Networking for the Internet or an Intranet
The Internet is a network of networks. An intranet is a smaller, contained network, such as that found within a corporation.
This chapter explains:
- Routers and security devices.
- Typical network configurations.
- Administering servers by using Internet Service Manager.
- Using the discovery mechanism to find other computers on your network.
- Microsoft Internet publishing requirements.
- Issues involved in publishing on a private intranet.
- Internet Explorer for network users.
- Using Simple Network Management Protocol (SNMP) monitoring.
This section explains the basic Transport Control Protocol/Internet Protocol (TCP/IP) networking requirements for nearly all Web sites, especially those with multiple Web servers. For issues specific to the Internet or to intranet publishing, see those sections later in this chapter.
TCP/IP is a routeable protocol, meaning that each piece of information (packet) has a specific address that it is routed to. Dedicated routers connect two networks and route packets between them. The routers check the destination for each packet on one network, and if the destination is on the routers other network, it routes the packet to its destination.
Routers can be configured to allow only certain packets between networks, a process called packet filtering. Packet filtering can be used to prevent users from seeing or connecting to internal computers and resources.
If you have a TCP/IP network you probably have routers in your network already. Often an Internet Service Provider (ISP) will install a router between the Internet and your Web server. You can often use this router to filter the incoming and outgoing packets. See your ISP or router documentation for more information about configuring routers or similar security devices.
This section describes typical network configurations for an intranet site or an Internet site.
If you are publishing only to your own intranet, Internet Information Server can be integrated into any TCP/IP network. If Dynamic Host Configuration Protocol (DHCP) and Windows Internet Name Service (WINS) are enabled on your network, clients can use the Web servers computer name to connect with the server. If Domain Name System (DNS) is enabled on your network, you will use host names.
If you will have only one computer running Internet Information Server at your site, your Internet Service Provider (ISP) can help you with many details, such as router configuration and the IP address of the default gateway that your Web server will use.
If you have multiple computers running Internet Information Server on your network, you must configure their TCP/IP settings to operate correctly through your Internet connection configuration, including any routers used between your servers and the default gateway.
Typically, sites with more than one computer running Internet Information Server will add another router. With the addition of another router, the servers can be grouped into a single subnet isolated from your private network, as shown in the following diagram.
To create a subnet you will need:
- One computer with two network adapter cards and Windows NT TCP/IP routing enabled, or a dedicated router for your subnet.
See Help in Windows NT for the procedure to create a simple router on a computer running Windows NT and for the procedure to set routing tables by using the route command.
- Valid IP addresses for every network adapter card in your subnet and the correct subnet mask.
- Correct default gateway IP address configurations.
You can just connect your entire intranet to the Internet, rather than connecting a subnet containing only your IIS servers to the Internet. However, there are many security implications to connecting an intranet to the Internet. You should thoroughly understand the security implications and understand TCP/IP networking before you decide to integrate your entire network with the Internet. Integrating a network with the Internet requires information that is outside the scope of this manual. See Chapter 5, Securing Your Site Against Intruders, for more information about security, and consult the Internet or other sources for additional information about Internet security, firewalls, and TCP/IP networking.
You can install Internet Service Manager on Windows NTbased computers from which you will administer computers running Internet Information Server on your network. Internet Service Manager can be installed on computers running Windows NT Workstation or Windows NT Server.
Your ISP will provide you with the Internet IP addresses, subnet mask (if any), and your default gateway configuration.
For over-the-network installation, use File Manager or Windows NT Explorer to create a network share containing the Admin folder on the compact disc. You can then install Internet Service Manager to administer the services from any computer on the network running version 4.0 or later of Windows NT Workstation or Windows NT Server ¤. You can also administer Internet servers over the network by using your Web browser. For more information, see Chapter 3, Configuring and Managing Internet Information Server.
Microsoft Internet Service Manager has a discovery mechanism that finds computers running Microsoft Internet services on your network. You can choose Find All Servers in the Properties menu to discover the Microsoft Internet Information Server computers on your network.
If WINS servers are used on your network, the discovery process used by Microsoft Internet Server is automatic.When Microsoft Internet Information Server starts, it automatically registers its available services with your WINS servers. Thus, when Internet Service Manager queries the network for computers running Microsoft Internet services, the WINS servers return the registered services. Internet Service Manager then displays the returned services.
Notes You will only be able to administer sites for which you are a registered administrator.
This feature is not available in the HTML version of Internet Service Manager.
If WINS servers are not available, discovery uses TCP/IP broadcasts to perform the same functions. Discovery will not work if you do not have WINS servers, or if the servers reside across routers and cannot be discovered by using broadcasts.
For the world to reach your site, you must have an Internet connection. Connections to the Internet are usually leased from ISPs. In addition to providing your physical Internet connection and IP address (and subnet mask if appropriate), your ISP can provide many of the Internet services, such as domain name registration, routers, and DNS service.
Your connection to the Internet will be through a network adapter card or other network device, such as a modem or Integrated Services Digital Network (ISDN) card. Internet bandwidth is measured in bits per second (bps).
Your server configuration and Internet bandwidth determine how fast data gets to your computer and how many requests can be serviced simultaneously. As the number of computers getting data through your Internet connection increases, delays or failures will occur unless you have enough bandwidth.
When you lease an Internet connection a network cable is installed by your ISP to your site. Leased connection speeds in the United States range from 56,000 bps (with Frame Relay) to 45,000,000 bps (with a T3 connection). A dial-up ISDN line can offer speeds up to 128,000 bps.
