Wondershare EdrawMind
MindMap Gallery Configuration and common commands of Windows server for network engineers
- 14
Configuration and common commands of Windows server for network engineers
This is a mind map about the configuration and common commands of Windows servers for network engineers, including DNS service configuration, DHCP server installation, etc.
Edited at 2023-11-10 16:36:44
- One Hundred Years of Solitude Character Relationship Chart
One Hundred Years of Solitude is the masterpiece of Gabriel Garcia Marquez. Reading this book begins with making sense of the characters' relationships, which are centered on the Buendía family and tells the story of the family's prosperity and decline, internal relationships and political struggles, self-mixing and rebirth over the course of a hundred years.
- One Hundred Years of Solitude Character Relationship Chart
One Hundred Years of Solitude is the masterpiece of Gabriel Garcia Marquez. Reading this book begins with making sense of the characters' relationships, which are centered on the Buendía family and tells the story of the family's prosperity and decline, internal relationships and political struggles, self-mixing and rebirth over the course of a hundred years.
- Project Management Process Template
Project management is the process of applying specialized knowledge, skills, tools, and methods to project activities so that the project can achieve or exceed the set needs and expectations within the constraints of limited resources. This diagram provides a comprehensive overview of the 8 components of the project management process and can be used as a generic template for direct application.
Configuration and common commands of Windows server for network engineers
- One Hundred Years of Solitude Character Relationship Chart
One Hundred Years of Solitude is the masterpiece of Gabriel Garcia Marquez. Reading this book begins with making sense of the characters' relationships, which are centered on the Buendía family and tells the story of the family's prosperity and decline, internal relationships and political struggles, self-mixing and rebirth over the course of a hundred years.
- One Hundred Years of Solitude Character Relationship Chart
One Hundred Years of Solitude is the masterpiece of Gabriel Garcia Marquez. Reading this book begins with making sense of the characters' relationships, which are centered on the Buendía family and tells the story of the family's prosperity and decline, internal relationships and political struggles, self-mixing and rebirth over the course of a hundred years.
- Project Management Process Template
Project management is the process of applying specialized knowledge, skills, tools, and methods to project activities so that the project can achieve or exceed the set needs and expectations within the constraints of limited resources. This diagram provides a comprehensive overview of the 8 components of the project management process and can be used as a generic template for direct application.
- Recommended to you
- Outline
Windows server configuration and related commands
1. Activity Directory
1. Concept of Active Directory (AD)
AD (Active Directory): It is a directory service (query, authentication) provided by Microsoft. The core of Active Directory contains the Active Directory database, which contains all objects in the domain (users, computers, groups...) , Active Directory is a directory service for Windows Standard Server, Windows Enterprise Server and Windows Datacenter Server. Active Directory stores information about network objects and allows administrators and users to easily find and use this information. Active Directory uses a structured data storage method as a basis for logically organizing directory information. Hierarchical organization. ●Active Directory needs to be installed in NTFS
In essence, Active Directory is a directory service that uses LDAP and is supported by the Windows 2003/2008 Server operating system. The directory in the Windows Server 2003/2008 domain is used to store objects such as user accounts, groups, printers, shared folders, etc. The storage location of these objects is called the "directory database". The component responsible for providing directory services in the Windows 2003/2008 domain is Active Directory, which is responsible for services such as saving, creating, deleting, modifying, and querying directory databases.
Active Directory stores information related to various objects on the network, allowing domain users to access all resources in Active Directory with only one user account (one login, used by the entire network). For network administrators, Active Directory services provide centralized and flexible network management capabilities, making the Windows 2003/2008 Server system a key service for network management.
2. Active Directory Objects
3. Active directory logical structure
●Domain ●Organizational unit (OU) ●Domain tree ●Domain forest
area: Domain is the core management unit of the logical structure in Active Directory. A domain contains objects such as computers, users, and network services on the network. Each Active Directory domain has a unique name. The domain is the security boundary of the Win2003/2008 Server network system. The most basic unit of a computer network is a "domain", and Active Directory can run through one or more domains. Each domain has its own security policy and its trust relationship with other domains. When multiple domains are connected through trust relationships, Active Directory can be shared by multiple trusting domains.
Organizational unit: It is a container used to organize objects (users, groups, computers and other units) in Active Directory according to certain management requirements. Organizational units can include users, groups, computers, printers, shared folders and other organizational unit. By organizing OUs, a hierarchical structure can be established to hierarchize the resources within the domain. Using OU can simplify the management of objects in the domain and delegate management control rights to objects in the OU for management.
Domain tree: A domain tree consists of multiple domains that share the same structure and configuration, forming a continuous name space. Domains in the domain tree are connected through bidirectional transitive trust relationships.
