Although
an enterprise network has many functional layers, this article focuses
on three key concepts that are critical to the functionality of a
Windows Server 2008 R2 environment. These three concepts—network
addressing, name resolution, and directory integration—provide for the
base-level functionality expected of any modern enterprise or even a
small business network, and they provide the backbone for the Windows
Server 2008 R2 infrastructure.
Detailing the Importance of Network Addressing
The first concept of a network is
network addressing. Network addressing allows for systems to be attached
to a network, and it lays the foundation to allow for communication
between network systems. Network addressing was historically configured
by proprietary network protocols, one for each network operating system
(NOS). This gave NOS designers a great deal of flexibility in tailoring
the communications components of their network to their specific design
needs but made it difficult to exchange information between networks or
systems running different network operating systems.
One of the first common
network protocols developed was the Transmission Control
Protocol/Internet Protocol (TCP/IP). TCP/IP was designed to interoperate
between a different variety of networks and network operating systems,
allowing network clients to speak a common language. The rise of this
protocol coincided with the widespread adoption of the Internet itself,
and it was this popularity and ubiquitous use of this protocol that led
Microsoft to choose it as the standard protocol for Windows 2000.
Windows Server 2008 R2 continues to use TCP/IP as the default network
protocol, fortifying its position within the Microsoft NOS world. And to
be frank, any company that develops an operating system that does not
support TCP/IP or the next-generation version, IPv6, will never have
widespread adoption in the business or consumer computer, network, and
Internet market.
TCP/IP requires that each
node or device on the network be assigned a unique IP address, such as
192.l68.206.10. One way to look at this is to consider that each
computer IP address is just like a phone number. Each household with a
phone has a unique number, but the neighbors may share a common area
code and prefix. TCP/IP networking works similarly in that each node’s
IP address on a common network will share some common number, called the
network number, and the unique portion is called the host number.
Each node that is
connected and desires to communicate on the network must be assigned an
IP address manually or by an automatic method. The automatic method is
provided by a service known as Dynamic Host Configuration Protocol or
DHCP. Of course with DHCP, proper planning and management of addresses
and configuration options is essential and, historically, many DHCP
services lacked functionality. This is where the Windows Server 2008 R2
DHCP service really shines with new features that will enable better
management and higher reliability.
Understanding Name Resolution
The
second concept or desired function on a network is name resolution.
Because humans understand and remember names better than they do phone
numbers, IP addresses—the need for name
resolution was realized early in the development phases of computer
networking. Name resolution can be described as matching a name to an IP
address for the purposes of establishing network communication.
Windows Server 2008 R2
provides two services that provide computer networking name resolution.
These two services are the domain name system (DNS) and the Windows
Internet Naming Service (WINS).
The first type, the domain
name system (DNS), translates fully qualified domain names (FQDNs) into
IP addresses, which allows them to be addressed in an Active Directory
or Internet DNS infrastructure. DNS name resolution is the standard for
all Internet name resolution and it is required in all Microsoft Active
Directory environments.
The second type of name
resolution, mapping legacy Microsoft NetBIOS names into IP addresses,
is provided by WINS. Although it is technically possible (and ideal) to
create a Windows Server 2008 R2 environment free of NetBIOS name
resolution, the truth is that divorcing a network from WINS dependency
is very difficult, so it will likely remain an active part of network
services in most organizations, at least for a few more years.
Note
When Windows Server 2008
DNS service was released, it introduced a new feature, known as the
GlobalNames zone. The GlobalNames zone provided single-label name
resolution for large enterprise networks that do not deploy WINS and for
which using DNS name suffixes to provide single-label name resolution
was not practical.
Examining Directory Integration
The third concept that is
critical to a functional Active Directory networking infrastructure is
Directory Integration. Having a centralized directory that contains a
database of all network clients, their services, user accounts, and
security groups that can be used to define security and permissions is
vital to any centrally managed modern computer network. Microsoft
provides the Active Directory Domain Services role to serve this
purpose.
The Active Directory
Domain Services role, included with Windows Server 2008 R2, is a core
service that is depended upon by many other roles and services hosted on
the network. As an example of this, the servers that host the Active
Directory Domain Services role, also known as domain controllers, are
accessed by other servers and workstations to verify
authentication to resources and to also locate resources on the
network. Domain controllers contain the full set of directory data used
for many networking functions, but certain domain controllers also host a
role known as the global catalog. The global catalog hosts a compact
subset of the entire Active Directory domain controller database that is
indexed, read-only, and used to provide faster results to directory
lookups and searches.
Subsequently,
choosing where to place domain controllers and domain controllers that
are also global catalog servers is critical to the design and operation
of the Windows Server 2008 R2 Active Directory infrastructure. Special
considerations must be made regarding this concept because access to
directory lookup and registration are crucial functions for Active
Directory clients on the network. Of course, before an Active Directory
client can locate or register with a domain controller or do a search of
the global catalog, they must first get on the network and find the
right systems hosting these services, through network addressing and
name resolution.
Outlining Networking Services Changes in Windows Server 2008 R2
Windows Server 2008
R2 introduces several functional improvements to networking services.
These improvements allow for increased administrative functionality,
greater reliability, and an overall increase in value for an
organization’s network infrastructure.
DHCP improvements
such as DHCP MAC address filtering for leases, DHCP delay in address
distribution for redundant DHCP architectures, and DHCP migration
improvements using the new Windows Server Migration Tools feature of
Windows Server 2008 R2 provide the functionality that many DHCP
administrators desired. WINS improvements include advanced database
searches and filtering in the WINS console, but the architecture and
functionality has not changed too much in this release.
