Using Your Sybex Electronic Book To realize the full potential of this Sybex electronic book, you must have Adobe Acrobat Reader with Search installed on your computer. To find out if you have the correct version of Acrobat Reader, click on the Edit menu—Search should be an option within this menu file. If Search is not an option in the Edit menu, please exit this application and install Adobe Acrobat Reader with Search from this CD (doubleclick rp500enu.exe in the Adobe folder).
Navigation Navigate through the book by clicking on the headings that appear in the left panel; the corresponding page from the book displays in the right panel.
Search
To search, click the Search Query button on the toolbar or choose Edit >Search > Query to open the Search window. In the Adobe Acrobat Search dialog’s text field, type the text you want to find and click Search. Use the Search Next button (Control+U) and Search Previous button (Control+Y) to go to other matches in the book. The Search command also has powerful tools for limiting and expanding the definition of the term you are searching for. Refer to Acrobat's online Help (Help > Plug-In Help > Using Acrobat Search) for more information.
Click here to begin using your Sybex Elect ronic Book!
www.sybex.com
Server+
TM
Study Guide Second Edition
Brad Hryhoruk Diana Bartley Quentin Docter
San Francisco • London Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Associate Publisher: Neil Edde Acquisitions and Developmental Editor: Elizabeth Hurley Editor: Linda Stephenson Production Editor: Liz Burke Technical Editors: Andre Paree-Huff, Andy Barkl Graphic Illustrator: Tony Jonick Electronic Publishing Specialist: Interactive Composition Corporation Proofreaders: Nancy Riddiough, Dave Nash, Laurie O’Connell, Richard Ganis Indexer: Lynnzee Elze CD Coordinator: Dan Mummert CD Technician: Kevin Ly Book Designer: Bill Gibson Cover Designer: Archer Design Cover Illustrator/Photographer: Natural Selection Copyright © 2002 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher. First Edition copyright © 2001 SYBEX Inc. Library of Congress Card Number: 2001099339 ISBN: 0-7821-4087-4 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/or other countries. Screen reproductions produced with FullShot 99. FullShot 99 © 1991–1999 Inbit Incorporated. All rights reserved. FullShot is a trademark of Inbit Incorporated. The CD interface was created using Macromedia Director, COPYRIGHT 1994, 1997–1999 Macromedia Inc. For more information on Macromedia and Macromedia Director, visit http://www.macromedia.com. Internet screen shot(s) using Microsoft Internet Explorer 5.0 reprinted by permission from Microsoft Corporation. SYBEX is an independent entity from Citrix Systems, Inc., and not affiliated with Citrix Systems, Inc. in any manner. This publication may be used in assisting students to prepare for a Citrix Certified Administrator Exam. Neither Citrix Systems, its designated review company, nor SYBEX warrants that use of this publication will ensure passing the relevant exam. Citrix is either a registered trademark or trademark of Citrix Systems, Inc. in the United States and/or other countries. TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer. The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
To Our Valued Readers: Sybex is proud to have served as a cornerstone member of CompTIA’s Server+ Advisory Committee. Just as CompTIA is committed to establishing measurable standards for certifying individuals who will support server environments in the future, Sybex is committed to providing those individuals with the skills needed to meet those standards. By working alongside CompTIA, and in conjunction with other esteemed members of the Server+ committee, it is our desire to help bridge the knowledge and skills gap that currently confronts the IT industry. In the year since its release, the Server+ has gained industry-wide recognition as a solid indicator of competency in server technologies. Microsoft recently incorporated the Server+ certification into their new MCSA (Microsoft Certified Systems Associate) program as an elective option when paired with CompTIA’s A+ certification. Such integration into vendor-specific certification programs is a strong endorsement for Server+ and bodes well for those who possess it. Our authors, editors, and technical reviewers have worked hard to ensure that this Server+ Study Guide is comprehensive, in-depth, and pedagogically sound. We’re confident that this books will meet and exceed the demanding standards of the certification marketplace and help you, the Server+ exam candidate, succeed in your endeavors. Good luck in pursuit of your Server+ certification!
Neil Edde Associate Publisher—Certification Sybex, Inc.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Software License Agreement: Terms and Conditions The media and/or any online materials accompanying this book that are available now or in the future contain programs and/or text files (the “Software”) to be used in connection with the book. SYBEX hereby grants to you a license to use the Software, subject to the terms that follow. Your purchase, acceptance, or use of the Software will constitute your acceptance of such terms. The Software compilation is the property of SYBEX unless otherwise indicated and is protected by copyright to SYBEX or other copyright owner(s) as indicated in the media files (the “Owner(s)”). You are hereby granted a single-user license to use the Software for your personal, noncommercial use only. You may not reproduce, sell, distribute, publish, circulate, or commercially exploit the Software, or any portion thereof, without the written consent of SYBEX and the specific copyright owner(s) of any component software included on this media. In the event that the Software or components include specific license requirements or end-user agreements, statements of condition, disclaimers, limitations or warranties (“End-User License”), those End-User Licenses supersede the terms and conditions herein as to that particular Software component. Your purchase, acceptance, or use of the Software will constitute your acceptance of such End-User Licenses. By purchase, use or acceptance of the Software you further agree to comply with all export laws and regulations of the United States as such laws and regulations may exist from time to time. Software Support Components of the supplemental Software and any offers associated with them may be supported by the specific Owner(s) of that material, but they are not supported by SYBEX. Information regarding any available support may be obtained from the Owner(s) using the information provided in the appropriate read.me files or listed elsewhere on the media. Should the manufacturer(s) or other Owner(s) cease to offer support or decline to honor any offer, SYBEX bears no responsibility. This notice concerning support for the Software is provided for your information only. SYBEX is not the agent or principal of the Owner(s), and SYBEX is in no way responsible for providing any support for the Software, nor is it liable or responsible for any support provided, or not provided, by the Owner(s). Warranty SYBEX warrants the enclosed media to be free of physical defects for a period of ninety (90) days after purchase. The Software is not available from SYBEX in any other form or media than that enclosed herein or posted to www.sybex.com.
If you discover a defect in the media during this warranty period, you may obtain a replacement of identical format at no charge by sending the defective media, postage prepaid, with proof of purchase to: SYBEX Inc. Product Support Department 1151 Marina Village Parkway Alameda, CA 94501 Web: http://www.sybex.com After the 90-day period, you can obtain replacement media of identical format by sending us the defective disk, proof of purchase, and a check or money order for $10, payable to SYBEX. Disclaimer SYBEX makes no warranty or representation, either expressed or implied, with respect to the Software or its contents, quality, performance, merchantability, or fitness for a particular purpose. In no event will SYBEX, its distributors, or dealers be liable to you or any other party for direct, indirect, special, incidental, consequential, or other damages arising out of the use of or inability to use the Software or its contents even if advised of the possibility of such damage. In the event that the Software includes an online update feature, SYBEX further disclaims any obligation to provide this feature for any specific duration other than the initial posting. The exclusion of implied warranties is not permitted by some states. Therefore, the above exclusion may not apply to you. This warranty provides you with specific legal rights; there may be other rights that you may have that vary from state to state. The pricing of the book with the Software by SYBEX reflects the allocation of risk and limitations on liability contained in this agreement of Terms and Conditions. Shareware Distribution This Software may contain various programs that are distributed as shareware. Copyright laws apply to both shareware and ordinary commercial software, and the copyright Owner(s) retains all rights. If you try a shareware program and continue using it, you are expected to register it. Individual programs differ on details of trial periods, registration, and payment. Please observe the requirements stated in appropriate files. Copy Protection The Software in whole or in part may or may not be copyprotected or encrypted. However, in all cases, reselling or redistributing these files without authorization is expressly forbidden except as specifically provided for by the Owner(s) therein.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
This book is dedicated to my motivation, strength, and support. —Brad Hryhoruk To Kara and Abbie. —Quentin Docter
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Acknowledgments
In creating a project of this magnitude there are a great number of people involved. I would like to extend my thanks to everyone who helped make this book a reality. Liz Burke and Elizabeth Hurley have been wonderfully supportive and patient with me as I worked toward this goal. Special thanks to Linda Stephenson for her support and positive criticism throughout this entire process. I would also like to acknowledge Martial Marcoux. Thank you for your enduring support and friendship over the years and especially your support and strength in the last few months. I would not have made it with out you. Finally I would like to mention my close friends Nancy and Jerret. The two of you have helped me in more ways then I can ever repay. —Brad Hryhoruk I would like to thank my wife Kara for her unwavering support and unconditional love. I would also like to thank the entire Sybex crew. You are all great to work with, and very under appreciated. —Quentin Docter To the talented staff who assisted us in this undertaking: Liz Burke, Elizabeth Hurley, Andre Paree-Huff, Andy Barkl, Nancy Riddiough, Dave Nash, Laurie O’Connell, Richard Ganis, Lynnzee Elze, Stacey Loomis, Dan Mummert, and Kevin Ly. Thank you for all your hard work and dedication to this project.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
Welcome to the Sybex Server+ Certification Study Guide. The purpose of this text is to assist you in preparing to challenge and succeed at the CompTIA Server+ Exam. This book was created with the understanding that you have already successfully completed your A+ certification. Several key elements in the A+ certification are built upon within the Server+ certification. On their website (www.comptia.com) CompTIA recommends that candidates wishing to achieve Server+ certification first obtain their A+. From my experience with the Server+ Exam, I recommend also obtaining your Network+ certification prior to attempting the Server+. Concepts dealing with networking and network protocols are covered very well in the Network+ Study Guide, by David Groth (Sybex, 2001), and appear within the Server+ Exam questions. This text contains several key elements that will assist you on this journey to Server+ certification. Each chapter begins with an objective outline. The objectives are outlined in detail later in the introduction, but for now you should know that they are the key elements that you are expected to know in detail. This will help you focus your studies on the specifics of the objectives at hand. Each chapter in this book prepares you for the detailed objectives that are covered in the exam. Throughout each chapter there are also real world scenarios. These are real experiences: some describe good situations and others serve as a warning. Either good or bad, they serve as a means of seeing in action the information learned. At times in the chapters, warnings will be given. Performing certain tasks could pose a threat to server or user safety. Other times the warning is used to draw your attention to a serious matter that requires your complete focus. Each time that a warning appears, you will see a small bomb icon.
This is an example of how a warning will be presented within a chapter. Please be sure to read every warning carefully before proceeding with the activity.
Chapters end with several important elements. These include a chapter summary, exam essentials, key terms, and review questions. The chapter summary gives a brief explanation of the key essential components of each major topic covered in the chapter. This serves as a refresher
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxiv
Introduction
to you as well as a means of finding out if you remember the major features discussed. Exam essentials are brief statements (one sentence) that reemphasize the most important points that you need to be aware of prior to taking the exam. Each statement is followed by a brief explanation of why this point is essential. Be sure to know these essentials before proceeding to the next chapter. Key terms are exactly what the name implies: a collection of important terms unique to the chapter and exam. They are defined within the context of the chapter and then sorted into a list at the end of the chapter. You need to be aware of these terms as well as their meanings in order to successfully challenge the Server+ Exam. The most significant feature in our Study Guides is the practice exam. Each chapter includes 20 review questions at the end. These practice questions test your comprehension of the information and key details covered in each chapter. It is imperative that you work through these chapter tests. They not only help you remember the information presented in the chapters, but also assist you in preparing for the real Server+ Exam. Don’t just study the questions and answers—the questions on the actual exam will be different from the practice ones included in this book and on the CD. The exam is designed to test your knowledge of a concept or objective, so use this book to learn the objective behind the question.
What Is Server+ Certification?
T
he Server+ certification was created by the Computer Technology Industry Association (CompTIA) with the purpose of providing a vendorneutral means of certifying the competency of a Server Hardware Specialist. A Server Hardware Specialist is someone who spends time solving problems to ensure that servers are functional and applications remain available. The specialist should have an in-depth understanding of how to plan a network and how to install, configure, and maintain a server. This should include knowing the hardware that goes into a server implementation, how data storage subsystems work, the basics of data recovery, and how I/O subsystems work. CompTIA recommends that Server+ candidates have between
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
xxv
18 and 24 months of experience in the server technology industry, as well as experience working on a server. This will provide you with the essential hands-on experience to understand as well as work through the concepts successfully. A Server+ specialist should be able to demonstrate competency in the following areas:
Has in-depth knowledge of servers, including working knowledge of troubleshooting, physical security, and disaster recovery. Can recover from a server failure.
Ensures high availability by meeting the Service Level Agreement requirements, including proactively recognizing and responding to problems and performing recovery.
Has thorough working knowledge of hardware configuration and network connectivity. Includes the ability to perform problem determination for all aspects of the server (hardware, software, networking).
Installs and configures server hardware to meet application requirements.
Implements current and emerging data storage and transfer technologies such as SCSI and RAID.
Has a thorough working knowledge of networking protocols (e.g., TCP/IP, IPX/SPX, SNMP, DMI) for diagnosing the impact of the network on the server and vice versa.
Provides support, including second-level support, for resellers and end users.
Performs maintenance on server systems, data storage subsystems, and network devices.
Has good planning and integration skills to be able to upgrade a server without impacting network users; increase storage capacity without impacting network users; design and implement a data recovery plan in the event of a network device failure; and perform peripheral upgrades, BIOS upgrades, memory upgrades, processor upgrades, mass storage upgrades, and adapter upgrades
Demonstrates high levels of leadership through mentoring and training others in server concepts and operations.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxvi
Introduction
Why Become Server+ Certified?
Obtaining the Server+ Certification will open several doors for you. Not only is it gratifying to know you have obtained a personal growth achievement, but you are also improving your employability skills. The Server+ certification demonstrates a proof of professional achievement. You will receive a certificate for framing and a wallet card. It increases your marketability in today’s information technology–driven industry. Having your Server+ certification also will help your pursuit for advancement in the computer field. If you are hoping to become involved or more involved in computer technical work, having your Server+ certification will assist tremendously in validating your commitment and expertise. There are a number of reasons for becoming Server+ certified:
It demonstrates proof of professional achievement.
It increases your marketability.
It provides greater opportunity for advancement in your field.
It is increasingly found as a requirement for some types of advanced training.
It raises customer confidence in you and your company’s services.
Let’s explore each reason in detail.
Provides Proof of Professional Achievement Specialized certifications are the best way to stand out from the crowd. In this age of technology certifications, you will find hundreds of thousands of administrators who have successfully completed the Microsoft and Novell certification tracks. To set yourself apart from the crowd, you need a little bit more. The Server+ exam is the starting point for the Server Specialist and will give you the recognition you deserve.
Increases Your Marketability Almost anyone can bluff their way through an interview. Once you have certified in an area such as Server+, you will have the credentials to prove your competency. And certifications are not something that can be taken from you when you change jobs. Once certified, you can take that certification with you to any of the positions you accept.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
xxvii
Provides Opportunity for Advancement Those individuals who prove themselves as competent and dedicated are the ones who will most likely be promoted. Becoming certified is a great way to prove your skill level and shows your employers that you are committed to improving your skill set. Look around you at those who are certified. They are probably the ones who receive good pay, raises, and promotions when they come up.
Fulfills Training Requirements Many companies have set training requirements for their staff so that they stay up-to-date on the latest technologies. Having a Server+ certification provides administrators another certification path to follow when they have exhausted some of the other industry-standard certifications.
Raises Customer Confidence As companies discover the advantages of having staff with the Server+ certification, they will undoubtedly want staff to challenge for this certification. Many companies outsource the work to consulting firms with experience working with servers. Those firms that have certified staff have a definite advantage over other firms that do not.
How to Become Server+ Certified
There is only one exam that you must pass in order to achieve your
Server+ certification (SKO-001). This exam is administered by Sylvan Prometric and can be taken at any authorized Prometric testing center. To locate the closest testing center to you, call 1 800 755-EXAM. If you want to register for your Server+ Exam, you can call the exam registration at 1-800-776-4276. If you have not booked an exam through Sylvan Prometric before, you will need give them your name, social security number, mailing address, phone number, employer, and a credit card number for payment. If you choose, you can also register for the test at the Sylvan Prometric online registration site (www.2test.com). In order to obtain your Server+ certification, you must achieve a passing mark of at least 75 percent on the 80-question exam in the 90 minutes
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxviii
Introduction
allocated. All the questions are multiple choice and can contain one or more answers. The questions are often tricky, often with several possibly correct answers. You must select the most correct answer. Be sure to read each question carefully. The Server+ Exam at this time is not adaptive. This means that you can skip questions and come back to them at a later point in the exam. CompTIA has not announced a date that the Server+ Exam will become adaptive, or in fact whether it will at all.
Who Should Buy This Book?
I
f you want to acquire a solid foundation in Server+, this book is for you. You’ll find clear explanations of the concepts you need to grasp and plenty of help to achieve the high level of professional competency you need in order to succeed in your chosen field. If you want to become certified as a Server+ technician, this book is definitely for you. However, if you just want to attempt to pass the exam without really understanding servers, this study guide is not for you. It is written for people who want to acquire hands-on skills and in-depth knowledge of network servers.
How to Use This Book and the CD
W
e’ve included several testing features in both the book and on the CD-ROM bound at the front of the book. These tools will help you retain vital exam content as well as prepare to sit for the actual exam. Using our custom test engine, you can identify weak areas up front and then develop a solid studying strategy using each of these robust testing features. Our thorough readme will walk you through the quick and easy installation process. Before You Begin At the beginning of the book (right after this introduction, in fact) is an assessment test that you can use to check your readiness for the actual exam. Take this test before you start reading the book. It will help you determine the areas you may need to brush up on. The answers to each assessment test appear on a separate page after the last question of the test. Each answer also includes an explanation and a note telling you in which chapter this material appears.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
xxix
Chapter Review Questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check to see if your answers are right—the correct answers appear on the page following the last review question. You can go back to reread the section that deals with each question you got wrong to ensure that you get the answer correctly the next time you are tested on the material. Electronic “Flashcards” You’ll also find 150 flashcard questions for onthe-go review. Download them right onto your Palm device for quick and convenient reviewing. Test Engine In addition to the assessment test and the chapter review tests, you’ll find two sample exams. Take these practice exams just as if you were taking the actual exam (i.e., without any reference material). When you have finished the first exam, move onto the next one to solidify your test-taking skills. If you get more than 90 percent of the answers correct, you’re ready to go ahead and take the certification exam. Full Text of the Book in PDF Also, if you have to travel but still need to study for the Server+ exam and you have a laptop with a CD-ROM drive, you can carry this entire book with you just by taking along the CD-ROM. The CD-ROM contains this book in PDF (Adobe Acrobat) format so it can be easily read on any computer.
Exam Objectives
A s with the other CompTIA certifications, a series of exam objectives or topics have been identified by the Advisory Committee as being key to becoming certified as a competent technician. In the Server+ certification, these objectives fall under seven major areas: installation, configuration, upgrading, proactive maintenance, environment, troubleshooting and problem determination, and disaster recovery. Each key area is weighted on the
Exam objectives are subject to change at any time without prior notice and at CopmTIA’s sole discretion. Please visit the Certification page of CompTIA website at www.comptia.org for the most current listing of exam objectives.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxx
Introduction
exam differently. The exam weights are set to focus on the areas that a server technician needs to be most knowledgeable in. Behind every computer industry exam you are sure to find exam objectives—the broad topics on which the exam developers want to ensure your competency. The official Server+ exam objectives are listed here.
Server+ Exam Blueprint Job Dimension
% of Exam (approximate)
1.0 Installation
17%
2.0 Configuration
18%
3.0 Upgrading
12%
4.0 Proactive Maintenance
9%
5.0 Environment
5%
6.0 Troubleshooting and Problem Determination
27%
7.0 Disaster Recovery
12%
1.0 Installation (17%) 1.1 Conduct pre-installation planning activities
Plan the installation
Verify the installation plan
Verify hardware compatibility with operating system
Verify power sources, space, UPS and network availability
Verify that all correct components and cables have been delivered
1.2 Install hardware using ESD best practices (boards, drives, processors, memory, internal cable, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
Verify SCSI ID configuration and termination
Install external devices (e.g., keyboards, monitors, subsystems, modem rack, etc.)
Verify power-on via power-on sequence
xxxi
2.0 Configuration (18%) 2.1 Check/upgrade BIOS/firmware levels (system board, RAID, controller, hard drive, etc.) 2.2 Configure RAID 2.3 Install NOS
Configure network and verify network connectivity
Verify network connectivity
2.4 Configure external peripherals (UPS, external drive subsystems, etc.) 2.5 Install NOS updates to design specifications 2.6 Update manufacturer specific drivers 2.7 Install service tools (SNMP, backup software, system monitoring agents, event logs, etc.) 2.8 Perform Server baseline 2.9 Document the configuration
3.0 Upgrading (12%) 3.1 Perform full backup
Verify backup
3.2 Add Processors
On single processor upgrade, verify compatibility
Verify N 1 stepping
Verify speed and cache matching
Perform BIOS upgrade
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxxii
Introduction
Perform OS upgrade to support multiprocessors
Perform upgrade checklist, including: locate/obtain latest test drivers, OS updates, software, etc.; review FAQs, instruction, facts and issues; test and pilot; schedule downtime; implement ESD best practices; confirm that upgrade has been recognized; review and baseline; document upgrade.
3.3 Add hard drives
Verify that drives are the appropriate type
Confirm termination and cabling
For ATA/IDE drives, confirm cabling, master/slave and potential cross-brand compatibility
Upgrade mass storage
Add drives to array
Replace existing drives
Integrate into storage solution and make it available to the operating system
Perform upgrade checklist, including: locate and obtain latest test drivers, OS updates, software, etc.; Review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
3.4 Increase memory
Verify hardware and OS support for capacity increase
Verify memory is on hardware/vendor compatibility list
Verify memory compatibility (e.g., speed, brand, capacity, EDO, ECC/non-ECC, SDRAM/RDRAM)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
Verify that server and OS recognize the added memory
Perform server optimization to make use of additional RAM
xxxiii
3.5 Upgrade BIOS/firmware
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.6 Upgrade adapters (e.g., NICs, SCSI cards, RAID, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.7 Upgrade peripheral devices, internal and external
Verify appropriate system resources (e.g., expansion slots, IRQ, DMA, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.8 Upgrade system-monitoring agents
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.9 Upgrade service tools (e.g., diagnostic tools, EISA configuration, diagnostic partition, SSU, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxxiv
Introduction
best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade 3.10 Upgrade UPS
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
4.0 Proactive Maintenance (9%) 4.1 Perform regular backup 4.2 Create baseline and compare performance 4.3 Set SNMP thresholds 4.4 Perform physical housekeeping 4.5 Perform hardware verification 4.6 Establish remote notification
5.0 Environment (5%) 5.1 Recognize and report on physical security issues
Limit access to server room and backup tapes
Ensure physical locks exist on doors
Establish anti-theft devices for hardware (lock server racks)
5.2 Recognize and report on server room environmental issues (temperature, humidity/ESD/ power surges, back-up generator/fire suppression/ flood considerations)
6.0 Troubleshooting and Problem Determination (27%) 6.1 Perform problem determination
Use questioning techniques to determine what, how, when.
Identify contact(s) responsible for problem resolution
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
xxxv
Use senses to observe problem (e.g., smell of smoke, observation of unhooked cable, etc.)
6.2 Use diagnostic hardware and software tools and utilities
Identify common diagnostic tools across the following OS: Microsoft Windows NT/2000; Novell Netware, UNIX, Linux, IBM OS/2
Perform shut down across the following OS: Microsoft Windows NT/ 2000, Novell Netware, UNIX, Linux, IBM OS/2
Select the appropriate tool
Use the selected tool effectively
Replace defective hardware components as appropriate
Identify defective FRUs and replace with correct part
Interpret error logs, operating system errors, health logs, and critical events
Use documentation from previous technician successfully
Locate and effectively use hot tips (e.g., fixes, OS updates, E-support, web pages, CDs)
Gather resources to get problem solved: identify situations requiring call for assistance; acquire appropriate documentation
Describe how to perform remote troubleshooting for a wake-on-LAN
Describe how to perform remote troubleshooting for a remote alert.
6.3 Identify bottlenecks (e.g., processor, bus transfer, I/O, disk I/O, network I/O, memory) 6.4 Identify and correct misconfigurations and/or upgrades 6.5 Determine if problem is hardware, software or virus related
7.0 Disaster Recovery (12%) 7.1 Plan for disaster recovery
Plan for redundancy (e.g., hard drives, power supplies, fans, NICs, processors, UPS)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxxvi
Introduction
Use the technique of hot swap, warm swap and hot spare to ensure availability
Use the concepts of fault tolerance/fault recovery to create a disaster recovery plan
Develop disaster recovery plan
Identify types of backup hardware
Identify types of backup and restoration schemes
Confirm and use off site storage for backup
Document and test disaster recovery plan regularly, and update as needed
7.2 Restoring
Identify hardware replacements
Identify hot and cold sites
Implement disaster recovery plan.
Tips for Taking the Server+ Exam As you reach your final steps in preparing for the Server+ Exam, keep a few general tips in mind: Try to arrive at your exam early. This will allow you to familiarize yourself with the location and exam setting. You can (try to) relax and collect yourself for the task ahead. Bring two forms of identification. It helps to have a photo identification. You will be required to sign in and the examiner will perform some last-minute registration with you. Ask for a pen and sheet of paper. You are allowed to have these items at your computer station with you. Many people are unaware of this, or don’t take advantage of it. If you have to refer to charts, tables, or information that you crammed in at the last minute, they can be written down on this paper. When you are sitting at your station, the clock on your exam does not start until you click Start. You can spend some time writing your notes at this point. When you have written out all the information that you need to, then click Start on the computer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Introduction
xxxvii
Read the questions carefully. Numerous questions are written with multiple correct or apparently correct answers. You must select the most appropriate answer. Many discussion groups based on certification exams have complaints and in-depth discussions on specific questions, as they appear so open-ended. Don’t leave questions unanswered. You have a better chance of getting a point if you guess. Because the test is not adaptive, you can mark questions for review so you can go back to them later. If you are not positive about your answer, use this feature. It is possible that questions or answers later in the test will tip you off to the questions that stumped you. Questions can have more than one correct answer. In the test, answer blanks will appear as check boxes, not radio dials. If more than one option should be selected, the question will inform you that you are to select multiple answers. If you select too many answers, the testing software will prompt you—and this can come in handy if you are unsure of how many answers are correct. Check all the answers that you feel could be correct, and if the software alerts you that you have selected too many responses, you can then eliminate the weakest options. Work through the test in several phases. Your first run-through should be to answer the easy questions as well as reading through all the questions and answers to familiarize yourself with what you are presented with. Next go through and answer the medium-difficulty questions and review your easy questions and answers. Save the hard ones for last. This will let you know exactly how many hard ones there are left and the amount of time you have remaining to deal with them. This way you can best budget your time to complete the test. There are many different websites with information pertaining to certification exams. Many of these websites claim to have exam questions and exam information posted on them. Part of the CompTIA exam requirement is that you agree not to share exam information after you have completed your test. You will ultimately decide on your own whether or not to visit these websites. Many aspiring technicians feel that it takes away from the validity of the exams and the certification. Another major concern is the validity of the information presented on these websites. Everyone appears to be an expert, yet there is a lot of incorrect information
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xxxviii
Introduction
posted. I would recommend not using these exam information websites for this reason alone. Good luck on your path to Server+ certification.
About the Authors
Brad Hryhoruk has been actively instructing for over 10 years. He has his bachelor of Education degree as well as A+, Network+, Inet+, Server+, and MCP. He currently teaches at the Aboriginal Community Campus in Winnipeg Manitoba. Brad also instructs certification programs as well as working as a project manager. You can reach Brad at
[email protected]. Diana Bartley, B.ED., MCSE, MCP+I, MCT, A+, Network+, i-Net+, and Server+, is currently an MCSE instructor and technical writer for various IT-related topics. She has co-authored many books covering Windows 2000 Directory Services, MCSE Clustering, and ISA Server. Quentin Docter, MCSE, MCT, CCNA, CNE, A+ and Server+, is a 9-year industry veteran with experiences ranging from administrator, consultant, to instructor. He is currently working as an independent consultant and author. Quentin has worked on 7 books for Sybex, most recently, the MCSE Windows 2000 Network Infrastructure Design Study Guide.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment Test 1. Name three ways adapters can work together (select all that apply). A. Adapter grouping B. Adapter fault tolerance C. Adapter virtual private networks D. Adapter Load Balancing E. Adapter teaming 2. What are three possible configurations for an ATA/IDE device (select
all that apply)? A. Master, with slave present B. Slave, with a master present C. Slave, no master present D. Master, no slave present 3. If you have a RAID 3 system made up of four 20GB drives, how much
usable disk storage space would you have? A. 80GB B. 60GB C. 40GB D. 20GB 4. You want to filter packets of certain TCP/IP types coming in from and
going out to the Internet. What type of server application do you need? A. Firewall B. Proxy server C. Router D. Gateway
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xl
Assessment Test
5. Pick the levels of cache that can be present in a computer with a
Pentium III Gigahertz processor. A. L1 B. L2 C. L3 D. L4 6. SNMP is part of what protocol suite? A. TCP/IP B. NetBEUI C. IPX/SPX D. AppleTalk 7. What type of server resolves DNS names to IP addresses? A. DHCP B. DNS C. UDP D. SMTP 8. What is the default ID setting for a SCSI host bus adapter? A. 7 B. 5 C. 3 D. 6 9. Which of the following TCP/IP addresses is in a private address range? A. 183.239.179.171. B. 127.0.0.0. C. 240.64.0.24 D. 172.16.0.0.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment Test
xli
10. With which Internet standard protocol is Active Directory accessed? A. SNMP B. SMTP C. LDAP D. POP3 11. A BNC connector is used on what type of Ethernet implementation? A. Thinnet B. Thicknet C. UTP D. STP 12. In every SCSI-3 bus, how many terminators are there? A. Four B. Three C. Two D. One E. One per device 13. Your server’s backups are taking so long that you find you must start
them as you’re leaving work for the day and they often don’t finish until noon the next day. What are some options you can consider (select all that apply)? A. Set up differential backups. B. Add more backup tape drives. C. Cut down on the number of files being backed up. D. Set up incremental backups. 14. Which of the following is a memory error check? A. EDO B. ECC C. RD RAM D. SIMM Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xlii
Assessment Test
15. You want to set up your computer room so that an exact duplicate
exists in a different building and you somehow replicate the information on the servers in your production room to this duplicate room. What kind of function are you performing? A. Backups B. Fault tolerance C. High-availability D. Disaster recovery 16. Single mode fiber optics uses which of the following as a light source? A. Laser B. LED C. Fluorescent D. Incandescent 17. Memory Interleaving is another way of doing which of the following: A. Error checking B. Accessing information stored on the memory chip C. Determining parity D. Installing chips 18. What are some common diagnostic tools that you can utilize no
matter what NOS you’re working with (choose all that apply)? A. Event logs B. TCP/IP software C. FDISK D. BIOS utilities
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment Test
xliii
19. How is a PCI bus configured? A. Through jumpers B. On the motherboard C. Through the system BIOS D. With a CD-ROM 20. Which of the following is a server-specific CPU? A. Intel Itanium B. AMD Duron C. Intel Celeron D. AMD Athlon 21. Name some areas of concern to look at when you are attempting to
diagnose system bottlenecks (select all that apply). A. IRQ conflicts B. CPU speed C. Hard disk RPMs D. SCSI version 22. What kind of hard disks will typically be installed in a RAID 5 system? A. ATA B. IDE C. SCSI D. ESD 23. Most servers today are equipped with what kind of system memory
chips? A. SIMMs B. ECC SIMMs C. EDO SIMMs D. DIMMs
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xliv
Assessment Test
24. Why are maintenance logs important? A. They provide a clear picture of what the service techs have been
doing. B. They provide a background of what has been done to a computer. C. They provide an instruction manual for doing routine tasks. 25. When cabling a building, what should you do? A. Only use fiber optic cable. B. Always use copper conduit. C. Always check local building codes. D. Assume that you do not need a permit. 26. How many terminators are there on a Thinnet network? A. One B. Two C. One for every 50 hosts D. One for every 100 hosts 27. Which is true of fiber optics? A. It is affected by EMI. B. It is affected by heat. C. The cable can be made of glass. D. The cable is always made of copper. 28. You have a single network card with four ports on it. What can that
card not be configured to do? A. Adapter Load Balancing B. Adapter teaming C. Adapter fault tolerance
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment Test
xlv
29. Four network cards grouped together for Load Balancing will have
how many IP addresses? A. Four B. Three C. Two D. One 30. What category of UTP is rated for 1000Mbps transfer speeds? A. Category 3 B. Category 5 C. Category 4 D. All of the above 31. You have just purchased a motherboard that supports dual proces-
sors. Which Pentium III processors can be used on the board? A. Any Xeon with any P-II B. P-IIIs of the same speed C. Any P-III D. Any P-II with any P-III 32. What happens when a parity-checking memory module determines
that corruption has occurred? A. The problem is immediately corrected and the end user is none
the wiser. B. An error message pops up on the screen describing the error to the
end user and giving the user a chance to fix the problem. C. An entry is made in the memory error log, but the system continues
to operate. D. The system is halted.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xlvi
Assessment Test
33. What does ESD stand for? A. Electromagnetic static discharge. B. Electronic static device. C. Environmental static discharge. D. Electrostatic discharge. 34. When carrying memory chips from one place to another, what type of
ESD equipment should you use? A. Wrist strap. B. ESD vest. C. Antistatic bag. D. No ESD protection is required. 35. What is the plenum? A. The type of metallic shielding surrounding a fiber optic cable B. The type of cable used in fiber optic installations C. The air space between the ceiling and the actual roof of a building D. Precious metal like gold
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Assessment Test
xlvii
Answers to Assessment Test 1. B, D, E. Adapters can work together with Load Balancing, fault
tolerance, or teaming. See Chapter 6 for further information. 2. A, B, D. IDE devices can be a master with no slave present, a master
with a slave present, and a slave with a master present. See Chapter 4 for more information. 3. B. You would have three 20GB drives for storage and one 20GB
drive for parity. Therefore, you would have 60GB of usable storage space. See Chapter 4 for more information. 4. A, B. Proxy servers and firewalls are closely comparable. Firewalls
perform network address translation (NAT), taking a private network’s IP address and converting it to a public address; they also filter incoming and outgoing packets. A proxy server filters incoming and outgoing packets and might be able to NAT as well, though you probably didn’t buy proxy server software for its network address translation capabilities. Both firewalls and routers can prevent packets of certain types from going out to the Internet or coming in from the Internet. Routers route packets, and gateways provide an opening to a different system or environment. See Chapter 1 for more information. 5. A, B. Level 1 and Level 2 cache can only be present with a Pentium III
processor. See Chapter 3 for further information. 6. A. Simple Network Management Protocol is part of the TCP/IP
protocol suite. See Chapter 12 for more information. 7. B. A DNS Server resolves a DNS name to an IP address. See Chapter 1
for further information. 8. A. The SCSI bus adapter uses ID 7 by default. See Chapter 4 form
further information. 9. D. There are three IP address ranges that are considered to be private:
10.0.0.0, 172.16.0.0, and 192.168.0.0. See Chapter 8 for further information. 10. C. Active Directory is based on LDAP. See Chapter 1 for further
information.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
xlviii
Answers to Assessment Test
11. A. BNC connectors are used on Thinnet Ethernet networks. See
Chapter 6 for further information. 12. C. There will always be two terminators, one at each end of the SCSI
chain. See Chapter 4 for further information. 13. B, C, D. You can add backup tape drives to the system, thus provid-
ing more places for backups. You can also groom the file list to see if there are files that are being backed up that don’t actually need to be. You can also go to a system where you perform a full backup over the weekend and then use incremental backups during the week. Incremental backups only back up the files that have changed since the previous day’s backup. See Chapter 14 for further information. 14. B. ECC stands for error-correcting code and is used as a memory
error checker in RAM. See Chapter 12 for further information. 15. D. When you have a room in a different building that contains dupli-
cate computing gear and also contains data that has been replicated to it from the primary servers, you’re working with a disaster recovery (DR) methodology. DR is, as you might imagine, expensive. The technology has grown and become viable for entities needing assurance that, should something disastrous happen, they could continue on with everyday business functions. See Chapter 15 for further information. 16. A. Single mode fiber optics technology uses a laser as the light source.
This is the more expensive form of fiber optic transmissions, but the most efficient. See Chapter 6 for further information. 17. B. Memory interleaving is a way of quickly getting access to infor-
mation stored on the memory chip. See Chapter 12 for further information. 18. A, B, D. All network operating systems create logs that inform you
of critical events. The method you use for reading the logs might be different, but you can be assured that event logs are generated within any NOS. You can use TCP/IP software commands such as PING and NSLOOKUP to perform basic network connectivity troubleshooting. You can use the server BIOS utilities and peripheral utilities to check to see if the hardware is correctly configured. Option C would not be an answer because not all machines have DOS installed on them. See Chapter 12 for further information.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Assessment Test
xlix
19. C. A PCI bus is configured through the system BIOS. See Chapter 3
for further information. 20. A. The Intel Itanium is a server-specific processor. All others listed
were originally created for a desktop computer. See Chapter 3 for further information. 21. B, C, D. A CPU’s speed can create a bottleneck if the applications
and users trying to access the computer outpace the speed with which the processor can answer requests. In SCSI you’ll also need to be concerned about the hard disk’s RPMs and the SCSI version level. See Chapter 12 for further information. 22. C. In almost all cases (except systems that utilize software RAID)
you’ll use SCSI drives in your RAID array. See Chapter 4 for further information. 23. D. Most commercial servers today come equipped with 72-pin Dual
Inline Memory Modules (DIMMs). The reason for this is twofold: you get 64-bit memory and SIMMs need to be installed in pairs whereas DIMMs can be installed singly. See Chapter 3 for further information. 24. B. Maintenance logs provide a background of what has been done to
a computer. See Chapter 9 for further information. 25. C. When cabling a building, you should check the local building
codes. These codes will vary by locality. See Chapter 6 for further information. 26. B. There is a 50-ohm terminator at each end of the bus on a Thinnet
network. See Chapter 6 for further information. 27. C. Fiber cable is made of glass or plastic. See Chapter 6 for further
information. 28. C. Fault tolerance requires more than one card, not more than one
port. See Chapter 6 for further information. 29. D. A group of network cards used in Load Balancing will have one IP
address. See Chapter 6 for further information. 30. B. Category 5 is the only option that supports transfer speeds of
1000Mbps. See Chapter 6 for further information.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
l
Answers to Assessment Test
31. B. With Pentium III processors, the multiplier and the FSB must
match. See chapter 3 for further information. 32. D. With parity, if it is determined that there has been some corruption,
the system is halted. See Chapter 12 for further information. 33. D. ESD is electrostatic discharge—rapid discharge of static electricity
from one conductor to another of a different potential. If your body is holding a static charge and you touch an electronic component, that discharge can seriously damage the electronics. See Chapter 15 for further information. 34. C. Antistatic bags are used to carry electronic equipment from one
place to another. This will prevent ESD from damaging the chips. See Chapter 15 for further information. 35. C. The plenum is the space created for air circulation between a
drop-down ceiling and the roof, or under a raised floor; this space is commonly used to run cables. See Chapter 6 for further information.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Installation
PART
I
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Server Types and Roles
1
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
F
or the most part, each chapter in this book closely maps to the Server+ Exam Blueprint from CompTIA. We have listed the exam objectives covered by each chapter at the start of the chapter, and fully covered each objective to the best of our ability in that one chapter. In a couple of cases objectives cross chapter lines, but this is infrequent, and is done to arrange the information in the most readable and useful format possible. Chapter 1, though, sets the stage for our later studies, and as such does not specifically map to any objective. For many of you, this first chapter may be review. That’s excellent, and the authors won’t mind at all if you move quickly through this information—or any topic where your current level of experience makes you extremely confident. This chapter will help get you get started on achieving your goal of the Server+ Certification.
