Networking for the Internet or an Intranet
The Internet is a network of networks. Every Internet Information Server must be configured to operate in a network, whether it is the global Internet or your local intranet.
This chapter explains:
Routers and security devices.
Typical network configurations.
Administering servers by using Internet Service Manager.
Using the discovery mechanism to find other computers on your network.
Internet publishing requirements
Issues involved in publishing on a private intranet.
Internet Explorer for network users.
Using Simple Network Management Protocol (SNMP) monitoring.
This section explains the basic Transport Control Protocol/Internet Protocol (TCP/IP) networking requirements for nearly all Internet Information Server sites, especially those with more than one information server. For issues specific to the Internet or to intranet publishing, see those sections later in this chapter.
TCP/IP is a routeable protocol, meaning each piece of information (packet) has a specific address that it is routed to. Dedicated routers connect two networks, routing packets between the networks. The routers check the destination for each packet on one network, and if the destination is on the router's other network, it routes the packet to its destination.
Routers can be configured to allow only certain packets between networks, a process called packet filtering. Packet filtering can be used to prevent users from seeing or connecting to internal computers and resources.
If you have a TCP/IP network you probably have routers in your network already. Often an Internet Service Provider (ISP) will install a router between the Internet and your information server. This will enable you to filter the incoming and outgoing packets. See your ISP or router documentation for more information about configuring routers or similar security devices.
Network configuration is based on whether you will have an Internet site or an intranet site.
If you will have only one computer running Internet Information Server at your site, your Internet Service Provider (ISP) can help you with many details, such as router configuration and the IP address of the default gateway that your server will use.
If you have multiple computers running Internet Information Server on your network, you must configure their TCP/IP settings to operate correctly through your Internet connection configuration, including any routers used between your servers and the default gateway
Typically, sites with more than one computer running Internet Information Server will add another router. With the addition of another router, the servers can be grouped into a single subnet isolated from your private network,
[cchev]
To create a subnet you will need:
One computer with two network adapter cards and Windows NT TCP/IP routing enabled, or a dedicated router for your subnet.
See Help in Windows NT for the procedure to create a simple router on a computer running Windows NT and for the procedure to set routing tables by using the route command.
Valid IP addresses for every network adapter card in your subnet and the correct Subnet Mask.
Correct Default Gateway IP address configurations.
Your ISP will provide you with the Internet IP addresses, subnet mask (if any), and your default gateway configuration.
If you are publishing only to your own intranet, Internet Information Server can be integrated into any TCP/IP network. If Dynamic Host Configuration Protocol (DHCP) and Windows Internet Name Service (WINS) are enabled on your network, clients can use the server's computer name to connect with the server. If Domain Name System (DNS) is enabled on your network, you will use host names.
It is possible to just connect your entire intranet to the Internet, rather than connecting a subnet containing only your Information Servers to the Internet. However, there are many security implications to connecting an intranet to the Internet. You should thoroughly understand the security implications and understand TCP/IP networking before you decide to integrate your entire network with the Internet. Integrating a network with the Internet requires information that is outside the scope of this manual. See Chapter 5, "Securing Your Site Against Intruders," for more information about security, and consult the Internet or other sources for additional information about Internet security, firewalls, and TCP/IP networking.
You can install Internet Service Manager on computers from which you will administer computers running Internet Information Server on your network. Internet Service Manager can be installed on Windows NT Workstation or Windows NT Server.
Note All Internet Information Server services (WWW, Gopher, and FTP) require Windows NT Server. Internet Service Manager can also be installed on computers running Windows NT Workstation.
For over-the-network installation, use File Manager to create a network share containing the \Admin directory on the compact disc. You can then install Internet Service Manager to administer the services from any computer on the network running Windows NT version 3.51.
Microsoft Internet Service Manager has a discovery mechanism that finds computers running Microsoft Internet services on your network. You can choose Find All Servers in the Properties menu to discover the Microsoft Internet Information Server computers on your network.
If WINS servers are used on your network, the discovery process used by Microsoft Internet Server is automatic.When Microsoft Internet Information Server starts, it automatically registers its available services with your WINS servers. Thus, when Internet Service Manager queries the network for computers running Microsoft Internet services, the WINS servers return the registered services. Internet Service Manager then displays the returned services.