Domain forest: A domain forest is composed of one or more domain trees with non-contiguous name spaces. The most obvious difference between it and the domain trees mentioned above is that there is no continuous name space between these domain trees, but all the domain trees in the domain forest The domain tree still shares the same table structure, configuration and global catalog
4. Installation and configuration of Active Directory
Open "Start" -> "Run" of the Windows Server 2008 R2 system and execute "dcpromo.exe" command to start the Active Directory Domain Services installation wizard.
2. Remote Desktop Services
3. Configuration of IIS service
1. Basic concepts IIS is the abbreviation of the full English name of Internet Information Services, which is a World Wide Web server service. IIS is a Web (web page) service component, which includes Web server, FTP server, NNTP server and SMTP server, which are used for web browsing, file transfer, news service and mail sending respectively. It makes the network (including the Internet and It has become very easy to publish information on the local area network). ● Hypertext Transfer Protocol HTTP: It is the core protocol in Web technology. Its biggest feature is a short connection, that is, it establishes a connection once, processes only one request, sends back a response, and then releases the connection, so it is a stateless protocol. ● Uniform Resource Locator URL: used to address information, including protocol (such as HTTP), server name (or IP address), path and file name. For example: http://dig.163.com/edu/index.html
2. Install IIS service An Internet information server IIS is integrated in the Windows series operating systems 2003/2008, which can be used to build Web servers, FTP servers, and SMTP servers.
1. Install IIS
Start>Administrative Tools>Server Management>Role Services Select Web Server (IIS)
2. Configure the website
Start>Administrative Tools>Internet Information Services (IIS) Manager
(1) Configure site IP and TCP port
(2) Configure default documents
(3) Configure virtual directories and virtual hosts
(4) Site security settings
Role>Web Server (IIS)>Add Role Service Check Installed Service
(5) HTTPS settings
1. Configure CA certificate server
Start>Administrative Tools>Server Management>
Add Role>Active Directory Certificate Services>Role Service>[CA Type] Select Root>New Private Key
[CA Type] Select Root > New Private Key
2. Create a new self-signed certificate and set up HTTPS
exercise:
1. The identity authentication security mechanism supported by IIS6.0 has 4 verification methods, among which the verification method with the highest security level is (B). A. Anonymous authentication B. Windows authentication C. Basic authentication D. Digest authentication
2. When configuring IIS, the release directory of IIS (D). A. Can only be configured on c:\inetpub\wwwroot B. Can only be configured on local disk C C. Can only be configured on local disk D D. Can be configured on both the local disk and other networked devices on computer
3. Enter xyftp.abc.com.cn in the address bar of the browser. (A) in the URL is To access the hostname. A. xyftp B. abc C. com D. cn
2016 Second Half Network Engineer Examination Morning Questions 4 If you want to build multiple independent domain name sites on one host, () is wrong in the following method. A. Install multiple network cards for the computer B. Use different host header names C. Use virtual directories D. Use different port numbers Answer to test question: C IIS runs multiple websites on one server by assigning TCP ports, IP addresses, and host header names. Virtual hosts are independent of each other and managed by users themselves. Using this technology can save hardware investment, save space, and reduce costs. (1) Set up multiple Web websites based on additional TCP ports. Using a URL in the format of "http://domain name:port" to access a website actually uses TCP ports to set up different Web websites on the same server, such as http://www.csai.cn:8080. (2) Set up multiple websites based on different IP addresses. Bind each website to a different IP address to ensure that each website domain name corresponds to an independent IP address. (3) Set up multiple Web websites based on host header names. Since traditional IP virtual hosts waste IP addresses, non-IP virtual host technology is more inclined to be used in practical applications, that is, binding the host header names of multiple domain names to on the same IP address. The prerequisite is to map multiple domain names to the same IP address on the DNS server. Once a web access request from a client reaches the server, the server uses the host header name passed in the HTTP header to determine which website the client requested.
4. FTP configuration
1. Basic knowledge ● FTP transmission modes include Bin (binary) and ASCII (text file). Except for text files, binary mode is used for transmission. ● Connection mode of FTP application: Two TCP connections are established between the client and the server, one is used to transmit control information (port number 21), and the other is used to transmit file content (port number 20). ● The user name of anonymous FTP is anonymous. ●TFTP Simple File Transfer Protocol: It is a protocol implemented based on the UDP protocol for simple file transfer between the client and the server. It can only read and write files (emails) from the remote server. It cannot list directories. No user authentication is provided. The port number is 69.
2. Setting up FTP server ● Create FTP ● Access the FTP site from the client: ftp://xxx.com ● Common FTP commands: get to download files, put to upload files, dir to display file information in the current directory, lcd to set the current directory of the client, and bye to exit the FTP connection.
