----> DNS Server  : recursive query  (->complete answer or error)
DNS Server ---------> Other DNS Server : iterative query

* Recursive Query : A question asked with the expectation that the response will be either the complete answer or an error, nothing else.

* Iterative Query : A question asked with the expectation that the best information available will be returned so that more queries can be sent based on that information.

-- The iterative queries are hidden from the resolver.

The DNS client sends a recursive query to its preferred DNS server.  If the preferred DNS server is not authoritative for the host domain in the query, it will issue a series of iterative queries to other DNS servers.  Each queried DNS server can respond with a Referral to another DNS server that brings the query closer to resolution.  (If a DNS server receives a recursive query for a domain for which it is not authoritative, it must complete recursion by issuing iterative queries.  The iterative query process may begin with the Root DNS servers if the target domain in the query is not contained in the DNS server's cache.)

Resolving hostnames sequence ; (1) Cache -> (2) Zone file -> (3) Iterative Query
　

NetBIOS vs. WINSOCK

Network-enabled applications for Microsoft operating systems interact with TCP/IP protocol stack via one of two session layer interfaces ;
   * the Windows Socket (Winsock) interface,  or
   * the NetBIOS interface  

* NetBIOS applications interface with the TCP/IP via the NetBIOS interface ; NetBIOS over TCP/IP ; NetBT
The primary function of NetBT is to resolve NetBIOS name to IP addresses.

* Programs that were specifically written for TCP/IP-based networks use the Winsock interface.

Second-level Domain

For an organization to have a place in the domain name space that is separate and distinct from all other organizations, they must obtain a second-level domain name, like microsoft.com, garygoh.net etc.
The root, top-level, and second-level domains are the only centrally managed aspects of DNS.  You, as the DNS administrator for your organization are responsible for all domains underneath your second-level domain name.

The FQDN is a combination of a host name and that host's domain name.  The FQDN contains two elements ; a lebel that includes a domain or host name, and period ("dots").   upto 63 bytes per a label, 255 bytes per FQDN
The underscore is not supported.  Windows 2000 will replace the NetBIOS underscore characters with a dash.

A Root Name Server in a company is the DNS server or servers that has authority for your second-level domain.

A Delegation is a way of informing DNS clients of what DNS server or servers are authoritative for your sub-domains.  The root name server is authoritative for your second-level domains, and may contain delegations for your sub-domains.

A Zone can contain records for multiple domains, as long as those domains are contiguous.  A single DNS server can host multiple zones.  Zones get their names from the "root" or highest-level domain contained in that zone.

Zone Transfer

The zone transfer process can be considered a "PULL" operation.  This is because the Secondary DNS server initiates the zone transfer process.  The secondary DNS server will initiate a zone transfer when ;
(1) A Primary DNS server sends a 'notify' message to the Secondary DNS server informing it that there has been a change to the zone database.
(2) The Secondary DNS server boots up.
(3) The Secondary DNS server's refresh interval has expired.
The Secondary DNS server will first query for SOA record before initiating a zone transfer.

Cache.dns file

If you wish to resolve Internet host names, the cache.dns file (also referred to as the root hints file in Windows 2000) must contain the names and IP addresses of the Internet Root servers.  If you do not wish to connect to the Internet and only need to connect to the intranet domains, the cache.dns file should contain the names of DNS servers that are authoritative for the top level of your intranet domain name.

Caching-Only Servers

All DNS servers have a cache.dns file (root hints file) that contains the IP addresses of all Internet Root Servers.  The Caching-Only Server uses this list to begin building its cache.     -> No zone transfer traffic.  Can be configured as secure DNS forwarders.
　

Slave Server / Caching-Only Forwarder combination

We can place a Caching-Only forwarder on the outside of a firewall and configure our internal DNS server to be a Slave Server.    Our internal Slave Server will not attempt to resolve the host name itself. (check @ Do Not Use Recursion)   The Slave then returns what the forwarder told it to the DNS client, and the query fails.