What Is a Server?
W
hen preparing for the Server+ exam, one question needs to be gotten out of the way immediately: What exactly are servers, and what makes them special enough to deserve an entire exam dedicated to them? The answer to this requires that the term server itself be defined. Put simply, there are two key definitions of server in the Information Technology world: serv·er (sûrvr), n. 1. Computer software designed to assist other computers on a network by performing tasks for them or providing information to them. 2. Computer hardware optimized for the task of running server software. Each of these definitions needs to be considered separately, along with its implications for what a “server” is. We’ll take some time in the following sections to dissect these definitions, taking care to examine servers as software as well as servers that operate solely as hardware. We will cover scalability versus expandability, the relationship between security and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
What Is a Server?
5
dependability, and finally stability and redundancy. Before we move into discussing the various roles of a server, we will overview server add-ons.
Server as Software Let’s start by examining the first definition. For any computer to function, it needs an operating system (OS). This is the code that tells the computer how to function. You know that, of course. You have also probably encountered the term NOS (network operating system), which is used to describe a server OS. Things become a bit tricky, though, when we start trying to distinguish an OS from a NOS. The reason for this is that by the definitions we’ve just shown you, any OS that can perform services or share files on the network is a server. Many of you have used the file sharing capabilities of Windows 98, for instance. All of Microsoft’s modern OSs have the ability to share out files, and even to maintain NetBIOS browsing lists that allow computers to find each other on the network. Even so, we don’t generally think of Windows 98 as a “server OS,” and neither does the Server+ exam. Rather, the NOS term is reserved for products such as Novell NetWare, Microsoft Windows 2000 Server, or Sun Solaris. In order to decide which software you will need as your NOS software, you will need to examine and consider the following characteristics:
Scalability
Security
Stability
Client prioritization
Reviewing each of these characteristics in full is a good starting place when considering server hardware for your NOS. As such, we will start by examining the concept of scalability and how it relates to server performance.
Scalability Most computers serve only a single master, in that the user working locally on the machine is the only one giving orders. The user may run one application, or a number of them, but the amount of computer power a single user needs is relatively limited, especially as we enter the world of multi-gigahertz processing on the desktop. Because only one user is expected to be using the OS at a time, a normal OS is intended for use on machines with limited resources. Windows 98, for instance, cannot recognize or use more than one processor.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
6
Chapter 1
Server Types and Roles
Windows 2000 Advanced Server, on the other hand, supports 8 processors, and Sun’s Solaris supports up to 128 processors on a single system. Besides just allowing for more hardware, network operating systems are designed to allow for features like clustering and load balancing: Clustering Used to allow a number of servers to share resources, clustering essentially creates a single “virtual server” out of a number of machines. The computers share an IP address and generally use the same data array, as shown in Figure 1.1. FIGURE 1.1
Server clustering Hub
Server
Server
Data
Load Balancing Similar to clustering, in that two or more servers team up to do a single job. The thing that distinguishes load balancing, though, is that each server retains its own identity and often keeps its own copy of needed resources, as shown in Figure 1.2. FIGURE 1.2
Server load balancing Hub
Server
Server
Data
Data
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
What Is a Server?
7
Scalability, then, is the ability of a computer system to support large numbers of users, and run extremely demanding software applications. That is just one job for a NOS, though. Next comes the ability to keep things safe.
Security Network operating systems also are generally far more secure (or at least securable) than client operating systems. This enhanced security can take the form of a username/password database, access restrictions on files or services, or any number of system security policies. One of the odd things about the Server+ Exam is that, because most of the questions follow a generic format, and because very little security information falls into this “generic” category, you will find few system security–related elements on the exam. This is strange, of course, because network security is among the primary job functions of a server administrator!
The physical security of the server, however, is a major concern of the exam. Locking down the server room will be dealt with in Chapter 13, “Managing and Securing the Server Environment.” Some general security topics will also be considered on a NOS-by-NOS basis in Chapter 7, “Network Operating Systems.”
Stability While most desktop PCs are shut down each night, and are used only a few hours each day, servers are generally on 24/7, and as such they need an OS that is extremely stable. Moreover, as tens or hundreds of people are interacting with the server each day, it is critical that the OS be resilient and able to deal with this constant onslaught of requests without locking up or giving up. To help guard the health of these machines, NOS software is often pickier about what software it allows to run, and which applications and drivers it will allow you to install. While this helps to insulate the server from problems caused by bad software, it also means that NOS applications often are specifically written for the OS, and can be extremely expensive.
Client Prioritization One last characteristic of a server OS is that it gives priority to client connections when allocating resources. The primary purpose of a NOS is to take care of clients, and as such a user at the server console is treated as just another user, or sometimes even given a lower priority than network users. Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
8
Chapter 1
Server Types and Roles
Some examples of server-class operating systems are listed below, along with website information so you can go to learn more about each of them.
NetWare: www.novell.com/products/netware/
OS/2: www-4.ibm.com/software/os/warp/
Solaris: www.sun.com/software/solaris/
Windows 2000 Server: www.microsoft.com/windows2000/server/
Solaris is a Unix-based system, and Unix operating systems are all based on a server-class platform. Linux is also Unix based. Still, both Linux and Solaris are often used as a desktop OS, and are as flexible as Windows in that they can be used for pretty much any role in the enterprise. Start at www.linux.org/dist/ to learn more about the emerging Linux challenge to the established NOS/OS leaders.
Servers as Hardware The second definition of a server is one that involves specialized hardware designed to handle the extreme demands of NOS software and network users. Companies such as IBM and Compaq produce computers specifically for these needs, and sell them in separate product lines. Compaq, for instance, has its extremely popular Proliant series, and Dell sells the PowerEdge line. At a very general level, servers are essentially just enhanced PCs. Many managers look at the price of a new Compaq Proliant 1GHz server and say, “Why are we paying $10,000 for this computer, when we could get a Compaq PC that is just as fast for $1,000 at Circuit City?” This is a valid question, because Windows 2000 Advanced Server or Sun’s Solaris can be installed on a desktop-class PC without any trouble. If you are in the position of proposing a server purchase to a manager or client, you should be prepared to explain the reasons behind the higher cost of specialized server hardware.
It is worth emphasizing here that server-class software can be installed on a desktop PC and that Windows 98 can be installed on an IBM server. To get best performance, though, both the hardware and software need to be server-class.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
What Is a Server?
9
To help you with that explanation, let’s take a closer look at the benefits a server provides for that extra money:
Expandability One of the most important characteristics of server-class hardware is that it is generally built with generous expansion capability. Most servers allow for far more RAM (often over 4GB), more drive space (most servers have 5–10 drive bays) and more processors—it is hard to get a desktop PC that fits 8 processors because the cases for normal PCs simply do not have room for that much hardware. Along with all of this additional hardware comes the need for additional fans and a larger power supply as well, which also take up room.
Dependability Server hardware needs to be reliable. Unlike desktop PCs, which are generally shut down each evening, servers often are expected to run constantly for weeks or months. The length of time a server has been running, or sometimes the percentage of time it has been running, is referred to as its uptime. Some servers prominently display the amount of time they have been up on their console, while others (Windows, anyone?) tend to hide that information! Any time a server is not running, the dreaded word downtime is used to describe the amount of time that it is off. Because servers are critical to modern networks, and networks are critical to modern organizations, a server down situation rarely goes unnoticed. E-mail doesn’t work, or users can’t get to files, or “the Internet doesn’t work,” and calls start flooding into the help desk. Along with backup and security, the prevention of downtime is probably one of the most important jobs of an administrator. Server-class hardware helps to maximize uptime through higher quality hardware and the ability to duplicate critical hardware for redundancy. Quality One of the reasons servers cost more than desktop PCs is that the pieces used to build the server are better. No one argues about why a Porsche costs more than a Yugo, but somehow a lot of people who drive very nice cars find it difficult to understand why they should pay for quality in their server room as well. Server components are manufactured to higher standards, both in terms of the materials used and the precision of the craftsmanship. Moreover, these components are tested to ensure that they work well together. This is done
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
10
Chapter 1
Server Types and Roles
to ensure that a server will remain operating and reliable regardless of the amount of work required of it. Much of this information is very different from the way those same resources are discussed in the A+ book, which deals with the maintenance of “normal” desktop PCs. Redundancy Quality components are great, but even the best machines sometimes fail, and computers are no exception. In order to try to prevent hardware problems from resulting in immediate downtime, though, most server-class computers support redundant hardware for key components. This practice is known as redundancy. Redundant components can include power supplies, for instance. If a server has two or more power supplies, both of them can work together to power the system. However, if one of them fails (or is unplugged), the other is able to take on an increased load and power the entire system. Other examples of commonly duplicated hardware include hard drives, drive controllers, and network cards.
Two items that are not redundant are processors and RAM modules. Even if you have four processors in a machine, if one processor fails, the server will go down. The same with RAM. Remember that expandability and redundancy are different things!
Server-Only Features Besides just supporting more and better hardware, and offering helpful services not available on regular operating systems, modern servers also can be equipped with a dizzying array of add-on equipment. Although some of these components are making their way into the desktop computer environment, they are normally associated with server environments. These include RAID controllers (standard on most servers), SCSI controllers, an uninterruptible power supply (UPS), external drive arrays, fax or modem bank hardware, and tape backup drives. Any of these can be installed into desktop-class machines as well, but generally their expense and resource requirements dictate that they be used in server-class machines with server-class OSs. You may already be in charge of a network, and have your own server(s) to refer to as you read this book, but if not it might be useful to get an idea of what these machines are like. Before reading too much further, you may want to take a look at some of the beasts that the Server+ certification
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
11
prepares you to deal with. Below is a sampling of some large computer hardware manufacturers, and their server lines:
Compaq: www.compaq.com/products/servers/
Dell: www.dell.com/us/en/esg/topics/ segtopic_servers_server_main.htm
Gateway: www.gateway.com/work/products/ sb_srv_catalog.shtml
Hewlett-Packard: www.hp.com/products1/servers/
IBM: www-1.ibm.com/servers/
While this book is being written, HP and Compaq are in the process of merging, so things may be changing a bit there. For now, though, they have separate product lines.
Server Roles
Servers must perform a dizzying variety of tasks on the network. On smaller networks a single machine might perform many or all of these tasks, and that is perfectly workable because servers are designed to be good at doing multiple tasks simultaneously. On larger networks, though, specialization allows each machine to be tailored specifically for the tasks it is assigned. This section will sample a few of these tasks for you and give you an overview of what servers do on a network and how each of these tasks takes its toll on server resources. Three general types of server roles will be detailed in this section: security, network, and user. These are loosely grouped, and some server roles cross over between the categories, so concentrate more on what they do than where they are grouped. As you read through this section, keep two questions in mind: 1. What roles does this server play on the network, and how does its
performance impact network users? 2. What type of operating system and hardware should be used to
improve the efficiency of the machine running this task?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
12
Chapter 1
Server Types and Roles
Security Roles Networks have evolved into the storage location for almost all documents and data in most large and midsize companies. The protection of this data— both from destruction and from unauthorized access—falls to the server administrator. Network security is generally provided by the operating system, and as we look through each of the following sections, you will be given pointers to websites that detail how these services are implemented into various server systems. Because the Server+ exam itself is vendor-neutral, you don’t have to spend a lot of time studying this stuff, but if you are interested in learning more about a topic, some of these URLs could come in handy as a starting point.
Account Management Most of the following services depend on the ability of the server to determine one fact—who it is that is trying to use the service. This is generally accomplished by using one or more servers on the network to store and authenticate user credentials. Account management servers generally keep track of (among other things) two basic pieces of information—the user and the password. User (or Username) The user is the basic building block of network security. The user defines an individual (for example, “John Doe” becomes “JDoe”) or a network role (“administrator” or “root”), and comes in one of three basic types: Administrative At least one top-level account must be created during the server installation process. That account is given authority to manage the server. Sometimes called the “god account,” this first account is known by many names by the various computer tribes. Microsoft calls it the Administrator, Novell calls it Admin, and Unix/Linux calls it Root. User Created The administrator can then create individual system identities in order to differentiate between the various individuals on your network, all of whom have their own network resource needs and security clearances. Creating a user account registers the user as a security object on the server. Guest/Anonymous Sometimes access to the server needs to be granted to users who are not registered in the account database. This can be done by creating a default user. Anonymous users are most commonly seen on
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
13
Internet web servers, where thousands of users might visit a server to view web content. The users do not have individual accounts, and they all log on through a single generic account. FTP servers also often allow file retrieval access to anonymous users. Password It is almost inconceivable that anyone reading this book needs to have passwords explained. If you do, all I can say is you have a bit of work ahead of you! If a username says “this is who I am,” a password says “and here’s proof I am who I say I am.” Password security is a critical part of server security, because if your account passwords—especially administrative passwords — are discovered, the server and network security are compromised. Many of the services listed in the authentication section that follows are specifically designed to protect system passwords. Sadly, even the best security software cannot defend passwords scribbled on sticky notes and posted on a user’s monitor. An effective password strategy needs to include a password scheme that balances security and usability.
Windows server administrators can use a nifty tool called L0phtCrack (recently renamed to LC3) to test their system’s defenses. LC3 and other and eye-opening toys for various OSs are available from @stake at www.atstake.com/research/.
Designing a Password Strategy You are in charge of a committee studying the current password structure on your company’s network. The purpose of the committee is to examine the corporate security needs and see whether the existing password structure is sufficient. To your dismay, the committee reports back that not only are password standards not uniform throughout the company, but that many offices do not have any password policy at all. In attempting to craft a password strategy, you find the following:
All users have Internet access.
Many users are logging on and working from home.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
14
Chapter 1
Server Types and Roles
The corporate intranet and FTP servers both support plain text passwords.
Users often share machines, and many times they use a shared network account.
Obviously, this is a worst-case scenario. Still, the solution is relatively simple. Because you want to secure the network without causing undue trouble to users, you could recommend that some of the following changes be implemented:
Require a minimum password length.
Require that passwords be changed monthly.
Do not let users reuse old passwords.
Change website and FTP settings to require encrypted logons.
Require that all users have their own account.
This example is representative of the types of questions you might get. All of the problems and solutions are generic because getting specific would require mentioning particular authentication methods or require you to perform tasks on a particular directory structure. This would require dealing with a certain vendor, and in most cases the exam is more interested in giving you logic puzzles than it is testing your knowledge of a particular product.
Authentication The process of submitting a username/password set and having it tested against credentials stored in a server database is called authentication. There are a number of methods of authentication available to a server. Here is a sampling, arranged roughly in order of least secure to most secure: Plain Text This is the simplest form of authentication. In plain text authentication, username and password information is simply sent out over the network in clear text—standard ASCII code that can be intercepted and read easily. Plain text authentication is highly frowned upon in secure environments. Scratch that...plain text is highly frowned upon for any environment.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
15
Encryption The process of protecting authentication information generally involves encrypting the username and password information as it is transferred between the client and server. Encryption takes many forms, but Solaris, for instance, supports Kerberos, Diffie-Hellman, and others. Go to www.sun.com/software/white-papers/wp-security/ for more on this topic. Smart Cards Security can also have a physical component, and smart card logon options are becoming more common. These depend on the user knowing a piece of information (password) and having physical proof of identity (generally a swipe card). Biometric Identification The most complex and futuristic authentication method—biometrics—uses retinal scans, voice scans, fingerprint analysis, and other tools to provide physical proof of identity. The key is using a human feature that is unique to each individual. Biometric ID integrates physical identification with authentication.
The Benefits of Security Many people take security for granted. After all, what’s the big deal? “There is nothing on my computer worth stealing.” These are the famous last words of many who have been caught up in an incident where their computer has been broken into. I recently experienced a situation that drives this point home. A private school that I worked at long ago called me for some advice with regard to their new network setup. The school had purchased a dedicated Internet connection that was being shared to an entire lab of computers. Unfortunately the server was not using a network operating system. The faculty elected instead to use a desktop operating system. Desktop operating systems do not provide the necessary level of security or authentication needed for a server role. In advising them on their network questions, I also cautioned them on the security holes that their Internet connection and operating systems were experiencing. Unfortunately it was only a few weeks later that I received another call from the school: This time, they were frantic. They had received a nasty letter from their Internet Service Provider, who was accusing them of illegal activity. The faculty was completely oblivious to what was going on.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
16
Chapter 1
Server Types and Roles
After I assisted them with some research as well as checking into the log files with the ISP, we discovered that a hacker had broken into their network and was using their high-speed connection for illegal activities. Since the operating system was not providing adequate security, this hacker easily broke in and then masqueraded as a computer within the network. Never take your network security for granted.
Directory Services Server Directory services servers allow the processes of account management and authentication to be handled centrally by a single machine or group of machines. This allows a single username and password set to be used throughout an entire network. Microsoft made the idea of “one user, one account” into a mantra when they were promoting their Windows NT domain structure, and the key premise is sound. Wherever a user goes in the enterprise, that user should be able to authenticate to the network using the same username and password. Figure 1.3 shows how a user can log on in two separate areas of a Windows 2000 domain using the Windows 2000 Active Directory. FIGURE 1.3
User logon to the Windows 2000 Active Directory
User enters credentials
Windows Network Client
Credentials checked by the AD server
If credentials are successfully checked, the server provides resources
Active Directory Server
SQL Server Database server
Both the Active Directory Server and the SQL Server run copies of the Active Directory and share the user database as well as the responsibility for authentication. Common directory services servers include the following:
Microsoft’s Active Directory
Novell’s NetWare Directory Service (NDS)
Sun’s Solstice
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
17
The three services listed here are all based on the standards set by the International Telecommunication Union (www.itu.int). The ITU’s x.500 directory specification defines how accounts are created and managed. Because of this, all three of these systems use similar structures and logic, making it far simpler to manage multiple systems than ever before.
Security servers do not need to be tremendously powerful in terms of hardware, but they must be powerful enough to respond quickly to client requests. If the directory server is unable to keep up with authentication requests, the network simply slows down to its speed. Nobody gets anywhere without permissions, and these servers are the gatekeepers. If we were to pick just one resource to emphasize, it would probably be network throughput, which is critical to a security server. Being able to receive and send requests quickly can be facilitated by multiple network cards, or even by locating the directory server in a central part of the network. Also, encryption technologies can be heavily processor intensive, and so servers with enhanced authentication schemes may require additional processor power.
Networking Roles Security work is the glamour job in the server world, and Active Directory and Kerberos (a network security system, developed at MIT, which verifies that a user is legitimate at login) seem to get all the attention in the trade rags. Still, in order to make a network function smoothly, a number of other services also need to be working in the background. These services assist the network in locating servers, identifying computers, connecting remote clients, or moving packets from one part of the network to another. You won’t be asked to know about the specifics of any one of these technologies, since each of them is implemented a bit differently by different server platforms, but you should be familiar with what they do, and the basics of how they work.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
18
Chapter 1
Server Types and Roles
Routing Services One of the features that a server can offer to the network is to act as a router. Routing and bridging services allow a server with multiple network interfaces to link machines on either side. When acting as a router, the system must build a routing table that shows which machines are available on which interfaces. As TCP/IP is by far the most common protocol you will need to deal with (some NetWare environments still use IPX/SPX), the IP routing protocols are the most important ones to keep in mind: RIP The Routing Information Protocol (RIP) is a distance-vector protocol that enables computers to exchange routing information by means of periodic routing table updates. RIP updates are sent to neighboring networks and RIP information from other routers is returned. The path with the fewest hops (each router involved in a path is one hop) is used when sending data. OSPF Open Shortest Path First Protocol, or OSPF, is an open protocol, meaning that it is a standard and that it is available for use in the public domain. OSPF is a link-state routing protocol. Link-state advertisements (LSAs) are sent to all other routers to allow them to update their routing tables. These LSAs include changes to the routing table, but the actual routing table itself is not sent, unlike RIP. OSPF is far more efficient than RIP on large networks.
Although server machines can be used as routers, in most cases it is better to purchase a dedicated router for this job. Cisco (www.cisco.com) and 3Com (www.3com.com) are two major router manufacturers.
Firewall Server A firewall is essentially a router turned bouncer. Firewalls are placed at the edge of your network and are used to turn away communications from unwanted or distrusted clients. Nearly every large corporate or organizational network now has at least one high-speed connection to the Internet. While this makes it extremely easy for network clients to access the Web and e-mail, the process also works in reverse, and networks are vulnerable to attack from the Web. As such, nearly all firewalls are concerned with the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
19
need to protect a local area network (LAN) from the perils of the Internet. Figure 1.4 shows a common network configuration and introduces a concept we need to define. FIGURE 1.4
A common firewall configuration Firewall Server
Public Network Gateway to Internet
DMZ Hub or Switch Private LAN Web Server
LAN PC
LAN PC
Note the DMZ, or demilitarized zone. The DMZ is the buffer zone between the Internet and your internal network. It is where any servers that need to be exposed to the Web should be housed. In this case, a web server is sitting in the DMZ, and a server running firewall software protects the intranet. Any requests sent to the web server—including malicious DoS (denial of service) attacks or Internet worms—will be able to reach that server unhindered. The same requests or attacks directed toward the internal network, though, will be intercepted by the firewall, which will be configured to allow only particular information through.
In many cases, it is best to put the web server behind the firewall as well. The firewall can let through HTTP requests while protecting the server.
Proxy Server A special kind of Internet access server is a proxy server, which is part accountant and part traffic cop. Proxy servers are used to funnel all Internet traffic through a single location, and because of this central point, they can effectively manage Internet traffic. Notice in Figure 1.5 that clients on the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
20
Chapter 1
Server Types and Roles
network direct all requests for Internet information to the proxy server \\Trantor. The server then checks for a number of things: 1. Is the user allowed Internet access? 2. Is the user allowed to go to the intended website? 3. Is the web page already requested in cache? FIGURE 1.5
A proxy server at work Client 1
Client 2
Client 3 Client requests a web page
Server checks to see if the user is authorized to view the page. If they are, it is retrieved either from a local cache or from the Internet.
Router Internet Trantor
Although a standard firewall can perform the first two of these tasks, the proxy’s ability to cache pages for users makes it invaluable in saving on limited bandwidth. If three users request a page, only the first user’s request actually hits the Internet—the other users are then given the page from inside the cache. One service that both firewalls and proxy servers provide is logging of user requests. Administrators can parse the log files for any of the key unacceptable words or phrases, or just check to see who is downloading .mp3s at work.
Most of us didn’t sign up as network engineers with the intention of becoming morality police or productivity enforcers. Still, it is an unfortunate fact that this is a part of the job on modern networks.
Most routing services require little in the way of resources, with extremely fast network connections being the key to their success. Making sure that these machines have quality network cards and up-to-date network card drivers is critical. Also, because the proxy server caches large amounts of data, it may need a large drive array.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
21
For a great look at how routers, firewalls, and proxy servers work, check out the excellent film, Warriors of the Net. It is available to view free at www.warriorsofthe.net, but you will need a fast connection, as the high-res version is 150MB. It’s worth the time and the wait, though.
Remote Access Services Ten years ago, a user leaving for a business trip must have felt an amazing sense of freedom. No cell phones! No laptop! Check in by phone every day or so, and otherwise you were safe from whatever disasters might need your attention at the office. Not so anymore. As computer-based tasks become a more critical part of the normal workday, networks have evolved to provide easier access to resources for users who can’t get to their desks. Among the most important tools available to us who use laptops are remote access servers. These are servers that allow remote users to function on the network as though they were in the office— even if they are thousands of miles away! Two of these are the traditional dial-in server and the virtual private networking (VPN) server. Each of these has advantages and drawbacks. Dial-In Server A dial-in server is essentially a router that has a modem as one of its network interfaces. The server answers calls coming in from remote clients, authenticates them with the network, and then acts as a conduit, allowing them to access resources on the network. In order for this process to work, a dial-in protocol must also be available. The most common of these are Point-to-Point Protocol (PPP) and the lessused SLIP (Serial Line Internet Protocol). PPP is newer, and is generally more efficient because it has error-checking mechanisms built into it. For more information on how PPP and SLIP differ, check out www.ccsi.com/ survival-kit/slip-vs-ppp.html for one ISP’s explanation of the two. SLIP is not used much anymore, but it is good to at least recognize the acronym, just in case. The hardware requirements of a dial-in server can be quite specialized because the task of providing many—often dozens—of modem connections is beyond the comm port capabilities of a standard machine. Specialized expansion boards by companies like Digi (www.digi.com) allow a server to support this higher hardware level.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
22
Chapter 1
Server Types and Roles
In Figure 1.6, a Windows 2000 Server is using the Routing and Remote Access Service (RAS) to support dial-in clients. The clients authenticate to a Windows domain controller on the network, and are then able to connect for e-mail and file access. FIGURE 1.6
A dial-in configuration for Windows Server answers and verifies the user's identity and rights with a directory server Directory Server Client dials into RAS server
Remote Client
Server transfers the data out to the remote client
RAS Server
RAS Server requests resources for the client
File server returns the data to the server File Server
VPN Server A virtual private network (VPN) is similar to a dial-in connection in that it allows users to access their network remotely. Unlike standard dial-in, though, a VPN connection involves a two-step process: 1. Users attach to the public Internet using a dial-up or by configuring
their machine to use a high-speed connection. Once an Internet link is established, users can start a VPN client to make a connection across the Internet to a VPN server on their own network. This server also needs to have a separate Internet connection. This process involves creating a secure tunnel connection through the existing connection established in step 1. This secure connection is called a Point-to-Point Tunnel Protocol (PPTP) connection. The VPN connection is encrypted, and because all communication is encapsulated within the VPN protocol, users can access network resources through the VPN that they would otherwise be unable to see using standard TCP/IP connectivity. Figure 1.7 shows a common VPN configuration. Note how similar this process is to the one shown in Figure 1.6.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
FIGURE 1.7
23
Connecting through a VPN Server answers and verifies the user's identity and rights with a directory server Directory Server Client dials into VPN server
Remote Server transfers Client the data out to the remote client.
RAS Server
VPN Server requests resources for the client
File server returns the data to the server File Server
TCP/IP Services TCP/IP has been mentioned briefly already this chapter and as you go through this book you will continue to hear about it. As earlier mentioned, this is essentially the only major protocol standard that you can depend on any server to support. Because it is everywhere, certain server functions needed by TCP/IP networking must be included on nearly all networks. We will just mention these here, as Chapter 8, “TCP/IP,” deals in-depth with understanding and configuring TCP/IP networking. DHCP Server The Dynamic Host Configuration Protocol is used to simplify TCP/IP configuration on network clients. DHCP servers store the information needed to bring a TCP/IP client onto the network, and when a client first starts up they contact the server to obtain an address, gateway, subnet mask, and DNS server, among other things.
If these terms are not already familiar to you, Chapter 7 alone may not be enough! In that case, Andrew Blank’s TCP/IP JumpStart (Sybex, 2000) is a good reference. Vendor-specific TCP/IP books are also available, but the JumpStart book is nice because it maintains the vendor neutrality that CompTIA espouses.
The DHCP server itself can run on any platform, and clients from multiple operating systems can use a single DHCP server. It is important to
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
24
Chapter 1
Server Types and Roles
remember, though, that DHCP requests are done through network broadcasts, so you generally need either a DHCP server or a DHCP relay agent on each network segment. More on relay agents in Chapter8! Name Server Computers talk to each other quite happily using numbers, as digital information all boils down to ones and zeros eventually. Human beings, on the other hand, generally have an easier time with information presented to them in the form of words and text characters. Because of this, name servers allow both people and machines to have their own way. There are two primary types of name servers to keep in mind: DNS Server The Domain Naming System (DNS) has been in use for nearly two decades now, and is the worldwide standard for identifying computers on TCP/IP networks. DNS servers resolve TCP/IP host names to IP addresses. In Figure 1.8, the host Client1 requests access to server1.sybex.com. The name is resolved by the DNS server, and Client1 can start the connection. WINS Server Figure 1.8 also demonstrates the functionality of a WINS server. WINS stands for Windows Internet Naming Service, and the “Windows” part of that is a pretty good clue that this is not a vendor-neutral service. Microsoft has been using its own naming structure—NetBIOS naming—since the days of DOS, and a WINS server is used to support this in a TCP/IP environment. Client1 can also access Server2, but does so through a WINS server rather than a DNS server. FIGURE 1.8
Name servers in action server1.sybex.com
Client 1
WINS Server
DNS Server
Server 2
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
25
A configuration like the one in Figure 1.8, where both DNS and WINS servers are in use, is common. These services can coexist, and even can help each other out on occasion (see Chapter 7 for more on that).
Management Server TCP/IP also provides a protocol specifically designed for network management functions. The aptly named Simple Network Management Protocol (SNMP) is used to allow a server on the network to collect information about other devices and issue commands in return. We won’t spend a lot of time on SNMP, as it is doubtful you will find detailed SNMP questions on the exam. Even so, www.snmp.org/protocol/ is a good place to go for an overview of what SNMP is about. In most cases, naming and management services are almost unnoticeable in terms of their effect on the server. Even a very small server can support thousands of clients with no problems. Again, the key is having sufficient bandwidth to the server.
User Services Finally we arrive at the services that users can see and interact with. When most people talk about a server, they are concerned with the tasks discussed below. This does not, of course, mean that they are the most important services. Like a quarterback on a football team, user services get all the press and most of the resources. The underlying network services listed above, though, are as important and underappreciated as offensive linemen! Notice that when services are started, the result is significant resource usage. You should be able to identify how to plan for each of the following types of servers by planning to boost critical resource needs.
File Server The classic task of a network server is to store information that needs to be shared among multiple users; in this role it is known as a file server. To successfully store and share information, the server normally has to have a few different elements in place. First, some sort of security needs to be present to protect the files on the server. Different network operating systems handle security in very different ways, but in all cases the server needs to be able to ensure that users do not have access to files they should not see. Servers can
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
26
Chapter 1
Server Types and Roles
also make more subtle distinctions, such as allowing users to read a file but not modify it. The requirements for a file server are heavily weighted toward its hard drives. Server hardware often comes with multiple drives, because file servers are expected to store enormous amounts of data. File servers also need fast drives—Compaq uses 10,000RPM drives in its servers. The drive controller is also important, as is the network bandwidth available to the server. In Chapter 4, “Storage Devices,” we will examine server drive configuration, and you will notice that SCSI hardware is the overwhelming choice for servers. This is because SCSI is faster and more expandable than IDE/EIDE.
It is interesting to consider that a traditional web server is actually nothing more than an Internet-based file server. Same with FTP servers. Web servers receive requests for HTML pages and serve those pages out, just as a file server sends out .doc and .txt files.
Print Server If you were interning to be a server on a network, it is likely that you would start as a print server. Print servers require very little in the way of resources, outside of requiring sufficient drive space to store files submitted for printing. Even this is a relatively small requirement, because print jobs are generally stored only until they are printed, at which time they are deleted. The process of network printing is enumerated below. Two terms you should be familiar with when discussing printing are queue and spool: Queue A queue is a list of documents waiting to be printed. The term also describes the location where these documents are held. Spool Spooling is the process of writing a document into the queue. The queue is often called the spool file in fact. Spooling allows a print job to be sent to the server even if the printer is busy, thereby freeing up the client to continue on other tasks. 1. The client chooses to print a document. Part of this process involves
choosing a printer (or accepting the default printer). 2. The client’s printer driver is used to format the document for printing
on the particular printer chosen. 3. The document is submitted as a job to a local print queue on the client.
This is optional, but as it immediately frees up the client PC to work on other tasks, local spooling is pretty standard.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
27
4. The job is then sent from the local print spool to the network print
server. This server has another print queue, and the document is placed here. 5. The print job is placed in line with the jobs of other users, and when
the printer is prepared to print it, the job is spooled out to the printer. 6. The printer produces the document, and reports back to the server,
which deletes the job from its queue.
It is possible to tell the print server to keep all print jobs rather than delete them. While this is good for seeing what has printed, it can eat up drive space and is not normally recommended.
A print server’s primary task is to interface with machines that are painfully slow by computer standards—even the fastest printers move at a glacial pace compared to PC speeds. Because of this, print servers require minimal hardware, and print services can often be combined with other tasks rather than having a dedicated print server.
Application Server File and print servers are in many ways the backbone of a network— application servers are its brain. App servers are machines running server processes that perform tasks on behalf of users, or interact with client machines in the completion of tasks. There are a number of different application servers, but three of the most common are these:
Database server
E-mail server
Active web server
The key to a server being classified as an application server rather than a file server has to do with how much work the server does on the data before sending it to the client. A great example of this can be found in Microsoft’s database family. Microsoft Access is a database program that can share a database among multiple users. Because of this, the Access data file itself can be placed on a server and made available to network users. At that point, the server is sharing out a database, but it is not an application server. The reason for this is
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
28
Chapter 1
Server Types and Roles
that if a client requests information from the database, the process shown in Figure 1.9 is initiated. FIGURE 1.9
Requesting data from an Access database Server Access Client
Client Requests Data
File server returns entire database Client processes data
Notice that the client needs only a specific set of data, yet the server sends the entire database across the network to the client, which is then responsible for sorting out what it wants and discarding the rest of the information. This is inefficient in two critical ways: 1. Time and bandwidth are wasted transferring unneeded rows of data. 2. Processing of the query is done on the less powerful client, meaning it
will take longer to complete the task. Client-Server Architecture The solution to this problem is the use of a client-server architecture, such as the one available in Microsoft’s SQL Server. Client-server applications are computer programs that are specifically designed to use the processing power of both the server and the client machines in the completion of their tasks. Generally this means that the client makes an initial request to the server, and the server then does some initial processing on the request. The result of that processing is then returned to the client, or to another machine for additional work to be done with it.
If more than just a single client and server are involved, this is called an “n-tier” architecture; n stands for the number of machines used in the processing, meaning you could have a client and two servers involved in the transaction, and it would be a “3-tier” design.
Microsoft SQL Server is a server-side application that runs as a service and works with clients to ensure that they are given only the data they request.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Roles
29
Figure 1.10 shows the same request being issued by the client as in Figure 1.9, but with a significantly different response. FIGURE 1.10
Requesting data from SQL Server Client Requests Data
Server
Access Client Server accesses database and processes query
Client processes data
File server returns a requested subset of the database
Do you see how this time the server has actually looked at what the client needs and has preselected the data? By doing this, both the network and the client are less heavily taxed, and the server is able to justify its expensive hardware by actually doing something. Because a large database server may be doing tasks for dozens—or even hundreds—of users all at once, the hardware requirements on an application server can be extreme. Moreover, because app servers do a lot of “thinking,” faster processors or multiple processors can be crucial.
The Carnegie Mellon Software Engineering Institute has a nice reference on client-server technologies at www.sei.cmu.edu/str/descriptions/ clientserver_body.html.
Internet Server The last server type we will consider is one intended to deal specifically with web-related or other Internet-related client requests. A number of Internet services can be provided by network servers, but probably the most common of these are the web server, the mail server, and the FTP server. Increasingly, though, streaming media servers, online database servers, and Internetspecific application servers are coming into use. Web Server The World Wide Web started out as a collection of HTML (HyperText Markup Language) pages stored on Internet servers. Over the past few years,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
30
Chapter 1
Server Types and Roles
though, web servers have gotten progressively more complex, and HTML has evolved from a static file server technology to an active client-server model. The interaction between web servers and web clients (browsers) has now become quite complex. Java, ActiveX, server-side scripting, and database connectivity through the Web have all increased the power and potential of web servers. Many enterprises now find that their web servers are an integral part of both daily business environment through intranets and web-based applications. FTP Server FTP servers, on the other hand, remain very much the same today as they were 10 years ago. An FTP server is just a file server for the Internet, operating over the FTP protocol. Clients connect to the server, authenticate, and add (PUT) or retrieve (GET) files just as you would on any file server. The hardware requirements for web servers are fluid, as these servers can support a few concurrent (simultaneous) connections or a few thousand. As your expectation of the number of people using the site rises, so should your hardware levels. Mail Server There are a number of different e-mail server options available for use with your network. Most NOS vendors have e-mail packages available for their server operating systems, and a number of freeware or shareware e-mail servers are in use as well. Besides providing for the critical ability to send and receive messages, e-mail servers can filter out inappropriate messages, provide protection from e-mail borne viruses attempting to enter the system, and act as a repository of information and communication data for the organization.
Because they do so much more than just shuffle mail around, these applications are often referred to as groupware rather than just as e-mail servers.
Summary
In this chapter, we have discussed what servers are and how to identify server-class hardware and software. Knowing how to tell what hardware components are appropriate, and which operating systems are designed for
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
31
server work, is critical when you are choosing a new server or deciding whether an existing box is up to a new task. We also looked at a sampling of the jobs that servers do, and examined what types of hardware are needed for certain tasks. If you haven’t already, spend a bit of time browsing the Internet links associated with the topics in this chapter. There is a lot of good information there, and Web data hunting is among the most important skills you will need to develop as a server admin! Throughout the rest of the book, you will take a Chapter Review Test. Each test will consist of 20 questions designed to quiz you on the objectives and content that you reviewed within the chapter. As stated, this chapter does not cover any particular exam objectives—but, to keep your test-taking skills sharp, we included 20 questions to reinforce some of the material you’ve just reviewed. Much like the Assessment Test you took in the Introduction, this test will help you target areas you may need to refresh before forging ahead with the exam preparation. Good luck!
Exam Essentials Know what a server is. Servers can be hardware or software that provides a service for other devices connected to the network. Know the characteristics of server operating systems. This includes scalability, security, stability, and client prioritization. Know the benefits of using server hardware. Expandability, dependability, quality, and redundancy are the benefits of using server hardware over server software. Be familiar with common server roles. Servers can perform the following roles within a network: security (account management, authentication) and directory services. Know the major routing protocols. RIP and OSPF are the main routing protocols used today. Know what a proxy server is. Proxy servers perform Internet tasks on behalf of the computers on the network. Know the main types of remote access servers. This includes dial-in servers and VPN servers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
32
Chapter 1
Server Types and Roles
Be familiar with the different types of user services that a server can perform. Servers can fulfill the following user services: file server, print server, application server, Internet server, web server, FTP server, and e-mail server.