3. Installation and configuration of FTP server
When the server works in OASSIVE mode, the port number of its data connection When FTP works, two connections need to be established, one is a command connection and the other is a data connection. and FIP document Holds two modes. 1) Standard mode (PORT mode). Standard mode is where the FTP client sends the PORT command to the FTP server. The FTP client first establishes a connection with the TCP21 port of the FTP server and sends commands through this connection. When the client needs to receive data, it sends a PORT command on this connection, which contains the port used by the client to receive data. The server side passes its own TCP port 20 connects to the port specified by the client to establish a data connection. 2) Passive mode (PASV mode). Passive mode is where the FTP client sends PASV commands to the FTP server. When establishing a control connection, it is similar to the Standard mode, but after establishing the connection, the PASV command is sent instead of the PORT command. After receiving the PASV command, the FTP server randomly opens a high-end port (the port number is greater than 1024) and notifies the client to transmit data in this port. The client connects to the high-end port (non-port 20) of the FTP server to establish a data connection and perform data transfer. Teleport.
5. DNS service configuration
1. DNS Basics (Domain Name System) ● DNS: It is a core service of the Internet. It can convert domain names into corresponding IP addresses to facilitate access to the Internet. Domain names and IP addresses are stored in a distributed manner. ● Domain name resolution: It is the process of converting the name proposed by the user into a network address. Conceptually, domain name resolution is a top-down process.
1. DNS function ● Correspondence between domain name and IP address ●Use a tree-like hierarchical structure to organize and manage computers
(1)Root domain name ● Mainly used to manage the home directory of the Internet. ● There are 13 root logical domain name servers in the world. The names of these 13 logical root domain name servers are "A" to "M". ● Although there is no specific information about each domain name in the root domain name server, the address information of the domain name server responsible for the resolution of each domain (such as .com, .cn, etc.) is stored.
(2) Top-level domain name Top-level domain names are divided into three categories: ● Country and region top-level domain names (ccTLDs), more than 200 countries have allocated top-level domain names according to ISO3166 country codes, for example, China is cn, Japan is jp, etc.; ● International top-level domain names (gTLDs), .com represents industrial and commercial enterprises, .net represents network providers, .org represents non-profit organizations, etc. ● New top-level domain names (New gTLDs) such as .info, .biz, .mobi, .tel, .asia, etc.
(3) Second-level domain name Below the top-level domain is the second-level domain, which is the only name officially registered to organizations and individuals, such as Such as: 163.com
(4) Subdomain name (third-level domain name) Under the second-level domain, the organization can also divide into sub-domains. Such as: www.163.com, bbs.163.com, mail.163.com, etc.
2. Domain name server DNS is composed of resolvers and domain name servers. A domain name server refers to a server that stores the Domain names and corresponding IP addresses of all hosts on the network, and servers with the function of converting domain names into IP addresses.
DNS domain name ● A domain name must correspond to an IP address (corresponding to multiple IPs), and an IP address does not necessarily have a domain name. ● The process of mapping domain names to IP addresses is called "domain name resolution". ● The domain name system adopts a hierarchical structure similar to a directory tree. ● Each domain has a domain name (Domain Name). The domain name is separated by dots (.). Number sequence representation. Such as www.163.com
DNS defines two types of servers: ● Primary server Responsible for maintaining all domain name information in a region and is the authoritative authority for all specific information. Information source, data can be modified. ● Secondary server The secondary domain name server serves as a backup to the primary domain name server and is the main service in this zone. Provide domain name resolution services to customers when the server stops responding. Secondary name server The data in is copied from the primary domain name server and cannot be modified.
3. Resource Records (RRs) Refers to the resources related to each domain. For example, each RR includes the domain name (which domain name the RR is obtained from) and the type (what kind of resources exist in this RR). There are seven common types of records in DNS:
A record: used to specify the IP address record corresponding to the host name (or domain name)
PTR record: pointer record, PTR record is the reverse record of A record, its function is to IP addresses resolve to domain names.
Question 7 (Question 37 in the second half of 2017) To implement the mapping of IP address to host name on a DNS server running Windows Server 2008 R2, (37) A. Pointer (PTR) C. Service Location (SRV) Reference Answer : (37) A. Key points analysis: The mapping of IP address to host name is the opposite mapping from domain name to IP address, and is implemented using pointers. (37) Record. B. Host information (HINFO) D. Canonical name (CNAME)
CNAME record: Alias record that allows multiple names to be mapped to a single computer.
Question 5 (question 35 in the second half of 2017) in the DNS resource record (35) record type is to associate the domain name with its alias. (35) A. MX B. NS C. CNAME D. PTR
NS record: Domain name server record, used to specify which DNS server the domain name is served by to analyze.
