Upload
durin
View
27
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Module 2: Next Generation Networking. Module Overview. Networking with Windows Server 2008 New Networking Features DNS with Windows Server 2008. Lesson 1: Networking with Windows Server 2008. Review of Windows Server Network Architecture New Networking Features The New TCP/IP Architecture - PowerPoint PPT Presentation
Citation preview
Module 2:Next Generation Networking
Module Overview
Networking with Windows Server 2008
New Networking Features
DNS with Windows Server 2008
Lesson 1: Networking with Windows Server 2008
Review of Windows Server Network Architecture
New Networking Features
The New TCP/IP Architecture
Routing Compartments
IPv6
Demonstration: Introducing IPv6 Addresses
IP
Review of Windows Server Network Architecture
ICMP
Named Pipes
NDIS Wrapper
IP Forwarder
IP Filtering IGMP ARP
TCP
Windows Sockets
Application
Applications and User Mode Services
User
NetBIOSApplication
RPC Application
Win32 Wnet/Wininet Application
RPC WNet Wininet NetBIOS Support
Windows Sockets
Application Interfaces
Kernel
Redirector/Server
NetBT AFD
Packet SchedulerPacket Queue
Packet Queue
Packet Queue
Packet Queue
Packet Classifie
r
Traffic Control
Driver Interfaces
New Networking Features
IPv6 Enhancements
Next Generation TCP/IP Stack
Policy-Based Quality of Service
The New TCP/IP Architecture
Win
dow
s
Filte
ring
P
latfo
rm A
PI
IPv4
802.3
WSK
WSK Clients TDI Clients
NDIS
WLAN Loop-back
IPv4 Tunnel
IPv6 Tunnel
IPv6
RAWUDPTCP
Next Generation TCP/IP stack (tcpip.sys)
AFD
TDX
TDI
Winsock User ModeKernel Mode
• Dual-IP layer architecture for native IPv4 and IPv6 support• Better security through expanded IPsec integration• Improved performance via hardware accelerationQ• Network auto-tuning and optimization algorithms• Greater extensibility and reliability through rich APIs
Routing Compartments
Corporate Intranet
IP routing
table
IP routing
table
IPv6
New header format
Large address space
Efficient and hierarchical addressing and routing infrastructure
Stateless and stateful address configuration
Built-in security
Better support for prioritized delivery
New protocol for neighboring node interaction
Extensibility
Demonstration: Introducing IPv6 Addresses
Show the Link-Local Address
Identify the Interface ID
Lesson 2: New Networking Features
Security Features
Performance
Receive Window Auto-Tuning
Policy Based Quality of Service
Scalability
Server and Domain Isolation
Server and Domain Isolation in Action
Security Features
Reduce the risk of network security threats
An additional layer of defense-in-depth
Reduced attack surface area to known computers
Increased manageability and more healthy clients
Full featured, enterprise functionality
Support for computer and user authentication with IPsec
Network Access Protection over VPNs and IPsec
Secure routing compartments extends isolation to VPN
Safeguard sensitive data and intellectual property
Authenticated, end-to-end network communications
Scalable, tiered access to trusted networked resources
Protect the confidentiality and integrity of data
Performance
Automatically adjusts for maximum efficiency
Faster network transfers, especially across WAN links
Optimized use of available network bandwidth
Reduced packet loss, resulting in fewer retransmits
Optimized performance without loss
Intelligent, automated tuning of TCP receive window size
Better packet loss resiliency
Advanced congestion control for better throughput
Receive Window Auto Tuning
Replicating data between Tukwila, Bay Area
Default configurations
On Windows Server 2003 SP1
100Mbps NICs, 10Mbps throughput
On Windows Server 2008
100Mbps NICs, 80Mbps throughput 1000Mbps NICs, 400Mbps throughput
Policy-Based Quality of Service
•Source IPv4/IPv6 addresses
•Destination IPv4/IPv6 addresses
•Protocol
•Source or destination ports
Scalability
Cost-effectively scale networking up and outSpecialized hardware frees CPU(s) for applications
Ease consolidation with support for multiple Gbps
More efficient use of large server resources
Adopt hardware acceleration and offloadingReceive-side scaling optimizes multi-processor systems
Architected to support latest TCP offload hardware
Offload hardware less expensive than new high-end PCs
HR Workstation
Server and Domain Isolation
Untrusted
UnmanagedComputer
Domain Isolation
Active Directory Domain Controller
X
Server Isolation
X
Trusted Resource Server
Corporate Network
Managed ComputerManaged
Computer
Servers with Sensitive Data
Policies, Procedures & Awareness
Physical Security
Server and Domain Isolation in Action
Data
Application
Host
Internal Network
Perimeter
Server and Domain Isolation
Lesson 3: DNS with Windows Server 2008
DNS Overview
DNS Functionality
New DNS Features in Windows Server 2008
DNS Client Changes
DNS Overview
DNS
DNS Functionality
Support for Active Directory Domain Services
Stub Zones
Integration with other Microsoft networking services
Improved ease of administration
RFC-compliant dynamic update protocol support
Support for incremental zone transfer between servers
Conditional forwarders
New DNS Features in Windows Server 2008
DNS
Background Zone Loading
Support for IPv6 Addresses
RODC Support
GlobalNames Zone
DNS Client Changes
LLMNR
DNS Server
LLMNR
DNS Server
Changes to the way DNS Clients Locate
DCs
Link-Local Multicast Name Resolution
Review
Networking with Windows Server 2008
New Networking Features
DNS with Windows Server 2008
Lab 1: Reviewing Networking Defaults and Settings
Exercise 1: Review the Network Center
Exercise 2: Creating Domain Isolation Policies
Exercise 3: Create a Centralized QoS Policy
Exercise 4: Communicate with Link-Local Addresses
Lab 2: DNS Management Settings
Exercise 1: Creating Zones in Windows Server 2008
Exercise 2: Create Resource Records
Exercise 3: Configure Zone Transfers