Configure Routing for Windows Server 2008

Uploaded by itfreetraining on 02.08.2011

In this section I will look at using Windows Server 2008 as a router. In most cases you
will use a hardware router on a commercial network, but for the exam you need to know
how to configure a router. If you ever use your server for remote access, it pays to
understand how routing working inside windows server 2008.
Routing is the process of selecting a path through a network for your data to travel.
Consider this, a computer is connected to a switch. It can communicate directly with
any other device connect to this switch. For example this printer, assuming the device
has an ip address in that subnet. In this case any device starting with an ip address
10.0.1. If the computer wants to communicate with
anther computer on a different subnet it can not do it directly. In order to communicate
with the other computer it must go through a router. The computer will have it’s default
gateway set to the routers ip address which is in this example. The router shown
in this example has an ip address in each subnet. Using this ip address it can communicate
directly with an computer or device on that network and act as a bridge between networks.
In this case the ip address is directly connected to the router, but in a lot of cases this
will not be the case. Image the computer want to communicate with a server on the 10.0.4
network. The router is not connected to this network, but by looking at it’s routing
table you would conclude that the route to this network is through the second router.
This router is directly connected to this network and thus will sent any data for that
server directly to that network. If a computer was directly connect to this
router as well on a different subnet, any data for this network would also be transferred
to this router. If the second router received any traffic for the 10.0.1 and 10.0.2 networks
it would know from it’s routing table to send the data to the first router.
If a computer wants to send data to the internet, the second router would need to send that
traffic directly to it’s internet connection. As you can see, the first router is connected
to 3 networks while the second router is connected to 4 networks. Routing is the processes of
deciding a path for your data to travel. On the internet routing tables can have 100’s
and even 1000’s of routes in them depending on the how complex the network is at that
location. To better understand routing you should take
some time to understand the mac address or Media access control. The mac address is a
48-bit unique address that is present on every network adapter. The address is guaranteed
to be unique. If the following computer wants to communicate with anther computer on the
same subnet, the computer needs it’s mac address to communicate with the other computer
directly. In order to get the other computers MAC address,
an IP version 4 based computer uses ARP or address resolution protocol. ARP find the
mac address of anther computer or device on the local network. It does this by sending
a broadcast to all computers on the network asking for the mac address for the following
ip address. The computer with the IP address will response, this is my mac address.
Using the mac addresses the computer can communicate with each other directly. In a large network
you may have multiple switches and routers on the same network. The switches will keep
a record of which mac addresses are on which port. Using these mac addresses the switches
make routing decisions on the local network where to send packets.
This is an example of layer 2 routing. If the computer needs to communicate with a computer
that is not on the local network, the computer will send the data to the local router. ARP
will again be used to obtain the mac address of the router. The computer will communicate
with the router using direct communication. The router will then pass on the traffic using
the same process to other routers or directly to the target computer or device. To start
using windows server 2008 as a router you need to install it, let’s have a look how
to install the router. To installing the routing service, run server
manager from administrative tools under the start menu or from the quick launch bar if
it is available. Select roles from the left hand side and than select add roles from the
right hand side. In the wizard, select the role Network policy and access services from
the list. There are a few different components inside
network policy and access services, the one required for routing is routing. This will
in turn select routing and remote access services and remote access service. Routing is a feature
of remote access services, however if you only want to use your server as a router and
not for remote access you can simply not enable any other features.
There is nothing else that needs to be configure for routing, the install is quiet simple.
Once the install has finished, it will take a few minutes, you need to configure routing
and remote access. To do this, run routing and remote access
snap in from administrative tools under the start menu. From the admin tool, right click
on your server and select the option “configure and enable routing and remote access”. Even
though routing is installed it is disabled by default until you configure it.