SOA record: Starting authority record, SOA record describes the many NS records Which one is the main server?
MX record: Mail exchange record, which points to a mail server for electronic mail When sending an email, the email system locates the email server based on the recipient's address suffix.
SRV record: Server resource record, which is used to indicate that a server can provide What kind of service.
[Test question]: The function of resource record MX is (C), and DNS resource record (C) defines the zone Reverse search of the domain. A. Define the alias of the domain name server B. Resolve IP address to domain name C. Define domain mail server address and priority D. Define the authorization server for the zone A. SOA B. NS C. PTR D. MX
4. Domain name query
(1) Recursive query In this mode, the local DNS server receives a client request and must reply to the client with an accurate query result. If the local DNS server does not store the queried DNS information, then the server will query the upper-level server in the domain name tree according to its configuration. If the IP address of other servers is returned, further queries will be made to these servers until it is found or Return error information and submit the returned query results to the client.
(2) Iterative query The local DNS server will provide the client with other DNS server addresses that can resolve the query request. When the client sends a query request, the DNS server does not directly reply to the query result, but tells the client the address of another DNS server, and the client then Submit a request to this DNS server and loop in sequence until the query results are returned.
(1) The browser checks whether there is a resolved IP address corresponding to this domain name in the cache. If so, the resolution process will end. The time limit for a domain name to be cached can be set via the TTL attribute.
(2) If it is not in the browser cache, the browser will check whether there is a DNS resolution result corresponding to this domain name in the operating system cache. In the C:\Windows\System32\drivers\etc\hosts file.
(3) If the domain name resolution cannot be completed on this machine, it will actually request the domain name server to resolve the domain name. There is a "DNS server address" item in the network configuration. The operating system will send this domain name to the LDNS set here, which is the local domain name server.
(4) If LDNS still does not hit, go directly to the Root Server domain name server to request resolution.
(5) The root domain name server returns to the local domain name server a primary domain name server (gTLD Server) address of the queried domain. gTLD is an international top-level domain name server, such as .com, .cn, .org, etc., and there are only 13 in the world.
(6) The local domain name server then sends a request to the gTLD server returned in the previous step.
(7) The gTLD server that accepts the request searches and returns the address of the Name Server domain name server corresponding to this domain name. This Name Server is usually the domain name server you registered.
(8) The Name Server domain name server will query the stored mapping relationship table between domain names and IPs. Under normal circumstances, it can obtain the target IP record based on the domain name and return it to the DNS Server domain name server together with a TTL value.
(9) Return the IP and TTL value corresponding to the domain name, and the Local DNS Server will cache the domain name Corresponding relationship with IP, the cache time is controlled by the TTL value.
(10) Return the resolution result to the user, and the user caches it in the local system cache according to the TTL value, and the domain name resolution process ends.
Example: During the domain name resolution process, when the primary domain name server cannot find the IP address, (D) is responsible for domain name resolution. A. Local cache B. Secondary domain name server C. Root domain name server D. Forwarding domain name server
2. DNS server setup under Linux-BIND
In the Linux operating system, three tools can be used to complete the mapping of host names to IP addresses: ●Text file ●NIS (Network Information Server) ●DNS server The order of domain name resolution can be set by setting /etc/hosts.conf. The format is: "Order hosts, NIS, DNS", whichever order comes first will be used first.
Usually the IP address of the DNS server and the resolution sequence of multiple DNS servers are stored in /etc/resolv.conf file. Text file method: In Linux, you can combine the names and IP addresses of frequently accessed hosts. The corresponding relationship is placed in the /etc/hosts file. In the Linux operating system, the software commonly used to construct DNS servers is BIND, which The waiting process is named.
3. Windows Server 2008 DNS server configuration
Start > Administrative Tools > Server Management > Roles > Add Role > DNS Server
Configure forward lookup area
Configure reverse lookup area
DNS forwarder configuration
Questions:
2019 Second Half Network Engineer Exam Morning Question 1 In the Windows Server 2008 R2 command prompt window, use ( A. ipconfig/all B. ipconfig/displaydns C.ipconfig/flushdns D.ipconfig/registerdns Analysis of question B: ipconfig/all: Displays detailed information about the local TCP/IP configuration. ipconfig/displaydns: Display the contents of local DNS cache. ipconfig/flushdns: Clear local DNS cache contents. ipconfig/registerdns: DNS client registers with the server.
6. DHCP server installation
1. DHCP server configuration 1. Install the DHCP service through "Server Manager"->"Role". 2. Configure DHCP service.
DHCP server configuration
1. DHCP protocol In order to realize the self-starting function of the client/server model, it is necessary to enable the connection to the network Computers on the network know their IP address. But for diskless stations, this is impossible to achieve , so the TCP/IP protocol family has developed three solutions to solve this problem.