If WINS servers are not available, discovery uses TCP/IP broadcasts to perform the same functions. Discovery will not work if you do not have WINS servers, or if the servers reside across routers and cannot be discovered by using broadcasts.
For the world to reach your site, you must have an Internet connection. Connections to the Internet are usually leased from ISPs. In addition to providing your physical Internet connection and IP address (and subnet mask if appropriate), your ISP can provide many of the Internet services, such as domain name registration, routers, and DNS service.
Your connection to the Internet will be through a network adapter card or other network device, such as a modem or Integrated Services Digital Network (ISDN) card. Internet bandwidth is measured in bits per second (bps).
Your server configuration and Internet bandwidth determine how fast data gets to your computer and how many requests can be serviced simultaneously. As the number of computers getting data through your Internet connection increases, delays or failures will occur unless you have enough bandwidth.
When you lease an Internet connection a network cable is installed by your ISP to your site. Leased connection speeds range from 56,000 bps (with Frame Relay) to 45,000,000 bps (with a T3 connection). A dial-up ISDN line can offer speeds up to 128,000 bps.
The connection types described in the following table represent typical levels of service for full Internet connections. (Some ISPs provide only limited Internet service.) The Internet services offered through Internet service providers in your area may differ slightly.
Connection Types Connection
Maximum BPS
Simultaneous Users Supported
Frame Relay
56,000
10-20
ISDN
128,000
10–50
T1
1,500,000
100–500
Fractional T1
varies as needed
T3
45,000,000
5000+
A light-duty server can use Frame Relay or ISDN. A server with medium traffic might have a T1 line or some fraction of a T1 line installed. Large businesses that expect heavy Internet traffic may need fractional or multiple T1 lines or even T3 service in order to handle thousands of users.
Modem connections to the Internet are available, but are typically used for individual client browsing, and are not recommended for servers. A connection to the Internet using a phone line and modem can service only two or three simultaneous users. (Modem connections might be used for text-only Internet servers with only a small number of potential users.) Modem connections are often called "slow links" because data is transmitted at the speed of the modem, typically from 9,600 to 28,800 bps, far too slow for efficient operation of a WWW server.
The Internet is a world-wide collection of individual Transmission Control Protocol/Internet Protocol (TCP/IP) networks. Each computer on the Internet has a unique address (IP address). Information is transmitted on the Internet in data packets. Each packet is addressed to a specific computer's IP address, such as 10.212.57.189.
Because IP addresses are difficult to use and remember, the Domain Name System (DNS) was created to pair a specific IP address, such as 10.189.54.1, with a friendly domain name, such as microsoft.com. When a user browses the Internet by using a domain name, the browser first must contact a DNS server to resolve the domain name to an IP address, then contact the computer with that address.
This has two implications for your Internet Information Server:
You must have a permanent IP address assigned to a server on the Internet.
You must register a domain name in the DNS for your permanent IP address.
Your ISP will generally provide your IP addresses and may also register your domain names. Contact the Internet Network Information Center (InterNIC) or your ISP for more information about DNS registration.
Your ISP must provide you with a connection, one or more IP addresses (and subnet mask, if appropriate), and usually the IP address of at least one DNS server. Internet service providers often offer additional client services. You will need additional software to use these services.
Mail services are used to exchange electronic mail. The Simple Mail Transfer Protocol (SMTP) is used for Internet mail.
News services give you access to a Network News Transfer Protocol (NNTP) server. Using a news reader, you can read messages posted in the thousands of available news groups. Usenet is one of the more popular public news services.
Microsoft Internet Information Server can also be used on any private TCP/IP network to provide files and applications to network users. This section explains how to plan for publishing on a private intranet. Issues to be considered include:
Distributing Internet Explorer to Clients.
Name Resolution Systems.
Using DHCP.
Using Computer names in URLs.
Internet Explorer makes it easy for users to browse your information services. Users point and click on links to move from page to page. If links to non-HTML files are encountered, Internet Explorer automatically displays the file with the proper viewer, or downloads the file to the local hard drive.
Internet Explorer versions are included for your intranet users running any of the following operating systems:
Windows NT Server version 3.51 or later
Windows NT Workstation version 3.51 or later
Windows 95
Windows for Workgroups version 3.11
Windows version 3.1
All Internet Explorer versions perform the same basic functions and have very similar operation. Internet Explorer takes advantage of the features of the operating system it is running. Setup.exe in the Clients directory on the compact disc automatically installs the correct version.