On the configuration screen you can see there are a lot of different ways routing and remote
access can be configured. On this server I only want to use the router functions. To
do this, select custom configuration. This will allow you to select the options you wish
to use, in this case I want LAN routing. Once I press the finish button I will get the option
to start the remote access service. Once the service is started your windows server 2008
router is ready to go. Windows Server 2008 allows you to create static
routes. These are manually created routes that are added to the routing table. These
static routes override dynamic routes. Static routes can also be created on client computer
like windows vista and windows 7. Consider this example.
The client computer wants to access the test network. If you add a route to the main site
router you can route traffic for that subnet to the test network. However this does mean
that all computers in that network will first go to the site router and then to the test
router. This means to get the test network the computer
must pass through two routers or what is referred to as hops. Also the traffic must pass back
through the same interface on the site router that it came in on. Most routers will allow
you to do this, but you may find if your router is also a firewall it may get blocked.
To prevent this, if you add a static route to only the client computer, the client computer
will be able to connect to the test network directly, however regular users with out the
additional static route you will not be able to access the test network. To add route use
the following command. You can also add routes using the admin tool if you are on windows
Server 2008 computer, but it is useful to know the command line tool as well.
To add a route, open a command prompt and enter the command route. If you put in the
dash p option the route will be persistent, in other words will still be there when you
reboot the computer. The add parameter tells route you want to add a new route, next put
in the destination network followed by the word mask and than the network mask. Finally
the gateway you want the traffic to exit by. This is usually the ip address of the interface
you want it to leave by, however you could put a anther device or router on the network.
Once added you can view the route table by entering in route print. I have added the
dash 4 switch so I will only see IP version 4 routes. As you can see the president route
is at the bottom of the screen. On a well designed network you should only ever need
to add routes on your routers, but it good to known how to add routes to your local computer
if you traffic does not go where you want it to. Often vpn clients will change routes
on your local computer. Remember this if you start having problems with routing later on.
This is called split tunnelling in which certain traffic goes to the vpn tunnel and other traffic
goes to the local network. When troubleshooting network problems it is often useful to look
at the local routing table to see where traffic is being routed to.
In a large network you can manually add all the routes to your routers, but this can become
very time consuming. If you use a routing protocol, the routing protocol will automatically
build routing tables for you. These routing tables will change as the network change.
For example if a network is added the routing table is automatically updated. Routing protocols
also support multiple paths. If there is more than one path to the destination the routing
protocol will only use one route. If a network fails the routing protocol will remove the
dead route and use anther path if one exists. The first routing protocol is open shortest
path first or OSPF. This is no longer supported in windows server 2008. For this protocol
all you need to know is that it was supported in windows server 2003 but is no longer included
in windows server 2008. If you are upgrading from windows server 2003 to windows server
2008 remember this fact before you upgrade. The next and in fact the only routing protocol
supported in windows server 2008 is Routing Internet protocol or RIP. RIP has been around
since 1988 and since that time it has been improved on. Windows Server 2008 supports
version 2 of the RIP protocol. This is the latest version of the RIP protocol for IP
version 4. To understand routing protocol and RIP better
consider this network. In this network there are 3 routers. The first
and last routers are connected by an extra network connection. This provides an additional
path through the network. If the middle router were to fail, clients on the network could
still reach there destinations by being routed though the other routers. The RIP routing
protocol will detect the down router and remove any routing entries from it’s list for that
router. When the router is fixed the RIP protocol will adjust the routing tables.
If you decide to use RIP on your network, remember RIP is based on hops. When network
traffic goes through a router this is called a hop. The route with the lowest hop count
gets added to the route table. If all your network connections are the same speed this
works well, but if you have some low speed network connections you will find that RIP
will route traffic over these rather than over the high speed network connections if
the hop count is lower. This can cause a lot of performance problems. Let’s have a look
how to configure RIP. To configure RIP, first open the routing and
remote access snap in from the start menu. From here, expand down static routes under
Ip version 4. If I right click on static routes and select show IP routing table, I can see
the current routing table for this computer. When RIP is enabled you should see more routes
appear in here as they are discovered. To install RIP, right click general under
ip version 4. Select the option new routing protocol. From here select the option “RIP
version 2 for internet protocol”. As you can see rip is now added to IP version 4.