Devolution of the DNS query ;

"Append parent suffixes of the primary DNS suffix" option specifies whether resolution for unqualified names issued by the computer includes the parent suffixes of the primary DNS suffix up to the second-level domain.
Example ; type at command prompt 'ping xyz' (unqualified request ; only a host name, no domain specified)
first try xyz.dev.west.tacteam.net -> xyz.west.tacteam.net -> xyz.tacteam.net (second-level)

The Windows 2000 DNS client by default register its own Host (A) address records with the Primary DDNS server for its zone.   If you uncheck "Register this connection's addresses in DNS" and the DNS client is also a DHCP client, the DHCP server will register both the Host (A) and Pointer (PTR) records for the host on the dynamic DNS server.

DHCP

* A DHCP server leases addresses.  DHCP client do not keep their IP addressing information indefinitely.

* The lease process (DORA) : Discover -> Offer -> Request (or Decline) -> Acknowledgement (or Nack.) 

* All DHCP messages are broadcast messages that are broadcast to the IP and MAC hardware addresses.

* DHCP clients first attempt to renew their lease at 50% of their lease period.  They will try again at 87.5% of their lease period if they were not able to renew the lease at the 50% mark.

* BOOTP Relay ; DHCP broadcast messages can be forwarded to remote DHCP servers by enabling BOOTP Relay on RFC-compliant routers.

* DHCP relay agent ;  DHCP broadcast messages can be conveyed without forwarding broadcasts to remote DHCP servers by using DHCP relay agents that intercept the broadcasts and forward the broadcast request as a unicast message to a remote DHCP server.

* DHCP servers store groups of IP addresses to hand out to DHCP clients in scopes.  Each scope represents a different subnet, and only a single subnet can be included in a subnet.

* BOOTP is used to assign IP addressing information to diskless workstatioins such as Net PC and other "dumb" client machines.

* Superscope is an administrative unit that allows you to manage multiple scope as a single entity.   Superscopes are useful when you wish to include multiple scopes on a single physical segment.

* Use DHCP relay agent on segments that do not have a DHCP server located on them.  The DHCP relay agent will intercept DHCP messages from DHCP clients and forward those messages to a DHCP server on remote subnets (via unicast).

* If you choose not to use a DHCP relay agent, you can configure your routers to provide BOOTP forwarding.   When enabled, BOOTP forwarding allows DHCP message to pass through the router.  Be mindful of the hop count for DHCP messages when using BOOTP forwarding to allow DHCP clients to access remote DHCP servers.

* DHCP clients can self-configure their IP addressing information using Automatic Private IP Addressing (APIPA).  If the DHCP clients is not able to contact a DHCP server, it will self assign an IP address in the Class B network ID of 169.254.0.0.   You can disable APIPA by editing the registry.  It is often a good idea to disable APIPA on certain machines, such as servers, on your network.

WINS

* NetBT ; NetBIOS applications are written to interact with the networking protocols via the NetBIOS interface.  The Microsoft implementation of the NetBIOS interface for TCP/IP is called NetBIOS over TCP/IP, or NetBT.

* NetBIOS applications use the NetBIOS name as the endpoint of communication.   TCP/IP uses IP addresses and port numbers.  NetBIOS names must be translated to IP addresses via a process called NetBIOS Name Resolution.

* WINS servers register the NetBIOS name and IP addresses of WINS clients.  WINS servers also respond to request for NetBIOS name resolution.

* A WINS client is a computer that can be configured to register its NetBIOS name with a WINS server, and that can query a WINS server for the IP address of a particular NetBIOS name.

* The WINS Proxy Agent intercepts NetBIOS name resolution requests broadcast on a local segment and forward those to a WINS server for name resolution.  They are typically used to allow NetBIOS name resolution via WINS for non-WINS clients.

* WINS replication partners can be push partners, pull partners, or both.
A push partner sends a pull notification message to its push partner after a defined number of changes have been made to the WINS database.
A pull partner sends a pull request to its pull partner after a specific period of time has elapsed.
WINS replication partners can be configured as both push and pull partners.

* WINS servers can find each other via a process of Autodiscovery.  Autodiscovery is accomplished via multicast address 224.0.1.24.   Autoconfigured WINS replication partners are configured as push and pull partners.   The pull interval is two hours.

* A DNS server can query a WINS server for NetBIOS name resolution if the DNS server does not contain an entry for the sought-after host name.

* WINS servers and DHCP servers do not communicate directly with each other.   DHCP options can be used to assign WINS server IP addresses to DHCP clients, and the NetBIOS node type can also be set via DHCP options.