Overview of Network Considerations with Microsoft Proxy Server
Considerations for Setting Up Your Private Network
Considerations for Connecting to the Internet
Overview of Network Considerations with
Microsoft Proxy ServerWhether your network currently uses TCP/IP or not, you will need to decide how Microsoft Proxy Server operates with TCP/IP services used on the Internet, and possibly with TCP/IP services already installed on your network. Your decisions will be influenced by a number of factors:
Network size If you have a small Microsoft-based network of fewer than 50 users, the use of NetBIOS machine broadcasts may be acceptable for resolving host-to-computer name addresses on your network. If your network is large, or is subdivided, consider a more advanced service option, such as Domain Naming System (DNS) or Windows Internet Naming Service (WINS), which can be used to manage name resolution.
Network protocols Microsoft Proxy Server uses TCP/IP or IPX/SPX protocols to communicate on your network with clients. If you have one of these protocols installed already for all clients on your network, your network is ready for Microsoft Proxy Server. If you have a small network that is currently using NetBEUI only, you need to enable one of these other protocols for your network clients to have proxy access.
This appendix outlines some of the options you have available when planning and implementing TCP/IP services on the Internet with Microsoft Proxy Server on your network.
Considerations for Setting Up Your
Private NetworkUsing Broadcasts to Resolve Host Names
Using WINS Service
Using DNS with WINS and DHCP
Using Multiple DNS Servers
Using Broadcasts to Resolve Host NamesIf your network is small and limited to a single network segment or a single subnet, broadcast name resolution through NetBIOS is an acceptable solution. NetBIOS can be used with any of the network transport protocols supported by Windows NT Server (NetBEUI, IPX/SPX, and TCP/IP).
The advantage to using NetBIOS broadcast resolution is that it requires no additional administration once a basic network configuration has been set. However, broadcast resolution using NetBIOS is not as effective for larger intranets or in cases where routers are used to subdivide your intranet. Also, the use of broadcasts increases traffic on your network and can have negative effects for network performance as your network increases in size.
For larger networks, an improved solution is needed. Both WINS and DNS are examples of services designed to accommodate the problems and demands associated with larger networks. DNS was developed for larger TCP/IP networks and is used throughout the Internet. WINS was developed by Microsoft and is recommended for use in medium-sized and large TCP/IP networks using Windows NT Server.
Using WINS ServiceWINS was developed by Microsoft and is recommended for use in medium and large networks using Windows NT Server with TCP/IP. When installing a WINS server on the same computer used for Microsoft Proxy Server, it is important to:
For more information on considerations for using Microsoft Proxy Server as either a WINS client or WINS server, see “Server Administration.” For more information on installing or configuring WINS services, see your product documentation provided with Windows NT Server 4.0.
Using DNS with WINS and DHCPWindows NT Server 4.0 provides a significantly enhanced DNS Server from previous versions of Windows NT. This version supports integration with WINS and DHCP services to provide a complete solution for resolving host names to network addresses.
In addition to performing standard DNS service, the Windows NT DNS Server can further check a WINS names database for host names not resolved by DNS. Also, because WINS can manage dynamic updating of host-to-address information, the use of WINS and DNS together can greatly reduce the need to manually administer DNS information for your network.
An additional possibility with WINS and DNS is the use of DHCP. With DHCP, users in a large organization with Windows NT or Windows 95 clients can easily migrate to other locations within your private network. Consistent access to network resources is maintained through the use of friendly names, and the assignment of IP addresses is effectively automated. For network administrators, DHCP provides the best option for reducing the burden of carefully managing IP address assignments for all network clients.
For more information on considerations when enabling DNS, WINS, and DHCP services with Microsoft Proxy Server, see “Server Administration.” For more information on installing and configuring DNS, WINS, and DHCP services, see the documentation provided with Windows NT Server.
Using Multiple DNS ServersIf you are using Microsoft DNS on your intranet and also have external DNS servers, you will need to change the configuration of the Microsoft DNS server to turn off recursive forwarding for DNS searches. To turn off recursive forwarding on the Windows NT DNS server provided with Windows NT Server 4.0, add the following entry to the registry on the DNS server computer:
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Services
DNS
Parameters
NoRecursion:REG_DWORD:0x1
To add this registry entry to the server, run regedt32 and open the following key:
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Services
DNS
Parameters
In the Parameters key add the following value:
NoRecursion:REG_DWORD:0x1
The preceding registry entry prevents your local DNS server from blocking further attempts to resolve a request for host name resolution. This allows DNS searches to continue in trying other secondary DNS servers specified in the search list.
If your local DNS server uses a platform other than Windows NT Server 4.0, such as a Unix-based DNS server that uses the BIND service, refer to your server’s documentation on how to turn off recursive forwarding.
Note If you are using dial-up support with Microsoft Proxy Server, do not use RAS settings to set DNS search lists.
Considerations for Connecting to the
InternetConsiderations When Using a Direct Link
Considerations When Using a Dial-Up Link
Managing Your Own Internet Domain
Where to Put DNS Servers on Your Network
Considerations When Using a Direct LinkIf you are using a continuous ongoing link to the Internet through a dedicated leased line or T1 line option, you will need to specify DNS servers for use in resolving Internet domain host names to IP addresses.
One simple option is to specify the IP addresses for DNS servers provided by your Internet service provider (ISP). For this option, you will need to obtain IP addresses for DNS servers from your ISP. These addresses can then be entered in the DNS Service Search Order dialog box on the DNS property sheet for TCP/IP properties on the external server adapter that connects Microsoft Proxy Server to your ISP.
Another option for some networks is registering and managing your own Internet domain. For more information on considerations for Microsoft Proxy Server when using this option, see Managing Your Own Internet Domain and Where to Put DNS Servers on Your Network, later in this appendix.
Considerations When Using A Dial-Up LinkNote If you are using dial-up support with Microsoft Proxy Server, do not use RAS settings to set DNS search lists.
For more information on issues concerning the use of multiple DNS servers with Microsoft DNS and Microsoft Proxy Server, see Using Multiple DNS Servers.
Managing Your Own Internet DomainAlthough you can use Microsoft Proxy Server to connect to the Internet whether or not you have a registered domain name, many people or organizations prefer to have one for representing themselves on the Internet.
If you have registered an Internet domain name, you may decide to have your ISP handle the details of how to administer your domain for use by others on the Internet. For small organizations, this solution is preferred because Internet domain administration is somewhat complex to implement.
If you do decide to register and manage your own domain, consider the following options for setting up DNS services for your network and for outside users on the Internet:
Install a single DNS server on your network that manages DNS services for both your private network and for Internet users. This computer is multi-homed, which means that it uses separate network interfaces to connect to both your private network and the Internet.
Install a single DNS server on Microsoft Proxy Server that manages DNS services for both your private network and for Internet users. For small organizations, combining DNS service with Microsoft Proxy Server on a single server computer may be preferred, although this configuration may reduce performance for proxy service.
Install two or more DNS servers on your private network with one for internal usage only and the other for managing your Internet domain for outside users on the Internet.
Where to Put DNS Servers on Your NetworkTo administer DNS service locally on your network, first determine the preferred physical location for any DNS servers on your network.
The location you choose will depend on whether DNS service is needed for Internet connections, or if DNS services are needed on your private network only.
Install a separate DNS server on the network segment that connects Microsoft Proxy Server to your ISP. This is a preferred solution for larger networks.
Install a separate DNS server on the network segment that connects Microsoft Proxy Server to your internal network.
© 1996 by Microsoft Corporation. All rights reserved.