1. RARP (Reverse Address Resolution Protocol) has three flaws RARP works at the bottom layer and must directly access the hardware. The amount of information in the RARP response is too small RARP uses the computer's hardware address to identify the machine and cannot be used on dynamically assigned networks.
2. BOOTP: It is a boot protocol based on IP/UDP protocol. It is the predecessor of DHCP protocol. BOOTP is used in the LAN of diskless workstations. Through the BOOTP protocol, the diskless workstations in the LAN can obtain dynamic IP addresses from the central server. , can be regarded as a simple version of DHCP, which is a static configuration of the host, while DHCP can dynamically configure the host according to some policies.
3. DHCP (Dynamic Host Configuration Protocol) In addition to obtaining the IP address, the DHCP message can also obtain the subnet mask. DHCP allows computers to obtain IP addresses quickly and dynamically. Messages are transmitted through UDP, so they are not secure.
2. Three types of address allocation by DHCP
Manual allocation: Manually configure the IP address of the DHCP client. When the client wants When requesting network services, the DHCP server passes the manually configured IP address to DHCP Client, server uses this allocation method.
Automatic allocation: When the client leases an IP address from the DHCP server for the first time, This address is permanently assigned to the DHCP client and will not be assigned to other clients.
Dynamic allocation: When the client leases an IP address from the DHCP server, the server only An IP address is temporarily assigned to the client. As long as the lease expires, this address will Will be returned to the DHCP server for use by other clients.
3. Advantages of DHCP
DHCP eliminates configuration errors caused by manually typing values.
DHCP prevents address conflicts caused by repeated allocation of IP addresses.
Using a DHCP server can significantly reduce the time spent configuring and reconfiguring computers on your network
Convenient for users who frequently change locations using mobile or laptop computers
4. DHCP working process
1. Broadcast DHCPdiscover. The client broadcasts a DHCPdiscover message to the local network to identify any available DHCP servers.
2. Respond to DHCPoffer. The DHCP server sends a DHCPoffer message to the client. The DHCPoffer message contains a series of DHCP configuration parameters and available IP addresses in the DHCP scope. If there is a reserved IP address on the DHCP server that matches the client's MAC address, then it will provide the client with this reserved IP address. There may be more than one DHCP server answering the client. The client accepts the DHCPoffer received first.
3. Respond to DHCRequest. The DHCP client responds to one of the DHCPoffer messages by requesting the IP address contained in the DHCPoffer message.
4. DHCPack confirmation. If the IP address requested by the DHCP client is still valid, the DHCP server responds with a DHCPack confirmation message. Now the client can use this IP address (default lease is 8 days). After receiving the DHCP ACK, the client will send three ARP resolution requests for this IP address to the network to perform conflict detection and query whether other machines on the network use the IP address; if the DHCP client finds that the assigned IP address has been If used, a DHCP Decline message is sent to the DHCP server to notify the DHCP server to disable this IP address, and then the DHCP client starts the new address application process.
5. When half of the lease expires, the client will automatically renew the lease; when 87.5% of the lease expires, the client still cannot contact the original DHCP server and will contact other servers. If it still cannot be contacted, the IP will be deactivated. .
6. After four requests, if you still fail to receive a response from the server, the DHCP client running Windows will select an IP address from the automatically reserved private IP address (APIPA) 169.254.0.0/16, and run other The operating system's DHCP client will not be able to obtain an IP address
5. DHCP client related commands
ipconfig /all View the detailed configuration information of the client TCP/IP; ipconfig /release manually releases the IP address; ipconfig /renew Reapply for an IP address from the DHCP server.
6. DHCP server relay agent
The IP address lease request sent by the DHCP client to the DHCP server cannot cross of the router (unless the router supports the RFC1542 standard), if you want to use a The DHCP server assigns IP addresses to computers in multiple physical network segments without Create a DHCP server relay agent on the network segment of the DHCP server.
It can send the IP address lease request of the client in this network segment to the DHCP server. to a "relay" role. To set up a Windows server as a DHCP relay agent, simply go to Routing and Remote Add a new routing option called "DHCP Relay Agent" in Access--Tools Choose an agreement.