This version of Internet Explorer runs on versions 3.51 and later. It is a 32-bit application.
This version of Internet Explorer runs on Windows 95. It is a 32-bit application that takes advantage of the Windows 95 interface.
The Windows95 version of Internet Explorer also supports may advanced features, such as:
Inline video (.avi files)
Background sound and bitmaps
Scrolling banners
Context-sensitive menus
This version of Internet Explorer runs on Windows for Workgroups version 3.11 and Window version 3.1. It is a 16-bit application.
How Do I Distribute Internet
Explorer to Users?
You can use File Manager to share the contents \Clients directory on your compact disc, and then instruct users to run the Setup program from the network share. Setup automatically installs the appropriate version.
You can also copy the \Clients directory to a network share on a hard disk and allow clients to run Setup from the network share.
To fully automate installation for clients and control the installation configuration, you can use the file Unattend.txt. Unattend.txt is in each directory containing Setup.exe. First modify Unattend.txt to reflect the default configuration for users, then instruct users to install Internet Explorer from a batch file that starts unattended-mode Setup. See Chapter 1, "Installing Internet Information Server," or Help for more information about unattended-mode setup.
Name Resolution Systems
If you want intranet clients to be able to use friendly names with Internet Explorer when browsing information servers, you must provide a name resolution system for clients.
Windows NT Server offers you the advantage of automatic IP address administration with the DHCP server and WINS server methods for name resolution offered by WINS servers.
A WINS server is a Windows NT Server–based computer running Microsoft TCP/IP and WINS server software. A WINS server maintains a database that maps TCP/IP addresses to Windows Networking computer names.
Microsoft Internet Information Server uses WINS server software to map TCP/IP addresses to computer names on the network. WINS uses Microsoft Networking computer names, which makes it much more flexible than DNS for name resolution. WINS also provides a dramatic reduction of IP broadcast traffic in Microsoft internetworks, while allowing client computers to easily locate remote systems across local or wide area networks. If you use WINS servers on the Internet, your computers must be using valid Internet IP addresses.
An LMHOSTS file is a simple text file resolving Windows computer names to IP addresses. If you have a small or infrequently changing network you can distribute an LMHOSTS file to each computer in the network. Each time a host changes you will have to manually change the LMHOSTS files.
You can maintain a DNS server and Internet-assigned TCP/IP domain names as used on the Internet. If you plan to connect your network to the Internet, your IP addresses and DNS server routing configuration must be valid for the Internet.
A HOSTS file is a simple text file resolving DNS domain names to IP addresses. If you have a small or infrequently changing network, you can distribute a HOSTS file to each computer. Each time a host changes you will have to manually change the HOSTS files.
You can take advantage of DHCP server automatic IP address administration.
A DHCP server is a Windows NT Server–based computer running Microsoft TCP/IP and the DHCP server software.
If you use DHCP servers, you must use WINS Servers for clients to have automatic IP address name resolution. DHCP is defined in Requests for Comments (RFCs) 1533, 1534, and 1541. See Tcpip.hlp in Windows NT Server for more information about DHCP servers.
When you connect to a server or create HTML files and links on an intranet, you must name computers in accordance with the name resolution system implemented on your network. For example, if you use WINS servers on your network, your links will use Windows computer names, such as http://sales1/homepage.htm, where sales1 is the name of the computer running Internet Information Server.
If you monitor your network by using Simple Network Management Protocol (SNMP), you can use the SNMP Management Information Bases (MIBs) provided by Microsoft Internet Information Server to monitor your Web server.
The MIB files included in the \Sdk directory of the Microsoft Internet Information Server compact disc can be used by third-party SNMP monitors to enable SNMP monitoring of the WWW, Gopher, and FTP services of Microsoft Internet Information Server.
Internet Information Server supports SNMP monitoring only. SNMP configuration is not supported.
You will need to compile the MIB files using the MIB compiler that comes with your SNMP software before using them with the Windows NT SNMP service. You must start the services to be monitored before configuring and starting the SNMP service on your Internet Information Server–based computer. Once the SNMP service has been started on both the remote and local computers, you can use SNMP tools to monitor the running services.