Key Terms
Before you take the exam, be certain you are familiar with the following terms: application servers
operating system (OS)
authentication
Point-to-Point Protocol (PPP)
biometrics
proxy server
client-server
queue
clustering
redundancy
directory services servers
Routing Information Protocol (RIP)
downtime
server
file server
smart card
firewall
spooling
load balancing
spool file
network operating system (NOS)
uptime
Open Shortest Path First Protocol (OSPF)
virtual private network (VPN)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
33
Review Questions 1. Which technology allows a number of servers to share resources and
create a single virtual server out of a number of machines? A. Failover B. Clustering C. Scalability D. Mirroring 2. Which server is used to funnel local Internet requests through a
single location? A. Proxy server B. Firewall server C. VPN server D. Directory Services server 3. Which of the following is not a reason for purchasing server hardware: A. It is less expensive. B. Multiprocessor support. C. Expanded software support. D. Expanded hardware support. 4. What is a key problem with using a desktop PC as a server? A. Can’t install NOS software. B. Unable to add security features. C. Case does not have space or power capacity needed. D. Nothing. Desktops are the recommended server platform.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
34
Chapter 1
Server Types and Roles
5. Which term is used to describe a server failure that causes users to
be unable to use the system? A. Restore B. Backup C. Uptime D. Downtime 6. Which type of password authentication is the least secure? A. Kerberos B. Plain text C. Smart cards D. All are equally secure 7. x.500 is a standard of ___________. A. Microsoft B. CompTIA C. ITU D. OSI 8. Which of the following are routing protocols? A. RIP B. DMZ C. OSPF D. SLIP 9. PPTP is used with what type of network service? A. DNS resolution B. Authentication C. Virtual private networking D. Firewall access
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
35
10. A DNS server is what type of server? A. Application B. File C. Naming D. Remote Access 11. What is a server (select all that apply)? A. Computer software designed to assist other computers on
a network B. Computer hardware optimized for the task of running server
software C. A computer within a network that is used to perform advanced
network calculations D. A user’s computer 12. Which of the following is not a priority consideration in deciding on
a network operating system? A. Scalability B. Security C. Ease of administration D. Stability 13. What is clustering? A. Grouping of client computers together on a network B. Using more than one server on a network C. Grouping servers together to share resources for users D. Linking servers together to share work loads
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
36
Chapter 1
Server Types and Roles
14. What is load balancing? A. Using more than one server to perform a single job B. Using more than one server on a network C. Sharing a single server across multiple resources D. Adding more than one component within a server to prevent single
component failure 15. What is considered the basic building block of network security? A. Users B. Servers C. Client operating systems D. Network operating systems 16. Which of the following is not a secure password recommendation? A. Requiring a minimum password length. B. Requiring passwords change monthly. C. Not letting users use old passwords. D. Maintaining the same passwords locally as through remote access. 17. Which of the following is not a form of authentication? A. Biometrics B. Encryption C. Write-protect tabs D. Plain text 18. What type of protocol is RIP? A. Distance vector B. Link state C. NetBIOS D. IPX/SPX
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
19. What is a queue? A. A list of printing protocols B. A type of printer driver C. A list of documents waiting to print D. A pathway between a computer and a printer 20. Which of the following is not a type of application server? A. Database server B. E-mail server C. Web server D. TCP/IP server
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
37
38
Chapter 1
Server Types and Roles
Answers to Review Questions 1. B. Clustering allows two or more PCs to act as a single server,
providing higher availability and performance than a single PC could handle. They can share an IP address and use the same data array. 2. A. A proxy server is a specialized Internet access server. Just as the
word proxy implies, it acts as an intermediary between a client and a server. Because proxy servers are used to funnel all Internet traffic through a single location, they can be extremely effective in managing Internet traffic. This central point allows the firewall software to filter requests more easily. 3. A. Server hardware is expandable and flexible, but it isn’t cheap. The
expense of server hardware is the key hangup with purchasing serverclass hardware in many organizations. 4. C. Although it is possible to use a standard desktop PC as a server,
these machines are generally not designed to handle the multiple drives, multiple processors, or large amounts of RAM that servers need. 5. D. Uptime is how long the server has been running since its last shut-
down, while downtime is the amount of time the server is unavailable. 6. B. Plain text passwords are not encrypted, and can easily be inter-
cepted by others on the network. Kerberos and smart card technologies are both encrypted, and are far more secure. 7. C. The ITU created the x.500 directory structure that is the basis for
the NetWare Directory Service (NDS), the Microsoft Active Directory, and other network directory services. 8. A, C. RIP and OSPF are both used to help routers build routing
tables. A DMZ is a border area between a public and private network, and SLIP is a dial-up protocol. 9. C. PPTP and L2TP are both used with VPN access. The other options
are not directly associated with PPTP. 10. C. DNS stands for Domain Naming System, and DNS servers are
using for maintaining and resolving TCP/IP host names. 11. A, B. Servers can be either hardware or software that assist other
computers on the network.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
39
12. C. Although ease of administration may be a consideration, it is not
a priority in deciding on a network operating system. 13. C. Clustering is grouping servers together to share resources for users
with redundancy. 14. A. Clustering is using more than one server to perform a single task.
This prevents one server from becoming overrun with requests. 15. A. Due to the fact that they control their own passwords, users are
considered the basic building block of network security. If users do not keep passwords secure, the entire network security is jeopardized. 16. D. Allowing users to maintain a common password for both internal
and remote connections compromises network security. 17. C. Write-protect tabs are not a form of authentication but rather a
form of data protection. 18. A. RIP is considered to be a distance vector routing protocol. 19. C. A queue is a location where documents are kept in order until they
can be printed. 20. D. TCP/IP is not a type of application server. It is a network protocol.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
2
Installation COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 1.1 Conduct pre-installation planning activities
Plan the installation
Verify the installation plan
Verify hardware compatibility with operating system
Verify power sources, space, UPS and network availability
Verify that all correct components and cables have been delivered
1.2 Install hardware using ESD best practices (boards, drives, processors, memory, internal cable, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS
Verify SCSI ID configuration and termination
Install external devices (e.g., keyboards, monitors, subsystems, modem rack, etc.)
Verify power-on via power-on sequence
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
T
he two CompTIA objectives listed above concern installation, and deal with the tasks and planning that must be done before your server is even plugged in. CompTIA estimates that about 17 percent of the exam will come from this material. For the most part this chapter is OS-free, and will concern you only with the process of planning the server install and acquiring, unpacking, and setting up your hardware. Over the course of this chapter, we will deal with each subobjective in turn, along with a number of thoughts on how such topics could turn into exam questions. The hard part about these topics is that there are actually very few “right” answers on how to plan a network, and many of the questions in this content area depend on you to make logical distinctions as to what is “best” or “better,” not what is “right” or “wrong.” This makes for some incredibly tricky (and frustrating) test questions, as you might suspect.
The two subobjectives not covered in this chapter are “Verify hardware compatibility with operating system” and “Verify SCSI ID configuration and termination.” SCSI is covered in detail in Chapter 4, “Storage Devices,” so we will leave the discussion of termination and SCSI IDs until then, and operating systems and their individual quirks will be considered in Chapter 7, “Network Operating Systems.”
Plan the Installation
T
he very fact that you are reading this book shows that you have an understanding of the key point of this first chapter: A bit of hard work now can save a great deal of trouble and disappointment later. Just as pre-test studying is critical if you are going to be successful for the Server+ exam,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Plan the Installation
43
so pre-installation work is critical if you are going to be successful in the server room. When beginning any new project, the engineer in charge needs to carefully manage a number of different elements:
Defining the project goals
Examining the current configuration
Budgeting the project
Setting a timeframe for completion
Simply put, this amounts to the following: What do we want to accomplish, what do we have already, what do we need to acquire, and how much time and money do we get to do it?
Defining the Project Goal The first of these is always going to be the most important. Unless you go into the project with a clear idea of what it is you are looking to do, much of your effort is likely to be squandered on tasks that prove useless later on. This does not mean, though, that the project goal needs to be extremely detailed. Rather, it just has to be extremely focused. For instance, a good initial goal might be the following:
Purchase and install a database server for the company’s new SQL-based accounting application.
Compare this to a far more detailed plan, such as the one below:
Purchase and install a database server for the company’s new SQL-based accounting application, and upgrade the server to facilitate the new software and client needs.
Upgrade network security and install a VPN to provide for increased security so users can access the SQL server across the Internet.
Back up the entire server each night and verify backups on a weekly basis.
There is nothing wrong with any of the ideas in this plan, but the problem is that this is really three or four plans, not one. Of course you will have to back up the server, but the process of researching and buying a tape drive will probably depend in large part on what options you choose for a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
44
Chapter 2
Installation
server OS, and what database you purchase. Moreover, making a declarative such as “back up the entire server each night” implies that other options—such as differential or incremental backups—have been automatically removed from consideration. Further discussions on backups will be covered in Chapter 14, “Backup.” A well-constructed goal should be one that encourages ideas, not blocks them. As that first goal from above seems as good an example as any for discussing planning, we will use this project as our example throughout this chapter. This will allow you to see what some of the issues that might come up in an actual install might be.
Examining the Current Configuration First off, the engineer in charge of this project will have to examine the current environment at the company. There are two major reasons to do this: 1. To find out what is currently available that can be leveraged or
cannibalized for the new project 2. To determine if any conversions or backward compatibility are
needed It is likely that the company already had an accounting system, and as such you will need to determine what that system is, and what it is running on. If you can continue to use the current hardware, this will of course save considerably in terms of your budget. Other considerations, such as where to put new hardware, or how to install the software, may be influenced by the current network configuration as well. As you are documenting the current configuration, there is one more critical question to keep in mind: Considering that there is already a server in place doing the job (in this case it is the accounting server), why is this upgrade being done, anyway? The way to answer that question, of course, is to talk to people. Find out what the problem is with the current system. If users say it is too slow, you may want to concentrate on making sure that the hardware for the new server is even stronger than you would normally plan. If the upgrade is being done to gain a particular enhancement, be sure you research how the implementation of that enhancement is accomplished on the new system. The key here is that upgrades always mean change, and users generally resist change. By assuring that the new system will immediately show its best side to the users, you make it more likely that they will accept it, rather than grumbling.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Plan the Installation
45
First Impressions Are Everything True story: I was involved in upgrading an office of 150 people from ccMail to Exchange/Outlook a couple of years back. We had trained the users on how the new system would work, tested all the server and workstation software for compatibility, and the entire rollout crew was confident that the new system would go in without a hitch. People went home on Friday night, we migrated them over the weekend, and when they came in Monday morning, all their data had been transferred to Outlook and everything worked great. Unfortunately, that day was also the day that the “Melissa” e-mail virus debuted, and it hit our location at about 10 A.M. The entire network was completely brought to its knees within minutes. It took days to get things back to normal, and by then most users were begging for their ccMail back. They didn’t necessarily know why the system had failed, and they didn’t really care…they just remembered that this hadn’t ever happened with the previous system. One oversight, in other words, can make you and your work look really bad, and it takes a long time to overcome a bad first impression.
Once you have talked to users about the system, you may want to go back and modify your original project goal. Perhaps remote access to the server is one of the critical areas driving the upgrade. In such a case, you may modify the plan to read like this:
Purchase and install a database server for the company’s new SQL-based accounting application, and upgrade the company web server to allow it to host software that provides a web interface to the new database.
Part of the business case for upgrading the accounting server, in other words, was to provide web access to data. This will be a key area that those judging the success or failure of the project will examine, so you will want to make sure that the hardware and software on the web server are up to the task.
Budgeting the Project Once you are confident of what it is you need to do, the next step is to sort out what additional resources you will need to complete the project. Examine the list of what you have and what you need, which was compiled
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
46
Chapter 2
Installation
in the last step. The administrators in the example we are using have come up with the list in Table 2.1 (costs are as of Fall 2001, are not necessarily the best prices available, and are used for example only). TABLE 2.1
Preparing a Hardware Budget for the Upgrade Current Configuration
Recommended Configuration
Cost to Upgrade
Database server hardware
Pentium II 450 256MB RAM 27GB storage
Dual P4 1.2GHz 1GB RAM 80GB storage
$12,000
Database NOS
Windows NT 4 Server
Windows 2000 Server
$500, plus $40 per user for CAL upgrade
Database server software
Access 97
SQL Database Server
$2,000–$10,000 Depends on license type
Database
Custom Access accounting database
SQL-based accounting database
$50,000, plus fees for extra modules and customizations
Web server hardware
P III 800 256MB RAM 18GB storage
Current config OK
NA
Web server NOS
Sun Solaris 8
Current config OK
NA
Web server interface to SQL Server
None. Server currently runs Apache web server
Custom option available from vendor for Solaris/iPlanet
$1,500 to upgrade to iPlanet
Client hardware
Varied
Current hardware OK for new software
NA
Client software
Windows 98
98 Certified by Vendor
NA
Item
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Plan the Installation
47
Besides these costs, a number of other items must be considered and worked into the final cost of the upgrade. These include:
Software training for users, help desk staff, and administrators
Downtime caused by the upgrade
Reduced initial productivity due to user unfamiliarity with the new database client
Training is a commonly neglected part of an upgrade process, but proper training of users prior to the upgrade makes for a more productive—and less chaotic—environment in the days following the upgrade. Because of this, you should try to work training dollars into the budget early on, and make sure that those dollars stay in the final budget!
All too often, training funds are allocated as part of the budget for a project, but are then among the first things that managers cut out if the project is running over budget. Fight to keep these dollars, because trained users are happier, less confused users, and happier users make for happier administrators. Remember that it won’t be the manager going desk-to-desk to explain how the new software does this or that differently.
Once you have a good idea of what needs to be done, and how much it should cost, you need to plan out this last cost element—as measured in time, not money. The implementation of a large project like ours will require a good deal of human effort. This includes administrators testing and implementing the new configuration and help desk people dealing with additional support needs and any downtime users experience when the upgrade process is underway. It also includes time spent in training sessions and, if the project is complex, might include allocating funds for a consultant to assist in crucial phases of the upgrade. The term consultant covers a broad range of job descriptions. Some consultants work for a particular company, and are highly specialized. It is likely, for instance, that the software company that makes our new SQL-based accounting package has employees who know the app well and are expert resources on issues regarding that particular software. Other consultants roam the landscape. Either of these types of consultants can offer an excellent way of bringing additional expertise onto your project. Hiring a consultant is expensive, of course, but an experienced engineer might help you avoid problems, help
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
48
Chapter 2
Installation
optimize the solution, and in the end save you time and money. For this project, we will be bringing in a consultant from the software company to review our plan and will be bringing that consultant back for the weekend of the actual migration. To be safe, we have budgeted for four days, though only three should be needed. As it is likely that the total bill for this assistance will be $1,000–$1,500 per day, the consultant will be kept for the fourth day only if absolutely needed. The final estimate for the upgrade comes in at around $100,000 when training, consulting, hardware, and software are all added up. This will likely cause some serious questions to be asked about trimming costs. If you need to reduce the cost of the project, try to cut a bit from everywhere rather than just cutting out the consultant, the training program, or the web server upgrade. If the company wants an $80,000 upgrade, find a way to scale back evenly.
In the real world, there are times when the decision about what to cut is not left up to the engineers. In these cases, you sometimes just have to deal with the cuts where they occur, and do your best to minimize their impact. If management makes unwise cuts, that can mean that if you don’t deal with the potential problems then, you look bad, and your users suffer. The manager who caused this will probably be too busy golfing to even notice that there is anything wrong.
Setting a Timeframe for Completion Time and money. That is what it all comes down to—what does it cost, and when can we have it? Now that you have a good idea of what resources you will need, it is time to plan exactly how much time you will need to implement the plan. Keep in mind a few basic rules here: 1. Prioritize what items need to be started earliest. 2. Decide which tasks are dependent on other tasks. 3. Set incremental delivery dates for parts of the project. 4. Set aside time for problems.
When forecasting how long things will take, it often helps to put yourself in the shoes of a consultant bidding a job. When a consultant bids on a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Plan the Installation
49
project as a “job,” what that consultant is saying is, “I will do this project in this many hours for this amount of money.” Because the work to be done and the amount to be paid are fixed, the consultant must have a good idea of how much time the project will take. If she estimates too high, her fee will be too high, and someone else will get the bid. If she bids too low, she will get the job but may spend a week doing a project bid out at a cost of two days. That’s three days of free labor, which hurts. Even if you are on salary, much the same process comes into play. If you are too aggressive with the schedule, you might say, “We can do all that in one day. No problem.” Of course you won’t actually be able to do that, and you will end up backtracking, which can cause serious problems if other people are planning off your schedule. Similarly, trying to be too safe can make it seem like you are not interested in the project or not confident in your ability to complete it. Project Managers All of this may seem confusing. You may even be thinking that you have no interest in budgets or planning, and that isn’t what you got into computers to do. If you are lucky, there is someone wandering around your office with a title like “Project Manager” who deals with scheduling, budgeting, and all the rest. If so, let him deal with all of this. Believe it or not, he might have chosen to make that his life’s work. He will probably ask you a few questions, more than likely will require a list of project requirements as shown above, and will later return with a spreadsheet that details the entire project plan. Oh, and this probably goes without saying, but be nice to him—your fate is in his hands! If you don’t have this option, though, the following resources might come in handy when planning the big upgrade:
From Serf to Surfer: Becoming a Network Consultant, by Matthew Strebe, Marc Bragg, and Steven Klovanish (Sybex, 2000). This book deals with issues related to working as a consultant, such as planning, pricing, and all the other stuff we have been talking about.
Mastering Microsoft Project 2000, by Gini Courter and Annette Marquis (Sybex, 2000). Project 2000 is reputed to be great software for project management, and this book deals with how to use the software and the management logic behind the process.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
50
Chapter 2
Installation
Verify the Installation Plan
Verification of an installation plan simply involves checking to make sure that what you have decided to do will actually work. In order to do this, a number of resources must be considered.
People
Hardware
Software
In the following sections, each of these will be examined briefly, along with recommendations for success.
Playing Politics As you spend more time working as an engineer, you will learn (or you may have learned already) that the most complex aspects of computer systems are the people who use them. Because of this, one step you will need to take is to ensure that your project plan is acceptable to all of the various groups and factions within the organization. Without a doubt, the key element to surviving this part of the project is this:
Get a sponsor!
If the project is going to get done, you are going to need someone who has the power to get things done. Try to identify a department or group of users who will specifically gain from the project, and co-opt them into the process. Going back to our example project, it seems that the accounting department manager, or maybe even the chief financial officer, might be a good place to look. The reason you want to specifically target them, though, is that this engages them personally in the success or failure of your project. If problems come up with the budget, time conflicts, or people getting cold feet about moving to the new system, having these people with you can make all the difference. They will be able to manipulate the system in ways we cannot even imagine, find money in places we would never think to look, and enforce acceptance on the troops. Moreover, having a sponsor lends authority to the project, and often just the sponsor’s name on a proposal will quell dissent and speed authorization. Crazy, but true.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Verify the Installation Plan
51
Even if you do have someone to help calm the rough waters, it is also important to continually keep people up to date on what you are planning, and how it will affect them. Find out what concerns people have about the project, and try to implement steps into your rollout that protect against problems that will have a significant impact on user acceptance of the project.
For more information on IT project planning, consider reading the IT Project+ Study Guide, by Bill Heldman (Sybex, 2002). It covers everything you’ll need to know—sponsors, budgets, and documentation—about managing complex IT projects. Look for it on www.sybex.com.
Verify Hardware Compatibility with Operating System Enough with the warm fuzzies. Our project plan has finally been approved, the budget is set, and it is time to actually buy some new hardware and put our plan into effect. Verification of the hardware you are planning to buy is a critical part of this. There are few things more embarrassing than buying expensive hardware that is not supported by the server OS or other software you are depending on. Because of this, it is best to stick to well known vendors, and check to see that all hardware you have has drivers specifically written for it in your chosen OS. The process of checking hardware/OS/application compatibility can take you to a number of places. These include:
The OS vendor’s website. Microsoft, for instance, uses a document called an HCL (Hardware Compatibility List) to enumerate all hardware that has been certified for use with a particular OS.
The hardware vendor’s site. Many server solutions specifically tout the fact that they are optimized for use with a particular OS. Some even sell the server OS packaged with the hardware, which virtually guarantees that the two work together.
The application vendor’s site. This is trickier. We might want to call the vendor of our accounting package, for instance, and find out whether there are any known issues with certain types of hardware or software.
Newsgroups or user forums. There are users out there working with nearly every type of configuration possible. It is likely that at least one
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
52
Chapter 2
Installation
of them has already tried what you are planning to try, and can give you information on how it works.
Newsgroups A newsgroup is a collection of articles posted on the Internet. They are categorized by topic, subtopic, and replies to the topics. Newsgroups can be helpful resources but the information posted can be inaccurate. The information and answers to questions can be posted by anyone on the Internet who has an opinion about the topic. Always remember to verify any solution located on a newsgroup for accuracy.
You will see all of these again, especially when we look at the objective dealing with troubleshooting. For now, though, just remember that you should check for compatibility when you plan, double-check before you actually buy, and watch for problems when you implement.
Most software companies will allow you to test their software for compatibility using a trial version that has limited functionality or timed deactivation. Certain hardware vendors also let you test out their devices, but this is generally only an option if you are considering buying a large quantity. Still, it never hurts to ask.
Once you are certain that all the pieces of your project will fit together, it is time to order your hardware and software, and start implementing your project plan.
Verify Power Sources, Space, and UPS and Network Availability For our project, one server will be replacing another. We will therefore want to verify that the new server will be able to fit into the location the old one occupied. If it does not, or if you have decided to place the server in a different location, than you should find that location early on, during the budgeting/purchasing process. If the server will be going into a new space, you may need to buy a server rack, UPS (uninterruptible power supply), KVM (keyboard/video/mouse
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Install Hardware Using ESD Best Practices
53
switch, and monitor for the server. You may also have to budget for having network cabling, routers, etc. if this is a new server location.
Once you have found space for your server, and identified UPS, KVM, and network hookups, it is important to protect them from being stolen by someone else. Months often pass between planning and implementation, and server room space is always at a premium. Find some way of identifying the outlets, network ports, and KVM ports that you will be using!
Verify That All Correct Components and Cables Have Been Delivered Once your hardware starts arriving, you will want to create a checklist of some sort, so that you can keep track of what has arrived and what is still needed. Checklists can assist tremendously with organizing and keeping track of components as they arrive. Checklists also will help keep you on task with the installation. Depending on the nature of the project, checklists will vary, but they should contain detailed information relevant to the project. If the project involves 15 servers, a couple of hundred workstations, and some network devices, a list is utterly essential. You will also have to remove plastic clips holding various movable parts in place. The power supplies, for instance, are generally secured for shipping, and the server cannot power up until you have removed their retaining pieces.
When setting up the server, make sure you have some room. These are not small machines, and they generally come in extremely large, well-packed boxes. Having someone else to help lift is also a good idea.
Install Hardware Using ESD Best Practices
At this point you have a server sitting in front of you. It has no operating system, no specialized hardware, and likely not even any hard disks. Before you can put this new beast into production, you will need to
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
54
Chapter 2
Installation
finish adding components, move the server into its new home in the server room, and connect all necessary cabling. Most servers come pre-assembled, in that their motherboards, power supplies, and other standard components are all in place when you get them. Most also have built-in or included network and video cards. Even so, it is important to go through the server and check that cables are tightened properly, cards are properly seated, and everything is in order. It is interesting that CompTIA has chosen to mention these elements under its first objective, “Conduct pre-installation planning activities,” because they are referenced again in their own topics later. As such, this book will follow a similar tack. Chapters 3 through 6 will talk extensively about the different types of hardware available to you, and how to determine what is the best option for your needs. In this chapter, we will concentrate instead on just putting things together. That process is actually rather straightforward, and includes the following steps:
Add additional RAM, processors, or other resources to the server as needed.
Insert hard disks, extra CD drives, or backup drives.
Mount the server into its rack.
Cut and crimp cabling to the server.
Connect the server to a UPS.
Verify SCSI settings.
Install external devices.
As you are working to put the machine together, be certain to take a few general precautions. First off, make certain that you do not have power active to the server when you are installing devices. Obviously you don’t want to try and do this while the server is on, but even just having active current going to the machine can pose a danger to the server—and to you. Also, using an ESD static strap to discharge static electricity is an excellent idea. ESD, or electrostatic discharge, is the leading reason for component failure during installation. A static strap is a wrist strap that connects between your wrist and a ground. The strap contains a resistor that will slowly drain any static charges out of your body and away from the computer. ESD and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Install Hardware Using ESD Best Practices
55
ESD static wrist straps are covered in detail in Chapter 15, “Disaster Recovery.” The proper use of a static strap is shown in Figure 2.1. FIGURE 2.1
Using a static strap
This is the sort of thing that can cause problems for experienced server administrators. Many administrators have developed their own installation habits over time, and may no longer use a static strap when installing. Just remember that for the test you should do things by the book.
Installing RAM or Processors Many servers come with processors and RAM pre-installed, but this is not always the case. Also, any expansion kits you have purchased will need to be added in. Installing RAM and a processor (or processors) into a server is very similar to adding these components to any standard PC. RAM especially is almost identical in the way it is used. Although server RAM is generally higher quality and more expensive, it is a difference of function, not form. Processors and motherboards will be discussed in Chapter 3, “Motherboards and Processors.” With processors, a few differences must be taken into account. First off, servers often employ expansion cards to make room for new processors. A quad-processor-capable server, for instance, likely does not simply have four sockets on the motherboard. Moreover, servers generally require an additional piece of hardware, called a VRM (voltage regulator module), for each processor installed. A VRM installs on a motherboard to regulate the voltage fed to the microprocessor. Forgetting this can seriously damage the processor and possibly the server. Figure 2.2 shows a VRM.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
56
Chapter 2
Installation
FIGURE 2.2
A server VRM
Make certain that the RAM and processor are seated properly, and that the fan and heat sink for each processor are properly attached. Also assure that the fan is plugged in.
As processors have gotten faster, the amount of heat they generate has increased. Because of that, the processor fan and heat sink are critical to the health of your system. Make sure that the processor fan is working by briefly powering up the computer after installing the fan. You don’t need disk drives or any of that—just make sure the blades are spinning properly, and power back down.
Installing Hard Disks One of the primary characteristics of a server-class machine is the presence of a large drive bay, often strung off of a RAID controller. Chapter 4 will deal with the types of drives available, and how they need to be configured. When putting the server together, the only part of this you need to worry about is that the drives are compatible with the server and are installed properly.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Install Hardware Using ESD Best Practices
57
Although it is possible to install drives into internal bays, many servers use external bays into which drives are inserted. In such cases, the drives are placed into a protective shell called a tray. This tray then fits into the bay on the server. In order to ensure that drives are working, you should check the internal cabling leading to the drive bay, verify that the drive trays you have are correct for the server, and make sure that the drives themselves are properly secured within their trays. You will also need to carefully insert each of the trays into its bay according to vendor instructions, as in Figure 2.3. FIGURE 2.3
Inserting a drive into its bay
Remember to purchase the trays! Each drive purchased will need its own drive tray, and these do not come with the server. It’s amazing how many installations are held up waiting for trays that no one thought about until it was too late.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
58
Chapter 2
Installation
Server Form Factors There are two primary form factors for server machines—tower or rack mount. The form factor defines the type of case that the server is housed in, and which type you have will make a significant difference as to what steps you take when moving the computer into its place in the server room. Let’s look at each of these: Tower Form Factor The tower form allows servers to be freestanding, so they resemble normal clone PC towers. These were the most common type of server in 1980s and early 90s. Tower servers can be nice because they are easy to place and require no special equipment. Simply set up a table— not some folding table, but a solid desk or workspace—and plug in the server as you would a desktop PC. A tower server is shown in Figure 2.4. FIGURE 2.4
An IBM tower server
Rack Form Factor A rack form server (see Figure 2.5) and a tower server can be identical in their components or their capabilities. What is different about them, though, is that they are specifically designed to be placed inside space-optimizing storage cases. These server racks allow servers and other network components to be stacked on top of each other, making it easy to store them and also facilitating keyboard and monitor sharing and other conveniences.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Install Hardware Using ESD Best Practices
FIGURE 2.5
59
An IBM rack server
For a look at different types of servers and a chance to go under the hood and look around, check out Dell’s interactive 3-D demos of selected servers. Go to www.dell.com/us/en/biz/products/model_pedge_pedge_6450.htm to see the PowerEdge 6450, but other models can be checked out as well. Just hit the View 3D Demo button and wait for it to install the applet.
Mount the Rack Installation Chapter 13 on server room procedures will cover the task of how to install racks and what the best practices are for their use. Here we will only note that rack-mounting a server generally is a relatively easy task, but also is a two-person job. The first part of the install is the mounting of the rails on which the server will sit. These are important, because if the server needs RAM added, or some other work done, the server can slide out on the rails, rather than having to be removed completely. After that, corresponding drive rails are attached to the server itself and the beast can be lifted into the rack.
Many companies are now offering rack-optimized servers that are smaller and easier to handle. They are also, of course, more expensive and more difficult to expand, and they generally lack the drive and processor capacity of larger rack servers or towers.
Some servers fit nicely into a standard rack, while other companies— Compaq and Sun come quickly to mind—build their servers to their own specs, and you usually need to buy a rack from them that is specifically
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
60
Chapter 2
Installation
designed for their servers. The problem is generally not the width of the case, as all cases have standardized on a 19 IN. width. Rather, the issue is that these servers are so heavy and deep that they will topple any case that does not have proper support.
Install External Devices Once the server has been secured in the rack, you must attach all of the needed cabling. Depending on the network type, the server’s network connection might require installing a patch cable for each network card in the server, or addition of the server to the network through another means. Networking will be covered in depth in Chapter 6, “Networking.” Other cables to be attached at this point include power cords and, if more than one server is being used, peripheral cables leading to the KVM. Otherwise, the keyboard, video, and mouse will be attached directly to the server.
KVM Switch Generally just called a KVM (keyboard/video/mouse), this switch is a component that allows multiple computers to be controlled using a single set of input-output devices. One workspace can be set up near the rack, and the KVM allows users to switch back and forth between servers.
One limitation of a KVM is that only one machine at a time can be managed. To manage servers simultaneously, separate inputs and outputs must be maintained.
The KVM is able to work with multiple machines so well because it is a powered device, and can maintain its connection to all servers, even those that are not actively being viewed. KVM switches are often mounted directly into the rack, or a neighboring rack, and generally come in 4-, 8-, and 16-device versions. Larger ones are also available. KVMs generally run $200–$600. Not terribly expensive, but also not something you can buy out of petty cash. Well worth the money, though, and you should make certain to budget in the cost of this device if you need it. Switchbox For those on a budget, a standard monitor switchbox is also available. These are far simpler, and do not have their own power source. Because of this, they do not maintain an active connection to all devices. Switchboxes work well for monitors, but not for keyboards and mice.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Install Hardware Using ESD Best Practices
61
UPS Every server should have a UPS (uninterruptible power supply) serving it. This device ensures that if the server room loses power, the server will have time to properly shut down, rather than just shutting off. Chapter 13 deals more with how to plan for UPS and KVM coverage in your environment. For now, just make sure that a connection to the UPS is available, and that it is plugged in.
Backup Drive Backup will be covered in more detail in Chapter 14, but let’s take an overview approach here to get your feet wet, so to speak. As you are setting up the new server you should make sure that all of the drive space you are adding to the network can be backed up by your existing backup strategy— you will do this with a backup drive. A backup drive is nothing more than a device that creates a copy of your data on a removable device such as a magnetic tape or an optical disk (CD or DVD). If your current backup strategy is not adequate, you may need to purchase another backup drive and add it to the new server. Backup drives generally will need a shelf in one of the server racks, and the drive should be easily accessible, making the changing of tapes as convenient as possible.
Backup can be done either locally or remotely. It is generally a good idea to put the backup drive onto one of the servers that has the heaviest backup need. For instance, if one server has 60GB of drive space, and another has 10GB, putting the backup drive on the server with the larger drive array will save network traffic and make backup complete faster.
Backup drives usually run off a SCSI controller, although IDE/EIDE and even floppy controller–based backup drives are available. Because of this, the installation of the backup drive dovetails nicely with our next item: checking the SCSI settings.
Verify SCSI ID Configuration and Termination Most servers use a SCSI (small computer system interface) as a means of interfacing items such as hard disks, tape drives, and optical devices with the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
62
Chapter 2
Installation
server. With a SCSI connection a careful configuration must be done in order for the SCSI chain to operate as expected. Once all SCSI components are attached, take a bit of time to go over the connections, and verify the two critical configuration parameters of SCSI disk systems:
SCSI ID
Termination
Setting and Checking IDs Chapter 4 deals extensively with SCSI disks and the SCSI architecture, and so getting into this here would be overkill. The key thing, though, is that probably the most common reason why a server does not boot properly is because there is a device set to the wrong ID. Remember that not only do SCSI hard disks have to be checked, but also SCSI CD-ROM drives and any external SCSI devices. Each SCSI device must have a unique SCSI ID configured.
Termination SCSI termination must occur at the beginning and end of the SCSI chain. Remember that SCSI devices can be external or internal. Proper termination also includes using the appropriate terminator for the SCSI type that you are using.
Rumor has it that there is an unnaturally large concentration of SCSI questions on the Server+ Exam. Read Chapter 4 extremely carefully, and if possible spend some time doing outside research on the SCSI architecture as well!
Cut and Crimp Network Cabling Once you have the server and its accessories safe in their place, it is time to clean up after yourself a bit. Servers always have a great deal of cabling running into and around them. An important safety step is to get them off of the floor and out of the way. Also, if you have had to run new network cabling for the server, it is likely that this cabling will need to be cut and crimped for use. The process of dealing with making and managing cabling will be dealt with in Chapter 6.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Verify Power-On Via Power-On Sequence
63
Verify Power-On Via Power-On Sequence
If you looked at the CompTIA objectives, you would think that an administrator should follow these steps when installing a new server: 1. Take the server out of the box. 2. Add hardware as needed. 3. Mount it in the rack. 4. Turn it on and test it. 5. Install software.
There is nothing more depressing than hefting a new 200-pound server into a rack only to discover that it has a bad system board and needs to be taken out for servicing or return.
I want to discuss the steps I take when installing a new server. These are not the steps advocated by the exam objectives; however, in my day-to-day real life application, they work. So, I advise following the previous steps listed for the purposes of the taking the exam but consider the steps I’m listing here as a real-world reference.
Always, always, always test equipment on the bench to make sure it is working before putting it into the rack. Because of this, the order of these steps should be like this: 1. Take the server out of the box. 2. Add hardware as needed. 3. Turn it on and test it. 4. Install software. 5. Mount it in the rack. 6. Turn it on and test it again.
If your staging area has a network connection to the server room, it may even be best to finish the entire configuration—operating system, applications, everything—on the workbench. There is generally no real advantage
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
64
Chapter 2
Installation
to hurrying the machine into the server room, and the disadvantages include sitting in the cold and having to enter the key code for the server room 20+ times a day while testing the system. Regardless of when you decide to do the power-on test for your server, it is the first real test of your skills. Hopefully all the hardware is compatible and has been configured properly. The server should come up with BIOS readings about the RAM and drive configuration, and it is likely that on first boot you will be required to enter the BIOS configuration utility, so that boards can be configured and hardware levels recorded.
Summary
I
n this chapter, you learned about how to plan a project, and about the different types of server roles. You also were given a quick overview of the technologies and tasks that will be considered in the next few chapters. If you have time, browsing some of the Internet sites listed in this chapter can be invaluable in helping you to learn about the state of the industry. They will also give you some idea of what is similar, and what is different, among the companies producing servers for PC networks.
Exam Essentials Know how to plan an install. Know how to define a project goal, examine current configurations, budget a project, and set a timeline for completion. Know how to set a time frame for completion of a project. This includes prioritizing, deciding which tasks are independent, setting incremental delivery times, and setting time aside for dealing with problems. Know the three elements in verifying an installation plan. This includes people, hardware, and software.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Key Terms
65
Know what the HCL is. Microsoft uses a Hardware Compatibility List to ensure that hardware will run as expected with their operating systems. Know what a UPS is. A UPS or uninterruptible power supply allows you to run a server for a short period of time in the event of an AC power failure. Know what KVM switches are and how they are used. A KVM (or keyboard/video/mouse) allows you to use one monitor, keyboard, and mouse to control several computers. Know the term ESD. Be able to explain what ESD is and how to prevent it. Know the server form factors. Know the common server form factors of towers and rack mount servers.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: backup drive
static strap
drive bay
switchbox
form factor
tower
HCL (Hardware Compatibility List)
UPS (uninterruptible power supply)
KVM (keyboard/video/mouse)
user forums
newsgroups
VRM (voltage regulator module)
rack
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
66
Chapter 2
Installation
Review Questions 1. Which of the following is not a step in planning an installation? A. Defining project goals B. Examining current configuration C. Budgeting the project D. Researching hardware 2. When defining project goals, is it better to be detailed or focused? A. Detailed B. Focused 3. What should be done before performing any install? A. Format the hard disks. B. Plug in the new server. C. Perform a backup. D. Shut down the network. 4. Which of the following is not a factor to consider when working out
the final cost of an upgrade? A. Reduced initial productivity caused by unfamiliarity with the
upgrade components B. Software training of users C. Resources D. Downtime caused by the upgrade 5. What part of the upgrade process is commonly neglected? A. ESD B. Creating a list C. Training D. Informing users of the upgrade
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
67
6. If costs of an upgrade must be reduced, where should the reduction
come from? A. Training B. Software C. Delivery methods D. A little from everywhere 7. When setting a timeframe for completion, which of the following is
not a basic rule? A. Prioritize start times. B. Decide which tasks are dependent on others. C. Address training timelines. D. Set aside time for problems. 8. Which of the following is not a resource to consider at the “Verify the
installation plan” stage? A. People B. Hardware C. Software D. Installation Instructions 9. What does HCL stand for? A. Hardware Compatibility List B. Hardware Control List C. Hot Component List D. High Circuit List 10. Which of the following is a trait of trial software? A. It requires registration in order to work. B. It commonly has limited functionality or usage time. C. It is more expensive than the full version software. D. It can always be obtained for free.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
68
Chapter 2
Installation
11. What does KVM stand for? A. Keyboard/video/mouse B. Keyboard/video/monitor C. Keylock/video/monitor D. Keyboard/video/machine 12. What does UPS stand for? A. Unstoppable power system B. Uninterruptible power system C. Uninterruptible power supply D. Under powered supply 13. What does ESD stand for? A. Electronic safety device B. Electrostatic discharge C. Environmental static device D. Electronic security device 14. What is a static strap? A. A means of connecting you to the computer B. A metal rod to ground the computer during operation C. A component within the server to control static D. A device to remove charge from your body during an install 15. What is a VRM? A. Voltage regulator module B. Virtual resource manager C. Voltage resource manager D. Virtual regulator monitor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
16. What is a server form factor? A. A model of a computer B. A term defining the type of case that houses a server C. A class of server D. A component within a server 17. What is a benefit of a rack server? A. It optimizes server space. B. It runs cooler. C. It can house more components. D. It is more affordable. 18. What is a drawback of a monitor switchbox? A. It is bulky and takes up a lot of space. B. It only works on rack form factor servers. C. It is not powered and doesn’t maintain an active connection. D. It is not compatible with all operating systems. 19. What is the most common problem encountered in SCSI
configuration? A. Incorrect drivers B. Incorrect SCSI ID C. Incorrect termination D. SCSI component failure 20. What is POST an acronym for? A. Power-on safety test B. Pre-operation system test C. Power-on self test D. Program-on self test
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
69
70
Chapter 2
Installation
Answers to Review Questions 1. D. Researching hardware is not a specific step in planning an
installation. 2. B. When defining project goals, it is better to be as focused as
possible. 3. C. Before performing an upgrade or installation, a backup should
be performed—even if the installation is not on the computer with the data, a clash or conflict between the data computer and the new installation can still occur. 4. C. Resources are not a factor involved in determining upgrade costs. 5. C. Commonly the training of users is an area that is overlooked both
in planning and in calculating costs. 6. D. If you must slash costs, then it should be evenly distributed from
each area to ensure that there is not one area taking a major setback or change. 7. C. Addressing training issues should be done at a later time, not at
this stage of the installation. 8. D. At this stage of the installation plan, the installation instructions
should have been thoroughly read and understood. 9. A. The HCL or Hardware Compatibility List is a component of
Microsoft operating systems that ensures that the hardware being installed will work with the operating system as expected. 10. B. Trial software provides a limited use or time to explore the
software and see if you like it. 11. A. A KVM (keyboard/video/mouse) box allows you to control more
than one computer through the use of one keyboard, video monitor, and mouse. 12. C. A UPS (uninterruptible power supply) provides battery power to
a computer when there is an AC power failure. 13. B. ESD (electrostatic discharge) is the transfer of static electricity
between you and a computer component.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
71
14. D. A static strap is used during an install. It contains a resistor that
will bleed static charges away form your body and protect computer components. 15. A. A VRM (voltage regulator module) is used to control the voltage
sent to the processor through the motherboard. 16. B. Form factor describes the size and shape of a device, such as a
computer case or a circuit board. 17. A. Rack-mounted servers are smaller and therefore optimize server
space as compared to a tower server. 18. C. Monitor switchboxes are not powered and will not maintain an
active connection to devices. They will not work well for keyboards and mice. 19. B. Although termination is a major issue in SCSI installation, the
most common problems are due to incorrect SCSI ID configuration. 20. C. The POST (power-on self test) occurs at system startup and can
help with troubleshooting improper installations and hardware failures.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Hardware Configuration
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
PART
II
Chapter
3
Motherboards and Processors COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.1 Check/upgrade BIOS/firmware levels (system board, RAID, controller, hard drive, etc.) 3.2 Add processors
On single processor upgrade, verify compatibility
Verify N1 stepping
Verify speed and cache matching
Perform BIOS upgrade
Perform OS upgrade to support multiprocessors
Perform upgrade checklist, including: locate/obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement ESD best practices; confirm that upgrade has been recognized; review and baseline; document upgrade.