Configuration of DHCP server
test questions
Test question: The following are the four messages of the DHCP protocol. The correct order should be (A) ① DHCP Discovery ② DHCP Offer ③ DHCP Request ④ DHCP Ack A. ①③②④ B. ①②③④ C. ②①③④ D. ②③①④
Question: When the client receives responses from multiple DHCP servers, the client will choose (A) address as your own IP address. A. The first to arrive B. The largest c. smallest d. The longest lease
Example: A (D) message is sent when the DHCP server rejects the client's IP address request. A. DhcpOffer B. DhcpDecline C. DhcpAck D. DhcpNack
Example: If no response is received, the DHCP client will broadcast a total of (B) requests. A. 3B. 4C. 5D. 6
Example: Use DHCP to dynamically allocate an IP address. If a host does not receive the IP address after it is powered on, If the DHCP server responds, the IP address obtained by the host belongs to the network (D). A. 192.168.1.0/24 B. 172.16.0.0/24 C. 202.117.0.0/16 D. 169.254.0.0/16
Test question: Among the following statements about DHCP service, the correct one is (D). A. A DHCP server can only assign IP addresses to hosts in its network segment. B. Set a longer lease time for mobile users C. The DHCP server does not need to be configured with a fixed IP address D. On the Windows client, you can use ipconfig/release to release the current IP address.
Question: Static address or dynamic address scheme can be used to allocate IP addresses in the network. Next The following error in the discussion about the two address allocation schemes is ( ). A. The use of dynamic address allocation scheme can avoid the waste of address resources. B. Networking devices such as routers and switches are suitable for static IP addresses. C. Various server equipment are suitable for dynamic IP address allocation schemes D. It is best for student clients to use dynamic IP addresses
7. Commonly used commands
■nslookup -qt = type domain [dns-server] Used to query DNS records, check whether domain name resolution is normal, and used to diagnose network problems when the network fails.
set OPTION: Set the options of nslookup. all: Display all options of the current server or host. domain = NAME: Set the default domain name to NAME. root = NAME: Set the NAME of the root server. retry = X: Set the number of retries to X. timeout = X: Set the timeout to X seconds. type = X: Set the type of query. The type can be A, ANY, CNAME, MX, NS, PTR, SRV, etc. querytype = X: Same as the setting of type command. exit: Exit nslookup. ype:A -->Address record The type type is as follows: AAAA -->Address record AFSDB Andrew -->File system database server record ATMA -->ATM address record CNAME -->Alias record HINHO -->Hardware configuration records, including CPU and operating system information ISDN --> ISDN number corresponding to the domain name MB --> Server where the specified mailbox is stored MG -->Mail group records MINFO -->Mail group and mailbox information records MR -->Renamed mailbox record MX -->Mail server record NS --> Name Server Record PTR -> Reverse Record RP -->Responsible person record RT -->Route penetration record SRV -->TCP server information record TXT -->Text information corresponding to the domain name X25 -->X.25 address record corresponding to the domain name
1. Direct query (query the A record of a domain name) nslookup domain [dns-server root@xg:~# nslookup sohu.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Non-authoritative answer Name: sohu.com Address: 211.159.191.77]
2. nslookup -type=MX qq.com >nslookup -type=MX qq.com -->Mail server record Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Non-authoritative answer qq.com mail exchanger = 10 mx3.qq.com.
3. nslookup -type=NS qq.com >nslookup -type=NS qq.com name server record Server: 114.114.114.114 If dns-server is not specified, the system default dns server will be used. Address: 114.114.114.114#53 If dns-server is not specified, the system default dns server will be used. Non-authoritative answer: qq.com nameserver = ns4.qq.com. qq.com nameserver = ns2.qq.com. Authoritative answers can be found fro
[2021 second half test question 36] In Windows, enter the (C) command on the command line to get the following response: Server: Unknown address: 159. 47. 11. 80 xxx.edu.cn Primary name server=nsl.xxx.edu.cn responsible mail ddr=mailxxx.edu scnserial=2020061746 refresh=1200 (20 mins) retry=7200 (2 hours) expire=3600 (1hour) default TTL=3600 (1 hour) —————————————————————— A.nslookup-type=A xxx.edu.cn B.nslookup-type=CNAME xxx.edu.cn C.nslookup-type=NS xxx.edu.cn D.nslookup-tyoe=PTR xxx.edu.cn
From the execution results of the above command, we can know that the current system default DNS domain name resolution server address is 8.8.8.8, and the IP address corresponding to the www.google.com domain name resolution is 172.217.24.4.
2019 second half 38 39 questions In windows, you can use the nslook command to test the DNS forward resolution function
■netstat A useful tool for observing network connection status
A useful tool for observing network connection status
NETSTAT 〔-a〕 〔-e〕 〔-n〕 〔-s〕 〔-p proto〕 〔-r〕 〔interval〕 -A displays the addresses of any associated protocol control blocks. Mainly used for debugging -a displays the status of all sockets. Do not display sockets associated with server processes in general -i displays the status of the autoconfiguration interface. Interface statuses that are configured after the system is initially booted are not included in the output -m print network storage usage -n prints the actual address, rather than an explanation of the address or symbols such as host and network names. -r print routing table -f address -family Print statistics and control block information for the address family with the given name. So far, the only supported address family is inet -I interface only prints the status of the interface with the given name -p protocol-name Prints only statistics and protocol control block information for the protocol with the given name -s print statistics for each protocol -t Replace queue length information with time information in the output display.
