CREATING A REMOTE ACCESS POLICY FOR DOMAIN ADMINISTRATORS IN THIS PROC...
3.
Traffic levels on your company network have risen precipitously, and you have
determined that this is due to a dramatic increase in packet retransmissions. You
suspect that one of the routers on the network is dropping packets. How do you
determine which one?
Chapter Summary
■
A WAN topology is the pattern of connections among your network’s sites. When
selecting a topology, be sure to consider the characteristics of the WAN technology
you plan to use.
■
Dial-up services, frame relay, and VPNs all make it possible to create a mesh
topology without having to install a separate WAN link for every pair of sites.
■
Static routing is the manual creation of routing table entries, and can require
extensive maintenance. It is not practical for large networks with frequent infra
structure changes.
■
Dynamic routing uses a specialized routing protocol, such as RIP or OSPF, that
enables the routers to exchange messages containing information about their
networks.
Chapter 5 Using Routing and Remote Access
5
-
53
■
RIP is a distance vector routing protocol that is suitable for smaller networks run
ning at a single speed, but it generates a lot of broadcast traffic. OSPF is a link state
routing protocol that is scaleable to support networks of almost any size, but
requires more planning, configuration, and maintenance than RIP.
■
To support IP multicasting, a router must support IGMP and have network inter-
face adapters that support multicast promiscuous mode.
■
RRAS supports multiple authentication protocols, including EAP, MS-CHAP (ver
sions 1 and 2), CHAP, SPAP, and PAP. You should configure RRAS to use the stron
gest protocol that your clients and servers have in common.
■
Remote access policies are sets of conditions that remote clients attempting to con
nect to the Routing and Remote Access server must meet. You can use policies to
control remote access based on group membership and other criteria.
■
Tracert.exe is a command line tool that can help you locate a non-functioning
router. TRACERT uses ICMP Echo Request messages with incrementing TTL values
to test the connection to each router on the path to a given destination.
■
Pathping.exe is a command line tool that sends large numbers of test messages to
each router on the path to a particular destination and compiles statistics regarding
dropped packets. Pathping.exe is best suited for locating a router that is malfunc
tioning, but still operational.
Exam Highlights
Before taking the exam, review the key points and terms that are presented below to
help you identify topics you need to review. Return to the lessons for additional prac
tice, and review the “Further Reading” sections in Part 2 for pointers to more informa
tion about topics covering the exam objectives.
Key Points
■
A distance vector routing protocol like RIP is the preferred routing protocol for an
internetwork with LANs that all run at the same speed, because the number of
hops is a viable measure of a route’s efficiency.
■
Link state routing protocols like OSPF are preferable on internetworks with links
running at different speeds, such as remote offices connects by WAN links,
because their metrics use a more realistic measurement of a route’s efficiency.
■
To route IP multicast traffic, you must install IGMP on your routers, so that client
computers on the networks can register their memberships in a host group.
■
Windows Server 2003 includes a variety of security measures to protect remote
access servers against unauthorized access, including multiple authentication pro
tocols and encryption algorithms.
■
Tracert.exe is the best tool for locating a non-functioning router, while Path
ping.exe is better for locating a router that is dropping some packets.
Key Terms
Distance vector routing
A dynamic routing method that rates the relative efficiency
of specific routes through the network by counting the number of hops between
the source and the destination
Link state routing
A dynamic routing method that rates the relative efficiency of spe
cific routes through the network using link speed, network congestion delays, and
a route cost value assigned by an administrator, in addition to the number of hops
Authentication
The process of confirming the identity of a connecting user
Authorization
The process of determining whether the server should permit the
connection to proceed
Questions and Answers
5
-
55
Questions and Answers
Lesson 1 Review
Page