3.4 Increase memory
Verify hardware and OS support for capacity increase
Verify memory is on hardware/vendor compatibility list
Verify memory compatibility (e.g., speed, brand, capacity, EDO, ECC/non-ECC, SDRAM/RDRAM)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Verify that server and OS recognize the added memory
Perform server optimization to make use of additional RAM
3.5 Upgrade BIOS firmware
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.7 Upgrade peripheral devices, internal and external
Verify appropriate system resources (e.g., expansion slots, IRQ, DMA, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
4.5 Perform hardware verification
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
M
ost server motherboards are like those of regular PCs, and they serve similar functions. Server motherboards, however, usually contain a few special differences. These differences include added components, as well as advanced support for server-specific computing, which you would not normally see on a standard PC. Before diving into specifics, though, let’s look first at motherboards in general. This chapter focuses on motherboards and processors. The chapter begins with a look at the major form factors and components of a motherboard. Focus is also given to expansion slots and RAM because they interact closely with the motherboard. The chapter then switches focus to processors, beginning with an exploration of processor interfaces with motherboards, and then the different available processors and their specifications. Finally you will find an exploration into some of today’s pressing issues with processors—cooling and overclocking.
Please see Chapters 2, 7, 9, 10, 11, and 12 for additional coverage of the “Add Processors” objective.
The Motherboard
T
he motherboard is the backbone of a computer, providing connectivity between all the components of the computer. All computer components plug into the motherboard in one way or another. With increased demand for computer power, designers have had to adapt motherboards accordingly. New processors, bus speeds, RAM types, data transfer speeds, and components have together pushed the evolution of the motherboard forward at a steady pace.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
78
Chapter 3
Motherboards and Processors
Integrated Versus Non-integrated Motherboards are classified as either integrated or non-integrated. Integrated motherboards contain built-in components that are normally expansion features. For example, a motherboard might have video and network capabilities built right into the board, so you don’t have to purchase a separate video card and network card. The obvious downside to this arrangement is that if the video or network component ceases to function, you will either have to replace the entire motherboard or disable the malfunctioning on-board component. In the worst-case scenario, the malfunctioning onboard component can damage other components on the motherboard, necessitating replacement of the motherboard. With a non-integrated motherboard, initial cost is higher because more individual components need to be purchased. In case of component failure, however, replacement of the entire motherboard can be avoided. Another issue that arises with non-integrated motherboards is the availability of expansion slots to support the multiple components. In server motherboards, it is common to find integrated components such as SCSI and RAID controllers in addition to the video and network cards already mentioned. With large amounts of RAM installed in servers, combined with the fact that there is no need for enhanced video, servers often contain some integrated components. Component failure resulting in a smoked motherboard is still an issue though. To support these components, a non-integrated motherboard would require a minimum of four expansion slots, and this is the main reason components such as video and network cards are integrated into the motherboard of a server.
Resources within a computer usually refer to memory, IRQ, or DMA. Memory can be either physical memory (such as RAM) or virtual memory. Virtual memory is actually hard disk space pretending to be extra RAM. IRQs are interrupt requests. DMA is direct memory access. A DMA allows a device within the computer to have direct access to the computer’s memory (RAM) without having to go through the processor.
Many motherboard manufacturers offer both integrated and nonintegrated motherboards. The specific components used in integrated motherboards vary among manufacturers, but they commonly include on-board video, audio, modem, and network cards. Some manufacturers will integrate all of these components; others will provide a selection.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
79
Form Factors Another motherboard classification is the form factor. Essentially, form factors define the layout of components on the actual motherboard. There are three broad categories of form factors: AT/Baby AT, ATX, and NLX. The AT was the original IBM form factor design, on which the processor, memory, and expansion slots were all arranged in a straight line. This posed a problem for full-length expansion cards because the height of the processor interfered with proper card installation. In addition, heat dissipation from the processor sometimes caused problems for the expansion card. The Baby AT was a smaller version of the AT with newer, smaller components. It was a more compact board, but had the same drawbacks as the AT. In a home PC this is rarely an issue, but in the server world many expansion cards are full-length. Traditionally, servers are not designed around the Baby AT form factor. The ATX component layout is different from the AT. In the ATX form factor, the processor and memory are arranged at a right angle to the expansion slots, allowing room for the use of full-length expansion cards. In the newer computers, the combined height of the processor, heat sink, and cooling fan make it impossible to insert full-length cards in any other form factor, and most new computers (including servers) are built around the ATX form factor. New ATX motherboards also offer advanced power management features that make them even more attractive to computer builders. For example, ATX motherboards offer a soft shutdown option, allowing the operating system to completely power down the computer without the user’s having to press the power switch. NLX has been a form factor in use with desktops for quite some time. It is a compact form factor, often referred to as a “low-profile application.” NLX motherboards are easily distinguished by the riser card to which the expansion cards connect. The riser card allows from two to four expansion cards to be plugged in. These expansion cards sit parallel to the motherboard. Servers with this form factor offer power similar to the larger traditional servers, but in the size of a VCR. The obvious benefit of NLX is that the bulk of a traditional server is reduced to a space-saving smaller server. Additionally, servers assembled in a rack mount case can be secured to a rack, which can itself be secured to the floor, providing better equipment safety. Beyond these three principal categories of form factors, some companies have created their own motherboard layout. For the manufacturer, this proprietary design allows for specific and custom creation of servers. For the end user or technician, however, it can be a nightmare, often requiring special training by the manufacturer before the custom equipment can be serviced. There is also the possible difficulty of locating the specialty parts.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
80
Chapter 3
Motherboards and Processors
Components of a Motherboard Regardless of the form factor, motherboards all contain similar essential components, including processor slots, expansion busses, RAM banks, integrated controllers (either IDE or SCSI), power connectors, and peripheral connectors. It is these essential components that work together to provide the connectivity and communication within the computer. The diagram in Figure 3.1 is a structural overview of a typical server motherboard. FIGURE 3.1
Dual socket 370 motherboard A B C D E F G
PCI expansion bus Integrated RJ-45 network card Serial port Parallel port PS/2 mouse and keyboard ports Primary processor socket 370 Secondary processor socket 370
H I J K L M N
Power supply connector Floppy disk controller IDE controllers Integrates SCSI controller CMOS battery RAM banks ISA expansion bus
B C
A
D
E
F N G M
H L
K
J
I
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
81
Let’s take a closer look at each of these components. The following sections should provide you with just enough information so that you feel comfortable applying your knowledge of these components in a server environment. We’ll cover the types of expansion busses, memory types, processor slots, and firmware.
Expansion Busses Expansion busses provide a means of adding additional components to your computer, such as a video card, network card, SCSI controller, RAID controller, or others. Integrated motherboards have less need for numerous expansion busses than non-integrated boards. In the history of computers, eight major expansion busses have been developed, but only three of these busses are commonly used in modern servers: AGP, PCI, and ISA. AGP The Accelerated Graphics Port (AGP) bus is for advanced video. Only one expansion card, the video card, is made for an AGP port or interface. The AGP port is easily identified by its brown color and offset alignment (as compared with the other expansion bus slots). Motherboards contain only one APG port. The first AGP release was a 64-bit data bus that ran at 33MHz (a measure of the speed of information flow). New releases of AGP include 4XAGP, which runs at 133MHz—four times the standard 33MHz! Although numerous servers on the market include AGP video, either as an expansion port or an on-board video card, it is unlikely that a dedicated server would need the advantage of advanced video—how often do you play graphics-intensive games on a server? Some “gaming servers” provide connectivity for other gaming computers, but the server is rarely used as an actual gaming machine. The risk of corruption or configuration problems outweighs the benefits of the AGP bus. PCI First released at the inception of Pentium-generation processors, Peripheral Component Interconnect (PCI) cards are the major expansion card type in use today. PCI is popular due to its transfer speeds (32- or 64-bit busses) and ease of installation. PCI also supports bus mastering (a means of allowing a device such as a hard disk to communicate directly with another device without the input of the CPU) and speeds up to 66MHz. Installation and configuration are dramatically easier than for earlier busses, with resources for the card being determined by either the operating system or
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
82
Chapter 3
Motherboards and Processors
the BIOS—commonly referred to as Plug and Play technology. To install a PCI card, you simply open the computer case, locate a free PCI slot (they are off-white), remove the blank cover, and install the card. Resources (IRQ and DMA) are configured automatically. As you will learn in the next section on ISA, PCI configuration is a huge step forward in simplifying expansion-card installation. ISA Industry Standard Architecture (ISA) is the oldest of the three types of expansion bus. This bus preceded PCI and was extremely popular in its time. Today it has been nearly phased out, but some motherboards still have one or two ISA slots for use with older expansion cards. Most new motherboards, however, have no ISA slots. This bus is 16-bit and allows transfer speeds of 8MHz, with some models running in turbo mode at 10MHz. ISA, at times, is difficult to configure because it requires jumpers and/or DIP switches to be manually set. The technician must be aware of which resources are in use and which are available. Should the technician configure the new expansion card with the IRQ or DMA of another device, a conflict occurs. In days gone by, it was not uncommon to have the mouse freeze on your 486 computer when you tried to dial up your modem because the mouse and modem were often misconfigured with the same resources. The ramifications of this particular conflict were minimal, but more serious situations can occur— for example, conflict with a hard disk controller. Table 3.1 lists the IRQ (interrupt request lines) usage for the ISA bus. Table 3.2 lists the DMA (Direct Memory Access) assignments. TABLE 3.1
Default IRQ Assignments for the ISA Bus IRQ
Default Assignment
0
System timer
1
Keyboard
2
Cascade to IRQ 9
3
COM 2 and 4
4
COM 1 and 3
5
LPT2
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
TABLE 3.1
TABLE 3.2
Default IRQ Assignments for the ISA Bus (continued) IRQ
Default Assignment
6
Floppy controller
7
LPT1
8
Real-time clock
9
Cascade to IRQ 2
10
Available
11
Available
12
Bus mouse
13
Math coprocessor
14
Hard disk controller
15
Available
Default DMA Assignments for the ISA Bus DMA
Default Assignment
0
Available
1
Available
2
Floppy controller
3
Available
4
Second DMA controller
5
Available
6
Available
7
Available
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
83
84
Chapter 3
Motherboards and Processors
As shown in Tables 3.1 and 3.2, available resources are limited. Normally IRQ 5 is available because it is rare to have and use both LPT ports. It is also rare to use a bus mouse today. Normally a PS/2 or USB mouse is used today, leaving IRQ 12 as a free resource. This leaves five IRQs available for expansion cards. Typically, IRQ 5 is used for a sound card and IRQ 10 for a network card. This is not a computer law, but rather an unwritten rule that technicians generally follow. The sound card can be configured with any available IRQ, but many programs take for granted that the sound card is on IRQ 5. That leaves three open IRQs for other devices such as a network card.
Mixed Environment Expansion Busses Most computers in use today are not the latest, greatest technology. Many motherboards contain several different expansion busses. Brand new motherboards will contain an AGP and several PCIs. Motherboards that are a couple of years or more old will contain an AGP, PCI, and most likely two or three ISA. The question is, what expansion cards do you purchase for which bus? Obviously, if you have an AGP bus, then you should try to purchase an AGP video card. This not only takes advantage of the capabilities of the AGP, but also allows another expansion card to use the PCI slot that the video card may have taken. What do you do, though, if you have to choose devices to fit in PCI and ISA busses? What if you need to install a network card and a sound card but have just one PCI and one ISA bus left? How do you decide which expansion card to purchase for which bus? The rule is to select the card that will be under the most stress for the fastest bus. This will ensure that the faster transfer rate of the bus will be put to good use. Odds are, if your computer is to be networked, then the network card would be under more stress, so it should be installed in the PCI bus. The sound card, although available in a PCI format, would be the better choice for the ISA bus.
Memory Inside the server are several different forms of memory. Each plays a significant role in typical operation of the server. Memory in any form is the means of storing information, either temporarily, semi-permanently, or permanently.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
85
RAM Random access memory (RAM) is the most common memory within a computer. RAM is physical memory, a collection of chips on a small circuit board that attaches to the motherboard via a slot called a bank. Most motherboards contain several banks for RAM installation. RAM is volatile memory. When power to the computer is lost, the information stored in RAM will be lost. RAM has seen constant evolution over time. Early forms of RAM were known as static RAM or SRAM. SRAM didn’t need constant refreshing from the computer. Information was stored in a series of transistors that made static RAM rather slow in sending and receiving information from the processor. Newer RAM is called dynamic RAM (DRAM). DRAM requires constant refreshing, and information is stored as electrical charges within small capacitors. DRAM, due to its components, allows for highdensity packaging. This in turn creates RAM with larger capacities in much smaller chips. Examples of DRAM are EDO, SDRAM, DDR SDRAM, and RAMBUS. EDO RAM Extended data output RAM (EDO RAM) emerged in 1995. It provided a performance increase of 10 to 15 percent over traditional memory. The major downside to EDO RAM was that it had to be installed in pairs. If you wanted 32MB of RAM, you had to install two 16MB modules. This limited the number of available banks for RAM installation on a motherboard, as well as options for RAM expansion. Six available banks on a motherboard really meant three. Many motherboards of this era also had specific sequencing for installing EDO RAM. For example, a computer with 16MB installed could add another 16MB (two 8MB modules) or 32MB (two 16MB modules). EDO RAM is not in use today as a result of these limiting factors. SDRAM This is the most common RAM in use today. Synchronous dynamic RAM (SDRAM) runs at system bus speeds that translate into 66MHz, 100MHz, and 133MHz. These improved speeds over previous types of RAM eliminated wait states between the system and RAM, which was an issue in the past. A wait state is the time when the processor is waiting for
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
86
Chapter 3
Motherboards and Processors
a response from the RAM. Everything is synchronized to the clock speed (discussed in a later section). Another improvement over EDO RAM is that SDRAM is installed one module at a time. SDRAM is also available in large sizes on one module. If you want 512MB of RAM, you can get it on a single module, leaving the other banks available for future RAM upgrades.
You can mix higher-bus-speed SDRAM in a slower-bus-speed motherboard; for instance, 133MHz SDRAM will work in a 100MHz-bus motherboard. The RAM will simply run at the slower speed of the motherboard. Some motherboards offer a dual speed option. This allows the installer to select the bus speed using a jumper setting on the motherboard. Remember from your A+ Complete Study Guide that the processor, motherboard, and RAM must match in bus speeds. Bus speeds are a measure of the speed at which the processor, RAM, and motherboard send and receive information and instructions. These bus speeds include 66MHz, 100MHz, or more commonly the 133MHz bus speed.
DDR SDRAM Double data rate synchronous dynamic RAM (DDR SDRAM) is an enhancement of SDRAM. DDR SDRAM provides double clock speed by performing read and writes on both sides of the clock cycle (as opposed to only working on one side). This translates into twice the memory executions, and therefore increased system performance. A system with 100MHz memory bus speed will perform at an amazing 200MHz. RAMBUS RAM Direct Rambus RAM is the newest RAM available on the computer market. It is extremely fast, with speeds up to 800MHz, and operates like DDR SDRAM, working on both sides of the clock cycle. Rambus RAM is often used in advanced, resource-intensive gaming systems, and is increasingly being used in desktop computers. ROM Read-only memory (ROM), another important memory component, is used to store permanent information for easy and quick retrieval. ROM chips, much like RAM, have seen broad evolution, beginning at PROM and moving to EPROM and EEPROM.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
87
PROM Programmable read-only memory (PROM) was the first ROM design. It was programmed at the factory with the necessary information burned in as a configuration of transistor ons and offs. The PROM chip is permanent, so making any change means replacing the PROM chip or possibly the entire motherboard. This is very limiting in terms of opportunity to upgrade or alter the computer’s configuration. EPROM Erasable programmable read-only memory (EPROM) stored information as binary programming through electrical charges. Erasing the information required shining an ultraviolet light through a special window that wiped out all the information on the chip. This was an improvement from the PROM but still not user friendly. You had to disassemble your computer and then remove and replace the protective sticker—a labor-intensive and risky task. EEPROM Electrically erasable programmable read-only memory (EEPROM) is the current standard for ROM. The CMOS chip, which contains the BIOS (basic input/output system) information, is an EEPROM chip. The chip is kept alive by the CMOS battery and, when needed, can be flashed. Flashing is a process by which software erases and updates the programmed information contained within the BIOS. Unfortunately, the CMOS battery does eventually fail, and the information saved in the BIOS program is lost. It is strongly advised that you manually record the information found in the BIOS and then attach it to the inside cover of the computer. Eventually, when the battery does fail months or years later, you’ll have access to the information and can reenter it after replacing the battery. Many brand name computers have a proprietary BIOS; generic computers rely on a BIOS chip made by Award, American Megatrends, or Phoenix. Figure 3.2 illustrates a generic EPROM chip. FIGURE 3.2
An EPROM chip
An EPROM chip
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
88
Chapter 3
Motherboards and Processors
Cache Memory Cache memory is located on all motherboards and operates much faster than RAM. Cache memory stores information that is requested frequently, allowing for faster access and response. L1 (level 1) cache memory is actually located within the processor chip itself. L2 (level 2) cache memory is located on the motherboard. Both L1 and L2 cache are designed to be used by the processor. Cache memory is often found on other components as well, including RAID cards and network cards. This cache memory provides functions to these devices just as cache memory does for the processor: rapid storage of and access to information.
Processor Slots With the constant evolution of computer processors has come a change in the way the processor connects to the motherboard. Selecting the right processor to match a motherboard, or vice versa, is often a confusing and difficult task. To make that task a bit easier, we have included a listing that describes the common processor connection interfaces in detail. Socket 1 Used with the 486 chip, often called a PGA (pin grid array) or ZIF (zero insertion force socket). It has 169 pins and operates at 5 volts. Socket 2 An upgrade of socket 1. Has 238 pins and runs at 5 volts. Used for the original Pentium processors. Socket 3 Contains 237 pins and operates at 5 or 3.3 volts, controlled by a jumper on the motherboard. Supports all socket 2 processors as well as the 5×86 chips. Socket 4 With 273 pins, this socket was designed for Pentium-class machines running at 5 volts. Beginning with the Pentium 75MHz, however, Intel dropped the voltage to 3.3 volts, so this socket had limited use. Socket 5 Operates at 3.3 volts and has 320 pins. Supports Pentium chips from 75MHz to 133MHz; socket 5 was replaced by socket 7. Socket 6 Designed for the 486 at a time when the industry was moving into the Pentium class; never really came into mainstream use. Socket 7 The most widely used socket; contains 321 pins and operates between 2.5 and 3.3 volts. Supports all Pentium-class chips from 75MHz and up, and MMX chips. Also supports chips from AMD and Cyrix. Incorporates a voltage regulator. Socket 8 Designed primarily for the Pentium Pro chip. It has 387 pins and operates between 3.1 and 3.3 volts.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
89
Socket 370 A socket 7 with an additional row of pins on all four sides. Used by Celeron processors as well as Celeron II and some Pentium III processors (FC-PGA models). Slot 1 A radical change in design, this was Intel’s “processor in a box.” This boxed processor interfaces with the motherboard through what appears to be an expansion bus, called a Slot 1. This design eliminated the risk of bending processor pins, an all-too-common problem with other socket interfaces. Inside the box was the same processor chip, but preinstalled on a separate daughter card along with the L2 cache. This was then shrouded in a heat sink and fan assembly box. Having the processor in this format allowed for better air flow and cooling, but it was bulky—standing on edge, it created spatial issues within the case. Slot 2 Similar to Slot 1, but with a larger 330-contact connector slot. This connector allowed the CPU to communicate with the motherboard at full CPU clock speed. Slot 2 was designed for the newer Pentium chip sets, including the Xeon processor. Slot A Similar to Slot 1, Slot A uses a different protocol (EV6) and is custom designed for the AMD Athlon processor. Using this protocol, the processor-to-RAM communication can achieve speeds of 200MHz. Socket A Using 462 pins, this socket is designed solely for the AMD chip sets, including the Athlon and Duron processors. Slockets A slot 1-to-socket 370 adapter. Allows a chip designed for a socket 370 application to be used in a Slot 1 motherboard. Slockets are not well received by many technicians. The modification between the two interfaces is done with jumper settings and digital circuitry. Slocket configuration is often compared to ISA expansion card configuration— there can be serious consequences if it’s misconfigured.
In a dual processor environment (a motherboard that allows two processors to be present), there will be a pair of processor interfaces. If these interfaces are Slot 1, and only one processor is present, a dummy card is plugged into the empty slot. Leave it inserted until the computer is upgraded to dual processors. Some servers even support multiple processors. Dell, for example, offers a single box server with four Xeon processors working together. Some rack-mounted servers can actually link many small servers to work together, making one large server with numerous processors.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
90
Chapter 3
Motherboards and Processors
Power Connectors Electrical power interfaces with a motherboard in several ways. Main power attaches to the motherboard through a single plug on an ATX board, or through two smaller plugs on an AT/Baby AT. If your motherboard is of the AT form factor, these two small plugs must be orientated correctly with the black wires of each plug meeting in the center. With the main power attached to the motherboard, the control of system power is now given to the motherboard. Cooling fans, processor fan, and startup/shutdown can all be electrically controlled and monitored by the motherboard’s use of the electricity. For example, ATX motherboards offer the soft shutdown feature. When you select Shut Down in the Windows operating system, the computer will actually power down. This can be combined with a boot initiated through a mouse movement, keyboard hot key, or even a request through the network (called Wake up on LAN). Most motherboards also have power connectors (2-pin or 3-pin) for cooling fans. The fans plug directly into the motherboard where the RPMs and airflow are controlled through the motherboard. This allows the motherboard to maintain a consistent temperature within the computer case. In a server environment it is very common to see more than one power supply. This redundant power supply acts as a backup to the first one. More time will be spent on redundant components in Chapter 5, “Fault Tolerance and Redundancy.”
On-Board Disk Controllers On-board disk controllers provide the interface between the disk subsystems and the motherboard. Typically on a motherboard there will be one floppy disk controller. This 34-pin plug accepts a ribbon cable that allows a floppy disk (or two) to communicate with the computer. In some new legacy free computers, the floppy disk has been eliminated. In the server world where items such as boot disks are often needed, it is not advisable to get a legacy free computer to act as a server. Hard disk controllers are also located on a motherboard. Desktop PCs primarily use IDE controllers. Servers, although they may contain IDE controllers, rely more often on SCSI controllers. Some higher-priced motherboards do include an on-board SCSI controller, but traditionally SCSI is used through a separate expansion card. With the number of devices needed, as well as performance differences, SCSI is often the only viable choice. Both SCSI and IDE controllers will be discussed in depth in Chapter 4, “Storage Devices.”
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
The Motherboard
91
Keyboard/Mouse Every motherboard needs a means of interfacing with the user. This is often done through the keyboard and mouse. Once the server is up and running, many administrators will remove the keyboard and mouse for safety and security of the server. Access to the server is then done remotely through the network. However, for operating system installation, a keyboard and mouse are needed. Again, depending on your motherboard, a legacy free motherboard may have only a few USB ports where a mouse and keyboard would plug into. The problem is that some operating systems (Windows NT for example) do not support USB ports. Typically, a server will have PS/2 ports for a mouse and a keyboard. Older servers may still require a serial mouse (which would use a DB-9 connector) and a DIN 5 keyboard connector.
Peripheral Port Connectors Peripheral port connectors provide the interface for other devices that will connect externally to your computer; these include printers, external modems, and scanners. Standard peripheral ports are two DB-9 male ports and a DB-25 female. The DB-9 male ports on a server are often used as communication ports for an external modem or for communication to a UPS or network connectivity device such as a switch. Again, legacy free computers have USB ports rather than parallel or serial ports.
Jumpers and DIP switches Depending on the type of motherboard, the setting for the processor voltage, speed, and other system settings may be controlled by small switches that need to be manually configured on the motherboard. Many new motherboards have moved away from this type of configuration for the same reasons as the ISA bus. A simple misconfiguration can lead to serious consequences. On a motherboard, the jumpers often control CPU voltage. Too high of a voltage setting could permanently damage the CPU (see Figure 3.3).
33 22 11
22
33
Jumpers
11
FIGURE 3.3
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
92
Chapter 3
Motherboards and Processors
Firmware Firmware is defined as any software that is stored in read-only memory (ROM, EPROM, EEPROM) and that maintains its contents when power is removed. Inside the server are several components that will contain ROM chips and therefore firmware. This list includes the previously discussed CMOS chip, but also SCSI controllers and RAID controllers. Firmware is commonly upgradable. This process normally requires downloading the file from the manufacturer’s website. Although tempting, it is extremely dangerous to download such files from third-party websites. The validity and integrity of the file may be compromised. A failed firmware update can leave you in a difficult situation. Once the correct file is downloaded (this will require careful matching of your hardware to the correct download file), it can be run. The firmware update is extracted onto a floppy disk. When the disk creation is complete, you simply reboot the computer with the disk in and the update will occur automatically. In essence, the firmware disk is a boot disk that runs a specific program that reprograms the chip when the computer is booted. Firmware updates are performed to provide new updated features and support for the latest hardware or to repair problems with hardware. For example, Asus Network Technologies released a firmware update for their motherboards that will repair an issue with the soft shutdown. This firmware update relates to the CMOS chip. Another example would be a firmware update for a SCSI controller, which would provide advanced support for new hard disk technology. No one can forget the Y2K issue—the fear that computers would not be able to calculate the year 2000. Many systems were repaired through a simple firmware update. In a typical server there can be several components with firmware. It is good practice to document each component, firmware revision number, date, and manufacturer. Many manufacturers maintain a mailing list and will notify you via e-mail when a new release is available. At that point, you decide whether to update or not. The benefits of the update must be useful to your specific application. Keep in mind that there are risks with every update. The possibility of the device not working properly because of conflicts with other devices, other software, or the operating system are realistic consequences. Always perform a backup of all data as well as a full compatibility check before performing any update to a server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Processors
93
Processors
Processors have seen the most rapid change over the last couple of decades. In the server environment, processors can face incredible stresses. Selecting the right processor to meet your needs is therefore critical. Before looking at the current processor types, you need an understanding of the important features. Clock speed is the main element on which most people focus when they talk about processors. Clock speed is measured in millions of cycles per second—megahertz (MHz). Instructions are carried out based on clock speed, analogous to a musician playing to a metronome. Clock speed is not the only factor in processor performance but it is a major factor. The faster the clock speed, the faster instructions can be carried out. Latest releases of processors have exceeded the megahertz classification and moved into the gigahertz range. Currently processor speeds have reached 2GHz. L1 cache, as previously mentioned, provides fast access for the processor. Therefore processors with larger quantities of L1 cache will perform better. Higher cache is also directly proportionate to increased price. Server processors will commonly have higher L1 cache than desktop processors. Voltage is another consideration. Lower voltages in processors will generate less heat, and lower heat will allow for smoother and more stable operation. Old processors ran at 5 volts, and this generated a steady amount of heat; however, due to the slower clock speeds, the small heat sinks were able to handle heat dissipation. With newer processors, the heat generated from the faster clock speeds combined with the 5 volts of direct current electricity made the processor unstable. Most of today’s processors run at 3.3 volts to combat this problem.
Intel Processors It is common knowledge that Intel has had a strong hold on the computer processor market for a long time. Today there are several other manufacturers of quality computer chips on the market, but Intel still has a dominant hold on the server market. Table 3.3 defines the major Intel processor classes, speed ranges, and specifications as seen today.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
94
Chapter 3
Motherboards and Processors
TABLE 3.3
Current Intel Processor Family Line Processor
Voltage
Clock Speed
Pentium
3.3–5V
60MHz to 200MHz
Pentium Pro
2.5V
60MHz to 200MHz
Celeron
3.3V
266MHz to 1.2GHz
Pentium II
3.3V
233MHz to 450MHz
Pentium III
3.3V
450MHz to 1.1GHz
Pentium 4
3.3V
1.3GHz to 2GHz
P2 Xeon
3.3V
400MHz to 450MHz
P3 Xeon
3.3V
350MHz to 1,000MHz
Itanium
3.3V
733MHz to 800MHz
Any of the Intel Pentium-class processors works well within a server environment, but Intel designed the Xeon line specifically for the highperformance environment of workstations and servers. Xeon processors come equipped with a larger cache, and greater flexibility while running in a multiprocessor environment. In its latest release, Intel has touted the Itanium processor, running with synchronous clock signaling and a 64-bit architecture, as the ideal match for a server environment. Intel is constantly releasing new and improved processors. The changes most often are in the speed category, although Intel also has several new processor lines in development. They are referred to by code name and feature the latest in technological advancements. For more information, visit Intel.com.
AMD Processors AMD processors, as related to servers, are rather new on the market. AMD (Advanced Micro Devices) only recently introduced their server line chip, the MP, to compete with the Intel server line. The MP chip is available in a 1.2GHz and 1.0GHz clock speed and fits onto a socket A motherboard. Standard AMD processors include the Athlon and Duron, designed to
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Cooling
95
compete with the Pentium and Celeron, respectively. The benefit of the AMD processor line is the fast bus speeds discussed previously in the socket A description. When matched with an appropriate motherboard, the AMD processor performs efficiently. (See Table 3.4.) TABLE 3.4
Current AMD Processor Family Line Processor
Voltage
Clock Speed
Athlon MP
2.5V
1.0–1.2GHz
Athlon
3.3V
1–1.4GHz
Duron
3.3V
950MHz–1.1GHz
Alpha Chips DEC (Digital Equipment Corporation) introduced a 64-bit processor in 1992 called an Alpha chip. Recently Compaq released a series of servers featuring the Alpha chip, which has a superscalar design allowing the processor to execute more than one instruction per clock cycle. It has both an 8K data and an 8K instruction cache, and a floating-point processor. Compared to the other processors that calculate on one side or two sides of the clock tick, Alpha processors have a definite advantage. This has obvious benefits in a server environment where a CPU is often required to process a multitude of requests at a time.
Cooling
B
ased on the previous information on processors, it is easy to understand that cooling in a server environment is critical. Regardless of the manufacturer or model of your CPU, it will need a way to deal with heat buildup. The faster the clock speed of the CPU, the more heat it generates, and server processors tend to run at a high clock speed. Remember that some servers have several CPUs. Most servers have numerous cooling fans to assist with heat dissipation. With the dangers of overheating, fans are often clustered together in groups with cowlings to channel air through the server. It is also advisable to have multiple fans to allow for redundancy—should a fan fail, another will maintain the airflow.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
96
Chapter 3
Motherboards and Processors
Besides cooling fans, consider other factors in maintaining proper temperatures within the server case. Motherboard form factors dramatically influence cooling. The ATX form factor has the processor near the power supply fan. This allows the processor to take advantage of the cool air drawn in from the power supply. In the AT form factor, the processor is not near this fan. Heat sinks and processor fans are another consideration. All processors, including dated ones (such as the 486), require at least a heat sink and cooling fan. The heat sink, which rests directly on the processor, is made of aluminum, which dissipates heat easily. On top of the heat sink is a cooling fan. This cooling fan assists in moving the heat that radiates off the heat sink away from the area. After-market products are advancing dramatically to assist in running the processor cooler. Larger heat sinks and fans that will run at higher RPMs are available. These products are obvious favorites of the overclockers (see “Overclocking” section, below), but should also be a consideration for server builders. Another option (although it can be costly) is a Peltier device (also known as a thermoelectric [TE] module), which is a small solid-state device that functions as a heat pump. This ingenious device works like a small air conditioner, moving hot air away from the processor side and replacing it with cool air. Peltier devices do not work well in all applications and can be difficult to install and operate effectively. Regardless of which form of cooling you decide on, it is mandatory that in a server there is some form of monitoring. This monitoring watches the temperatures and fans for any problems (fan failure, temperature threshold reached) and then alerts the system administrator. Modern servers can send alerts via e-mail, on-screen messages, or audible alarms. If there is no response within a given period of time, some servers will even shut themselves down, thus preventing any physical damage to components. Monitoring agents can be software, hardware, or a combination of the two. An area that is often overlooked is the server environment. With the constant demands on a server, maintaining a consistent temperature as well as safe environment for the computer to operate in is a must. Many companies will create a dedicated room for the server(s). This room prevents dust and other contaminants from disrupting the server. Many times these server rooms have dedicated cooling facilities, such as air conditioners, and dedicated power sources. Another environmental concern to be aware of is the location of the server. As you learned in the A+ Complete Study Guide, by David Groth and Dan Newland (Sybex, 2001), it is not acceptable to have a computer in a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
97
location where it will face direct sunlight. Besides sunlight, other potential concerns would be location of water pipes and electrical wires (electrical fields). All of these could compromise server safety.
Overclocking
I
n the world of desktop computers, overclocking is the latest rave. Overclocking involves forcing your computer (usually the processor) to run harder and faster than the manufacturer intended. All processors perform within a specific range. There is a window by which this range can be extended and the processor made to work at the upper levels of its capabilities. This is comparable to athletes who use steroids. Performance is better but there are serious side effects. With increased processing capabilities comes increased heat. Overclocking demands improved processor and case cooling. Some users who have overclocked their systems go so far as to create custom fan and heat sinks to deal with the heat issue. Before you decide to overclock, make sure you carefully weigh the possible consequences: shortened life of the CPU, overheating, and damage to other components such as the motherboard. When related to servers, overclocking is frowned on. The processor in a server is responsible not only for the running of the server but also shared applications, printers, file security, authentication, Internet, and e-mail, so the processor is working very hard already. Forcing it to work faster can lead to catastrophic consequences. Remember, you can get along without a desktop for a while, but can you remain productive without your server?
Summary
T
his chapter began with an exploration of motherboards. Integrated motherboards have several common components built into the motherboard that would otherwise be on expansion cards. These include video, audio, modem, and network cards. Non-integrated motherboards require separate expansion cards for each component. Benefits of integrated motherboards include lower price, while the major drawback is the danger of component failure that would result in replacing the entire motherboard.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
98
Chapter 3
Motherboards and Processors
Motherboards are available in three form factors. The less commonly used AT boards were the original design created by IBM. Baby AT was a smaller version of the AT created around the desktop structure. The major problem with the Baby AT was compatibility with full-size expansion cards. Due to the orientation of the processor, RAM, and expansion cards, the Baby AT motherboard made it difficult if not impossible to use full-length expansion cards. ATX is the second motherboard form factor. ATX motherboards do not have the same issues as the Baby AT. Most computers today are built around the ATX form factor. The final form factor discussed in this chapter was NLX. This design of motherboard was created for low-profile systems. This includes small desktops as well as rack mount systems. We also took an in-depth look at common motherboard components. Expansion busses provide a means of connectivity for your computer to expand on. Today there are three major expansion busses commonly used. These are AGP, PCI, and ISA. The AGP bus (Accelerated Graphics Port) is designed for video cards only. PCI (Peripheral Component Interconnect) is the major expansion bus in use today. It has a transfer speed of up to 66MHz. PCI bus resources are configured through software (including the computer’s operating system). ISA (Industry Standard Architecture) busses are the oldest of the three. Currently ISA busses are being phased out, but many computers in use still have a couple of ISA expansion busses on their motherboards. ISA busses can be difficult to configure, requiring that the installer know about used and free resources and then be able to configure the expansion card through jumpers. Memory takes on several forms within a computer. RAM (random access memory) is volatile memory used to store information temporarily while the computer is in use. RAM has seen an evolution from Static to Dynamic RAM. Dynamic RAM currently in use is Synchronous Dynamic RAM (SD RAM). SD RAM is available in bus speeds of 66MHz, 100MHz, and 133MHz. This bus speed must be matched to the motherboard and processor. New enhanced RAM includes DDR SDRAM and Rambus RAM. Much like RAM, ROM (read-only memory) has evolved over time, beginning at PROM, then EPROM, and finally EEPROM. EEPROM chips are the current ROM in use and can be updated (flashed). Processor sockets were the next topic of information. Processors take on a key role within any computer, and with changes in processors come changes in processor interfaces with the motherboard. Other motherboard features include on-board disk controllers, keyboard and mouse interfaces, and peripheral port connectors (including serial and parallel interfaces).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
99
Intel and AMD designed processors especially for the stressful environment of a server. With these advanced processors comes the need for added cooling. This discussion led into a section on overclocking—a risky practice that can result in overheating.