A-G-DL-P A represents the user account, G represents the global group, U represents the universal group, DL represents the domain local group, and P represents the resource permission. The A-G-DL-P policy is to add the user account to the global group, add the global group to the domain local group, and then assign resource permissions to the domain local group.
■Pathping tracks paths and provides information about network latency and packet loss for each router and link in the path pathping [- ghost - list ][- h maximum _ hops ][-1 address ][- n ][- p period ][- q num _ queries ][-4][-6] target_name The functions of each parameter are as follows: ●-g host-list: Loose source route along with host list. ●-h maximum_hops: Specifies the maximum number of nodes in the search target path. The default value is 30 nodes. -i address: Use the specified source address. ●- n: Disable the IP address of the intermediate router to be resolved into a name, which can improve the pathping display speed. ●- p period: The time to wait between two Pings (in milliseconds, the default value is 250 milliseconds). ●- q num _ queries: Specifies the number of echo request messages sent to each router in the path. The default value is 100 queries. -w timeout: Specify the time to wait for each response (in milliseconds, the default value is 3000 milliseconds). ●-4: Force the use of IPv4. ●-6: Force the use of IPv6. targetname: Specifies the destination, which can be either an IP address or a computer name. Pathping parameters are case-sensitive. In actual use, please note that in order to avoid network congestion and affect running network services, the ping signal should be sent at a slow enough speed.
C:\Users\Administrator>pathping baidu.com Tracking via up to 30 hops Route to baidu.com [39.156.66.10]: 0 PC-202208032235 [192.168.8.102] 1 192.168.8.100 2*100.64.0.1
■Tracert The tracert command sends Internet Control Message Protocol ICMP response packets with different TTL values to the target IP address. The sending rules are: first send a response packet with a TTL of 1, and increment the TTL by 1 in each subsequent sending process until Destination IP address response or TTL reached maximum. Each router on the path decrements the TTL on the packet by at least 1 before forwarding the packet. When the TTL is reduced to 0, the router sends an ICMP Exceeded message back to the source address. By checking ICMP timeout information, the tracert command can display the path taken by the target IP address. The tracert command format is as follows: Tracert[-d] [-h maximum_hops] [-j computer-list] [-w timeout] target_name If no option is provided, the IP address will be resolved into a host name, which is slower because DNS needs to be queried. -d option: Do not resolve IP addresses into host names, so route tracing is much faster. -h option: Specifies the maximum number of hops for the route. The default is 30 hops. -w option: Indicates the time to wait for each ICMP response message. The default is 4s. If the reception times out, an asterisk * will be displayed. Just use the default values for hop count and waiting time, so you generally don’t need to add these two options. -j option: Indicates that the ICMP message should use the loose source routing option in the IP header, followed by the address or host name of the intermediate node it passes through, up to 9, and each intermediate node is separated by spaces.
■Route route [-f] [-p] [Command] [Destination] [mask Netmask] [Gateway] [metric Metric] [if Interface] Parameter meaning: route -f: used to clear the routing table. route -p: used to create permanent routes. route Command: There are mainly four common commands: print (print route), ADD (add route), DELETE (delete route), and CHANGE (modify route). route Destination: Indicates the destination IP address reached. route MASK: keyword representing the subnet mask. route Netmask: indicates a specific subnet mask. If not set, the system defaults to 255.255.255.255 (single machine IP address). Pay attention when adding a mask, especially to confirm whether you are adding a certain IP address or an IP network. segment, if the subnet mask representing all egresses is 0.0.0.0. route Gateway: Indicates the egress gateway. route interface: indicates the number of interfaces for a special route. route metric: Indicates the number of hops to reach the destination network.
