Understanding Advanced TCP/IP Settings in Windows 2003
In this article I will walk you through the Advanced TCP/IP settings dialog and its relevant tabs, so that you can better understand what each option is used for and how to configure it.
Windows 2003 comes with a number of new features for TCP/IP, including support for IP Version 6, automatically determining the Interface and Gateway metric, and the Alternate configuration tab which allows you to specify an alternate IP Address to use in absence of a DHCP server (before APIPA kicks in).
The Advanced TCP/IP dialog will allow you to configure settings relative to DNS, WINS and specify multiple IP Addresses and Gateways (which can even be used if you only have one network card on the machine).
To bring up the Advanced TCP/IP Settings dialog, simply right click the desired connection from the Network Connections folder, and choose properties to open the Properties dialog of the selected connection. Now select Internet Protocol (TCP/IP) from the list and click the Properties button. This will open the Internet Protocol (TCP/IP) Properties dialog. Next, click the Advanced button and up pops the Advanced TCP/IP Settings dialog with four tabs to choose from:
IP Settings – Allows you to add more IP Addresses or change the routing properties of the network card.
DNS – Allows you to set how the TCP/IP connection uses DNS.
WINS – Allows you to set how the TCP/IP connection uses WINS for computers that can’t access Active Directory.
Options – Allows you to set TCP/IP Filtering and specify which ports will be used for TCP/IP communication.
Advanced TCP/IP Settings – The IP Settings Tab
The IP addresses box at the top allows you to assign additional IP Addresses to a single network card. This is useful if you are hosting multiple websites on the same web server and want to give each its own IP Address for example.
Simply click the Add button to add an IP Address and Subnet Mask. Click Edit to modify the currently selected item and Remove to delete the currently selected item from the list.
Figure 1: The IP Settings Tab
The Default gateways box in the middle is used if you want the network connection to use multiple default gateways. Click the Add button to add a Default gateway and assign it a Metric value. A metric value is the cost of a specific route. Cost can reflect speed, reliability and number of hops. The route with the lowest metric value is used, so if you have two Default Gateways set up, one with a metric of 10 and the other with a metric of 20, the one with 10 will be chosen first. Leaving the metric at automatic means that the route metric for this default gateway will be calculated automatically, and the fastest route chosen.
Note: If you fire up the Command Prompt and type “route print” with no quotes, the IP Routing table is displayed with the metric value listed as one of the properties of each IP Address and its associations.
The Edit and Remove buttons in the Default gateways box do exactly the same as for the IP addresses box (explained above).
At the bottom of the IP Settings tab you can set whether you want the Interface to have a specific metric or to be assigned one automatically. By default this option is checked. Uncheck it if you wish to input an Interface metric value of your choice.
Advanced TCP/IP Settings – The DNS Tab
The "DNS server addresses, in order of use box" at the top of the DNS tab is used to list the IP Addresses of the DNS Servers that will be used for name resolution. These servers are ordered and used in priority, meaning if one server does not work then it will move to the next one down the list. To set the order of IP Addresses, select an IP Address and press the up and down button on the right hand side.
It is important to keep in mind that TCP/IP will not move on to the next server if it fails to resolve the request. It will only move to the next server if the first server it tries is unavailable (perhaps down for maintenance or in the middle of a reboot).
Append primary and connection specific DNS suffixes, and Append parent suffixes of the primary DNS suffix are enabled by default. These options are used for resolution of unqualified names.
The first option is used to resolve unqualified names using the parent domain. For example, if you had a computer name of “andrew” and a parent domain called ztabona.com it would resolve to andrew.ztabona.com. The query would fail if andrew.ztabona.com does not exist in the parent domain. The second option is used to resolve unqualified names using the parent-child domain hierarchy. A DNS query will move one step up the domain hierarchy if it fails at the current level. It will do this until it reaches the root of the hierarchy.
If you have an environment which consists of a client machine forming part of multiple domains then you can add a bunch of domains to the Append these DNS suffixes (in order) list so these will be searched as part of the DNS query, instead of using the parent domain.
The textbox on the right of the DNS suffix for this connection is used to explicitly set a DNS suffix that will override any other setting already specified for this connection.
Register this connection’s addresses in DNS will register all this connection’s IP Addresses in DNS under the computer’s FQDN. Using this connection’s DNS suffix in DNS registration will register all IP Addresses for this connection in DNS under the parent domain.
Advanced TCP/IP Settings – The WINS Tab
The WINS tab is used to specify WINS related settings such as the list of WINS servers to be used for NETBIOS name to IP resolution, the LMHOSTS file to be used as an alternate means of lookups and the NETBIOS settings for the network connection.
Pre-Windows 2000 machines and applications use NETBIOS to IP name resolution. If you have a Windows 2003 machine that acts as a file or print server and any client machines want to communicate with it, you will have to make use of NETBIOS. It is unlikely that you will have no pre-Windows 2000 machines on your network but if you do, then go ahead and disable NETBIOS over IP; you’ll save on memory and CPU consumption and free up resources.
Use the "WINS addresses, in order of use box" at the top to add the WINS servers you want the system to use for IP to name resolution. Press the Add button for a small dialog box to appear waiting for you to enter the IP Address of the WINS server. Use the Edit and Remove buttons to modify or delete a selected item respectively. If you have more than one WINS server in the list, press the up and down arrow buttons to adjust the priority of which servers will be queried first. If one server is not available then the next one down will be used, and so on and so forth.
Check the Enable LMHOSTS lookup checkbox so that if WINS cannot resolve a name then the local LMHOSTS file will be used. The LMHOSTS file can be found in \WINDOWS\system32\drivers\etc. It goes by the name of lmhosts.sam and can be modified in a text editor. Entries are placed at the bottom of the file and when used, the listed IP Addresses are matched against a specified host name. If you already have an LMHOSTS file defined on another machine on the network, use the Import LMHOSTS button to select this file and import it to the local machine.
The NETBIOS settings at the bottom allow you to explicitly define how NETBIOS will be used on the system. Choose Default if you want the DHCP server to assign the NETBIOS setting, Enable NETBIOS over TCP/IP if you use a static IP Address or the DHCP Server does not give NETBIOS settings, and Disable NETBIOS over TCP/IP if you do not use NETBIOS or WINS on your network.
Advanced TCP/IP Settings – The Options Tab (TCP/IP Filtering)
The Options tab allows you to configure TCP/IP Filtering settings; you can define which ports or protocols are permitted. Select the Permit Only radio button and use the Add button to add TCP/UDP port numbers or a protocol version to the respective list. If you permit traffic only from a defined set of ports, all other traffic will be dropped.
This article has given you an overview of Advanced TCP/IP settings in Windows 2003. Knowing what each option is and how it can be used should definitely be a great plus when configuring network communication.