Exam Essentials Know the differences between integrated and non-integrated motherboards. Make sure to have a strong understanding of the differences, advantages, and disadvantages of both motherboard styles. Be able to identify the differences between motherboard form factors. Identify AT/ Baby AT, ATX, and NLX form factors and their limitations and benefits. Be able to label the common components of a motherboard. This includes expansion slots, RAM banks, processor socket, CMOS battery, CMOS chip, power connector, and on-board controllers. Understand the differences between common expansion busses. Be able to identify the busses by speed, configuration, and use. Know the IRQ and DMA resources for the ISA bus. Know what resources are in use for what devices, as well as what resources are available. Know the different types of RAM memory. Know the differences between EDO, SDRAM, DDR RAM, and Rambus RAM. Be aware of performance differences between the types of RAM. Be able to explain the different types of ROM. Understand the different levels of ROM, including PROM, EPROM, and EEPROM. Know the different processor slots and supported processors. This includes all sockets, slots, and slockets for Intel chips as well as the AMD processors. Know what firmware is and which common components have firmware. Be able to identify a firmware chip as well as its purpose. Know the processors that are available for use within a server. Be aware of voltages, speeds, and common names for processors from both Intel and AMD.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
100
Chapter 3
Motherboards and Processors
Key Terms
Before you take the exam, be certain you are familiar with the following terms: Accelerated Graphics Port (AGP)
integrated
AT
NLX
ATX
non-integrated
Baby AT
overclocking
cache memory
Peripheral Component Interconnect (PCI)
Direct Rambus RAM
Plug and Play
double data rate synchronous dynamic RAM (DDR SDRAM)
programmable read-only memory (PROM)
electrically erasable programmable read-only memory (EEPROM)
random access memory (RAM)
erasable programmable read-only memory (EPROM)
read-only memory (ROM)
expansion busses
riser card
extended data output RAM (EDO RAM)
synchronous dynamic RAM (SDRAM)
Industry Standard Architecture (ISA)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
101
Review Questions 1. What is the difference between integrated and non-integrated
motherboards? A. Integrated motherboards have built-in components normally
found on expansion cards. B. Non-integrated motherboards are newer technology. C. Integrated motherboards are more expensive than non-integrated. D. Non-integrated motherboards are rarely used today. 2. Which of the following components are not normally integrated in an
integrated motherboard? A. Network card B. Video C. Modem D. SCSI controller E. Hard disk 3. Which of the following is not an example of motherboard form
factor? A. AT B. ATX C. MCA D. NLX 4. Which of the following is a common component of an NLX mother-
board? A. PCI expansion slot B. VESA expansion slot C. Riser card D. ZIF processor socket
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
102
Chapter 3
Motherboards and Processors
5. Which of the following is not a common expansion bus? A. PCI B. AGP C. ISA D. IDE 6. What does AGP stand for? A. Accelerated Graphics Port B. Accelerated Graphics Post C. Advanced Graphics Port D. Advanced Game Port 7. What is the bus speed for an AGP bus? A. 64-bit at 33MHz B. 32-bit at 33MHz C. 32-bit at 66MHz D. 64-bit at 66MHz 8. What does PCI stand for? A. Personal Component Interface B. Peripheral Component Interconnect C. Personal Computer Interconnect D. Peripheral Computer Interface 9. What is the speed of the PCI Bus? A. 16-bit or 32-bit B. 32-bit or 64-bit C. 32-bit or 32-bit D. 64-bit or 64-bit
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
10. How are resources configured on a PCI bus? A. Jumpers B. Software C. Automatically through the BIOS D. Manually through a boot disk 11. What is the speed of an ISA bus? A. 8/10MHz B. 6/8MHz C. 10/12MHz D. Varies, depending on motherboard 12. What is the default IRQ for LPT1? A. 5 B. 7 C. 3 D. 9 13. What does RAM stand for? A. Random access module B. Repetitive access memory C. Random access memory D. Repetitive access module 14. What type of RAM is installed in pairs? A. SD RAM B. EDO RAM C. RD RAM D. Rambus
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
103
104
Chapter 3
Motherboards and Processors
15. What does the abbreviation SD RAM stand for? A. Synchronous dynamic RAM B. Standard digital RAM C. Synchronous digital RAM D. Standard dynamic RAM 16. Which type of ROM can be flashed? A. PROM B. EPROM C. EEPROM D. ROM 17. Which type of cache is located on the processor? A. Level 2 B. Level 3 C. Level 1 D. Level 4 18. Which socket is used for Pentium processors that run at speeds
up to 75MHz? A. Socket 3 B. Socket 4 C. Socket 7 D. Socket 5 19. What is the most widely used socket today? A. Socket 7 B. Socket 5 C. Socket 4 D. Socket 3
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
20. What is firmware? A. Software for a hardware component B. A program that changes the configuration of an expansion bus C. A software update for a PCI card D. A digital representation of a system driver
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
105
106
Chapter 3
Motherboards and Processors
Answers to Review Questions 1. A. Integrated motherboards contain components that are found on
expansion cards. These include video, audio, network cards, SCSI controllers, and modems. Integration frees up expansion slots for other devices. 2. E. Hard disks are not integrated on motherboards. 3. C. MCA is an expansion bus. AT, ATX, and NLX are motherboard
form factors. 4. C. The riser card is used to install expansion cards within a low-
profile NLX motherboard. 5. D. IDE is actually a hard disk technology. PCI, ISA, and AGP are
expansion busses currently in use. 6. A. AGP is the Accelerated Graphics Port. It is used for video only. 7. A. The transfer speed of the AGP (first release) was 64-bit
at 33MHz. 8. B. PCI stands for Peripheral Component Interconnect. It is the most
popular expansion bus in use today. 9. B. The PCI bus can communicate at either 32-bit or 64-bit. 10. C. Resources for a PCI bus are configured automatically through the
BIOS settings. 11. A. An ISA bus can transfer at speeds of either 8 or 10MHz. 12. B. LPT1 is assigned IRQ 7 by default. 13. C. RAM stands for random access memory. 14. B. EDO RAM is installed in pairs. This was a major limitation for
this type of RAM. 15. A. SD RAM is short for synchronous dynamic RAM. This RAM
works to a synchronous clock cycle. 16. C. Electronically erasable programmable read-only memory can be
digitally erased, or flashed, as it is often called.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
107
17. C. Level 1 cache is always located on the processor. 18. B. Intel designed the socket 4 to support Pentium-class chips up to
75MHz; in subsequent Pentium chips, they changed the voltage and socket. 19. A. Socket 7 is considered to be the most widely used socket today. 20. A. Firmware is software that runs a hardware component—
sometimes referred to as the operating system of a hardware component.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
4
Storage Devices COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 1.1 Conduct pre-installation planning activities
Plan the installation
Verify the installation plan
Verify hardware compatibility with operating system
Verify power sources, space, UPS and network availability
Verify that all correct components and cables have been delivered
1.2 Install hardware using ESD best practices (boards, drives, processors, memory, internal cable, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS
Verify SCSI ID configuration and termination
Install external devices (e.g., keyboards, monitors, subsystems, modem rack, etc.)
Verify power-on via power-on sequence
2.4 Configure external peripherals (UPS, external drive subsystems, etc.)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
3.3 Add hard drives
Verify that drives are the appropriate type
Confirm termination and cabling
For ATA/IDE drives, confirm cabling, master/slave and potential cross-brand compatibility
Upgrade mass storage
Add drives to array
Replace existing drives
Integrate into storage solution and make it available to the operating system
Perform upgrade checklist, including: locate and obtain the latest test drivers, OS upgrades, software, etc.; review FAQs, instruction, facts and issues; test and pilot; schedule downtime; implement ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
S
torage devices are arguably the most important type of device in a server. Of course, the server couldn’t run without a motherboard, processor, and memory, and a server without a network card is pointless. But when you think about what a server really does—stores files and databases and provides other services—the hard disk holds everything that’s dear to clients. Every time a client accesses the server, the client accesses the server’s storage device. There are a variety of storage devices that can be employed in a server. They include hard disk drives, optical drives, CD-based drives, tape drives, and others. This chapter will focus primarily on hard disk drives, since they are the most common online storage devices used in servers. (Others, like tape drives, are typically offline storage devices.) The hard disk drives that we will concentrate on fall under one of two major categories: IDE and SCSI. There are others, but these are the two most common hard disk technologies. Before we get into the details about these technologies, however, we need to understand how hard disks are structured.
Physical and Logical Disks
A hard drive is a hunk of metal and plastic. Inside are platters that spin rapidly, and heads that move back and forth along the surface to read and write information. You can think of a hard drive much like a record player, but one that can write as well. That’s pretty much all a hard drive is, at least physically. But how the computer deals with the disk is a totally different story. When discussing hard disks from the computer’s perspective, there are two types of designations: physical disks and logical disks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
112
Chapter 4
Storage Devices
When talking about a physical disk, we are referring to the actual device located within a server, or connected to the server externally. For example, a computer with two hard disks will have two physical disks. If you can hold it, it’s a physical disk. Physical disks can refer to a variety of devices other than hard disk drives, such as floppy disks, compact discs, and tape drives, to name a few. The number of physical disks that your computer can have is based on the interface type. As an example, SCSI technology allows for more disks per controller than IDE. A logical disk is not quite as straightforward as its physical counterpart. One of the most common ways to define a logical disk is any space of a hard disk (or other storage unit) that has its own disk letter. As you learned while studying for your A+ exams, a hard disk can be partitioned, or divided into smaller sections. Each partition receives a drive letter and therefore can be considered a logical disk. It is not uncommon for a computer to physically have one hard disk but logically have two. This often leads to considerable misunderstandings for those who are new to the computer world. Many times people purchase a new computer assuming there are two hard disks included in the system. After all, in the Windows environment, they see two hard disks labeled C and a D. Later on they discover, by either removing the cover themselves or having someone inform them, that they actually have only one physical hard drive. Windows-based systems can support up to 23 logical disks each. After that, we run out of letters in the alphabet. Yes, the English alphabet has 26 letters, but remember that A, B, and C are reserved for two floppies and the first hard disk. NetWare and Unix do not use drive letters. They name their logical disks (called volumes) by referring to the logical unit by machine and then a volume name. For example, on a NetWare server, there is always a SYS volume. If your NetWare server is named NW1, the volume name (logical disk name) would be NW1/SYS:. In a network environment, you will frequently work with multiple logical disks. You will often find network mapped paths, which also qualify as a logical disk. These mapped paths are given a unique drive letter and for all intents and purposes act as another hard disk for the end user. The difference is that these disks do not reside on the end user’s computer but rather on the server, or other computer, and are accessed through the network. Network mapped paths are a logical pointer to a physical resource. This tricks the client computer into thinking that it has another hard disk, which in actuality is a part of a hard disk on another computer. Your computer may think it has an H disk, and it’s right. The trick is, the information is physically located somewhere else.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
113
Should the host computer lose connection to the network, the mapped path will not be accessible. Figure 4.1 illustrates the view of a mapped path through the My Computer icon in Windows 2000. Notice how the mapped path icon for disk F is similar to that of the hard disks, but has a small network wire connector visible below the disk picture. This small network wire connector is there to remind you that this is a mapped drive. If the network-mapped disk is unavailable, it will have a red X on the network wire connector. FIGURE 4.1
A mapped path displayed in Windows Explorer
Also on a network, you may run into multiple physical devices that form one logical disk. A good example is a RAID 1 or RAID 5 array. There will be at least two physical hard disks (three for RAID 5) that appear as one logical unit. So with all this talk of physical versus logical disks, what’s the real deal? It seems slightly confusing. Just remember that if you can hold it, it’s a physical disk. However, logical disks are all about how you define them. A physical hard disk may have multiple logical disks, and at the same time multiple physical hard disks can make up one logical disk. It all depends on how you set it up. Last but not least, logical disks can also be physically contained on another machine, but you have a drive letter on your machine representing it.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
114
Chapter 4
Storage Devices
Storage devices interface with the computer through two possible means: either an IDE or SCSI interface. Because the connectors are so different, IDE devices cannot be on a SCSI controller, and vice versa. However, some computers do have connectors for both types of disk. Depending on costs and requirements, choosing one over another is sometimes difficult in the desktop/workstation environment. In the server environment SCSI is the dominant storage device because it is much more extensible, it is compatible with a wide variety of devices, and it has evolved to operate at many different levels and speeds. Basically, it’s faster and more expandable. However, it is also more expensive. In the next two sections, we will explore each option, for a means of comparison and also for configuration purposes.
IDE Technology IDE (Integrated Drive Electronics) technology was first created as a simple means of adding components to a computer. Today, this technology is more commonly associated with ATA (Attachment Interface) technology. The controller circuitry is located right on the device itself. The device is then attached to the motherboard or expansion card with a short 40-pin ribbon cable. Most cables are keyed so they will fit on only one way. If the cable is not keyed, then the rule is that the red stripe on the cable connects to pin 1. Closely examine the cable and you will see that one side of the ribbon has a red line (although sometimes it’s blue). Also a close examination of the device will reveal that the connector is labeled with a pin 1. If you can’t locate pin 1, it’s always on the side of the connector closest to the power connector on the hard disk. A simple jumper configuration (discussed later in this chapter) provides a means of configuration, and the IDE device is installed and running. The original release of this technology supported disks up to 528MB in size and transferred at a speed of 3.3MBps. With increased disk size ATA-2 (version 2) was released that supported several gigabytes of disk size as well as increasing speed to 11.1MBps. This release was commonly known as EIDE or Enhanced IDE technology. The latest release is Ultra DMA/33 (Ultra Direct Memory Access 33) IDE. It can transfer at speeds of 33MBps.
Newer versions of Ultra ATA IDE can support 66MBps and 100MBps. They are called Ultra ATA/66 and Ultra ATA/100, respectively.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
115
Regardless of the release or version, IDE has one major limitation, which is that it can support only two devices per controller. In the days of its inception this was not seen as problematic because hard disks were the only devices supported. However, with the creation and widespread use of CDROMs, DVDs, and CD-RWs, the need to support multiple devices grew. All new motherboards tried to meet this demand with support for two separate IDE channels, often referred to as IDE controllers (primary and secondary). This would then allow for four devices (two on each channel). In today’s world of multiple physical disks, burners, and DVD drives, IDE technology is not the most flexible. Also, 33MBps may seem wonderfully fast, but compared to SCSI it takes a back seat. And because of overhead associated with the technology, you will only get about 75 percent of the theoretical maximum transfer rate with IDE hard disks. In the server environment speed is essential. Access time to server hard disks when multiple requests are incoming can add up to rather long wait periods. If the request is from an application such as a database, the possibility of a time-out error is real. A time-out error happens when the program gives up waiting for a response from the server. IDE devices have tried to deal with wait state issues by increasing hard disk spin rates (the same holds true for SCSI). Typical hard disks spin at 5,400 RPM (revolutions per minute, referring to the speed at which the platters spin). New releases in IDE hard disks include 7,200 RPM and 10,000 RPM. Theoretically the faster the hard disk can spin the faster that the actuator arm and read/write head can get to the data stored on the platters. This has improved performance in hard disks but still doesn’t deal with the primary issue with IDE technology: support for only two devices.
Configuring IDE Devices Configuration of IDE devices, as previously mentioned, is rather simple. Jumpers are located on each device and allow for three possible configurations. The first configuration is MA, or Master setting, and it is used if the device is the only one on the channel or if it is the primary device when two devices are present on the same channel. The second possible configuration is SL, or Slave, and it is configured only if the device is the secondary device on a channel. Thirdly, CS, or cable select, is used if the devices can auto-configure for master and/or slave. Jumper configurations for IDE are illustrated here for you in Figure 4.2.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
116
Chapter 4
Storage Devices
FIGURE 4.2
IDE configuration Setup Jumpers
Jumpers- Style A ATA Hard Drive, Rear View ATA Cable Key
Master Enabled
Slave Enabled
ATA Cable Pin 1 Jumpers
Cable Select Enabled
An extra spare (horizontal) jumper may also be present. This does not affect the drives use.
(CLJ) Capacity limitation jumper. The CLJ jumper is used together with the Master, Slave, or Cable Select setting.
Most administrators avoid using CS on their hard disks because it slows down the boot process. This is because during the boot process the computer has to scan the IDE cable to detect if devices are present and then determine which is to be master and which slave.
Practical experience has shown technicians that certain combinations work best. For example it is recommended that the boot hard disk be attached to the primary IDE controller in the master position. This will assist in faster boot. Many motherboards include one Ultra DMA controller (the other controller is standard IDE to keep costs down) in the primary IDE
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
117
position to further assist with speed to the primary boot disk. If you have a CD-ROM and a CD-RW it is advisable to connect both on the secondary channel. This will help to prevent buffer under run errors that can occur when the CD-ROM is on a different IDE channel from the CD-RW. Once the jumpers are configured for the master and slave settings, the IDE devices can be installed into the computer case. The final step involves entering the setup utility when the computer is booting. In your BIOS setup is an option to manually specify what is connected to each of the master and slave positions for both IDE controllers, or you can have the BIOS autodetect these devices each time the computer is booted. If you choose to have the BIOS autodetect these devices, expect the boot process to become slower. An option that can be very helpful when installing a hard disk is the Auto Hard Drive Detect. This utility, found within the BIOS setup program, will scan the IDE channels and try to identify the hard disks and appropriate settings for you. After the utility scans the disks, it will present you with its findings for you to accept or reject. If you accept, they will be automatically set in the BIOS.
Older BIOSes did not have the ability to autodetect hard disks. You had to enter in configuration information manually. Even though it may be a bit slower to have your computer autodetect the hard disks, it’s still a valid option.
Common IDE devices used today include hard disks, tape drives, CDROM, DVD, CD-RW, and internal Iomega Zip drives. Combinations of these devices are found in every computer from laptops to servers. Each uses the previously mentioned jumpers and master/slave settings. With the limitation of two available devices per channel, IDE is not common in servers. Many servers contain more than two hard disks alone, which would leave no connectivity options for a CD-ROM drive or a backup drive. Transfer speed is another concern. Although IDE speeds seem impressive in a stand-alone computer, when placed in a server environment where the speed is shared among many client computers, IDE struggles at times under the demands. More common in a server is the SCSI structure for storage devices. This is not to say that there is no IDE at all in servers. Server motherboards normally contain at least one onboard IDE slot.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
118
Chapter 4
Storage Devices
Getting IDE Drives to Play Nice Some years ago, I was working as a consultant for a small insurance office. They only had four computers, and no servers. It was a simple configuration, and they didn’t require a lot of maintenance. They came to the point where they needed additional storage space in the workstation that held their database. So, they bought an additional hard drive, and called me to put it in. I arrived at the office, powered the machine down, and removed the case. I grounded myself properly (notice, good ESD safety being practiced), and removed the existing drive. Sure enough, the drive was not jumpered as a master. So, using the diagram on the drive itself, I set the jumpers to master. Looking at the new drive, I jumpered it as a slave. I put both drives back in the machine, and powered it up. It didn’t boot. So I checked the system BIOS, and manually configured the master and slave settings based on the drive parameters. We rebooted the machine, and still nothing. Just as a test, we changed the jumpers on the new drive to make it a single, changed the BIOS, and sure enough, the drive booted. So we knew that the new drive was good. And the old drive had been working a few minutes ago. So what could be the problem? We set it back up again with the old drive as the master, and the new drive as the slave, and got the same results. It didn’t want to play. Looking at the drives again, I noticed that the old drive was a Seagate, and the new one was a Maxtor. Puzzled, I switched the master/slave relationship of the drives, changed the BIOS, and the system booted fine. The moral of the story is this: sometimes when dealing with multiple IDE drives, they may not work in a specific master/slave relationship. Try switching them to see if that helps. It’s not necessarily a Seagate versus Maxtor thing, but it is more common when you use drives made by different manufacturers. So if you can, stick to using drives made by the same company. It’s also somewhat common for older drives to not work as masters to newer drives. Again, change the master/slave relationship, and you should be okay.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
119
SCSI TECHNOLOGY SCSI (Small Computer Systems Interface) is far more robust than the IDE structure. Unfortunately it is also far more complex in configuration and setup, and more expensive. When you talk about SCSI devices, the discussion is not limited to hard disks. Available SCSI devices include a broad range of internal and external components. In the server environment, the range is often dominated by hard disks, tape backup drives, and CD-ROM drives. However, there are also SCSI scanners, optical devices, and others. The following section focuses on the fundamentals of SCSI hard disks. The SCSI standard was put into effect in the mid-1980s and specifies a universal, parallel, system-level interface for connecting up to eight devices (including the controller) in a chain on a single shared cable. This grouping of devices is called a SCSI bus. SCSI busses are extremely flexible in design. The SCSI controller card controls the devices, so you can be confident that, as long as the card works in the computer, then the SCSI devices will also. Therefore SCSI devices will perform equally well in a PC, a Mac, or a Sun Microsystems workstation, as long as the controller card itself works with the operating system and other hardware. The SCSI controller card contains its own configuration as well as firmware. SCSI supports many more devices than available in the IDE technology, and also transfers information at much faster speeds. All SCSI configurations require termination at both ends of the chain. If there is no termination, the signal will bounce back and forth along the chain, causing the devices to fail. SCSI adapters have a terminator built in, and you must supply the terminator at the other end. SCSI devices are identified by a SCSI ID number. The controller typically takes ID 7, and the devices get 0 through 6.
SCSI Signaling Types There are three distinct SCSI signaling methods. Careful consideration must be given to the signaling method chosen because all devices, cables, and adapter cards on one chain should be of the same signal type, and must be of the same signal type if you are using HVD (High Voltage Differential). The three signaling methods are: SE Most SCSI devices use single-ended (SE) signaling. This method has a maximum bus length of 1.5 meters, and uses a 50-pin narrow SCSI connector, such as the Ribbon IDC 50 connector. SE signaling requires termination. (See the “SCSI Termination” section below for details.)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
120
Chapter 4
Storage Devices
HVD High Voltage Differential (HVD) (also known as differential) is used to provide reliable signals in a high-noise environment over a long bus length (up to 25 meters). The HVD signaling method cannot be mixed with other signaling methods, and requires a differential (HVD) terminator. LVD Low Voltage Differential (LVD) supports a bus length of 12 meters and supports downward compatibility with single-ended signaling devices. LVD-compatible equipment is required for the Ultra SCSI standards. LVD requires termination.
SCSI Types SCSI technology has seen a constant and dramatic change since its inception. The first release of SCSI technology was rather awkward and limiting. Still, the potential was clearly evident. Later releases improved on predecessors in areas of speed and reliability. The following is a brief look at the essential elements of each major SCSI release. SCSI-1 The first true implementation of SCSI was SCSI-1, created in 1986. It had a 5MBps transfer rate and used a Centronics 50-pin cable or a DB-25 female connector with an 8-bit bus width. SCSI-1 was based on single-ended transmission and used passive termination. Passive terminators had only resistors to terminate the bus, as opposed to active terminators that have voltage regulators for added reliability. The original release of SCSI was not without problems. While there were standards, there was inconsistent implementation of the standards by vendors. SCSI-1 is now obsolete. If you mix SCSI-1 devices on a bus with other SCSI devices, performance will degrade. SCSI-2 The goal of SCSI-2 was to improve on performance and reliability, and to enhance features. SCSI-2 was also needed to standardize the commands used with the technology. SCSI-2, which was backward compatible with SCSI-1, introduced a higher-density connector and both an 8-bit and 16-bit wide bus. The 16-bit bus was known as Wide SCSI-2. SCSI-2 also introduced a faster speed release called Fast SCSI-2, which used the 8-bit bus but at a speed of 10MBps. It was also possible to combine the best of both Wide SCSI and Fast SCSI to get SCSI-2 Fast-Wide (16-bit at 40MBps). SCSI-2 also used active termination, which is more reliable than the passive termination used in SCSI-1.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
121
Wide Ultra-2 SCSI Wide Ultra-2 is a step up from SCSI-2. This release provided LVD or HVD signaling, a 16-bit wide bus, transfer speeds of 80MBps, LVD or HVD termination, and used a 68-pin connector. Ultra-3 SCSI Ultra-3 is the latest SCSI standard. Ultra-3, also called Ultra SCSI, operates at a faster 20–40MBps, which was a definite improvement over previous SCSI releases. Ultra-3, however, addressed another problem: cable length. With SCSI-3, LVD was introduced. Low Voltage Differential increased the possible length of the cable to 25 meters with a possible transfer speed of 160MBps. Ultra-3 SCSI operated at a 16-bit wide bus, with LVD signaling and termination. Ultra-3 used a 68-pin connector. Ultra 160 This release is a subset of Ultra-3. It is a parallel interface that uses a 16-bit wide bus and LVD signaling and termination, and has a maximum transfer speed of 160MBps. Although similar to Ultra-3, Ultra 160’s faster transfer speed and LVD addition warranted the creation of this new SCSI category to prevent compatibility issues between device vendors. Ultra 160 also used a 68-pin connector. Ultra 320 SCSI Ultra 320 is the next generation of parallel SCSI interface. At one point it was called SCSI Ultra-4. It is a 16-bit wide bus that uses LVD signaling, LVD termination, a 68-pin connector, and has a transfer speed of 320MBps. Table 4.1 helps to clarify the various releases of SCSI and their speeds and cable specifications. TABLE 4.1
Common SCSI Standards
Type
Bus Width
Transfer Rate (MBps)
Connector
Cable Length
SCSI-1
8
5
DB-25
6m
SCSI-2
8, 16
5
C-50
6m
Fast SCSI
8
10
C-50
3m
Wide SCSI
16
20
C-68
3m
Wide Ultra-2
16
80
C-68
3m
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
122
Chapter 4
Storage Devices
TABLE 4.1
Common SCSI Standards (continued)
Type
Bus Width
Transfer Rate (MBps)
Connector
Cable Length
Ultra SCSI
8
20
C-50
3m
Ultra 160
16
160
C-68
12m
Ultra 320
16
320
C-68
12m
SCSI Controller Card The SCSI controller card is the heart of the SCSI system. Unlike IDE technology, where the controller circuitry is located within each IDE device, SCSI control resides on the adapter card solely. The SCSI adapter card contains a firmware and an EEPROM chip similar to the motherboard. It is on this chip that the SCSI adapter card maintains the configuration information for the individual components installed on the SCSI bus. SCSI adapter cards can support internal or external devices. Depending on the SCSI standard implemented, the connectors and supported cabling to the adapter card will vary. Figure 4.3 illustrates a typical SCSI adapter card. FIGURE 4.3
SCSI controller card 50-pin connector
Ultra160 LVD connector
50-pin connector
32-bit PCI
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
123
SCSI adapter cards can vary from a simple controller card that is packaged with SCSI scanners to very expensive multichannel models. The type of card you choose will depend on your budget as well as needed performance.
SCSI Installation and configuration Installing a SCSI device is substantially different from the previously discussed IDE technology. Rather than a simple master/slave jumper setting, there are several key configurations that must be carefully selected. Each of these configurations plays a significant role in the SCSI operation. Once the SCSI card and devices are purchased, they need to be configured, usually though a bank of jumpers located on the device itself. Configuration includes setting the SCSI ID, LUN (logical unit number), and termination; within each of these configurations, care must be taken to ensure proper operation. These configurations will be examined in detail later in this section. Be sure to document all settings and configurations during the installation and configuration process to assist in future upgrades, additions, and troubleshooting. The following section will look at the fundamentals behind SCSI configuration, such as SCSI IDs, SCSI connectors and cables, and SCSI termination. Server administrators will almost definitely encounter SCSI devices and should therefore have a basic understanding of these fundamentals. This topic is covered in great detail on the Server+ Exam. SCSI IDs and LUN Each device, including the controller card, must have a unique SCSI ID number because this number is used to identify each component on the SCSI chain. The available numbers are 0–7 on an 8-bit SCSI bus, and 0–15 on a 16-bit SCSI bus. The boot hard disk is normally set to ID 0. This is because the controller card starts its configuration at 0 and thus will find the boot disk first, theoretically resulting in a faster boot. Also, some host adapters will not boot if the hard disk is not set to ID 0. SCSI ID numbers are configured through a jumper setting on the device or, in the case of the SCSI adapter card, through a software utility. Figure 4.4 shows the jumper bank on a SCSI hard disk. Note the possible settings are for an 8-bit bus.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
124
Chapter 4
Storage Devices
FIGURE 4.4
Jumper configuration
SCSI ID= 0 SCSI ID= 1 SCSI ID= 2 SCSI ID= 3 SCSI ID= 4 SCSI ID= 5 SCSI ID= 6 SCSI ID= 7
Oftentimes a single SCSI device will perform multiple functions. In this case, the device will need a means of identifying each function through an address (similar to the unique SCSI ID). This is where the LUN (logical unit number) steps in. A good way to grasp the LUN concept is to compare it to a shopping mall. The building as a whole has one street address but each shop within the mall has its own separate address. These separate addresses are analogous to the LUN. In the SCSI-2 standards the LUN numbers can be from 0 to 7. A practical example of this is a tape changer. The tape drive would require one LUN number while the changer would require another. This is one SCSI device that performs two separate functions and would therefore require two LUN numbers.
Most SCSI cards are configured to ID 7 by default, but you might sometimes need to reconfigure your adapter card to a different ID. You do this through the software configuration utility.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
125
SCSI Termination SCSI termination seems simple enough. Place a terminator at the beginning and at the end of the SCSI chain (just as you learned while studying for your A+ exam) and everything should work. However, the majority of configuration problems with SCSI occur with termination or ID numbering. SCSI termination can be a difficult task because of the many variables you must consider. First, termination must occur at the ends of the SCSI chain. Most internal devices are terminated through the use of a jumper. Be sure to locate the correct jumper and apply it appropriately. Each manufacturer has a specific sequence in which to properly apply or remove termination. If the SCSI controller card is to be terminated, it is normally done through software configuration. During system bootup you will see an option to enter the SCSI configuration utility, in which adapter card termination can be enabled or disabled. Where termination takes a much more difficult turn is when external SCSI devices are introduced. When both internal and external devices are present, the termination is removed from the SCSI adapter card and then configured on the device at the end of the internal and external chains. With external termination, a secondary device is often needed. Depending on the type of SCSI bus, the terminator will vary. There are five basic types of SCSI termination. Passive Termination consists of a 220-ohm resistor that connects to the terminator and a 330-ohm resistor that connects the signal line to the ground. Passive termination is less expensive but can lead to issues with line noise and dirty signals. Passive termination is not recommended for SCSI-2 configurations. HVD SCSI, however, does use passive termination. Active Termination was created to eliminate signal problems experienced with passive termination. Active termination is based around a voltage regulator, which reduces fluctuations. Active termination uses a single 110-ohm resistor. SCSI-2 uses active termination. FPT uses diode switching and biasing to fill any fluctuations between the cable and devices. FPT (Force Perfect Termination) is a more advanced form of active termination. LVD is based on a form of active termination. Low Voltage Differential (LVD) is based around the higher speeds of SCSI Ultra-2. Special LVD/SE (single-ended) terminators can be used on busses that have both LVD and SE devices.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
126
Chapter 4
Storage Devices
HVD High Voltage Differential (LVD) is based around a form of active termination. HVD devices require HVD termination, and should not be mixed with LVD or SE devices. As you can now see, there is ample opportunity to create problems in termination. Each terminator must match the appropriate SCSI type. If an inappropriate terminator is used, the SCSI bus will not function properly and the termination could damage devices on the SCSI bus. Considering the cost of SCSI devices and adapter cards, care should be taken before powering on your system. For the best information, refer to your SCSI device manufacturer. After you have completed all of the configuration steps, you can install the devices in the same way as IDE devices. The SCSI cable connects between each device and the adapter card. A power connector also connects to each device. Figure 4.5 illustrates the connectors at the back of a SCSI hard disk. FIGURE 4.5
SCSI hard disk connectors 68 pin Centronics Connector
Jumpers
Power Connector
After all the devices are attached and installed, review each device to confirm proper cabling and termination. When you are sure that installation is complete, you can start the server and enter into the SCSI utility. Depending on the manufacturer, this can be done in several ways. Normally access is gained during the bootup of the computer. A line of text will appear on the screen telling you to press a specific key or sequence of keys to enter the SCSI setup utility, where you can confirm that each device is identified by the SCSI adapter (based on the SCSI ID and LUN) and is functioning properly.
Most SCSI cards are terminated by default. If you are connecting internal and external SCSI devices to your chain, be aware that you will have to disable the termination on the adapter card. Figure 4.6 is an example of an external terminator.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
FIGURE 4.6
127
SCSI terminator
SCSI Cables SCSI cables play an important role in the SCSI chain. SCSI cabling today comes in many different forms. Remember that SCSI devices can be internal or external. Internal cabling differs significantly from external cabling in terms of durability as well as reliability. Consider that cable connectors also vary depending on the SCSI standard being implemented, and it becomes easy to see that there are numerous possibilities. Internal cables follow two different forms:
Standard ribbon cable (similar to IDE and floppy cable) is commonly found within the server case. This cable normally is 68 wires wide (to accommodate the 68-pin connector) but can also come in a 50-pin form.
Newer internal cable is twisted-pair cable and looks a little like spaghetti. This cable is round, not flat like ribbon cable, and has twisted pairs of wires for each pin. The idea behind using the twisted pairs is to reduce signal degeneration. This cabling costs more than traditional ribbon cable, but does improve signal stability. It is often used in longer SCSI bus implementations. Twisted-pair cable can also be found with metal braided shielding surrounding the twisted pairs, which protects further against signal interference.
External SCSI cables need to be more durable than internal cables. Being exposed to the environment and environmental hazards, these cables have a strong external sheathing to protect internal wires. Many external SCSI cables also contain ground shielding, which protects against signal interference. SCSI Connectors SCSI connectors physically attach the drive to the cable. Several different types, such as Centronics connectors, are available to meet the demands of
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
128
Chapter 4
Storage Devices
bus width and speed. Figure 4.7 illustrates some common connectors that you may encounter. FIGURE 4.7
Common SCSI connectors
DB-25 Connector used with SCSI-1 standards
Centronics 50 Connector used with external SCSI devices
Internal and External 68-pin connector used by most hard drives
Internal 50-pin ribbon cable connector for SCSI-2
Very High Density Centronics 68-pin used on SCSI-3 and Ultra 2
80-pin connector used by Ultra 160
Benefits of SCSI over IDE Now that we have compared and contrasted both technologies in detail, you are probably realizing that there are several reasons why SCSI implementation is preferred over IDE technology. Even though configuring the SCSI bus can be a painful task, and the initial cost of SCSI devices is higher than that of IDE devices, SCSI is still preferred in many applications. As a rule of thumb, if you have a server, go with SCSI. Here is a summary of SCSI benefits over IDE. Speed The transfer speed of SCSI is dramatically faster than IDE. A server will face a barrage of requests at once, and SCSI technology can better meet this stress load. Number of Devices Servers contain multiple hard disks, especially in RAID configurations, where disk arrays provide redundancy (discussed in Chapter 5, “Fault Tolerance and Redundancy”). IDE technology without special accommodation will support only four devices. A single 8-bit SCSI channel can support seven devices (remember, the controller needs one).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Physical and Logical Disks
129
It is common now to see an adapter card with numerous SCSI channels providing you with nearly limitless device capacity. Controller Card All SCSI devices are controlled by the SCSI controller card. This takes the stress away from the processor and motherboard. Remember that in the IDE environment the devices each have their own controller circuitry, which is controlled by the BIOS program, which is located within the CMOS chip, which is on the motherboard. Placing this burden on a separate card frees up resources for other uses. Multiple SCSI Controllers Server capacity is limited only by cost. If you need more SCSI devices and your current bus is full, simply install another SCSI adapter card! As long as there are available PCI slots, you can install another SCSI bus. Internal and External Support IDE technology is limited to the space within the computer case. SCSI on the other hand will support internal and external devices. Many SCSI controller cards have external 68-pin connectors for adding on external devices. Although initially SCSI devices, cables, and adapter cards cost more than comparable IDE devices, their speed and flexibility more than make up for it.
Hard Disk Administration Hard disks are electronic components, and like all electronic components, their performance will degrade over time until eventually they need to be replaced. It is usually better to replace the disk drive before it fails rather than after. You will know a disk is failing if performance drops off drastically without any new strains being imposed on the device. When replacing an existing disk, it’s a good idea to upgrade it at the same time. Newer, faster, bigger, and cheaper disks are always coming onto the market, so expand your storage capacity if you can. Before replacing a hard disk, remember to shut off power to the server, and remember to practice proper ESD safety procedures.
Disk Arrays If you have multiple disks in a RAID configuration, you should first check with your manufacturer’s documentation. If software is controlling the array, it may be difficult to expand. As an example, in Windows NT and Windows 2000, if you have RAID 1 or RAID 5, you cannot expand it
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
130
Chapter 4
Storage Devices
without deleting the existing array and creating a new one. Of course, if you do this, please make sure to back up (and test) your existing data first. (See Chapter 5, “Fault Tolerance and Redundancy” for more information about RAID.) Many manufacturers provide external disk arrays for use with servers. The disk arrays connect to the server through a proprietary expansion card. These devices are often very expensive, but have some major benefits. Most of these external storage units contain their own processor and memory, which makes them very fast, and they do not drain excess resources from your server. They are also very expandable. Also, most of them use hotswappable disks. If one fails, you will get a red indicator light next to it. Simply pull it out and put a new one in, and the unit will integrate the disk automatically for you. Technology is a beautiful thing.
Disk Installation Notes Always remember that disks must be formatted for the operating system they will work with. A Windows NT machine will not be able to read a disk formatted for Unix, and vice versa. Whenever you upgrade your disks, or modify your storage structure in any way, make sure that you perform your upgrade checklist.
Summary
T
his chapter covered essential details for using hard disks as storage devices. First, we talked about hard disk structure, differentiating between physical and logical disks. We then discussed IDE hard disk drives. While IDE may not be as fast as SCSI, it’s very commonly used because of its lower cost. IDE devices are easier to configure, but you are limited to two IDE devices per IDE controller. When using two devices on one controller, you need to set one device as master and the other as slave. SCSI is the most popular hard disk technology used in servers. It’s fast, and allows for large numbers of hard disks per machine. SCSI has many different standards, but all are based on backward compatibility. SCSI devices are somewhat harder to configure than IDE devices, are more expensive, and require termination. The benefits of SCSI over IDE include greater performance, flexibility, and support for internal and external devices. Last, we looked at some administration tips for managing your disk storage solutions.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
131
Exam Essentials Know the difference between a physical and logical disk. The actual device located within a server, or connected to the server externally, is the physical disk. A logical disk is defined by its drive letter. Know what a mapped disk is. A mapped disk is a path on a client workstation pointing to a network disk or network share. In Windows Explorer it appears to the client as a physical disk although it is actually a path to a logical disk or share on another computer. Know the three configurations for IDE hard disks. Using jumpers, you can set IDE devices in one of three configurations: master, slave, or cable select. You can choose cable select if the devices are capable of performing automatic selection of correct master/slave configuration. Know the major limitations of IDE in a server environment. One of the first limitations of IDE is its support for only two IDE devices per channel. It also lacks the transfer speeds often needed within a server. Know the three SCSI signaling methods. There are three different signaling methods: single-ended (SE), High Voltage Differential (HVD), and Low Voltage Differential (LVD). Know the common SCSI standards. The various SCSI standards also have varying bus widths, transfer rates, connector types, and cable length requirements. Know the key SCSI configurations. Configuring SCSI devices includes setting the SCSI IDs and LUNs, and ensuring proper termination. Understand SCSI IDs and LUNs. Each device must have a unique SCSI ID that uniquely identifies each component on the SCSI chain. For a SCSI device performing multiple functions, the LUN is used to identify each one. Understand SCSI termination. SCSI termination must occur at both ends of the chain. Usually the controller is terminated at the last device in the chain. The four basic types of termination are passive, active, FPT, and LVD. Know the various SCSI cables. Depending on the device, SCSI cabling can be internal or external. Internal cables follow two forms: standard ribbon and twisted-pair. Know the benefits of SCSI over IDE. SCSI provides the following benefits: faster transfer speeds, support for more devices, and decreased processor load.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
132
Chapter 4
Storage Devices
Key Terms
Before you take the exam, be certain you are familiar with the following terms: Centronics 50
physical disk
DB-25
SCSI ID
FPT (Force Perfect Termination)
SCSI (Small Computer Systems Interface)
High Voltage Differential (HVD)
SCSI-1
High Voltage Differential (LVD)
SCSI-2
IDE (Integrated Drive Electronics)
single-ended (SE)
logical disk
termination
Low Voltage Differential (LVD)
Ultra 160
LUN (logical unit number)
Ultra 320
mapped paths
Ultra-3 SCSI
partitioned
Wide Ultra-2 SCSI
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
133
Review Questions 1. You are the network administrator for your company. One day, your
boss walks in beaming about a new technology she read about called IDE. However, your boss forgets what it stands for. What does IDE stand for? A. Industrial Drive Electronics B. Integrated Device Electronics C. Integrated Drive Electronics D. Internal Drive Electronics 2. You have three servers on your network. Because the company
wanted to save money, they decided to implement IDE hard disks in all servers. Each server motherboard has two IDE connectors. What is the maximum number of hard disks that each server will support? A. One B. Two C. Three D. Four 3. The current IDE device specifications are based on what industry
standard? A. Attachment Interface B. American Transistor Association C. Analogue Terminal Attachment D. A-Terminal Attachment 4. You are configuring a new server for your company. One of the junior
employees wants to know what types of devices are going to be plugged into the IDE controllers on the motherboard. Which of the following is the least likely device you will plug into an IDE controller?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
134
Chapter 4
Storage Devices
A. Printer B. Hard disk C. CD-ROM D. DVD 5. You have just installed brand new Ultra ATA/100 hard disks in your
server. However, when you monitor the disk performance, you notice that you are only getting approximately 25MBps throughput. What is the most likely problem? A. The hard disk is defective and must be replaced. B. The system BIOS needs to be properly configured to recognize the
new hard disk. C. The motherboard only supports Ultra ATA/33. D. Nothing. The maximum throughput for an Ultra ATA/100 device
is approximately 25MBps. 6. One of your junior network administrators is trying to configure a
new IDE hard disk. This person does not have much hardware experience, and is frantically searching for some sort of configuration method. What do you tell him to use to configure the hard disk? A. Pins B. Jumpers C. Software D. DIP switches 7. You have just installed a second hard disk into your server. You are
using IDE devices. However, when you boot the machine, it hangs up during the hard disk detection portion of the POST. You quickly place the disk into another machine, and it boots fine. What is the first thing you should check to get the hard disk working properly in your server?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
135
A. Check the system BIOS to make sure that Ultra DMA parity
checking is enabled. B. Check the system BIOS to ensure that LBA is enabled for the
hard disk. C. Check the back of the hard disk to make sure it is properly
terminated. D. Check the back of the hard disk to ensure that you have the proper
master/slave configuration. 8. You are installing an old SCSI-1 adapter in a test machine to demon-
strate the original technology to your boss. How many devices will that SCSI-1 chain support (including the adapter)? A. Five B. Six C. Seven D. Eight 9. What three types of SCSI signaling have been officially standardized? A. SE, HVD, LVD B. SE, HVS, LVS C. HVD, LVD, DVD D. ES, HVD, LVD 10. Your SCSI chain is composed of devices that all use LVD signaling.