Route command under window system: (1) To display the routing table: route print (2) To display routes starting with 192 in the network, you can enter: route print 192.* (3) To add the default gateway as the default route with the address 192.168.12.1, you can enter: route add 0.0.0.0 mask 0.0.0.0 192.168.12.1 (4) To add a route with the destination address 10.41.0.0, the subnet mask 255.255.0.0, and the next hop address 10.27.0.1, you can enter: route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 (5) To add a permanent route with the destination address 10.41.0.0, the subnet mask 255.255.0.0, and the next hop address 10.27.0.1, you can enter: route -p add 10.41.0.0 mask 255.255.0.0 10.27.0.1 (6) To add a route with a destination address of 10.41.0.0, a subnet mask of 255.255.0.0, a next hop address of 10.27.0.1, and a hop count of 5, you can enter: route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 metric 5 (7) To add a route with a destination address of 10.41.0.0, a subnet mask of 255.255.0.0, a next hop address of 10.27.0.1, and an interface index of 0x3, you can enter: route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 if 0x3 (8) To delete the route with the destination address 10.41.0.0 and the subnet mask 255.255.0.0, you can enter: route delete 10.41.0.0 mask 255.255.0.0 (9) To delete all routes starting with 10.1 in the IP routing table, you can enter: route delete 10.* (10) To change the target address to 10.41.0.0, the subnet mask to 255.255.0.0, and the next hop address from 10.27.0.1 to 10.27.0.25, you can enter: route change 10.41.0.0 mask 255.255.0.0 10.27.0.25
■Ping (1) Ping * -t Ping the specified host until stopped. To view statistics and continue, use the key combination to enter Control Break; To stop, you can use the key combination to enter Ctrl C. (2) Ping * -a resolves the address into a host name. (3) ping * -n count number of echo requests to be sent. (4) ping * -l size send buffer size. (5) ping * -f sets the "no fragmentation" flag in the packet (IPv4 only). (6) ping * -i TTL time to live. (7) ping * -v TOS service type (only applicable to IPv4. This setting is deprecated and has no effect on the service field type in the IP header). (8) ping * -r count records routes that count hops (only for IPv4). (9) ping * -s count counts the timestamp of the hop (only for IPv4). (10) ping * -j host-list loose routing together with the host list (only for IPv4). (11) ping * -k host-list Strict routing with host list (only for IPv4). (12) ping * -w timeout timeout (milliseconds) to wait for each reply. (13) ping * -R also tests reverse routing using routing headers (IPv6 only). (14) ping * -S srcaddr The source address to be used. (15) ping * -4 forces the use of IPv4. (16) Ping * -6 forces the use of IPv6.
■ Enable the "Password must meet complexity requirements" policy in Windows 2008, Then the password must meet the following minimum requirements: It must not obviously contain the user's account name or part of the user's full name. ◆At least six characters in length. ◆Contains three characters from the following four categories: English capital letters (from A to Z); English lowercase letters (from a to z ); 10 basic numbers (from 0 to 9); Non-alphabetic characters (for example, !, $, #, %). Test123 meets the above needs.
System management commands
■MMC (Windows 2000 started using the management console Microsoft Mangement Console) ●In MMC, users can add different console components, and use these components to set up the system. Through MMC components, all settings can be completed in a unified interface, reducing the difficulty of setting. ●Start MMC. You can enter "MMC" in "Run" and press the "Enter" key to open the console. The console that is run for the first time is blank. Users can add various snap-ins according to their needs by clicking the "Add/Remove Snap-in" button on the "File" menu. ●MMC does not have management functions, but can integrate and add management tools. Any third-party software supported can add the management part to the console. Items that MMC can add include links to web pages, ActiveX components, folders, taskboard views, tasks, etc. MMC is not designed to manage hardware, software, and network components of Windows systems.
SNMP
snmputil.exe tool download http://pan.baidu.com/share/link?shareid=390890&uk=268721978 snmputil is the name of the program, haha. Get is understood as obtaining a piece of information. Getnext is understood as getting the next information. Walk is understood as getting a bunch of information (well, it should be said that all database subtrees/subdirectories information) agent, specific to a certain machine. Community, well, it's the "community strings" and "query password". oid, I need to talk more about this, this is the object identification code (Object Identifier). oid can be understood as a digital identification of various information classification storage tree resources in the MIB management information base. The command rules of snmputil are: snmputil [get|getnext|walk] agent community oid [oid ...] [get|getnext|walk] is the message type, and the operation we performed this time is get Agent refers to the Snmp agent, which is the IP or name of the network device you want to operate, that is, 192.168.10.191 community: sub-region, that is, password, the default is public oid: The MIB data object number you want to operate. The MIB object number corresponding to the device name is .1.3.6.1.2.1.1.5.0 Open a command line window, enter the path where snmputil is located, and type snmputil get 192.168.10.191 public .1.3.6.1.2.1.1.5.0 If the parameters are correct, the console will display the machine name.
SNMP (Simple Network Management Protocol) is a network management standard based on the TCP/IP protocol suite. It is a standard protocol for managing network nodes (such as servers, workstations, routers, switches, etc.) in the network. SNMP enables network administrators to improve network management efficiency, discover and solve network problems in a timely manner, and plan network growth. Network administrators can also receive notification messages and alarm event reports from network nodes through SNMP to learn about network problems.