RIP is now installed but will not listen or sent rip message until you add some interface
to it. If you don’t want an interface to be used
with RIP, for example you a very slow network connection, do not add the interface to RIP
and the interface will not be included in any rip advertisement. To add an interface
to rip, right click RIP and select new interface. From here I can select the interfaces that
I want to add. There are four interfaces on this computer. I will quickly add the first
3 using the default options. On the last interface I will go through the options. The first option
in RIP is the operation mode. The operation mode by default will periodic
sent out rip advertisements. If you wish to switch this off select “auto-static update
mode”. When in this mode rip will not sent out any advertisements and as the administrator
you must manually sent them out as required. The “outgoing packet protocol” option
determines which rip advertisement to use. If you have a router that uses RIP version
1, you can select it here. By default Rip version 2 will be used as broadcast packets.
Broadcast packets are sent to all computers on the network. This is a waste of bandwidth
and also the wrong hands could obtain your routing tables.
If you want to try and save some bandwidth, select the option RIP version 2 multicast
assuming your network supports it. This will use less bandwidth than broadcast. Lastly
you have the option silent RIP. Silent RIP means the interface will receive RIP messages,
change it’s routing tables according but will not sent any rip advertisements.
At the bottom of the screen you have the option to activate authentication. By selecting this
you have the option to set a password on your RIP advertisement. This helps prevent ears
dropping of the RIP advertisement but does mean that you need to configure the password
on the device that is going to receive the advertisements as well.
On the security tab you have the option to set up security on either the incoming or
going routes. By default all routes will be sent or received. If you want to only sent
or receive routes in a certain range you can add them here. Also you can choose you ignore
routes is a certain range as well. On the neighbours tab you can determine how
RIP will communicate with it’s neighbours. The default option is to broadcast. The next
option you use neighbours while still allowing broadcast or multicast. This means RIP will
attempt to contact the other RIP devices directly and will still use broadcast or multicast
depending on your settings. Also you can add your neighbours in manually,
but if you forget to add in a neighbour a message will still be sent so the other devices
can pick them up. The last option uses only neighbours and does not use broadcast or multicast.
This means that you need to manually add each neighbour in for the rip message to be sent
to that device. If you forget to add a device, that device
will not receive any rip advertisements from you. Since the RIP device is being contacted
directly, this is the best way to stop unwanted ears dropping on the network and provide enhanced
security. Once the interface is added it will start
advertising routes out this interface to any RIP enabled device on that network. I will
also add the other interface to RIP as well. On the last tab you can select some option
on the timings used for the protocol. The first option sets how often announcements
are sent. RIP is known as a chatty protocol as it sends a lot of message around the network.
Increasing this figure does reduce the amount of data that is sent around the network, however
this also means that changes in the network will take longer to propionate.
The time before a route expires will indicate how long a route is dead before the router
will advertise it as dead. The default is 3 minutes will does not seem a long time,
but consider once the route is mark as dead, on a large network it can take a while before
the router advertisements get through the network and all routing tables are updated.
The next option indicates how long before the route is removed from the routing table.
Once a route is consider dead it is marked as such and no longer use. It is a good to
leave this setting so that route can be advertise through out the network as dead.
Enable split horizon processing and poison reserve are advanced network topics. I would
leave this options enabled. In a nut shell they prevent a dead route being reactive by
a router thinking that it is still alive. In a large network it is possible to receive
a delay advertisement from a router indicating a route is up when anther router said it is
down. Without these settings one router may wrongfully
add a route as up when it is in fact down. There you have it, RIP is enabled and hopefully
will make configuring you networks a lot easier. Once you set up your network or start supporting
one, you are going to have times when users complain that their network communication
is not getting through. There are two important tools that windows server 2008 uses to help
troubleshooting routing problems on your network. The first command is trace r t otherwise known
as trace route. Trace route shows you the path that packets takes across your network.