You have an older SCSI device that you want to add to the chain, but you are not sure what type of signaling it uses. What should you do and why? A. Do not install it because if it’s an SE device it could ruin the system. B. Do not install it because if it’s an HVD device it could ruin
the system. C. A and B are both correct. D. Go ahead and install it because mixing signaling types does
not matter.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
136
Chapter 4
Storage Devices
11. You are the junior network administrator at your company. The
senior administrator is in a rush to fix the server, and tells you to get a SCSI connector out of the parts box. When you ask what kind, she tells you to get a connector for an SE device. What type of connector do you grab? A. 50-pin narrow B. DB-35 C. Centronics 68-pin D. DB-9 12. You are installing a new SCSI hard disk into your server to act as the
boot disk. The only SCSI ID you have available is 5. You configure the disk for that ID and boot the server. However, the system is booting from the old disk, not the new one. What could be the problem? A. The new disk is malfunctioning. B. The SCSI adapter will only boot from a disk with a SCSI ID of 0. C. The SCSI adapter will only boot from a disk with a SCSI ID of 7. D. The SCSI adapter is malfunctioning. 13. What connectors does SCSI-1 use (pick two)? A. Centronics 50 B. Centronics 68 C. DB-25 D. High-density 68-pin 14. How many devices can be supported by Wide Ultra-2 SCSI? A. 8 B. 16 C. 12 D. 4
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
137
15. You are in the process of upgrading your SCSI controller in your
server to SCSI-3. You tell your boss that it’s because of the enhanced bus speed of the newer technology. What bus speeds does SCSI-3 operate at? A. 10–20MBps B. 20–30MBps C. 20–40MBps D. 30–40MBps 16. You install a new SCSI hard disk into your server. After rebooting the
machine, the new hard disk is not detected. You place the disk in another machine that has no other SCSI devices, and it responds properly. What could be the problem? A. The disk is malfunctioning. B. The SCSI ID that the disk is using is already being used by another
device in the first machine. C. The SCSI ID on the disk is set to an invalid number. D. The LUN ID that the disk is using is already being used by another
device in the other machine. 17. You are using narrow SCSI technology in your server. You already
have maxed out the number of possible devices in your SCSI chain. You need to expand the server by adding an additional three hard disks. What do you do? A. There is nothing you can do, as computers can only have one SCSI
adapter each. B. Add the hard disks to your IDE connector on the motherboard. C. Add the devices to the existing SCSI adapter, and place the termi-
nator at the end of the new chain. D. Add an additional SCSI adapter to your server, and attach the
disks to it.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
138
Chapter 4
Storage Devices
18. You are in the process of adding SCSI devices to a new SCSI adapter.
When you attempt to set the first device, you are not sure which ID to use. You have not changed the default configuration of the SCSI adapter. What is the most likely SCSI ID assigned to the SCSI adapter cards? A. 0 B. 9 C. 7 D. 3 19. Your boss has instructed you to create a fast new server for your net-
work. Cost is not an issue, but speed is, and you need to ensure nearly 100 percent uptime. The boss would prefer to be able to expand the storage capabilities and replace failed disks without taking the server down, if possible. What type of solution should you implement? A. Use internal IDE hard disks for the new server. B. Use internal SCSI hard disks for the new server. C. Use an external third-party storage solution with hot-swappable
disks. D. The solution your boss wants is impossible to obtain. 20. Which of the following devices is the least likely to be found connected
to a SCSI controller? A. Hard disk B. Modem C. CD-ROM D. Scanner
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
139
Answers to Review Questions 1. C. IDE stands for Integrated Drive Electronics (and sometimes Intel-
ligent Drive Electronics), and was developed as a hard disk standard. 2. D. A single IDE controller will support two devices, and each server
has two controllers, so each server will support four devices. 3. A. IDE devices are based on the ATA (Attachment Interface) standard. 4. A. Of the devices listed, the printer is least likely to use an IDE port.
All of the other devices are commonly connected to an IDE controller. 5. C. Ultra ATA/100 is a fairly new standard, and not all motherboards
support it. In a case like this, the motherboard’s slow link will slow down the system. 6. B. IDE devices are configured using jumpers. The jumpers are used
to configure the master/slave relationship between IDE devices. 7. D. When using multiple IDE devices, ensure that you have the proper
master/slave relationship or the disks will not function properly. 8. D. A SCSI-1 chain will support a maximum of eight devices. Each
must have a unique SCSI ID number, from 0 to 7. 9. A. There are three different types of SCSI signaling: single-ended (SE),
high voltage differential (HVD), and low voltage differential (LVD). 10. B. You can mix SE and LVD devices on the same chain, although you
need a terminator that can handle both signaling methods. Never mix HVD with the other two signaling methods. 11. A. SE signaling uses a 50-pin narrow connector. 12. B. Some SCSI adapters will only boot to a disk if it is set to ID 0. In
the case above, reconfigure the SCSI IDs and you should be okay. 13. A, C. SCSI-1 uses a Centronics 50 or a DB-25 connector. 14. B. Wide Ultra-2 SCSI supports a maximum of 16 devices. 15. C. SCSI-3 operates at bus speeds of 20–40MBps. 16. B. Each SCSI device on a chain must have a unique SCSI ID.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
140
Chapter 4
Storage Devices
17. D. Computers can have more than one SCSI adapter. If the first one
is full, add a second to accommodate the additional devices. 18. C. Generally speaking, SCSI adapter cards are by default assigned
SCSI ID 7. This makes the card the highest priority item in the SCSI chain. 19. C. Internal SCSI and IDE disks are not hot-swappable. Although
third-party storage solutions can be expensive, they are also very fast, and often have built-in fault tolerance and redundancy as well. 20. B. A modem is not considered a SCSI device.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
5
Fault Tolerance and Redundancy COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.2 Configure RAID 7.1 Plan for disaster recovery
Plan for redundancy (e.g., hard disks, power supplies, fans, NICs, processors, UPS)
Use the technique of hot swap, warm swap, and hot spare to ensure availability
Use the concepts of fault tolerance/fault recovery to create a disaster recovery plan
Develop disaster recovery plan
Identify types of backup hardware
Identify types of backup and restoration schemes
Confirm and use off site storage for backup
Document and test disaster recovery plan regularly, and update as needed
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
I
t is amazing how many businesses rely heavily on their server yet invest so little in making sure that the server is highly available. High availability and redundancy go hand in hand. In its essence, redundancy is having multiples of the same device present in a computer so that if one device fails there will be another to take over. The obvious benefit of providing redundancy is to ensure that your server stays up, which translates into your company being able to go about its daily business. This concept of redundancy has expanded over the last several years to include a wide array of components and services. By including redundancy within your server configuration, you are increasing the availability of the server. When a component within the server fails, the redundant component will take over and provide a seamless transition. Because the server is normally the heart of a network, great care should be taken to ensure that it is highly available. Throughout this chapter we will discuss the various ways that you can prevent system failure by practicing common redundancy techniques and by taking advantage of clustering and RAID technology. We will also spend some time evaluating the various levels and forms of RAID.
Managing Fault Tolerance
W
hen an error occurs within a computer, it can be a result of numerous variables. You will remember from the earlier chapters that a multitude of components and processes are working within the computer case. When resources are low or shared, computer systems can become unstable and even stop responding. This often results in system failure and the need for a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
143
reboot. However, this is not the only type of problem that can occur within a computer. These are the three broad fault categories you might see: Computer Hardware Faults occur when a hardware component fails. For example, a network card fails, resulting in no access to the server via network communication. Hardware fault tolerance can provide redundancy by supplying several (or at least two) network cards. The network cards can be configured to monitor each other. When the primary network card fails, the secondary card can take over. Software Faults can also bring a server to a halt. By providing mechanisms to support operation despite possible software errors and/or failures, you increase your availability. These mechanisms can include monitoring tools to assess system resource utilization or redundant programs to ensure data access and manipulation. System Level Faults occur in areas that are not computer based, such as sensors, lights, diodes, etc. These components, although they may not be as critical as computer hardware and software, still play an important role in system operation. Another example of system-wide fault tolerance would involve monitoring other network components, such as switches or routers. Maintaining fault tolerance is maintaining the ability to accept a fault within one component of a subsystem without losing services to another. That said, the primary objective in fault tolerance is eliminating any single point of failure (SPOF). Depending on the server function, SPOFs can vary. For example, a high-availability web server will have multiple possible Internet connections, so that if the primary Internet connection fails, then a secondary and or tertiary connection can take over. In contrast, a print server will not commonly have a web connection but could have several printer connections and/or multiple links to remote printers. Depending on the demands of the server at hand, redundancy offers several possibilities. At the planning stage, it must first be decided at what level the server needs to be available. Hot site servers, such as those in hospital and police networks, must be available always, regardless of any possible disaster or problem. Hot servers are the most expensive and fault tolerant. Warm servers are designed to be fault tolerant most of the time. They contain several redundant components, usually in what is deemed the likeliest areas of possible faults. Warm servers cost more than cold servers but not nearly as much as hot servers. These servers will be fault tolerant most of the time but
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
144
Chapter 5
Fault Tolerance and Redundancy
still can go down from time to time. Cold servers contain few if any redundant components. Cold servers can and often do fail; pricewise, they are the most affordable. What you want to do is achieve a balance between cost and reliability. Ask yourself, “What is the use of the server? What key components are in use and stand a chance of failure?” These are the components that should be part of your fault tolerance plan. Eliminating every possible SPOF and having maximum availability would be excellent—but expensive and nearly impossible to implement. If you think about all the possible SPOFs within a single server, this would mean installing multiples of each key component. Then, to ensure that there would be full system protection, you would have to use a backup server (you will learn more about this clustering of servers later in this chapter). Consideration must also be given to electrical requirements. An uninterruptible power supply (UPS) is a must, but what if the power fails for more then the expected battery life of the UPS? Many high-availability systems employ an electrical generator to provide power in case of a lengthy outage. Now you might want to provide a backup generator for the first generator. As you can see, this becomes expensive and can get carried away very quickly. Instead, most companies will implement a warm server. In the real world, where the value of a dollar is taken into consideration, redundancy focuses on the commonly used components as well as those that might be susceptible to failure. These common components, as well as the reason for their redundancy, are explained in the next section.
Common Redundant Components Within a server are several components that, due to their importance or stress load, should have redundancy. By providing redundancy to these components, you can improve availability. We will take a closer look at them within this section.
Network Cards Network cards within a server play an integral role in the network. Without a NIC, your server is still operational but it suddenly becomes a stand-alone computer. All the files and resources that are shared become inaccessible to client computers. Current network cards are, for the most part, inexpensive. Many servers will contain two network cards; most hold several. The benefits of more than one card are numerous. In terms of redundancy, more than one connection from the server to the switch or hub provides redundant
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
145
paths. If one network card were to fail, then a secondary or tertiary card would be available to take over the requests. This is referred to as adapter fault tolerance. Configurations can include all network cards working together as a team (adapter teaming) and handling requests as one, even though there are several cards working together. The benefits to this are obvious. First of all, should the primary card fail, the second card can take over without any intervention. Adapter teaming can also provide a certain level of load balancing as network requests can be distributed evenly between the cards (in turn eliminating the possibility of a single network card becoming a bottleneck).
Power Supplies Redundant power supplies are becoming increasingly common within servers. It is fairly common to have a power supply fail. Remember, the conversion from AC (alternating current) to DC (direct current) occurs within the computer’s power supply. Component failure and/or fan failure is a concern. Servers containing multiple power supplies are configured to monitor the primary power supply; if needed, the secondary power supply will take over from a failing or failed primary supply. However, if the problem is poor AC power entering the server, then redundant power supplies will not solve your problem.
Hard Disks Hard disks are one of the most common components to be seen in a redundant configuration and one of the most common components within a server to fail. If you can afford to provide only one area of redundancy, then it should be the hard disks. Remember, your hard disks take the brunt of the daily stress in a server environment. The hard disks also contain all of the information that is stored on your network. If any other component within the server fails, it can be changed out with nothing more than some lost productivity time. If the hard disk fails, then all the data and information that was stored on the disk is also lost. This is why backups are so important. Backups allow you to restore in the event of data loss. But think of the time it may take to perform a restore. This is lost productivity time. By implementing hard disk redundancy, you can greatly reduce the time it takes to bring a server back up in the event of hard disk failure—in some instances, no downtime at all will be experienced. Hard disk redundancy raises a whole new concept called RAID. We will be looking at RAID later in this chapter.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
146
Chapter 5
Fault Tolerance and Redundancy
Cooling Fans It goes without saying that cooling is critical within a computer. A server will generate even more heat than a standard desktop, so cooling is a more serious consideration in servers. Running several high-spin-rate hard disks, multiple adapter cards, high-performance processors, and multiple power supplies generates large quantities of heat. Cooling fans are available in a variety of forms today. Dynamic fans that are dedicated to a specific computer component, such as a hard disk, are available at minimal cost and are well worth the investment. Many server environments contain numerous fans, as well as groups of fans working together. This form of redundancy ensures that when a fan fails (and being a mechanical component, it will fail at some point), the failure will not result in rapid overheating and eventual system instability. Most fan speeds (RPMs) are also controlled. If needed, the fans can be speeded up or slowed down to control the temperature.
Internet Connection Where would we be without the Internet? Most businesses rely on the Internet for their daily operations more than they realize. If daily operations are reliant on the Internet, then precautions should be taken to ensure connectivity. Precautions include providing multiple connections and different forms of connectivity. This means that if the T1 connection fails due to issues with the provider, then Internet access can be gained through another provider, another service (such as DSL), or—if all else fails—through the good old dial-up modem. As much as we complain about slow modems, it is better to have dial-up than nothing.
Clustering Technology Reliability of network servers has become critical to the success of many businesses. Most businesses today have resources, applications, and services hosted on network servers that are crucial for their day-to-day operations. This means that these resources need a high level of availability. One of the key technologies available to meet this requirement is clustering. Clustering servers so they operate as a single server can increase the availability of resources, applications, and services to an impressive 99.999 percent. Not only does it provide an economical solution for fault tolerance in the event of server failure, but it also makes planned outages more convenient.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
147
What Is a Cluster? A cluster is a group of computers that work together as one and logically appear to be a single system to users on the network (see Figure 5.1). It is a combination of both hardware and software solutions. Clustering allows you to link two or more systems together so that if one should fail the other is ready to automatically assume its workload. In the event of server failure, applications, services, and resources are migrated to a remaining cluster member by the cluster software and are restarted. FIGURE 5.1
Clustering
Public network connection
Server 1
Public network connection
C:
Server 2
Shared disk
Private network connection
Clustering can be a viable solution for mission critical servers, whether they are transaction servers, database servers, or mail servers. The cost of implementing a cluster configuration can be far outweighed by the cost of lost data and server downtime. The benefits of such a configuration include fault tolerance and increased availability, load balancing, and scalability. The benefits you achieve by implementing a cluster will of course depend on how you configure it (for example, active/active or active/passive). Fault Tolerance and Increased Availability In a cluster configuration, at least one system is on standby should the primary fail. When the primary system fails, or a component on that system fails, the cluster software responds by moving the resources from the failed system to the standby. Downtime can be decreased to just a few seconds, thereby providing fault tolerance and increased availability.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
148
Chapter 5
Fault Tolerance and Redundancy
Load Balancing By implementing a clustering solution, multiple servers can run the same services. When clients make a request for the service, the requests can be balanced among the different servers. The servers appear to the clients as a single logical server and the clients are unaware of which physical server actually responds to the request. Scalability Depending on the clustering software you are using and the operating system you are running it on, you may have some level of scalability with your cluster. For example, if you are running Microsoft Windows 2000 Datacenter Server and Microsoft Cluster Service, you can add up to four servers to a single cluster. Scalability can also be achieved within a cluster by adding more resources and components to a system.
The availability of a cluster and its resources is dependent on the configuration of the network environment. So, when setting up a cluster, you also need to identify any single points of failure that might impact the resources’ availability.
You can configure an active/active cluster or an active/passive cluster. The model that you choose will have an impact on how the cluster operates. In an active/active configuration, each of the servers has its own workload but is also ready to assume the workload of another cluster member in case of failure. For example, you might have a database application running on one cluster member and an e-mail application running on another member. Should either one fail, the other is ready to assume the failed server’s workload while still maintaining its current load. In an active/passive configuration, one server assumes the workload while another server sits idle, ready to assume the workload should the active server fail. Clustered servers have to have access to the same data. Looking at the previous examples, if the database application fails over to the second cluster member, that member will need access to the actual data to continue servicing client requests. This is achieved using shared storage. The cluster members will all be connected to a shared storage device that they all have access to. In most cases, this will be an external disk or multiple external disks. The cluster software is responsible for determining which cluster member has access to the data on the shared disk.
Failover The servers in a cluster provide fault tolerance through failover and failback. In the event of server failure, component failure, or service failure, the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
149
workload of the failed cluster member will automatically be assumed by another server. The applications and services running on the failed member will be restarted on another cluster member, which will assume the responsibility of servicing client requests; this is known as a failover. The cluster members use heartbeat messages to monitor one another’s online status and the status of clustered resources. Once the failed member is back online, the workload can be configured to be automatically transferred back to the now operational server, a process known as a failback. The only downtime that will be experienced is the amount of time it takes for the workload to be automatically transferred between cluster members. The end user sees the cluster as a single system, and in the event of failure, user requests are transparently redirected to another server.
What Is RAID? A server’s disk subsystem is one of the most common components to fail. With this in mind, you will want to implement some form of disk subsystem fault tolerance when building a reliable network server. RAID (Redundant Array of Independent [or Inexpensive] Disks) is a group of hard disks that collectively acts as one storage system, providing tolerance to failure of a disk within the array. There are many benefits to using RAID within a server. Providing a means for high availability within the server is always the primary objective. RAID allows for data to be highly available regardless of disk failure. In a complex disk array, one hard disk or more could fail and the server will still run seamlessly to the end users. This ability of combining multiple hard disks into a fault tolerant array is what makes RAID so appealing to server technicians. Another benefit is speed. Having data stored on multiple disks allows for the disks to all write information at one time. This speeds the writing process considerably over a single-disk system. The main disadvantage of RAID is the cost of implementation. The cost will vary between implementations depending on factors such as the number of disks required, the amount of disk space required, and the level of RAID you choose to implement. Keep in mind as well that RAID does add a level of fault tolerance to your network server disk subsystem and data but does not provide a 100 percent fault tolerant solution because most levels of RAID can recover from failure of only a single disk. There are two forms of RAID: hardware based and software based. Hardware based RAID uses a controller card (similar to the SCSI card) that
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
150
Chapter 5
Fault Tolerance and Redundancy
connects to the motherboard through an expansion slot, or can also be an integrated component of the motherboard. In hardware based RAID the controller card contains a BIOS chip that maintains the disk information. Hardware based RAID is often preferred to software based RAID because the responsibility of controlling the disks is taken on by the controller card rather than the operating system and processor. This frees valuable resources within the server. Software based RAID relies on the network operating system to configure and control the information being sent and accessed on the disks. Later in this section, we will discuss both forms of RAID in great detail, but before we look at the levels of RAID, an understanding of RAID terms must first be established. Array An array is a grouping of disks contained within a single implementation of RAID. Different levels of RAID will require a different number of disks within an array. For example, implementing RAID level 1 requires 2 disks within the array while RAID 5 requires a minimum of 3 with a maximum of 32. Striping Striping is a method of spreading data across several disks. There are tremendous performance gains with striping because data is written and read from the disks simultaneously. The performance of striping is measured by the size of the stripe. Different levels of RAID offer different sizes of stripes, such as bits, bytes, and blocks. The larger the data stripe, the better the performance of the stripe. Mirroring Mirroring is a simple concept: Data is duplicated on two separate hard disks. Should one of the disks fail, then the second disk will take over seamlessly. The controller card does this changeover between disks should a failure arise. Write performance is not very good in a mirrored array because all data has to be written twice (once for each disk). Duplexing Duplexing is similar in concept to mirroring. Data is duplicated on two separate disks but duplexing adds an extra level of fault tolerance through the use of separate controller cards. Parity Parity is added to certain levels of RAID. The parity bit is used as a form of error checking for the array. Each data byte written to the array is given a parity bit. The controller card uses the parity bit to validate the integrity of the information being written to the disks. If the data has been compromised, the controller card will replace the data automatically with information from the other disks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
151
Volume In terms of RAID, the volume is the total amount of logical disk space within the array. For example, if you were to implement RAID 5 using four physical disks, combining 3GB of free space from each one, the RAID volume would be 12GB (four disks × 3GB). This means that there is 12GB of free storage space within the array. Keep in mind that this calculation does not take into account the space needed for the parity information.
Levels of RAID There are numerous levels of RAID that can be implemented in a hardware based RAID array. Each level has its own benefits and drawbacks. The most common levels are RAID 1 (disk mirroring) and RAID 5 (stripe set with parity). The Server + exam will test your knowledge on seven of these levels. First let’s look at the levels in detail, and then we can compare them in a chart to see the benefits and drawbacks. Level 0 RAID 0 provides no fault tolerance at all. Data is split across hard disks, resulting in fast data throughput but no safety. If a disk were to fail, then the data would become inaccessible. RAID 0 is often referred to as striping. Level 0 is one of the implementations of software level RAID, and will be discussed later in the chapter. Level 1 RAID 1 is called mirroring. In mirroring, two disks are used and data is copied (mirrored) from one disk onto another. When one disk fails, there is an identical second hard disk to take over. Most ordinary servers will use RAID 1 for fault tolerance. Level 1 is a common implementation in servers and can be used with IDE disks as well as SCSI hard disks. Level 3 RAID level 3 is striping bits of data across several disks with parity information stored on one disk. A major concern with this array is that the parity disk is a SPOF. Should the parity disk fail, then the entire array will halt. RAID level 3 requires at least three hard disks (including the parity disk). There is also an increase in workload placed on the parity disk because each time a write operation is performed this disk is accessed. Level 4 RAID 4 stripes data as bytes across several disks with parity information stored on one disk. Parity data is updated on each write
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
152
Chapter 5
Fault Tolerance and Redundancy
request, which can hamper performance. The same SPOF issue seen in level 3 is also a concern in level 4. RAID level 4 also requires at least three hard disks. The benefit over level 3 is that the data being written to the disks is in larger units (bytes over bits). Level 5 RAID level 5 is commonly referred to as striping with distributed parity. Similar to levels 3 and 4, RAID 5 offers a more advanced parity, which is striped across multiple disks. This ensures that if the parity disk were to fail, the array would not fail. On the negative side, because parity data must also be written to each disk in the array, performance is slower. Level 0+1 RAID 0+1 (sometimes referred to as RAID 10) is a dual array that takes the best of level 0 and level 1. Multiple mirror sets are used, which are then configured in a striped set (requiring a minimum of four disks). RAID 0+1 offers high data-transfer speed with data protection. Level 0+5 This level of RAID is composed of multiple RAID 5 sets connected in a single array. The benefit of this complex structure is that multiple disks could fail across several sets and still the entire array would stay active. The cost of such a structure would be mind-boggling. Now that we have a better idea of each of the main RAID levels, we can look closely at the benefits and drawbacks of each level and compare them (see Table 5.1). It will be important for you to know these and be able to make distinctions between levels, not only for the purposes of the exam but also for day-to-day hands-on activity. TABLE 5.1
Levels of RAID Level
Benefits
Drawbacks
RAID 0
Fast
No data protection
RAID 1
Fast and easy to set up
Controller a SPOF and is slower than 0
RAID 3
Uses parity
Parity disk a SPOF and stripes small data units (bits)
RAID 4
Uses parity
Parity disk a SPOF and stripes larger data units
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
TABLE 5.1
153
Levels of RAID (continued) Level
Benefits
Drawbacks
RAID 5
Best cost/performance
Only supports SCSI disks in hardware level
RAID 0+1
High transfer speeds
Expensive and often difficult to configure
RAID 0+5
Best data protection
Extremely expensive
RAID Disks In most applications SCSI disks are the disks of choice in a RAID configuration, but IDE disks can also be used. If you remember from Chapter 4, “Storage Devices,” IDE supports only two disks per controller, and therefore IDE is not often used within a RAID configuration. However, with software RAID, mirroring can be implemented on one or more IDE disks. This will allow for data protection. Normally SCSI disks are used. Many manufacturers sell combination RAID and SCSI controller cards. These amazing (and normally very costly) multi-channel devices allow you to select whether the channels will function as RAID or SCSI controllers. Many mid-range to high-end servers utilize these controllers.
RAID Controllers RAID disks are just one component to consider when implementing RAID. You will also need to consider the RAID controller if you are implementing hardware level RAID. RAID controllers perform functions such as calculating the parity information and caching of information. RAID controllers come with their own processor to perform parity calculations, which means the RAID system will no longer be dependent on the CPU in the server. In terms of caching, the controller can cache information that will cache data that is waiting to be read from or written to the disks in the array. When choosing a RAID controller, you need to consider the type of disk subsystem (SCSI or IDE), the type of RAID you plan to implement (not all RAID controllers support every level of RAID), and the size of the on-board cache. The size of the on-board cache will be determined by the type of data being stored on the array and the expected workload on the controller.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
154
Chapter 5
Fault Tolerance and Redundancy
RAID Cache Depending on the workload, a RAID controller could become a bottleneck trying to perform all of the read/write operations. Most RAID controllers come with on-board cache to eliminate this possibility. If the RAID controller receives a request that it cannot immediately perform, the request can be temporarily placed in the cache.
Software RAID Some operating systems allow you to configure RAID without the need for special hardware. The operating system will come with some utility that will allow you to configure software level RAID, which is known as software RAID. For example, using Disk Management, a tool included with Windows 2000, you can implement software RAID through the operating system. The previous section gave you a brief introduction to the different levels of RAID that can be implemented. The following section will describe in more detail the features, benefits, and drawbacks of software level RAID. Throughout the section we will pause and examine the advantages and the disadvantages of most of the common software RAID levels. You will find these highlighted evaluations in shaded sidebars within this section. RAID 0, also known as disk striping, can be implemented on a server but it does not offer any fault tolerance. So if your servers are hosting mission critical data, this will not be an appropriate solution. With RAID 0, data is broken down into blocks and written across multiple hard disks, which increases performance. Performance is also increased because there is no parity overhead. However, should a disk within the array fail, all data is lost and is only recoverable by restoring from a backup copy.
RAID 0 Advantages
Improved performance—because data is spread across multiple disks, I/ O performance in increased.
Minimal hardware—RAID 0 can be implemented on two disks.
Easy implementation—it is easy to implement and can be done using a tool that comes with the operating system.
Zero disk overhead—because there is no parity information, there is no disk overhead associated with RAID 0.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
155
RAID 0 Disadvantages
No fault tolerance—if a single disk fails, all data is lost and must be restored from backup.
Increased single point of failure—most implementations of RAID 0 can support up to 32 disks. However, the more disks you have, the more points of failure. If any of the disks within the array fail, all data will be lost.
Because RAID 0 offers no fault tolerance, it should never be used for data that is mission critical.
RAID level 1 is also known as disk mirroring. This is one of the most common implementations of RAID in a server environment. With disk mirroring, two disks are required so that data from one disk can be copied or mirrored onto a second disk. Each time a write is made, it is duplicated to the second disk in the mirrored set. If the first disk fails, the data can be accessed from the second disk in the mirrored set (see Figure 5.2). FIGURE 5.2
RAID 1 Disk 1
Disk 2
C:
C:'
Disk Controller
RAID level 1 has little impact in terms of performance. You will not see any increase in performance when reading from the disk and you may see a decrease in performance for disk writes because the data now has to be written to two different disks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
156
Chapter 5
Fault Tolerance and Redundancy
In terms of fault tolerance, RAID level 1 can withstand the failure of one disk without data loss. This implementation however cannot withstand the loss of a second disk, so when disk failure occurs, it is important to replace the disk as quickly as possible. A variation of RAID 1 is disk duplexing. It is similar to disk mirroring but provides an additional level of fault tolerance. With disk mirroring, the disks in the array use the same disk controller. Should the disk controller fail, both disks fail as well. With disk duplexing, each of the hard disks has a separate controller, adding yet another level of fault tolerance.
RAID 1 Advantages
Easy to implement fault tolerant options. Since data is duplicated on two disks, it is readily available should one of the disks fail.
Disk duplexing—this process can be implemented to eliminate the disk controller as a single point of failure.
Fault tolerance for system partition—normally, boot files cannot be written across multiple disks. RAID 1 allows you to implement fault tolerance for the system partition.
It offers a relatively low-cost fault tolerant solution because only two disks are required.
RAID 1 Disadvantage
Disk overhead costs—the major disadvantage of RAID 1 is the disk overhead or the cost per megabyte. A large amount of disk space can be consumed mirroring one disk onto another. RAID 1 has the highest disk overhead of any RAID implementation.
Some implementations of RAID allow you to add a hot spare, which can be used if one of the disks in the array fails.
The second most common level of RAID is RAID level 5, also known as striping with parity. It requires a minimum of 3 disks and most implementations
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
157
support a maximum of 32 disks. Data that is written to the array is stored across multiple disks. This level of RAID provides fault tolerance by adding parity information that can be used to regenerate the data should a disk in the array fail. The volume size for the array is determined by the smallest disk (all disks in the array must be the same size). For example, if you have three disks, 10GB, 20GB, and 40GB in your array, 10GB from each disk will be used because this is the smallest disk size. The total volume for the array would be 30GB, with 20GB available for data storage because 10GB is reserved for parity. In terms of fault tolerance, RAID level 5 can withstand the loss of a single disk and use the parity information to recover the lost data. If more than one disk in the array fails, all data is lost. Not only does RAID level 5 provide fault tolerance for data, but it can also increase performance because it is faster to read data from multiple disks than it is from a single disk. You may see a slight decrease in write performance because the parity information has to be calculated. The trade-off for fault tolerance is a slight increase in server overhead. A portion of your disk volume will be used to store the parity information. To calculate the amount of disk space for the parity information use the formula 1/x where x is the number of disks in the array. For example, if you have four 20GB disks in your RAID implementation, the total volume is 80GB but 20GB is reserved for parity information (1/4 of the total volume space).
Level 5 Advantages
Fault tolerance—obviously, one of the main advantages to RAID 5 is fault tolerance. It can withstand single disk failure while still providing access to the data, using the parity information to re-create the data stored on the failed disk.
Increased performance—RAID 5 offers an increase in performance because data, including the parity information, is written across multiple disks.
Replace without shutting down—depending on your server configuration, if it supports hot swapping, you will be able to replace the failed disk without shutting down the server.
Low disk overhead—the disk overhead for RAID 5 is considerably lower than that of RAID 1.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
158
Chapter 5
Fault Tolerance and Redundancy
RAID 5 Disadvantages
Restrictive array—the system and boot partitions cannot be contained on a RAID 5 array.
Limited performance—there is a decrease in write performance because the parity information has to be written across multiple disks every time a write operation is performed.
Disk Overhead—Even though the overhead is less than that of RAID 1, one disk space is still lost for parity information.
Software Versus Hardware As you now know, RAID can be implemented through software and there it is configured and then managed through the operating system or by using specialized hardware. When determining the level of RAID to implement, you will need to look at the benefits and drawbacks of each type as well as your requirements (costs, performance, capacity, and fault tolerance). Keep the following points in mind when you are deciding what type of RAID to use. Costs Software level RAID reduces costs because it does not require any specialized hardware. Performance Software level RAID is handled by the server’s processor, which can decrease performance. Hardware level RAID takes the load off the server’s processor with the use of a specialized controller card. Capacity Software level RAID is dependent on the operating system and consumes server resources. Hardware level RAID is not dependent on the operating system. Fault Tolerance Software RAID does have certain limitations, such as the system and boot partition being unusable in RAID level 5. Hardware level RAID can offer faster data transfer rates and can support technologies such as automatic failover of a failed disk to a spare and hot spares.
You can implement different levels of RAID on a single server. For example you may choose to use RAID 1 for the system and boot partition while implementing RAID 5 for data.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Managing Fault Tolerance
159
Unlike hardware level RAID, software level RAID supports both SCSI and IDE disks in a single array.
RAID for Bargain Hunters Not long ago I did some pro bono consulting for a small independent school in Massachusetts, where the administration had become concerned about data security. Wisely perhaps, the school’s administrative network was designed to be completely separate from the student labs, so I was spared from dealing with dozens of wickedly clever teenage saboteurs. Instead, I had only to deal with one cost-conscious head of school. The administrative network was running Windows NT on a server with five physical hard disks. The head wanted me to set up the server so that if one of the disks failed, the data would not be lost. Oh yes…and it had to cost nothing. Hardware Level RAID was clearly out of the question unless I could convince somebody’s grandmother to donate a RAID controller. But I had the solution. By applying software level RAID through an existing NT utility, I implemented disk striping with parity (also known as software level RAID 5). Software RAID relies on the operating system to control disk reads and writes, so the processor takes a bit of a hit and some disk space is lost to parity information; luckily, these were not major concerns on this network. In fact, one of the math instructors reported a slight increase in performance, probably due to faster reads from the multiple disks. I had delivered a good level of fault tolerance: If one disk in the five-disk array failed, data could be recovered through stored parity information. When I explained all this to the head, she graciously thanked me and assured me that my work was worth every penny.
Hot Plug Hot plug is an amazing technology that allows you to add disks to a server while it is running. This technology calls for some special components but is well worth the added expense. Servers are built with a backplane and rail system that allows for the disks to slide in. Once fully inserted the disks come into
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
160
Chapter 5
Fault Tolerance and Redundancy
contact with the backplane where connectivity is established. This connectivity can occur through metal electrical connections or through fiber (light) connections. The operating system should then identify a new disk has been added. In the modern server with a hot plug backplane, normally each disk contains lights on the front. Much like a traffic light, green means go and red means stop. These hot plug disks can be monitored through the lights. When a disk fails or is having problems, the red light will shine, thus giving you a quick visual note that you should check things out. If the disk has indeed failed and needs to be replaced, it can be swapped out by sliding it out and replacing it with your spare. The RAID controller will sense the new disk and begin to rebuild it with the data from the other disks. This rebuilding process involves installing the disk as part of the RAID array and transferring the data over. The length of time that this process will take varies with the size of the disk, type of RAID configuration, as well as quantity of data. To the end users this process will be seamless. They will not be aware that there has been any issue with a disk replacement.
Hot Spare In RAID configurations it is often advisable to have a hot spare on hand. Hot spares are extra hard disks (matching those in use within the server), which can be installed when needed. By having a hot spare on hand, you can be assured that if and when a disk fails within the server, a replacement can be installed and integrated into the RAID configuration as quickly as possible. Unfortunately the hot spare idea is not an effective use of money. There is a possibility that you may never use the hot spare disk and it will sit in a storage cabinet until it becomes obsolete. With a RAID 1 configuration having a hot spare makes sense. After all, in this implementation of RAID, you only have two disks to work with. When one fails, you are down to only one disk—and if you recall, RAID 1 can only recover from a single disk failure. If you then need to send out the failed disk for servicing and wait for it to return, you suddenly are spending an extended period of time with no data protection.
Summary
I
n this chapter we discussed server fault tolerance and the different options that can be used to increase server availability. Providing redundant components is one of the simplest ways to avoid server downtime.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
161
To provide for complete server fault tolerance, not just fault tolerance of individual components, servers can be set up in a cluster configuration. This provides a high level of availability for servers as well as the applications and services they are hosting. In a cluster configuration, two or more servers operate as one—should one server fail, another is ready to automatically assume its workload. The disk subsystem is one of the most common components to cause server failure. Providing redundancy and fault tolerance for data stored on a server’s hard disk can be accomplished by implementing some form of RAID, using the operating system or specialized hardware.