The connection types described in the following table represent typical levels of service for full Internet connections in North America and Japan. The Internet services offered through Internet service providers in other countries may differ significantly. You may observe further differences, depending on the nature of your hardware, the content you make available from your site, and other variables.
||Simultaneous Users Supported|
||varies as needed
A light-duty server can use Frame Relay or ISDN. A server with medium traffic might have a T1 line or some fraction of a T1 line installed. Large businesses that expect heavy Internet traffic may need fractional or multiple T1 lines or even T3 service in order to handle thousands of users.
Modem connections to the Internet are available, but are typically used for individual client browsing, and are not recommended for servers. A connection to the Internet using a phone line and modem can service only two or three simultaneous users. (Modem connections might be used for text-only Internet servers with only a small number of potential users.) Modem connections are often called slow links because data is transmitted at the speed of the modem, typically from 9,600 to 28,800 bps, far too slow for efficient operation of an Internet server.
The Internet is a world-wide collection of individual Transmission Control Protocol/Internet Protocol (TCP/IP) networks. Each computer on the Internet has a unique address (IP address). Information is transmitted on the Internet in data packets. Each packet is addressed to a specific computers IP address, such as 10.212.57.189.
Because IP addresses are difficult to use and remember, the Domain Name System (DNS) was created to pair a specific IP address, such as 10.189.54.1, with a friendly domain name, such as microsoft.com. When a user browses the Internet by using a domain name, the browser first must contact a DNS server to resolve the domain name to an IP address, then contact the computer with that address.
This has two implications for your Internet Information Server:
- You must have a permanent IP address assigned to a server on the Internet.
- You must register a domain name in the DNS for your permanent IP address.
Your ISP will generally provide your IP addresses and may also register your domain names. Contact the Internet Network Information Center (InterNIC) or your ISP for more information about DNS registration.
Your ISP must provide you with a connection, one or more IP addresses (and subnet mask, if appropriate), and usually the IP address of at least one DNS server. Internet service providers often offer additional client services. You will need additional software to use these services.
Mail services are used to exchange electronic mail. The Simple Mail Transfer Protocol (SMTP) is used for Internet mail.
News services give you access to a Network News Transfer Protocol (NNTP) server. Using a news reader, you can read messages posted in the thousands of available news groups. Usenet is one of the more popular public news services.
Microsoft Internet Information Server can also be used on any private TCP/IP network to provide files and applications to network users. This section explains how to plan for publishing on a private intranet. Issues to be considered include:
If you want intranet clients to be able to use friendly names with Internet Explorer when browsing Web servers, you must provide a name resolution system for clients.
- Name resolution systems
- Using DHCP
- Using computer names in URLs
- SNMP monitoring (if used at your site)
Windows NT Server offers you the advantage of automatic IP address administration with the DHCP server and WINS server methods for name resolution offered by WINS servers.
A WINS server is a Windows NT Serverbased computer running Microsoft TCP/IP and WINS server software. A WINS server maintains a database that maps TCP/IP addresses to Windows Networking NetBIOS computer names.
Microsoft Internet Information Server uses WINS server software to map TCP/IP addresses to computer names on the network. WINS uses Microsoft Networking computer names, which makes it much more flexible than DNS for name resolution. WINS also provides a dramatic reduction of IP broadcast traffic in internetworks, while allowing client computers to easily locate remote systems across local or wide area networks. If you use WINS servers on the Internet, your computers must be using valid Internet IP addresses.
An LMHOSTS file is a simple text file resolving Windows computer names to IP addresses. If you have a small or infrequently changing network you can distribute an LMHOSTS file to each computer in the network. Each time a host changes you will have to manually change the LMHOSTS files.
You can maintain a DNS server and Internet-assigned TCP/IP domain names as used on the Internet. If you plan to connect your network to the Internet, your IP addresses and DNS server routing configuration must be valid for the Internet.
A HOSTS file is a simple text file resolving DNS domain names to IP addresses. If you have a small or infrequently changing network, you can distribute a HOSTS file to each computer. Each time a host changes you will have to manually change the HOSTS files.
You can take advantage of DHCP server automatic IP address administration.
A DHCP server is a Windows NT Serverbased computer running Microsoft TCP/IP and the DHCP server software.
If you use DHCP servers, you must use WINS servers for clients to have automatic IP address name resolution in a Wide Area Network (WAN) environment. DHCP is defined in Requests for Comments (RFCs) 1533, 1534, 1541, and 1542. See Tcpip.hlp in Windows NT Server for more information about DHCP servers.
Refer to Windows NT Server documentation for more information.
When you connect to a server or create HTML files and links on an intranet, you must name computers in accordance with the name resolution system implemented on your network. For example, if you use WINS servers on your network, your links will use Windows computer names, such as http://sales1/homepage.htm, where sales1 is the name of the computer running Internet Information Server.
If you monitor your network by using Simple Network Management Protocol (SNMP), you can use the SNMP Management Information Bases (MIBs) provided by Microsoft Internet Information Server to monitor your Web server.
The MIB files included in the Sdk folder of the Microsoft Internet Information Server compact disc can be used by third-party SNMP monitors to enable SNMP monitoring of the WWW, gopher, and FTP services of Microsoft Internet Information Server.
Internet Information Server supports SNMP monitoring only. SNMP configuration is not supported.
You will need to compile the MIB files using the MIB compiler that comes with your SNMP software before using them with the Windows NT SNMP service. You must start the services to be monitored before configuring and starting the SNMP service on your Internet Information Serverbased computer. Once the SNMP service has been started on both the remote and local computers, you can use SNMP tools to monitor the running services.
© 1996 by Microsoft Corporation. All rights reserved.