As shown in the example, if I were to perform a trace route to, the trace route
command would show me all the routers or hops the packet goes through to get to is destination.
As you can see on the left hand side, trace route performs 3 pings to each of the routers
in the path. This gives you an idea how fast the communication speed is. If your users
are complaining about slow response times, using trace route can give you an indication
which routers in the path may be congested. If a router is down, trace route will show
you the routers it when through before the communication was lost.
On the far right hand side, trace route will attempt to resolve each router to an ip address.
If a dns server is slow to response this can slow down trace route. As you can see, after
hop 10 there are no dns records for each ip address. Trace route stalls for a moment attempting
to perform a reverse look up on an ip address that it will not be able to resolve. This
is a feature you may want to switch off. To do this, use the -d switch.
If I perform the trace route command again with the –d switch and this time use a ip
version 6 dns name, that is “”, you will see that tracert worked out the destination
is an ip version 6 address and this time is using ip version 6 to work out the path. Notice
on the right hand side a reverse look up is no longer being performed on the ip addresses.
This makes trace route a lot faster. You will notice that hop 2 came up as asterisk
for the times and request timed out for the ip address. If trace route does not receive
a response back it will display a asterisk. This means that either there was a lot of
congestion at the router or possibly a firewall blocked the return packet. By default most
firewall will not send a response back and routers can be configured to do the same,
so if you see this in your trace route this may be normal behaviour.
The next command is path ping. This traces the route like trace route however the big
different it is provides statistics over a longer period. I will use the pathping with
the host I have added the -4 switch. This forces pathping to use ip version 4.
I could also use the -6 switch to force it to use ip version 6. These two switches work
in a lot of the windows command line tools including trace route. You will notice that
pathping traced the path to the destination like trace route did, but did not provide
an indication how long each hop took. Once finished path ping will pause and gather
statistical information about the time taken to each hop. In this case over 425 seconds.
I will accelerate time so we can see the results without having to wait. You can see here that
pathping provides an average time to each hop and also statistics on packet lost. If
you want to test how reliable your network is, pathping is a good tool to test with as
it gives you an indication of how many packets were lost over the time period the tests were
run. IP version 6 is fully supported in windows
server 2008 for routing. Before your windows server 2008 router will route ip version 6
packets it needs to be enabled. Earlier in the course I discussed the concept of a network
prefix. In you are using windows server 2008 as an ip version 6 router you should set the
ip version 6 prefix. This prefix is automatically assigned to each of your devices on your network.
I will go through quickly how to perform these 2 steps. In reality it is very unlikely Microsoft
will ask you a question on IP version 6 routing in the exam, but going through it does help
you under stand some of the other concepts better.
From the start menu, launch the routing and remote access tool. Once loaded right click
your router and select properties. Tick the tick box IPv6 router to enable IP version
6 routing. Next I want to select the tab IPv6. Here you can enter the prefix for your network.
In this case I will use the first private address f d 0 0. When an ip version 6 computer
or device starts up on the network, this prefix will be appended to their host address giving
them a complete ip address that is routable on your network.
Remember this for IP version 6, a device or computer uses discovery to find the network
prefix for that network which is set here. It than uses this network prefix as part of
it’s ip address. For the exam it is not so important that you remember how to set
the prefix, but make sure you understand the prefix is advertised to the client by a router
or a dhcp server and than used as part of it’s ip address.
In the real world you probably will not use windows server 2008 as a router. Most companies
will use a hardware router. Windows server 2008 routing support is good for ip version
6 and includes support for transition protocols like 6to4. If you are interested in learning
more about ip version 6 and transition protocols than using windows server 2008 or windows
server 2008 R2 is a good place to start. Using windows as a router saves you having
to purchase an IP version 6 router if all you want to do is experiment. Remember, for
the exam make sure you understanding ip version 4 routing. It is very unlikely Microsoft will
ask you a question on IP version 6 routing.