Exam Essentials Recognize the three general categories of server faults. Faults that can occur in a server environment include hardware faults, software faults, and system-level faults. Common redundant components. There are many ways to provide server fault tolerance. One way is to implement common redundant components. Due to their importance in a server environment, you should consider implementing redundancy for the following components: Network interface cards, power supplies, processors, cooling fans, and hard disks. Understand how clustering provides fault tolerance. To provide fault tolerance for a server and the applications, services, and data it is hosting, you can implement clustering technology. With clustering, two or more servers act as one. If one server fails, another server is ready to automatically assume its workload. Clustering provides fault tolerance, scalability, and load balancing. Understand RAID. RAID, or redundant array of inexpensive disks, is a group of hard disks that collectively act as one storage system to provide fault tolerance for a server’s disk subsystem. RAID can be implemented through specialized hardware or through the operating system. Understand the commonly used levels of RAID. The most commonly used levels of RAID are 1 and 5. RAID level 1, also known as disk mirroring, takes data from one disk and mirrors in onto another disk. RAID
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
162
Chapter 5
Fault Tolerance and Redundancy
level 5, also known as disk striping with parity, writes data across multiple disks and uses parity information to re-create the missing data in the event of disk failure. Understand Hot Plug and Hot Spare. With the use of specialized components, hot plug allows you to add disks to a server while it is still running. Hot spares are extra hard disks (matching those in use within the server), which can be installed when needed.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: adapter fault tolerance
mirroring
array
parity
availability
RAID (Redundant Array of Independent [or Inexpensive] Disks)
cluster
RAID 1
computer hardware faults
RAID 5
disk controller
redundancy
duplexing
single point of failure (SPOF)
failback
software faults
failover
software RAID
fault tolerance
striping
heartbeat
system level faults
hot plug
volume
hot spare
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
163
Review Questions 1. What is the minimum number of disks needed to implement RAID
level 5? A. 2 B. 3 C. 4 D. 1 2. Your boss is planning on implementing hardware level RAID
because he understands that is more reliable than software RAID. Which of the following statements is true? (Choose all that apply.) A. It is not necessarily more reliable but it does provide better
performance. B. Software level RAID is less costly and provides better overall
performance because the RAID subsystem is controlled by the operating system. C. Hardware level RAID will be more costly to implement because
specialized hardware is required. D. Software level RAID will be more costly because a special version
of the operating system needs to be purchased. 3. Of the following, which implementation of RAID combines data
striping across disks with mirroring? A. RAID 1 B. RAID 1+5 C. RAID 0+1 D. RAID 5 4. Of the following, which level/levels of RAID offer no fault tolerance?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
164
Chapter 5
Fault Tolerance and Redundancy
A. RAID 0 B. RAID 1 C. RAID 3 D. RAID 5 5. You create a RAID 5 array that consists of two 10GB disks, a 20GB
disk, and a 40GB disk. What is the total volume space for the array? A. 0GB B. 80GB C. 40GB D. 50GB 6. You create a RAID 5 array that consists of two 10GB disks, a 20GB
disk, and a 40GB disk. What is the total amount of space available for storing data? A. 40GB B. 60GB C. 20GB D. 30GB 7. Which of the following levels of RAID has the lowest disk overhead? A. RAID 0 B. RAID 1 C. RAID 3 D. RAID 5 E. RAID 10 8. Which of the following are advantages of software level RAID as
opposed to hardware level RAID?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
165
A. Both SCSI and IDE disks can be used in the same array. B. Software level RAID provides improved performance. C. Software level RAID is less costly because it doesn’t require any
special hardware. D. Software level RAID is dependent on the operating system,
therefore making it more fault tolerant. 9. Your network server is running a business critical database appli-
cation. You want to minimize server downtime and increase the availability of the application. Which of the following fault tolerant options will best meet your needs? A. RAID 1 B. Adding an additional processor C. Clustering D. Raid 0+1 10. You have configured your network servers in a cluster. Which
components have you provided redundancy for? A. Network cards B. Processors C. Servers D. Hard disks E. RAID systems 11. You set up two servers in a cluster configuration. Each server has its
own workload—one is running a database program while the other is running a mail service. Each server is also ready to assume the other’s workload in the event of failure. What type of cluster configuration is this? A. Active/spare B. Active/passive C. Passive/passive D. Active/active
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
166
Chapter 5
Fault Tolerance and Redundancy
12. RAID stands for which of the following? A. Redoubtful Array of Inexpensive Diskettes B. Redundant Array of Inexpensive Disks C. Redundant Array of Independent Disks D. A SWAT team action 13. Which of the following solutions combines data striping across disks
with mirroring? A. RAID 1+5 B. Hybrid RAID 0+5 C. High Performance RAID D. RAID 0+1 14. Your boss has asked you to implement hardware level RAID because
he understands that it is more reliable. He wants your opinion. What will you tell him? (Select two.) A. It is not necessarily more reliable but it does provide better
performance. B. Software level RAID is less expensive but provides better perfor-
mance because the process is controlled by the network operating system. C. Hardware RAID will cost more because he will have to purchase
a special controller and disks. D. Software RAID will end up costing more because a special version
of the operating system has to be purchased. 15. How does RAID 5 write data to the disk? A. In bits B. In nibbles C. In bytes D. In binary E. In blocks
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
167
16. Can a hot swappable disk also be a hot spare? A. Yes. B. No. C. It depends on the level of RAID. D. It depends on the speed of the SCSI devices. 17. You want a RAID solution for your server that will give you redun-
dancy in the event the disk itself or its controller fails. Which RAID level will you choose? A. RAID 5 B. Hybrid RAID 0+5 C. RAID 1 D. RAID 0 18. Your boss wants you to implement a level of RAID but he does not
want to incur any additional cost. You are running Windows 2000 on a server that has 4 physical hard disks. He understands that you can set the RAID up in such a way that if one of those disks fails, the data will not be lost. What are you going to implement? (Select all that apply.) A. Hardware level RAID B. Software level RAID C. Disk striping D. Disk striping with parity 19. Your company is located in a remote area and the nearest vendor who
provides computer repair services is over 500 miles away. Which is the best solution in a situation where a hard disk or a computer sustains a fatal hardware failure?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
168
Chapter 5
Fault Tolerance and Redundancy
A. Implement a server with RAID 1 so that when a hard disk fails, it
won’t matter to the end users. B. Keep hot spare disks on the shelf that match the type and config-
uration of the disks in your server. Then when a hard disk fails, you can replace it yourself. C. Entirely duplex your server. D. Back up your data every night so you can still gain access to the
corporate data. 20. You wish to implement a RAID solution where data will be striped
across disks because you want the speed associated with data striping on disk reads. However, you are concerned that if you lose multiple disks, you will lose all the data on all disks. How can you protect yourself against loss of multiple disks? A. RAID 1+5 B. Hybrid RAID 0+5 C. High Performance RAID D. RAID 0+1
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
169
Answers to Review Questions 1. B. The minimum number of disks required to implement RAID level 5
is three. The parity information is spread out among the disks, and disk space equivalent to one disk is used for parity. 2. A, C. Hardware level RAID does provide better performance
because the RAID controller has its own processor and cache. Software level RAID has no special requirements while hardware level RAID requires specialized hardware making it more costly. 3. C. RAID 0+1 (sometimes referred to as RAID 10) combines data
striping (RAID 0) and mirroring (RAID1). Data is striped across two disks and mirrored onto another set of disks. 4. A. RAID 0, also known as disk striping, does not offer any level of
fault tolerance. 5. C. The smallest disk size is 10GB so the total volume size for the
array will be 40GB (10GB from each available disk). 6. D. There will be 30GB of space available for data storage and 10GB
will be used for parity information. 7. A. RAID 0 has the lowest disk overhead because there is no space
being used for parity information. 8. A, C. Software level RAID supports both SCSI and IDE disks in a
single array. It is also less costly because there is no need to purchase specialized hardware such as a RAID controller. 9. C. In order to provide fault tolerance for the database application,
you should implement server clustering. If the server hosting the application fails, another server can automatically assume its workload. 10. C. A cluster provides fault tolerance for a server and the applications,
services, and data it is hosting. 11. D. In an active/active cluster configuration, each cluster member
has its own workload so one server isn’t sitting idle while the other one assumes all the work. 12. B, C. If you answered B, you are showing your age. When RAID
technology was first introduced, it was described as a Redundant Array of Inexpensive Disks. Now, however, it is commonly called Redundant Array of Independent Disks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
170
Chapter 5
Fault Tolerance and Redundancy
13. D. RAID 0+1 is a hybrid approach where an entire stripe set without
parity is actually mirrored or duplexed. 14. A, C. Hardware RAID costs more because of the special controller
and disks that need to be purchased but it provides significantly better performance than Software RAID. In addition it will support hot swap of disks that fail. 15. E. RAID 5 data is striped at block level across all of the disks in
the chain. 16. A. Whether a disk is hot swappable has nothing to do with its status
as a hot spare. 17. C. Disk duplexing adds a second controller to the second disk, moving
the single point of failure away from the disk subsystem to the mainboard. In RAID 1, if either disk fails, the other disk takes over. 18. B, D. This is called disk striping with parity and can be implemented
via the network operating system. Therefore, it is software level RAID. You do not need to purchase any additional hardware or software. 19. B. Hot spares can be replaced while the server is down for a minimal
time or the hot spares can be hot plug or hot swappable types. 20. D. RAID 0 is striping without parity, so it will give you the perfor-
mance you are looking for because it doesn’t have to calculate parity. However, if you lose one disk, you will lose all data. If you use the hybrid RAID 0+1, the 1 means that the disks will also be mirrored or duplexed. Therefore even if you lose two or more disks, you will still be able to get the data back from the mirrored disk.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
6
Networking COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.3 Install NOS
Configure network and verify connectivity
Verify network connectivity
4.4 Perform physical housekeeping 4.5 Perform hardware verification 6.4 Identify and correct misconfigurations and/or upgrades
Please see Chapters 2, 4, 7, 8, and 10 for further coverage of objectives on NOS installation, physical housekeeping, hardware verification, and identification/correction of misconfigurations and/or upgrades.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
N
etworks, quite simply, are groups of computers connected together to share resources. This classic definition has stretched over the last few years and is in need of refinement. Today the realm of networking has expanded beyond the constraints of wires and simple file sharing to include PDAs and wireless computer technology. Networks are used to share resources. These resources can include files, applications, printers, and Internet and mail connections. The benefits of resource sharing extend beyond simple fiscal savings and into numerous other areas. For example, many workers use the little yellow sticky notes to leave messages for others. The chance of the sticky note becoming lost, accidentally taken by someone else, or deliberately read by the wrong person are high. A network facilitates reasonably secure communication through e-mail, thus eliminating some sticky-note problems. Network-based software that facilitates simultaneous use by multiple users is also available. Several web-based products allow for such use through a website; potential clients can use the website even while the company is updating and/or redeveloping it. The time and cost savings can be substantial. Network use has also spread into telephone conferences and videoconferencing, bringing innovation to the way we conduct business. This chapter will explain the current network technology, its benefits and drawbacks, as well as the role of the server within the network environment. As previously mentioned, the definition of a network has changed over the last several years to include various new forms. What was originally a small group of computers linked together with wires has now expanded into a broad range of network types. Here I will classify seven: LAN A LAN (local area network) is probably the most common form of network in use today. LANs are often referred to as private networks. A LAN is defined as a network located within the physical confines of a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
173
geographical location (such as a building or group of buildings). LANs have a limited distance of travel that is determined by the cable used. MAN A MAN (metropolitan area network) is larger than a LAN but not as large as a WAN. MANs consist of networks that span several buildings, city blocks, or even an entire city, providing redundant links and fast access between these locations. An example of a MAN would be a network between city libraries. Each library is a separate building located within the geographical location of the city. Access to data between all of these libraries can be gained through a MAN. WAN A WAN (wide area network) is a network capable of spanning large geographical and political boundaries. This includes states, countries, and continents. The Internet is the largest wide area network in existence. It is an interconnection of computers worldwide. SAN A SAN (storage area network) provides a link for multiple users to a mass storage location. Large corporations that prefer to centralize their data commonly use SANs. This assists in data safety and backups because all the file servers can be housed in a secure building with limited access. SANs normally use high-speed links such as fiber optics to communicate with their storage facilities. PAN A PAN (personal area network) is the newest network created. A PAN is a small network that spans a very short distance (usually only a few feet). These small networks allow for communication between PDAs and desktop or laptop computers. PANs often use IR (infrared) or other wireless technology to send and receive information. VLAN A VLAN (virtual local area network) comprises computers and/ or resources that are physically on different network segments but communicate as though they were on the same segment. VLANs provide a means of connectivity without the overhead of physically restructuring several networks. VPN A VPN (virtual private network) is a way of using public networks to create private links. Most commonly it is a private connection made through the public Internet infrastructure. The benefit of this is that the users do not have to lease private lines or purchase expensive equipment. A VPN is a secure tunnel created through an existing connection. WLAN A WLAN (wireless local area network) eliminates the need for cabling by using other communication media. These may be radio frequency (RF), infrared (IR), or laser communication. The obvious
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
174
Chapter 6
Networking
benefit of a wireless network is flexibility in structure. If you are not limited by wires, the computing environment can take on almost any form, shape, or location. Taking your laptop along on a nice day and working outdoors, while maintaining network connectivity, is a reality. Besides the types of networks available, there are also network topologies. Topologies are the layout of the network. This can include both physical layout (the way in which the network is actually installed and appears) and logical design (the way in which information flows through the network). Here we will classify five main topologies: Bus In a bus topology all the computers are connected to one main cable that runs the length of the network. This structure is often compared to a string of Christmas lights. There is a beginning and an end, and between these two points each computer connects to the wire. There are concerns with the bus topology in that, much like a string of Christmas lights, if there is a break in the cable or connection with a computer, then the entire network can go down. Another problem with bus topology is locating the fault when one occurs, because when the entire network fails, there is no way to locate the fault besides starting at one end and working your way to the other. This can be an extremely tedious—and often painful— process, considering the network can span several floors and the wire is often located within walls, drop ceilings, and crawl spaces under floors. Figure 6.1 illustrates a bus topology. FIGURE 6.1
Bus topology
Notice how there are special devices at the beginning and end of the bus wire. These are actually 50-ohm terminators. Terminators are installed at the beginning and the end of a bus network to eliminate signal bounce. If a terminator is not present, is not working, or is not connected properly,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
175
network signals will reach the end of the wire and bounce back (much like an echo). With time, the entire bandwidth of the wire will be consumed with signal bounce, thus bringing the network down. Bus connectors, terminators, cabling, and cable standards will be discussed in more detail later in this chapter. Star A star topology is based around a central device such as a hub or switch. Every computer is connected through its own cable directly to this central device. This is an improvement over the bus topology, as a cable failure will bring down only the one computer directly connected to it. Star topologies are the most commonly used topology in small- to medium-sized business environments today. Benefits of the star topology are ease of installation and troubleshooting. Most central connectivity devices have lights to indicate whether a cable segment is active or down. Upgrading to add more devices to the network can be done without shutting down the entire network. Figure 6.2 is an example of a star topology. FIGURE 6.2
Star topology
A major concern with the star topology is the single point of failure (SPOF). Having all network resources connected to one hub or switch makes it a key component. Extra care should be taken in locating this device in a safe and secure location. Another consideration is that, with each device needing its own dedicated cable, there can be a multitude of cables merging at the point of the central connectivity device. Cable management becomes a focus. The cable used within a star topology needs to be carefully routed throughout a building to avoid areas of possible EMI (electromagnetic interference). As the number of cables increases, this task can become increasingly difficult. Fortunately the cost of cable used in a star topology has dropped, making it an affordable option. If longer cable runs need to be made to avoid possible EMI interference, it will not be a major financial stress.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
176
Chapter 6
Networking
Ring The ring topology features all devices connected in a circular formation. There are two different ring topologies to be aware of: logical and physical. Logical ring topologies move information in a circular ring format but are physically a star topology. What this means is that there is a central connectivity device and all other devices connect to this central device thorough dedicated cables—it looks like a star topology. However, information flows in a circular format throughout this network. Physical ring topologies actually look like a ring. All networked devices are connected in a circle. The advantage of a physical ring is that there is very little cable in use, making installation easier. Since fiber optic networks work on the principle of a ring, another possible advantage is speed. A possible disadvantage of some ring topologies is that a single failure in either the computer or in the cable can result in the entire network failing.
This is not the case in a true ring topology such as FDDI (fiber distributed data interface). FDDI (described in more detail below in the “Fiber Optics” section) “implements a dual ring so that it remains functional should one station die or drop off the ring.”
Another disadvantage is that diagnosis of problems in a ring topology is also difficult: Any service or updates on the network need to be done during off-work hours because one system being shut down for service will halt the entire network until the service is completed and the system is brought back online. Figure 6.3 is an example of a physical ring topology. FIGURE 6.3
Physical ring topology
Mesh A mesh topology is the most complicated and expensive topology to integrate. However, it is the most resistant to failure from a cable fault. In a mesh network every device is connected to every other device through a dedicated cable. Should one cable fail, there will be other Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
177
paths that could be taken to reach the target resource. Although this may seem like the ideal situation, mesh topologies can be a wiring nightmare. The quantity and complexity of wires can become overwhelming. Mesh topologies use by far the most cable and are the most complex to install and troubleshoot. It is rare to see a mesh topology in use today. Figure 6.4 is an example of a mesh topology. FIGURE 6.4
Mesh topology
Hybrid A hybrid topology takes components of other topologies and combines them in a mixed environment. The advantage of this is to use the best features of each topology. For example, it is not uncommon to see a mixture of a bus and a star topology. The bus structure is used as a backbone link between servers within a building, and the star is used to provide connectivity for all the other resources to the servers. Using a high-speed cable option (such as fiber) as the backbone allows for fast connectivity to the devices that will face the highest demands, such as servers, while allowing for more affordable cabling between the end users. Figure 6.5 is an example of a hybrid topology. FIGURE 6.5
Hybrid Topology
Servers
Backbone Hub
Client Computers
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
178
Chapter 6
Networking
Now that we have an understanding of the possible layouts of a network, we can move on to explore the components of a network. Each component within a network must meet specific industry standards. The Server+ Exam will test your knowledge on the following standards.
IEEE 802 Standards The IEEE (Institute of Electrical and Electronics Engineers) committee created and released the 802 standards listed below to assist with industry development of components as well as communications. When you consider the complexity of components, as well as sheer quantity, there definitely is a need for standards to maintain consistency as well as interoperability. 802.1 Bridging and Management Internetworking 802.2 Logical Link Control 802.3 CSMA/CD LAN 802.4 Token Passing Bus Access Method 802.5 Token Passing Ring Method 802.6 DQDB Access Method, MANs 802.7 Broadband LAN 802.8 Fiber Optics 802.9 Isochronous LAN, Integrated voice/data networks 802.10 Network Security 802.11D Wireless Networks 802.12 Demand Priority Access 802.15 Working groups for WPANs 802.16 Wireless MAN 802.17 Resilient Packet Ring Each of these standards focuses on a specific area of networking technology. Full explanations of these standards as well as present and future developments can be located at the IEEE website http://standards.ieee.org. For the Server+ Exam we will focus on the standards in common use.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
179
802.3 This standard defines a bus topology, using a 50-ohm coaxial baseband cable with a transmission speed of 10Mbps. This was the original specification of Ethernet. It used CSMA/CD (Carrier Sense Multiple Access with Collision Detection) to put data on the cable. CSMA/CD monitors the cable for data traffic. When it senses that there is no traffic, it will attempt to send data packets. If a collision occurs, then it will pause for a random period of time and then attempt to retransmit. The problem with this type of network is that the larger the number of clients and resources on the network, the greater the number of collisions. This leads to slower network speeds. Several new releases to this standard have emerged, providing new cable options, connectors, and speeds of 100Mbps—and now 1000Mbps. These newer standards of Ethernet will be discussed in detail later in this chapter.
802.5 Token Ring is another standard (based on the IBM PC Token Ring standard) that has been frequently used. This standard specifies a physical star/logical ring topology using twisted-pair wire. A special data carrier, called a token, circulates through the ring from computer to computer picking up data packets and delivering them to the destination. Each computer acts as a repeater, boosting the signal of the token so it can travel to the next computer. Only one computer can control the token at a time. When the data packet and token reach their destination, the token unloads the packet and takes a successful-reception acknowledgement to the sending computer. If the sending computer has no more packets to transmit, the token then becomes available to the network and the next computer waiting to transmit. The advantage of this method of data transmission over the Ethernet is that there are no collisions. Although there is only one token on the ring, a Token Ring network can reach hundreds of systems and still perform adequately.
802.8 Fiber optics has taken on a strong role within the computer network environment. Traditional hybrid networks used a coaxial cable backbone for data transmission. This proved to be limiting in terms of transmission speed as well as signal degeneration due to outside interference. Fiber cabling is
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
180
Chapter 6
Networking
now actively replacing the coaxial cable as a backbone. The fiber allows for faster transmission speeds, as well as immunity to EMI (electromagnetic interference) and RFI (radio frequency interference). There are numerous releases of fiber cabling today, because the best choices and applications are still being identified. Fiber optics and fiber connectors will be discussed later in this chapter.
802.11D Wireless technology has become the latest craze over the last few years. With transmission speed and range increasing, wireless becomes an attractive alternative to network environments that physically change on a regular basis. Consider, for example, a network that needs to be set up in a historical building, where drilling holes in walls and running cables is rarely an acceptable practice. A wireless LAN is a much more acceptable option. Without the installation of cables, a wireless network can be installed in a matter of minutes. Wireless can also be integrated within an existing wired network to provide a new breed of hybrid networks. This is often seen in environments where laptop computers are used. Due to their nomadic nature, laptops can remain connected to the network no matter where in the building they go. Wireless technology is continuing to develop and improve. Handheld devices also use this technology to communicate with host computers. Wireless technology today uses an access point that sends and receives signals from the wireless devices. This access point in turn is wired to the network (usually the switch or hub). Signaling methods on a wireless network can include infrared, laser, narrow band radio, and spread spectrum radio. Spread spectrum radio is often preferred to the other methods because the price is reasonable but also because it does not require line of sight like the laser technology does. Spread spectrum radio also can travel through some walls, providing many options for the ever-changing network. Current transmission speeds for wireless are in the 11Mbps range but steadily increasing. Concerns with data security are also being addressed. If you are broadcasting your network information over a radio frequency, it can be captured by other devices. Wireless technology is still breaking new ground in its development, both in speed and data security. With time, it will definitely become a major contender in the LAN arena. Right now though, it is commonly used for small portable networks that regularly change location and/or position.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
181
OSI Model The Open System Interconnection Model is a theoretical seven-layer model designed to illustrate the flow of information through a network. This model was designed not only for aspiring network technicians to get a better understanding of network communications, but also for technology manufacturers to be able to dissect the elements and processes of information flow and development, thus assisting in project development within their own research departments. For the Server+ Exam you will need to know the layers of the OSI Model as well as the functions that occur at each layer. Application Layer The application layer (layer 7) is at the top of the OSI Model. At this layer, file and print services operate. This layer controls data flow and error recovery. Presentation Layer The presentation layer is responsible for the format of data, network security, protocol conversion, data compression, encryption, and translation. Session Layer The session layer is responsible for establishing, maintaining, and terminating communication sessions. These sessions are often called virtual conversations. The session layer identifies passwords, logons, network monitoring, and recovery from network failures. Transport Layer The transport layer is responsible for error-free data frames. It controls data flow and reliable end-to-end communication. Network Layer This layer translates logical (TCP/IP) addresses into physical (media access control, or MAC) addresses. The network layer also determines the best path for information to travel on the network if multiple paths exist. Data Link Layer The data link layer is subdivided into two sublayers: the MAC layer and the LLC (logical link control) layer. The data link layer arranges data chunks into frames and organizes the frames into a data stream, marking the beginning and end. Physical Layer The physical layer, layer 1, is at the bottom of the OSI Model. This layer describes how data is transmitted on the network cable (media), including digital, optical, and mechanical interfaces.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
182
Chapter 6
Networking
The OSI Model is a complex interaction of layers. Information not only travels up and down the layers but also horizontally, and directly with the corresponding layer on the other machine. Each layer, as information flows through the stack, adds or removes its own headers on the data packets. On the sending computer, information begins at the top layer where the software programs interact. The data is then sent down the layers until it reaches the physical layer, where the data is sent out on the network wire. At the receiving side the process occurs in reverse.
Ethernet Of all the numerous standards and network structures, Ethernet has stood out as the most popular network implementation. Ethernet has evolved over the years to include several different cable types and topologies, as previously mentioned. Through this evolution, improvements have been made in reliability and speed. Coaxial Based Ethernet The original Ethernet implementation was based around the bus topology mentioned earlier. Although there were several disadvantages to the original Ethernet (bus topology based), it was affordable and easy to install. The cable of choice during this time was coaxial cable. Coaxial cable consists of a center wire (usually copper) surrounded by an inner layer of insulation, then a mesh or foil shielding, and finally a thick outer PVC layer for protection. Figure 6.6 is an example of coaxial cable. FIGURE 6.6
Coaxial Cable
There are two common forms of coaxial cable in use with Ethernet: Thicknet or 10Base5, and Thinnet or 10Base2. Thicknet cable is normally used for a network backbone, as seen in the hybrid example (refer back to Figure 6.5). This cable is very difficult to work with due to its thickness. Many installers refer to it as the frozen garden hose. Trying to bend the cable
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
183
around curves can be as frustrating as rolling a frozen garden hose! Computers are not connected directly to this cable; instead, sections of Thinnet cable tap into the Thicknet cable and then run to the computers. The device to attach these two cables together is called a vampire tap, which attaches to the Thicknet wire though the use of a sharp spike that would pierce the PVC shielding and come into contact with the inner copper core wire. Thicknet cable can carry a signal for a maximum of 500 meters with a maximum transmission speed of 10Mbps.
Cable Nomenclature In the computer realm there has never been a shortage of acronyms, abbreviations, and epithets. Networking is no exception. Deciphering this jargon can sometimes be an overwhelming task. In the example of 10Base2, key information is presented in the name. The 10 is the transfer speed, as measured in megabits per second (Mbps). Transfer speeds have increased from the initial 10Mbps to 1,000Mbps. Base stands for baseband signaling method. Baseband is a digital signal over a single frequency. Broadband signaling is the other possible method. Broadband signals are analog based and can send multiple signals simultaneously over the same wire using frequency division multiplexing (FDM) or time division multiplexing (TDM). FDM and TDM are means of sharing the same signal path by using the unique characteristics of analog signals and either intermeshing where possible or sending one signal slightly before another. The 2 stands for an approximation of maximum allowable cable distance represented in meters. Specifically, in a 10Base2 implementation the cable cannot exceed 185 meters, but it is rounded off to 200 meters. This makes sense until you reach 10BaseT. Now there is a letter instead of a number representing the maximum cable distance. With this standard the letter represents twisted-pair wiring. This includes both unshielded twistedpair and shielded twisted-pair (both of these will be discussed in detail later in this chapter). Next comes the 100BaseF. The F, as you might have figured out already, stands for fiber. This implementation would therefore provide 100Mbps transfer speed over baseband signaling with fiber cable.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
184
Chapter 6
Networking
Thinnet cable is much more flexible and is used for bus topologies and cable runs from the backbone to the computer. Thinnet wire is classified as RG58U cable. It can transfer data at a distance of 185 meters with a speed of 10Mbps. Thinnet uses a BNC connector that attaches to each device on the bus network. Figure 6.7 is an example of a BNC connector. FIGURE 6.7
BNC connector
Depending on the location, a BNC tee connector may also need to be used. This device allows for separate cable runs to connect at each side while the center connects to the network card. At each end of a Thinnet bus there must be a 50-ohm terminator installed. Figure 6.8 illustrates the proper components in a Thinnet bus network. FIGURE 6.8
Thinnet Network Components
Coaxial Cable
BNC T Connector 50-ohm Terminator Network Card
Twisted-Pair Ethernet Since that original implementation, Ethernet has expanded to include new devices, cabling, and speeds. Current Ethernet is based on twisted-pair cabling. Twisted-pair cable has opened the door to a whole new level of Ethernet technology. Improved transmission speed and flexibility in installation, as well as new devices, have catapulted this media to the most popular in use today. Figure 6.9 is an example of a section of twisted-pair media.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
FIGURE 6.9
185
Twisted-pair cable
Notice how the figure shows a solid-shaded wire and a striped wire twisted together in a pair, and that there are four pairs of wires. The wires are twisted together to help prevent signal interference. Signal interference, either from another set of wires or from other devices (such as fluorescent lighting) can affect performance on data wires. Twisted-pair cable is labeled by category. Table 6.1 lists the common categories of twisted-pair cables and their uses. TABLE 6.1
Categories of Twisted-Pair Cable Category
Specifications
1
Voice only transmission, two twisted-pairs
2
Data grade at 4Mbps, four twisted-pairs
3
Data grade at 10Mbps, four twisted-pairs
4
Data grade at 16Mbps, four twisted-pairs
5
Data grade at 100Mbps, four twisted-pairs
5e
Data grade at 1,000Mbps, four twisted-pairs
Twisted-pair is often referred to as UTP (unshielded twisted-pair). UTP is the most commonly used twisted-pair wire, although STP (shielded twistedpair) is also available. STP is more expensive, but offers higher resistance to electrical interference by offering a foil layer that surrounds the twistedpairs. The first UTP Ethernet transferred at speeds of 10Mbps and changed the topology from a bus to a star. Later improvements increased the speed
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
186
Chapter 6
Networking
to 100Mbps. In order to operate the network at 100Mbps, all the components in the network must be supportive of the new speed. This includes cabling, network cards, and connectivity devices. For a period of time, network devices were released that supported dual speeds of 10 and 100. Twisted-pair cable has a maximum transfer distance of 100 meters from the computer to the connectivity device. When installing a UTP network, this maximum cable distance includes all sections of wire—such as patch cables, main cable runs, and wall drops. Patch cables connect computers to wall plates, as well as patch panels to the switch or hub. The main cable run is the actual cable that is located within the walls or floors. The drop is the section of cable that comes down the wall or through a pipe and ends at a wall plate or patch panel. The cable distance is calculated from the back of the computer through all these points and ending at the switch or hub. Due to the eight wires, UTP cables require a registered jack or RJ connector. In telephone wire (which also uses UTP) an RJ-11 connector is used. With network cables an RJ-45 connector is used. Figure 6.10 is a close-up of an RJ-45 connector with UTP installed. FIGURE 6.10
RJ-45 connector
Plastic Edge Gold Connectors
Notice how the connector is pressed down on the outer layer of the UTP cable. This process of installing the cable into the connector and securing it is called crimping. Crimping requires a special tool called a crimper. The end of the UTP cable is cut, and the PVC outer layer is trimmed back. Next, the individual wires within the UTP are carefully rearranged into the proper order (to match the standard being used). The wires are then slipped into the RJ-45 connector, and the crimper forces small gold connectors into the ends of the wire and also pinches a plastic edge onto the PVC jacket to hold the end onto the wire. It is imperative that the plastic edge contacts the PVC jacket and not the wire. Otherwise, the twisted-pairs could be damaged or, over time, the end could slip off.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
187
STP connectors are identical to UTP connectors except for one added feature: a metal shield. The exterior of the RJ-45 connector has a metal shield that connects to the metal shielding of the STP wire. This ensures proper grounding of the shielding throughout the entire length of the cable.
UTP cable can be crimped by either the A standard or the B standard. The different standards determine the crimping order of the colored wires. If you are crimping cable based on the A standard, make sure that your other devices along the way are also based on the A standard. Table 6.2 lists the A and B standards. TABLE 6.2
UTP Cable Standards for Wire Crimping A Standard
B Standard
Green White
Orange White
Green
Orange
Orange White
Green White
Blue
Blue
Blue White
Blue White
Orange
Green
Brown White
Brown White
Brown
Brown
Network cable is often housed in plenum spaces, which are those areas (usually above the ceiling or under the floor) used to circulate air. Running cable in these areas poses a hazard in the event of fire because the cable can give off toxic gases if it burns. Both twisted-pair and coaxial cable come in plenum versions—these are coated with a fire-retardant material (usually Teflon).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
188
Chapter 6
Networking
Most networks today are either running UTP cabling or changing from coaxial to UTP cabling. The benefits of a UTP network, combined with the ease of installation and troubleshooting, make it a smart choice. Gigabit Ethernet The latest Ethernet standard, which is becoming mainstreamed, is gigabit Ethernet. These extremely fast implementations of Ethernet support data transfer rate at 1,000Mbps. Currently hardware supportive of this standard (including switches and network cards) is still very expensive. Implementation of gigabit Ethernet is often limited to backbones and server-to-server connections.
Nearly all network cable sold today meets current fire and health codes. However, some older cables may not. Before you upgrade or restructure your network, be sure to check with your local building codes. Cable that will be housed in plenum areas must be plenum-rated (must not release toxic fumes when burned). Cable that is not plenum-rated is not acceptable to use today.
Comparing the Ethernet Possibilities Now that we have explored the various Ethernet cabling methods in detail, a comparison of the essentials for each type may help clarify each standard. Table 6.3 breaks down the essentials for each cabling type for you. TABLE 6.3
Ethernet Cable Specifications Cable
Distance
Nodes
Speed
Thinnet
185 meters
50
10Mbps
Thicknet
500 meters
100
10Mbps
UTP/STP
100 meters
100
10–1,000Mbps
Fiber Optics The latest technology is the use of fiber optic cabling. The benefits of fiber cable include speed, transmission distance, and immunity to EMI and RFI.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
189
Initially fiber cabling was extremely difficult to install, requiring a trained installer and very expensive equipment. This initial fiber cable was made out of glass, and was therefore rather inflexible in installation. Today however, improvements in plastics have made fiber cable more affordable and flexible. Figure 6.11 is an example of fiber optic cable. FIGURE 6.11
Fiber optic cable Outer sheathing
Inner sheathing
Glass cable
Notice how the inner glass core is surrounded by several protective layers. This is to ensure cable safety. Fiber transmission methods fall under two categories: single mode and multimode. Multimode uses light emitting diodes (LEDs) to create the signals. The light produced by the LEDs contains various wavelengths. The diodes shine light at the fiber, with some of the light wavelengths entering the fiber and others not. The amount of light actually being used is not efficient and therefore limits the distance that the signals can be sent. Multimode transmission fiber optics is the least expensive fiber option. Single mode transmission relies on a laser as the light source. Laser light is one wavelength, and the cable is matched with the laser to allow for maximum transmission. Due to the purity of the laser light, single mode fiber implementations can achieve transmission distances of 58 kilometers and are often used for long distance connections. Fiber cable is measured in microns. Fiber cable measurements are given with two numbers—the first number is the diameter of the fiber strand and the second number is the thickness of the cladding. These two numbers are separated by a slash. The signaling method is also supplied. For example, a 62.5/12.5 multimode cable would contain a 62.5-micron fiber cable with a 12.5-micron sheathing used only with a multimode signaling method.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
190
Chapter 6
Networking
Often fiber cable is bound together in multiple strands. This allows for multiple signals and pathways to be used within one protective sheath. Commonly there are between 2 and 24 strands, but there can be more. Fiber connector types are plentiful. With a wide range of cable bundles as well as interfaces, there have been numerous fiber connector designs. Two of the most common are the FDDI (fiber distributed data interface) Media Interface Connector and the SC multimode connector. The FDDI Media Interface Connector is used on all fiber within the MMF-PMD and SMF-PMD standards. Figure 6.12 is an example of a FDDI connector. FIGURE 6.12
FDDI connector
The SC multimode connector is based on the LCF-PDM standards. Figure 6.13 is an example of this style of connector. FIGURE 6.13
SC connector
Network Devices Besides topologies and cabling, there must be interface devices within a network. These devices provide network connectivity. Each device has its own specific use within LAN and WAN environments.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
191
Network Cards A network card provides a means of connectivity for the computer to the network cable. The type of network card you select must match the cable and network that you are using. A token ring network card will not work on an Ethernet network, even though both use the same cat5 cable. Even within the same network, such as Ethernet, care must be taken when selecting a network card to ensure that it will match the appropriate speed. If you have a 10Mbps Ethernet network, there is little sense in purchasing a 100Mbps or 1,000Mbps network card, because the network will not provide the high speed for you.
For more information on network adapter cards refer back to Chapter 5, “Fault Tolerance and Redundancy.”
Repeaters Repeaters are used in an Ethernet network when the maximum cable length needs to be exceeded. A repeater will attempt to amplify the signal and send it further down the cable. Unfortunately the repeater will also amplify any noise or interference present on the cable. It is recommended that the network be planned accordingly to eliminate the needing for a repeater. Hubs With the initial creation of the star Ethernet topology, the central connectivity device was a hub. This was basically nothing more than a multiport repeater. A passive hub simply allowed for connectivity between all devices. Active hubs actually boosted signals and some even tried to clean the signals before sending them out on the other ports. Within a hub, signals are received on one port and then sent out all the other ports. The hub neither reads the information nor discriminates as to where the information goes. If information is traveling down a network cable and encounters information traveling in the opposite direction at the same time, collisions and resultant bandwidth compromise will slow connections. In turn, slow network connectivity can lead to serious problems, including, for example, database crashes. Patch Cables Patch cables are short cables (no less than one foot) that are readily replaceable or interchangeable. They are used to connect a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
192
Chapter 6
Networking
patch panel to a hub or switch, a computer to a network wall plate, a computer to a hub or switch, or other connectivity devices to each other. Keystone Connector This is the female connector seen on wall plates as well as the front side of the patch panel. Patch cables plug into the keystone connector. Patch Panels Patch panels are the central wiring point where twistedpair cables meet. Your network spans numerous computers across the network, but each computer needs a dedicated cable that meets at the central connectivity device. It is possible, but not advisable, to connect these cable runs directly to your hub or switch. The potential for one or more wires to be damaged puts these cables in risk. Should a cable be damaged, it may have to be replaced, which would entail removing the entire cable run (through the walls and floor or ceiling). This is a major project requiring that the user connected to this cable run be offline for an extended period of time. Patch panels connect to the main cable runs in the back, and in the front use a short, replaceable patch cable to connect between the patch cable and the switch or hub. Any cable damage normally occurs as a result of cables being plugged and unplugged from the switch or hub. Should a cable be damaged, it would be the small patch cable. This can be easily replaced with a spare in a matter of seconds. Figure 6.14 is an example of a patch panel. FIGURE 6.14
Patch panel
RJ45 Ports
Racks Racks are becoming a common sight in networks. These devices allow network hardware to be securely attached to a stationary object. Standard racks are 19 in. wide and can have patch panels, switches, routers, gateways, servers, and cable management devices attached to them. Attaching these expensive devices to something stationary makes a lot of sense, unless you have money to spend on stolen devices. Racks that can be completely enclosed are called cabinets, and those that are open to airflow are open racks. Figure 6.15 is an open rack.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
FIGURE 6.15
193
Open rack
Bridge Bridges are interesting devices that allow you to virtually divide your network into two separate LANs. Bridges can be used to connect LAN segments that do not use the same media type. The benefit of implementing a bridge is to decrease network traffic. When the bridge receives a packet, it can determine which LAN segment the packet is destined for and forward the packet to that segment and no others. It forwards packets based on layer 2 addressing (MAC addresses). Bridges allow for specific traffic to cross between the two virtual networks. For example, a printer could be configured to work with both networks. Data packets addressed to the printer will be acknowledged by the bridge and allowed to cross over to the other network. In today’s networks, bridges are not often used; switches and routers have become more common. Switch A switch is often referred to as an intelligent hub. The benefit of a switch over a hub is that a switch will read the information coming inbound and, based on the address located in the data header, the switch will send the information out on the receiving addressed port. This eliminates the network-wide propagation that occurs with a hub. Efficiency
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
194
Chapter 6
Networking
with a switch is often the justification for the extra expense over a hub. Switches are the connectivity device of choice today in both small and large networks. Some high-end switches allow for monitoring data traffic as well as creating VLANs; these are called layer 3 switches and are used in high-traffic large networks. Router Routers are intelligent devices that, if given multiple choices, will select the best path for sending data between networks. WANs often use routers to connect between locations. Routers can be complicated devices to set up and maintain. Routers are responsible for receiving packets and determining the best path to reach the destination host using layer 3 addressing. Therefore, routers can only be implemented if the LAN protocol (e.g., IP and IPX) supports routing. It uses the logical addressing information (such as the TCP/IP address) within the packet header to determine where to route the packet. Routers maintain routing tables that contain information about destination networks. When a packet is received, the router uses the information in the routing table to determine the best path to send the packet to reach the destination network. The packet may be forwarded directly to the destination network or to another router. Gateway A gateway allows communication between different network architectures and network environments. It will translate between protocols and allow for dissimilar networks to be connected together and to communicate.
Piece of Cake For years a local company provided high-end, low-profile surveillance equipment to householders. The company managed both production and business data on a small Linux-based LAN utilizing a star Ethernet topology on a central hub. The LAN was administered by the business manager in her spare time, but the company experienced few IT problems. Then business really picked up, and what had been a small company suddenly found itself doubling and redoubling its staff—and its network. Users started experiencing serious computing problems, including applications that timed out
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
195
and brought activity to a crashing halt. The business manager/server administrator had more discretionary money than time, so she threw dollars at the problem, purchasing more RAM, faster processors, bigger hard disks. The problem didn’t go away. Baffled, she called in a consultant and hoped for the best. On the morning Joe. T. Consultant showed up, he found the network down, the staff livid, and the business manager overwhelmed. When he realized that 43 workstations were communicating through a passive hub, the problem was as good as solved. A network topology that had been appropriate for 10 users couldn’t stand up to 43. Data collisions at the hub were wreaking havoc on the entire network. The solution? A switch was ordered, a generous installation fee agreed upon, and Joe was home in time for dessert.
Network Installation Now that we have a clear understanding of each network component, we can start putting it all together. There is a logical process of steps from the planning stage to the finished, up-and-running network. To begin with, you have to determine which network is going to best suit your needs. How large is your network? What are the software and hardware uses of the network? Where will the computers be located? What is the maximum distance that your network will need to stretch to? Will the network grow with time? What are the future plans for the business in terms of software and hardware requirements? Most small- to medium-sized networks today will install an Ethernet network based on a star topology with a switch running at 100Mbps. This network will use category five UTP cable and might or might not have a patch panel attached to a rack. Begin with deciding on the server’s location. This might be a dedicated room, closet space, someone’s office in the back corner, or other possible locations. As you will learn in Chapter 13, “Managing and Securing the Server Environment,” there are numerous environmental variables to take into consideration when selecting the location of your server and networking equipment. Normally the connectivity devices and server are located within the same setting. The ideal environment would be within a rack, both for security and to provide a stable mounting surface.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
196
Chapter 6
Networking
The first step is the wiring. If you are replacing an existing network, you can often follow the same wire paths that were in use before. However, if you are installing a new network, then care must be taken when running the main cable lengths to ensure that they are routed away from sources of EMI or RFI. Care when crossing electrical wires must also be taken. It is advisable to cross electrical wires at 90-degree angles rather than running the UTP parallel to the electrical wire. When running your network wires, be sure to label each wire with its source location. Remember that at the switch end there will be a wire for each computer. If you do not label each wire with its source, you will have no idea which wire belongs to which location. Special numbered stickers and tape are available, but they can easily fall off. A permanent felt marker ensures that your labeling system will not become lost over time. In small networks that don’t change, you can label each wire with the user’s name. However, in a larger network or an office that changes staff regularly, this system is not advisable—for obvious reasons. Once all wire has been run, the ends can be crimped or attached to the keystone connectors. It is highly advisable to attach keystone connectors and wall plates to the UTP at the user’s computer end. This not only creates a much cleaner installation, but also protects the connection: The cable between the wall and the back of the user’s computer can, and often does, take abuse. Becoming tangled in feet under the desk, tension from the computer being moved, and danger from cleaning staff and vacuums are just a few of the possible dangers that this cable can encounter. By installing the wall plate and keystone connector, you then use a short patch cable from the wall plate to the back of the computer. If the cable becomes damaged, it can be readily replaced with a spare cable, with no stress or damage to the main cable run. At this time, the UTP can also be attached to the back of the patch panel. These cables, just like at the keystone connector side, are attached with a punch down tool. This tool is really a thin blade that forces the strands of cable, by their color codes, into small gold connectors that provide the connectivity. Once completed, the labels for the wires can be transferred to the front of the patch panel and the patch panel can be installed into the rack or on a wall to ensure that there is no further stress on the main cable runs. Now that all of the cables have been run, the next step is to test the cables. Cable testers come in a variety of forms. The simplest ones test for basic connectivity. A transmitter connects at one side of the UTP through the RJ-45 connector and a receiver connects at the other end. The transmitters send
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Networks
197
electrical pulses down each strand of cable within the UTP and the receiver lights for each wire. If there is a fault with crimping, you can determine which wire is failing. The most expensive testers will provide the same function but also test for signal degradation, speed of transfer, and numerous other elements; these testers will also provide a printout of the test results. Since these testers are expensive, they are often rented.
