230 likes | 753 Views
Using Internet Connection Sharing in Windows® 2000 Tod Edwards Support Engineer Microsoft Platforms Support Microsoft Corporation What Is Internet Connection Sharing?
E N D
Using Internet Connection Sharing in Windows® 2000Tod EdwardsSupport EngineerMicrosoft Platforms SupportMicrosoft Corporation
What Is Internet Connection Sharing? • A feature that allows computers on a private home and/or small-office network to access the Internet by allowing one computer to use its Internet connection on behalf of the client computers. • A suite of features – NAT, NAT editors, DHCP, DNS Proxy
Requirements • Included in Windows 2000 Professional, Windows 2000 Server, and Windows 2000 Advanced Server • Private network in the home and/or small office must already be set up • Need an Internet connection, either dial-up or broadband (cable modem, xDSL, satellite)
Typical Scenario Setup • Home: 2-5 computers, possibly including a work-at-home portable or other type of computer, either already networked together or that need to be networked • Small office: Several computers networked together with Ethernet cables and one hub or multiple hubs
Where Do You Configure It? • Administered from the Network and Dial-Up Connections folder • Make New Connection Wizard can get a home network on the Internet in minutes.
How Do You Configure It Using a Dial-Up Internet account? • First, configure the private network card on the ICS computer like this:
Configuring with Dial-Up (continued) • Open the Make New Connection Wizard
Configuring with Dial-Up (continued) • Choose to create a new dial-up connection
Configuring with Dial-Up (continued) • Select “Enable Internet Connection Sharing for this connection” and also select “Enable on-demand dialing” (to turn on automatic dialing)
Configuring with Dial-Up (continued) • Open the properties for your new connection and you will see the Internet Connection Property sheet
Configuring ICS with Cable Modem, xDSL, and Others • Open the properties for the network card that is connected to your broadband connection
What ICS Configures for You • Your private network card is configured for 192.168.0.1 IP address • Network Address Translation is turned on • DHCP Allocator is turned on • DNS Proxy is turned on
Network Address Translation • Translates the IP header of TCP/UDP packets so that packets appear to come from the NAT server, not the client behind the NAT • Widely used on routers and other Internet-sharing solutions • IETF RFC 1631
DHCP Allocator • Provides automatic addressing of your home network • No need to configure a DHCP server • Simple — there is no DHCP database • Uses 192.168.0.x as the default address range • Gives out 192.168.0.1 as the default gateway and DNS server
DNS Proxy • No local DNS server required • Client sends DNS request to ICS server, DNS Proxy queries its configured DNS servers and returns response to client • Drops dynamic DNS registrations
NAT Editors • When dealing with protocols that are more complex than simple TCP/UDP traffic, you need an editor that modifies the data in the packet • Windows 2000 includes NAT editors for ICMP, FTP, PPTP, NetBIOS over TCP/IP, H.323, Direct Play, LDAP-based ILS registration • Additional NAT editors can be plugged in; the software development kit (SDK) has more information
More on NAT Editors • Many Internet Sharing solutions do not support: • PPTP • H.323 (using NetMeeting® from a client on your private network) • Direct Play (for games like Age of Empires®, Monster Truck Madness®, and other games played on http://zone.msn.com/)
No NAT Editor Support • Some things are harder to edit, or it may not be possible to edit them • Usually because they are based on the client’s IP address and won’t work when the header is translated to a different IP address • IPSec, RPC, and SNMP are examples
Used for basic Internet access. Primarily OSI layer 3 (Network) and layer 4 (Session). Transparent to Client and Server. Does not need to understand higher layer apps. It just modifies IP Addresses and Port numbers. In some cases operates at the Application Layer. Performance, accounting, logging and security features. OSI Application Layer (layer 7). Client needs to be configured to use Proxy. Proxy must understand protocol or application that it will proxy. Proxy could respond from cache. ICS vs Proxy
Advanced ICS Configuration • ICS should not be used in an environment with existing DNS servers and DHCP servers • This means networks set up with Windows 2000 Server and Active Directory™ configured, which requires DNS servers • Or other existing networks that already use DNS servers or DHCP servers • Advanced configurations can use Routing and Remote Access with NAT
Using RRAS for ICS/NAT • RRAS is recommended method for large corporate configurations • Network Address Translation is one of the RRAS installable options • Advanced configuration can be done • Turn DHCP allocator on/off • Configure DHCP address range • Turn DNS Proxy on/off • Use along with other routing protocols like RIP, OSPF, IGMP
More Information • RFC 1631 and 1918 • Numerous KB articles are already written at http://support.microsoft.com/ • Windows 2000 Help if you have already gotten Windows 2000 from MSDN, CPP Program, beta program, or another source • Windows 2000 Resource Kit (when it becomes available)