When you are testing network cables, ensure that there are no devices attached to the other end of the cable. The electrical impulses sent by the testers can transmit enough charge to damage your expensive network components.
Once the cables have been installed and tested, the connectivity device can be installed. Depending on your budget and network size, you will have to choose either a hub or a switch. As previously mentioned, hubs will propagate information through every wire on the network and can lead to slow network performance. If your network has more than 12 users and tends to send and receive a large amount of network traffic, then you will want to purchase a switch. Whether you buy a hub or a switch, you must select carefully. Many hubs and switches allow for stacking. Stacking is the ability to link devices together. So, should your network grow beyond the number of available ports on your switch or hub, you can simply buy another hub or switch and link it to the first one. However, when purchasing the initial hub or switch, you should have a clear idea of the number of current and future computers that will be connecting to the network. Then purchase a hub or switch that will meet this need. Switches and hubs commonly come with 4, 8, 16, or 24 ports. If you need 13 ports, then you will have to purchase a 16-port switch. Once you have decided on a switch or hub that will meet your needs, it can be installed into the network. If you are using a rack system, the switch or hub will be installed below the patch panel. This will ensure that the wires from the patch panel to the switch will not interfere with other devices installed in the rack. When installing any components in the rack, care should be taken with electrostatic discharge. ESD can cause damage to components even if you don’t open the case. Use an ESD wrist strap or other suitable ground methods to ensure that you are not going to cause a potential fault in your new components.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
198
Chapter 6
Networking
Finally the network cards can be installed and configured. If your computer does not have a network card installed, the first step is to perform a safe shutdown of the server and take the cover off the computer and examine the available expansion busses. Hopefully you have a free PCI slot and can then purchase a PCI network card. Since you are installing a 100Mbps network, the card would have to support the 100Mbps transfer speed. While wearing an ESD wrist strap, you can then install the PCI network card. If you are using a PCI card and Windows, the card should be Plug and Play so that the operating system will identify the network card when you turn the computer back on. Insert the manufacturer-supplied disk when prompted and the installation of the network card will be completed. Connect patch cables between the computers and the wall plates, and between the patch panel and switch. (Remember to test your patch cables before installing them.) Connect patch cables to the servers network cards and the switch. The network hardware is now installed. Next comes the operating system and software configuration. This will be covered in detail in Chapter 7, “Network Operating Systems,” and Chapter 8, “TCP/IP.”
Summary
T
his chapter began with an exploration of major network types. The most common types of networks seen today include the LAN, WAN, SAN, VLAN, VPN, and WLAN. Network topologies are the physical layouts that a network can have. This includes the bus, star, ring, mesh, and hybrid. Networks are governed by standards to ensure compatibility between vendors. IEEE created the 802 standards to subdivide the various network areas into 17 different areas. Of these the most commonly implemented ones are 802.3 Ethernet, 802.5 Token Ring, 802.8 Fiber Optics, 802.11 Wireless. The OSI Model is a layered approach to understanding the flow of information through a network. The layers from top to bottom are Application, Presentation, Session, Transport, Network, Data Link, and Physical. Of the various networks available, Ethernet is the most common implementation in use today. Initially a bus topology using coaxial cable and transmitting at 10Mbps, Ethernet has grown to a star topology and uses
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
199
UTP cabling at speeds of 100Mbps. UTP cable is available in six different categories; today, category 5 cable is the most widely used and can transmit data at 100Mbps. It uses four pairs of copper wires. The next generation of Ethernet will use category 5e cable and transmit at 1,000Mbps. This is called gigabit Ethernet. Fiber optics fall under two categories: multimode and single mode. Multimode fiber optic systems use LEDs to transmit light through the cable. Single mode fiber optic systems use a laser as the light source, which is more efficient and capable of transmission of greater distances than multimode. Network devices include all the common components used within a network environment. This can include network cards, repeaters, hubs, switches, routers, gateways, bridges, patch panels, patch cables, racks, and keystone connectors.
Exam Essentials Know the different types of networks. Be able to identify the differences between LAN, WAN, and MAN networks. Know the different network topologies. Identify and understand the benefits and drawbacks of the bus, star, ring, mesh, and hybrid topologies. Be able to identify the IEEE 802 standards. Pay special attention to 802.3, 802.5, 802.8, and 802.11. Know the details of each of these four levels. Be familiar with identifying all the 802 standards by function. Know the layers of the OSI Model. Be able to list, in the proper order, the layers and functions of the OSI Model. Know the Ethernet standards. Make sure to understand the differences in Ethernet evolution from coaxial bus topologies to UTP star topologies. Understand how a bus network works. Be familiar with Thinnet, Thicknet, backbone cables, terminators, tee connectors, and the bus layout. Understand how a star network works. Be familiar with UTP, STP, central connectivity devices, crimping, and patch cables.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
200
Chapter 6
Networking
Know the categories of UTP cable. Be able to identify the categories by speed, pairs of wires, and use. Know the different fiber optic signaling methods. Be able to decipher the differences between multimode and single mode fiber optic signaling. Know the functions of common network devices. Identify and understand the uses of hubs, switches, repeaters, brides, routers, gateways, patch panels, racks, keystone connectors, and patch cables.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: 10Base2
OSI Model
10Base5
PAN (personal area network)
10BaseT
ring topology
802.11
RJ-45
802.3
SAN (storage area network)
802.5
single mode
802.8
star topology
bus topology
switch
hybrid topology
UTP (unshielded twisted-pair)
LAN (local area network)
VLAN (virtual local area network)
MAN (metropolitan area network)
VPN (virtual private network)
mesh topology
WAN (wide area network)
multimode
WAN (wireless local area network)
network card
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
Review Questions 1. What are networks? A. Groups of computers to share resources B. Connections between computer parts C. Links between printers D. Groups of computer components for a user 2. Which of the following is not a commonly shared resource? A. Monitors B. Files C. Printers D. Internet connections 3. Which of the following is physically the largest type of network? A. LAN B. WAN C. MAN D. VLAN 4. What will happen if a device fails on a bus topology? A. Nothing. B. That device will not work. C. The entire network will fail. D. Part of the network will fail. 5. What will happen if the central connectivity device fails on a star
topology? A. The entire network will fail. B. Only the central device will fail. C. Nothing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
201
202
Chapter 6
Networking
6. What topology uses the most amount of cable? A. Star B. Ring C. Bus D. Mesh 7. Which 802 standard is Ethernet? A. 802.5 B. 802.11 C. 802.3 D. 802.7 8. Which 802 standard is Token Ring? A. 802.5 B. 802.3 C. 802.11 D. 802.7 9. Which 802 standard is wireless technology? A. 802.3 B. 802.5 C. 802.7 D. 802.11 10. Which layer of the OSI Model is responsible for logical (TCP/IP)
addressing? A. Network B. Transport C. Physical D. Data link
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
203
11. Which layer of the OSI Model is responsible for describing how data
is sent on the network media? A. Transport B. Physical C. Network D. Session 12. Thinnet cable is also referred to as which of the following? A. 10Base5 B. 10BaseF C. 10BaseT D. 10Base2 13. Thicknet cable can transmit data to what distance? A. 100 meters B. 185 meters C. 200 meters D. 500 meters 14. In category 5 UTP, how many pairs of wires are there? A. Two B. Four C. Six D. Eight 15. Category 5 UTP can transmit at what maximum speed? A. 10Mbps B. 10,000Mbps C. 1,000Mbps D. 16Mbps
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
204
Chapter 6
Networking
16. UTP can transmit at what maximum distance? A. 100 meters B. 185 meters C. 200 meters D. 500 meters 17. What light source does multimode fiber optics use? A. Laser B. LED C. Natural light D. Impulse 18. What is the light source for single mode fiber optics? A. Laser B. LED C. Natural light D. Impulse 19. What is the benefit of a switch over a hub? A. Switches have fewer ports. B. Switches transmit data to the receiving port only. C. Switches propagate incoming data to all outbound ports. D. Switches are more affordable. 20. Which of the following network connectivity devices uses layer 3
addressing? A. Hubs B. Bridges C. Switches D. Routers
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
205
Answers to Review Questions 1. A. Networks are groups of computers connected together to share
resources. 2. A. Monitors are not a shared network resource. 3. B. WANs are the physically largest network. 4. C. On a bus topology a single device failure will halt the entire
network. 5. A. Trick question. If the central device fails, then the entire network
will not be able to communicate. 6. D. Mesh topologies use the most cable. 7. C. The Ethernet standard is 802.3. 8. A. The Token Ring standard is 802.5. 9. D. The wireless standard is 802.11. 10. A. The network layer is responsible for logical network addressing. 11. B. The physical layer is responsible for network media. 12. D. Thinnet is also called 10Base2. 13. D. Thicknet can transmit up to 500 meters. 14. B. There are four pairs of wires in category 5 UTP. 15. C. The maximum transmission speed of category 5 UTP is 1,000Mbps. 16. A. UTP can transmit at a maximum distance of 100 meters. 17. B. Multimode fiber uses LED as the light source. 18. A. Single mode fiber uses a laser as the light source. 19. B. Switches will transmit data only to the receiving port. 20. D. Routers use layer 3 addressing to route packets between network
segments.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Software Configuration
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
PART
III
Chapter
7
Network Operating Systems COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 1.1 Conduct pre-installation planning activities
Plan the installation
Verify the installation plan
Verify hardware compatibility with operating system
Verify power sources, space, UPS and network availability
Verify that all correct components and cables have been delivered
2.3 Install NOS
Configure network and verify network connectivity
Verify network connectivity
2.4 Configure external peripherals (UPS, external drive subsystems, etc.) 2.5 Install NOS updates to design specifications 2.6 Update manufacturer specific drivers
Please see Chapter 9, “Upgrading and Maintenance,” and Chapter 10, “Hardware Updates,” for further coverage of the first exam objective above: “Conduct pre-installation planning activities.”
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
I
n this chapter you will learn about a number of common operating systems available for use on network servers. CompTIA seems to have a relatively uncomfortable relationship with this part of the Server+ Exam, because their policy is to strive for “vendor neutrality” but this is pretty much impossible when dealing with server software. As such, the exam instead incorporates questions that test a candidate’s knowledge of the basic functionality and commands of a number of different operating systems. In this chapter the three main network operating systems (NOSs) that are specifically named in the exam objectives will be dealt with individually, allowing you to get a very basic sampling of the tools and options available in each. Others will be mentioned in name and briefly described to inform you of the options, but the primary emphasis will be on these:
NetWare
Unix/Linux
Windows
A number of these operating systems have multiple versions/flavors/distributions, and those will be discussed later, but because we are not going very deep into any of these operating systems (large books have been written on each of them), only factors that are common to all versions of the OS, and of importance to the Server+ exam, are likely to be considered.
NOS Options
W
hen getting ready to purchase any software for your server, a number of considerations come into play. When purchasing the NOS, these choices become even more complex. In choosing your network OS, you are also determining which applications you will be able to purchase, how your network will be managed, and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
NOS Options
211
what types of advanced functionality will be available to you. Because of this, it is important that you understand the basic advantages and disadvantages of each NOS available. First off, there is one simple but true rule that you should always keep in mind: Whatever your needs, it is generally best if possible to stay with a single hardware and software vendor for your servers. There are cases, of course, where particular applications only run on Windows 2000, and so to use that app you will need to add a Windows 2000 server to your NetWare network. Or you may be migrating from OS/2 to a Linux environment, but one application you need does not have a Linux equivalent, so at least one OS/2 server will survive the changeover. When designing a new network server environment, though, it may be best to look for the NOS that best fits your overall network needs, and then try to plan out a network structure that allows for most—if not all—of your network servers to run on a consistent platform. This makes training, upgrades, security, bug fixes, and a host of other administrative tasks easier because there is a smaller range of documentation and changes to keep up with. This sort of practical info may go against the “feel” of CompTIA vendor-neutrality, so there is the possibility they will disagree and recommend that you use the “best OS for each job.” That is the problem with questions that have no “right” answers. Because the Server+ Exam is based on the consensus of a number of SMEs (subject matter experts), and because even experts are rarely unanimous on how to do any computer task, it is difficult to know for certain what the correct choice is.
In this book, we will present you with the data needed to answer the factual elements of the exam, and we will also give you the mental framework from within which you can make the logical decisions that are such a big part of the test. As you answer the questions, though, remember that the question is not asking you how you think something should be done—it is asking how you think the majority of experts would recommend it be done.
The following is a basic list of things to consider when choosing a network operating system:
Application compatibility
Hardware requirements
Features
Cost Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
212
Chapter 7
Network Operating Systems
Application Compatibility Application compatibility concerns are generally pretty straightforward. Usually a particular software package is either written to run on a particular OS, or it isn’t. Even so, there are times when the software is only compatible with certain versions of a NOS, or where the application is more fullfeatured on one platform than on another. The simple fact is that the easy way out here is to pick Windows 2000 Server as your NOS, because just about anything you could need is written for the Windows OS family. That doesn’t make Windows the automatic choice for compatibility, though. At times, security, stability, or other key elements of an operating system influence your choice. For example, e-mail servers often use a Unix flavor for their operating system. With the multitude of viruses on the Internet, and e-mail being the most common transport method for a virus, Unix operating systems provide the best tolerance to virus infections. Other applications are designed to operate within a specific operating system environment. This is in part due to resource management, but more commonly due to shared files such as drivers. The best way to eliminate possible problems is to clearly research the programs and software that you are installing to ensure that they will support installation on the operating system you are using as well as the version. Each NOS manufacturer has released several versions and update patches. Each change will result in an impact on the software that you wish to run on the server. This also raises a concern when you decide to perform an operating system upgrade or patch. Consideration of the applications installed must be taken.
Hardware Requirements Not all operating systems are the same—most obviously in their installation and user interface, but also in their hardware requirements. Hardware requirements include both physical hardware installed within the server as well as available resources for operation (such as RAM and virtual memory). Selecting an operating system that will best meet the hardware requirements (or vice versa) is an important planning step.
Novell NetWare The latest Novell NetWare release is NetWare 6. The following hardware requirements are the minimum installation and operation requirements for NetWare 6:
Intel Pentium II or higher processor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
NOS Options
VGA or higher resolution display
DOS partition of at least 200MB with 2GB System volume (4GB recommended)
256MB RAM (512 recommended)
CD-ROM drive
213
Novell operating systems have traditionally run on minimal RAM requirements, due in part to the way in which devices are installed and configured through NLMs. Netware Loadable Modules allow you to install only the components that are needed. This frees up space and resource use tremendously.
More information on the newly released Novell NetWare 6 can be found at http://techupdate.zdnet.com/techupdate/stories/main/ 0,14179,2813097,00.html.
Windows NT Windows NT preceded Windows 2000. Hardware requirements between the two operating systems remained similar, with Windows 2000 requiring a bit more in the resource area. The new .NET server (Windows Whistler), due to be released later in this year, will continue the same trend. The following requirements should continue to serve:
Intel 80486 processor or higher
VGA display
125MB free hard drive space
16MB RAM
At least one network card
CD-ROM
Keyboard
Mouse
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
214
Chapter 7
Network Operating Systems
Windows 2000 Server As previously mentioned, Windows 2000 hardware requirements are similar to those of Windows NT. The obvious change occurs in the amount of hard drive and RAM required:
Intel Pentium 133MHz or higher
128MB RAM (minimum) recommended (4GB maximum)
1GB available hard disk space
VGA or higher-resolution monitor
Mouse
Keyboard
Network card
CD-ROM
More information on Windows 2000 can be found at http://www.microsoft. com/windows2000/server/evaluation/business/overview/datasheet.asp.
Unix/Linux With the multitude of flavors of Unix available, it is impossible to give a clear list of resources that must be met to have the Unix-based operating system function on a server. With the source code for Unix open to public alteration and tweaking, the variations of this operating system increase and grow on a regular basis. The following is a general hardware requirement list for Mandrake Linux (one of the many Unix distributions).
Intel Pentium processor
64MB RAM
500MB hard drive space
CD-ROM
VGA
More information on Linux can be found at www.linux.org.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
NOS Options
215
OS/2 Warp OS/2 Warp is a server operating system designed by IBM for their server line. It is a scalable OS with support for numerous business solution products. In the words of IBM, “IBM solutions target today’s heterogeneous, open computing environment.” This server solution is often installed and configured upon arrival from IBM and requires little further configuration.
For more information on OS/2 Warp go to http://www-4.ibm.com/software/ os/warp/warp-server/.
Features Features of an operating system are often a major element in making your decision to purchase one OS over another. In the past, the features were dramatically different between the operating systems. Windows NT came with a graphic user interface, while older versions of Unix and NetWare 3 did not—they were command-line-based, much like old DOS. This feature in itself led to increased sales for Microsoft because the GUI eased the daily chores of installing users, printers, mapped paths, and security. Other features to consider include ease of installation and setup. Will there be a steep learning curve involved in implementing this server operating system? What are the desired uses for the server on the network? We previously mentioned the e-mail server and e-mail viruses. If the server is to be an e-mail server, then the use of a Microsoft server operating system, even with virus protection, is still a risk. Another area of consideration is interoperability with the rest of the operating systems within the network. What are the clients using, both as hardware/operating systems and also software? Will it be compatible with the new server operating system? Will there need to be adjustments made to the clients’ computers? Will this server operate in an environment with other servers using different NOSs? What network protocols will be used as communication between devices on the network as a result of the server operating system selected? Windows historically has relied on NetBEUI as its protocol of choice (up until Windows 2000), Novell has favored IPX/SPX (until NetWare 5), and Unix prefers TCP/IP. Today all three manufacturers have agreed upon using TCP/IP, but you will probably work in a heterogeneous environment because it is a rare company that has the fiscal resources to purchase the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
216
Chapter 7
Network Operating Systems
latest hardware and software as soon as it comes out. This leaves you oftentimes in an environment with dated Novell or Microsoft servers, or both operating together. Key features of each operating system will be discussed within the next few sections. The thing to remember is that an assessment of your network needs will reflect heavily on the operating system and version that you decide to use.
Costs Cost is always a concern. As much as we would like to have the best of everything in the world, the reality is that few of us can financially do it. Server operating systems will range in price dramatically as the issues of licensing is brought up. Unix/Linux is by far the least expensive operating system. In many circles it is free for distribution or a nominal fee is charged. Due to its open architecture, it can then be reengineered to best meet your business needs. The concern with Unix, at times, has been support for third-party drivers. You might not be able to locate a driver for your video card or network card, for example. Driver manufacturers, as of late, have seen the demands and trends toward using Unix as a common operating system and have been busy playing catchup, designing Unix-specific drivers. Windows servers come in several forms. Each was designed to meet a specific business need. Windows NT Server could be purchased as well as Windows NT BackOffice Server 4.5; the latter provided an entire suite of software programs that were designed to control everything from Internet proxy to database sharing. Windows 2000 also offers a few different options, including Windows 2000 Server and Windows 2000 Advanced Server. Windows 2000 has been rather expensive; current price for Windows 2000 Server and a five-client license is $1,344.99. The expense increases dramatically with licensing additional users. Not only do you have to pay for the operating system but a license fee must also be paid for each computer that will be connecting to the server. Before purchasing client access licenses, you must determine which licensing method your server will use. The two choices are Per Seat and Per Server. You can only use one licensing method in the server. If you choose Per Server, you can switch to Per Seat at some point in the future, but once you are licensed Per Seat, the decision is permanent. Microsoft
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
NOS Options
217
recommends that if you are unsure of which mode to choose, you should choose Per Server, since that allows you the flexibility to change modes later on. Licensing Per Seat means that it is the client end of the connection that holds the license, and that license can be used to connect to any server on the network. Licensing Per Server means that it is the server end of the connection that holds the license, and there must be an available license in order for each client to connect. There are two factors that tell you which is the cheapest option for your server:
Number of servers on the network
Number of concurrent connections that clients will make to the server(s)
If you have only one server on your network, it will most likely be best to choose Per Server, because you will only have to purchase enough licenses to equal the number of concurrent client connections. In this scenario, you could potentially have many fewer licenses than client PCs. This is particularly true if the clients connect to the server, use the server resources, and quickly disconnect. If client PCs will maintain a connection for a long time, then the number of licenses will probably equal the number of clients, which is the same cost as licensing Per Seat in the case of having only one server. An example where this strategy would work well would be in a remote access server. If clients are connecting into the server remotely to check their mail (for example) and then disconnecting, there is no need for a license for every computer: Per Server is the best option. If you have more than one server on your network, it will most likely be best to choose Per Seat. The only way it wouldn’t be the best way is in the peculiar case of having very few concurrent client connections. When licensing Per Server, each server contains a pool of licenses, so that if one server has 25 licenses, and another server has 10 licenses, you can only legally connect 25 clients to the first server and 10 to the second. In this same situation, if you licensed Per Seat, you could have 35 clients connect to either server or both servers simultaneously. In the real world, there are very few situations that will warrant Per Server licensing. Only if you have a single server or very brief server connections will Per Server be cost effective. In contrast, Per Seat licensing allows for client PCs to connect to as many servers as are available on the network, with no thought for other clients’ concurrent connections.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
218
Chapter 7
Network Operating Systems
Major Network Operating Systems
As we previously discussed, three major operating systems are in extensive use today. Although a multitude of others are available, those from Microsoft, Novell, and Unix distributors have really dominated the field. Throughout this next section we will explore the major releases, features, and tools of each one.
Novell NetWare Originally known as Share Net, Novell’s NetWare NOS has been evolving for nearly 20 years, making it the dean of the three NOS platforms we will be discussing. Share Net debuted in 1983, and became NetWare shortly after. Early versions of NetWare were extremely successful in competing with Microsoft’s LAN Manager and Banyan Vines. Both of these products have followed the evolve or die motto, with LAN Manager evolving into Windows NT/2000, and Banyan Vines dying. NetWare has a bit of both of these possibilities in its past. In the mid 1990s it seemed as though NetWare was everywhere (most estimates showed that over 80 percent of all LANs ran on NetWare in 1995). When Novell brought out NetWare 5.x with a distributed network directory based on the x.500 standard, they appeared certain to crush all other competitors. Their NOS was better technologically than any of their competitors’, they had terrific market share already, and their customers were dedicated to the company and the product. Oddly, that was about the time the wheels came off. Four things seem to have occurred, more or less at the same time, that caused Novell serious problems: 1. The Web started reaching corporate networks around 1995. 2. Microsoft brought out Windows NT 4 in 1996. 3. Novell purchased WordPerfect, with the intention of matching
Microsoft with an OS/Productivity suite pairing. 4. The hardware explosion began. PCs went from 486/66MHz in 1995
to Pentium 4/2GHz as of Fall 2001.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Major Network Operating Systems
219
In short, here is the reading of one analyst about how this affected the company: Even as the most important technological revolution of the decade was going on around them, Novell spent its resources developing a word processor, and neglected to market their superior NOS. Microsoft, meanwhile, took advantage of the fact that faster hardware allowed their GUI servers to compete (somewhat) with Novell, and hit the advertising/marketing trail hard for NT. Microsoft quickly standardized on TCP/IP, and rode the wave of the Internet. NetWare did not switch to all TCP/IP for another four-plus years. Because of this, much of Novell’s market share has evaporated, and the company has a number of bridges to repair. Even so, there are significant reasons for optimism. They still have a great NOS, they have dumped WordPerfect, and they have a new management team. Here are some of the specs you will want to know about NetWare for the exam. These are generally written with an eye toward giving you “just enough NetWare.” The same practice will be followed for the other OSs. If you want detailed knowledge, check out the links and books mentioned.
Major Versions of Novell NetWare You will not encounter a multitude of NetWare versions—either on the Server+ Exam or in the real world. Novell (unlike Microsoft) has not released a dizzying array of products over the years. NetWare 3.x NetWare 3.x included NetWare 3.11 and 3.12, based around the product known as NetWare 386 having been introduced concurrently with Intel’s 386 chip. NetWare 3 supported multiple cross-platform clients (Microsoft, Apple) and had minimal hardware requirements (4MB RAM, 74MB hard disk space); this allowed for NetWare to be installed in low-cost environments. NetWare 3.x used a database called the Bindery to maintain groups’ and users’ accounts. The three major utility programs used (through a command line interface) to control a NetWare 3.x server were Syscon, PCONSOLE, and FILER. Syscon was used for user administration of the Bindery. PCONSOLE was used for printer setup. FILER was used for file operations.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
220
Chapter 7
Network Operating Systems
The simplicity and stability of NetWare 3.x made it a favorite among network administrators. The downside was that you had to switch between each of the three utility programs to perform all the required tasks. This meant exiting one program and starting another. NetWare 4.x NetWare version 4.x was released in 1994 and offered a new centralized administration service called NDS (Novell Directory Service). NDS not only eliminated the need for the three separate programs of NetWare 3 (Syscon, PCONSOLE, and FILER) but also allowed for administration of numerous servers through one console. Prior to version 4, changes had to be made individually on each server in the network. This was both a time-consuming and cumbersome task. The first release of NetWare 4.0 was fairly buggy and soon was replaced with 4.1 and then 4.2, which was stable. Version 4.2 was released as a steppingstone toward version 5. It is worth noting that during the release of version 4 Novell changed the name of the product to IntranetWare. Some believe that this was a marketing ploy to take advantage of the Internet craze that was forming at this time. The name was subsequently changed back to NetWare in version 5. NetWare 5.x NetWare version 5 made a radical change in network communication for Novell. Up to this point the Novell network protocol of choice was IPX/ SPX. With the release of version 5 Novell switched to TCP/IP as the protocol of choice. This change was in part due to the sweeping support for TCP/IP caused by the constant expanding Internet. The protocol of the Internet is TCP/IP. NetWare 5 also included support for a multiprocessor kernel. Previous versions of NetWare supported multiprocessors, but with the addition of another NLM. Other added features included a five-version license of Oracle 8 (a relational database software) and the inclusion of Z.E.N.works, which provided for management on the workstation side. NetWare 6.x A major improvement in the just released NetWare version 6 is the eDirectory, an upgrade to the NDS structure introduced in Netware 4x. Although eDirectory can be installed, maintained, and supported on non-NetWare platforms, including Windows NT/2000 and Linux/Unix servers, NDS runs only on NetWare servers. You no longer have to create and maintain
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Major Network Operating Systems
221
separate user accounts across platforms; instead, eDirectory automatically updates user policies, profiles, and privileges across eDirectory-accessible systems. This proves advantageous in multiserver environments where having to update information across several different servers with different operating systems can be problematic as well as time-consuming. NetWare 6 also offers IPP (Internet Printing Protocol). As expected by its name, this protocol allows for remote printing though the Internet. Finally, version 6 introduces iFolders, which offers a connection between locally stored data and server stored data that is synchronized. This allows remote access to files along with data security implementation though synchronous backup. Because NetWare 6 was released just recently, there is still a lot of exploration and learning happening. Within a year the good and bad will surface and a clearer understanding of the power of the operating system will allow for a clearer judgment on its effectiveness.
NetWare Architecture All operating systems are modular to a degree. Key components make up a core, which is the operating system. On this core other modules or programs are added. Novell is a classic example of this design idea in practice. The major component of NetWare is the kernel or core OS. Built on the kernel are NLMs (NetWare Loadable Modules). By creating a structure such as this, disk space can be conserved by selecting which components to load and which to not load. There are four key NLMs: disk drivers, LAN drivers, name space modules, and utility NLMs. Disk drivers provide access to disks and disk resources. NetWare version 3 used a .DSK extension to allow access to IDE drives. With the release of newer versions, this extension changed to .HAM or .CDM. LAN drivers interface between the NetWare kernel and the network card. This is an obviously important area, because the server must have a connection to the network. These drivers typically have a .LAN extension. Name space modules control how files look and are stored on the server. By default NetWare stores files using the old DOS naming convention. This is a file name of eight characters long, a period, and then a three-letter extension. Because different client operating systems that are accessing the server will use different file storage and naming conventions, the name space modules act as a buffer to mediate between the different files. The extension for a name space module is .NAM.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
222
Chapter 7
Network Operating Systems
Utility NLMs basically contain all the other items that do not fall into any of the previously mentioned categories. More then 70 percent of NLMs fall into the utility category, including print drivers (Novell Distributed Print Services). Each module is selectively loaded and linked to the NetWare kernel. This creates the Netware operating system.
NetWare Administration Administration for a NetWare server is actually done remotely. A separate client utility called Novell’s NetWare Client for Windows 95/98 must be installed on a client machine in order to control a NetWare server. This allows the server to be physically locked up and secure. In NetWare version 3, access is gained to the Bindery through a client machine running the NetWare client software. You must then log into the server as an Admin or a user with administrator rights. From this point you can gain access to create users and manage the server. In NetWare versions 4, 5, and 6, use the NDS rather than the Bindery. A Java applet can also be used rather then the command line utility or menu-based monitor starting in version 5.
NetWare Interoperability Novell NetWare supports Windows 95/98, Windows NT, Mac OS, VMS, OS/400 Unix, and OS/2 clients. Prior to NetWare version 5, Novell ran IPX/SPX natively. Starting with version 5, TCP/IP is the protocol of choice.
Windows In comparison to the other major vendors, Microsoft is the new kid on the block. And in being the new kid, Microsoft has taken a lot of heat over the years due to the glitches and the number of repair software patches that have been released to fix known problems. Over the recent years Microsoft has released a multitude of operating systems. The majority have been OSs for desktop computing but there have been releases for network operating systems too. Windows NT was the first Microsoft network operating system. It saw major changes and then was replaced by Windows 2000. Repair of known issues as well as advanced features and support for modern hardware are some of the key benefits of Windows 2000.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Major Network Operating Systems
223
Major Versions of Windows Microsoft originally focused their efforts on the desktop operating system environment. However, wanting to expand into the growing network field, they created a network operating system. Much like Novell’s NetWare, the Microsoft product has seen rapid change and several versions released. Windows NT Microsoft first attempted to create a network operating system with the release of Windows NT (New Technology). Version 3.1 was the first release to the public and it came out in 1993. Much like the original release of Windows 95, NT 3.1 was quite buggy and problematic. In the world of servers that is a cardinal sin. For this reason NT 3.1 was really not taken very seriously. NT 3.51 was released about a year later. Better stability, support for new hardware, and a familiar interface (built with the Windows 3.1 GUI) placed Microsoft into the network operating system arena that was previous dominated by Novell and Unix. With time Microsoft released Windows 95 as well as NT 4, which was based around the Windows 95 GUI. The cleverness of Microsoft marketing shone through again. Using the GUI from an operating system that the public was familiar with ensured less of a learning curve in using NT 4 as well as eliminating some intimidation. Stability issues and concerns from version 3 had been dealt with before the release of Windows NT 4 in 1996, and NT 4 became increasingly popular. The gamble of creating a network operating system with a familiar interface paid off and NT 4 vaulted Windows past Novell in network operating system sales as well as third-party programs being written for the OS. Added components in version 4 included IIS (Internet Information Server), a web server, and the Internet Explorer web browser. Windows NT 4 became widely accepted as an OS for an enterprise server but not for a backbone server—possibly due to fears dating from version 3’s instability, or possibly the newness of this operating system compared to Novell or Unix. Windows 2000 Windows 2000 Server was developed to address the fears in using Windows as a true server operating system in large environments. With the release of Windows 2000, a change in protocol use also occurred. Prior to Windows 2000, Net BEUI was the native protocol of choice. Windows 2000, much like NetWare, switched to TCP/IP as its main protocol to be better supported with the Internet. Previous versions of Windows
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
224
Chapter 7
Network Operating Systems
Server used NTDS (NT Directory Services) to control user accounts and groups security. Windows 2000 switched to AD (Active Directory). This new service was more in line with Novell and followed the X.500 standards, using a hierarchical approach to naming conventions. Windows 2000 also improved on network and system performance monitoring by creating a management utility called Administrative Tools. Figure 7.1 is a screen shot of Administrative Tools. Administration is now done centrally through the MMC (Microsoft Management Console) in Windows 2000. FIGURE 7.1
Windows 2000 Administrative Tools
Windows Interoperability A server never operates in an isolated environment. Clients and other servers connecting to the server come from various sources and platforms such as versions of Windows, NetWare, Unix, and Apple. Windows NT offers client and print services for Novell, Apple, and Unix. The Novell services are called GSNW (gateway services for NetWare), CSNW (client services for NetWare), and FPNW (file and print services for NetWare). Macintosh clients can also access a Windows server, but client software will have to be installed. All Microsoft operating systems are also natively supported (including DOS and Windows 3, 95, 98, and Me).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Major Network Operating Systems
225
Windows Administration Both NT and Windows 2000 are administered through the User Manager for Domains. It is located in the Administrative Tools folder. Through this utility you can create both users and groups for the local computer or for the network. This simple utility gives a clear visual of the users on the network.
Unix/Linux It is claimed that the first version of Unix was invented in 1969 at Bell Labs. Regardless of the date, Unix is definitely the oldest network operating system in use today. Even though there has been constant change in the appearance and even function with each new flavor, the core of the operating system remains the same.
Unix Architecture Unix uses a 32-bit command-line-based core capable of supporting a GUI (often called X Window). Unix natively supports TCP/IP as its primary protocol. The Server+ Exam does not cover Unix operating systems very much, but be aware of some of the essential flavors of Unix as well as their benefits.
Major Versions of Unix As previously mentioned, there are countless versions of Unix available. The open design architecture combined with low cost of ownership has encouraged the development of the many versions of Unix in active use today. Linux Linux is a Unix flavor that has been receiving a lot of attention over the last few years. Linux version 1 was released in 1994 and has been updated constantly since that point. Linux prefers to be run on an Intel platform, but successful attempts have been made with RISC processors as well as on a Macintosh. Two releases of Linux should be mentioned: Red Hat Linux and Slackware. Red Hat Linux is a portable version that will run on an Intel, Alpha, and Sparc processor. Slackware was designed for the Intel platform only and will support up to 16 processors, as well as Ethernet networking.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
226
Chapter 7
Network Operating Systems
For more information on Linux distributions go to www.linux.org.
SCO Linux Santa Cruz Operation Linux makes OpenServer and UnixWare. OpenServer is robust and scalable and is used with Intel equipment. UnixWare was obtained by SCO Linux from Novell in 1997. UnixWare provides interoperability with Novell-based networks as well as being easy to administer and install. Sun Solaris Sun Microsystems created its own Unix called Sun Solaris. It was designed to run on a SPARC platform, rather than an Intel. Sun sells both the server hardware and operating system together designed for Internet servers.
Unix Administration Unix administration is most commonly done through a GUI called X Window or through a command line utility called a shell. There are three major shells used: Bourne, C, and BASH. New accounts are made through modification of the /etc/passwd file. Normally administration is done through the X Window utility, where the User Configurator is used.
Installing a NOS
I
nstalling a network operating system can be a confusing process. If you have ever formatted and reinstalled a desktop PC you will remember that there are many processes and steps that have to be followed in a specific order. Drivers and disks that support items such as video cards, network cards, and SCSI cards will have to be installed with the assistance of manufacturer-supplied drivers. At times, patch files and firmware will have to be used as well. (Refer to Chapter 11, “Managing and Securing the Server Environment,” for more information on patch files.)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Installing a NOS
227
Verify Hardware Compatibility The first step in installing a network operating system is to confirm that the OS supports all the hardware. This will especially include the expansion card devices such as video, SCSI, RAID, and network cards. Remember from the previous section, some NOSs (such as Unix) are designed to run on non-Intel-based machines. All connected hardware should be confirmed as compatible before any attempt to perform an install is done. This also includes external devices such as the UPS and UPS monitoring tools. Verification at this stage will also include drivers for the software. Most hardware will come with a CD or floppy disk containing drivers for common operating systems. Oftentimes though the driver on the manufacturer disk will be outdated—having been created at the time that the product was made, these drivers can be several years old. It is always best to check with the manufacturer’s website for the latest drivers. Other times the disk may not contain drivers designed for the operating system that you are installing. This also requires a trip to the manufacturer’s website to locate new and suitable drivers. This is often the case today as people begin the upgrade to Windows XP. The driver disks that came with their hardware do not contain drivers for Windows XP. Although you can try to use an NT or 98 driver, they probably will not work as expected. Once all the proper drivers have been located and the hardware has been confirmed with the operating system’s compatibility list, then the installation can occur. It is at this time that you will also have to deal with licensing the server and determining the number of clients that are accessing it. Along in the installation process the server will want to know how many client licenses you have purchased. NOS installation is fairly straightforward: NOSs are normally found on CDs that have an executable file that will begin the installation process. Installation wizards then will guide you through the installation process step-by-step. The Server+ Exam does not test you on the details of each NOS install. Expect, with the multitude of configurations (such as RAID), that the NOS installation will take a few hours to complete. Once the network operating system has been installed, the system should be rebooted (it will most likely want to reboot several times during the installation as well). This reboot will allow you to carefully monitor the computer’s behavior. You should be looking for signs of trouble through the POST, error messages, and beep codes.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
228
Chapter 7
Network Operating Systems
More on POST and error messages will be covered in Chapter 12, “Performance and Hardware Monitoring,” and Chapter 15, “Disaster Recovery.”
Any problems during the installation of the operating system should be noticeable and dealt with at this point. Windows 2000 offers the Computer Management utility to help assess any hardware and software problems, and Novell offers an ABEND.log to record any abnormal endings that the server may have encountered. Both utilities point to potentially serious hardware and operating system problems.
Verify Network Connectivity Before installing any further software or network components, verification of network connectivity should occur. Verification at this point takes on a few forms. If you are using an Ethernet connection, there can be a visual inspection of the link lights on the network card to ensure connectivity. Link lights are located right beside the RJ-45 plug and they light up (usually green or red) to indicate that there is connectivity between the network card and the rest of the network. The next step is configuration of the server to the network card and rest of the network. This will require naming the server. The server should be provided with a meaningful name, as it is also the name that is viewable to the clients on the network. For example, if the server is an e-mail server, then the logical name should be Email Server. Other configuration includes installing the appropriate domain name and protocol. If this is a server for a brand new network, then the server might have to fulfill the role of providing authentication and access to the network. In that sense (and in accordance with Windows NT standards), it would be called a Domain Controller. In selecting a protocol to control traffic and communication on the network, a decision will have to be made as to the purpose of the network as well as the type of connectivity. To keep things simple here (you will learn more about protocols in Chapter 8, “TCP/IP”), it is best to use TCP/IP.
Configure External Peripherals Now that the server is up and running, there are no hardware conflicts, and the networking is communicating as expected, the time has come to install
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Installing a NOS
229
the external peripherals. This includes locally attached printers, modems, external drives, and the UPS. A locally attached printer can be used to print from a server or shared out and used as a network printer. The latter case is commonly seen in small networks. The server acts as a print server and a printer is locally attached (or it can be attached through the network to the hub or switch). If you are networking a printer off the server, the printer will have to be configured as a network printer. This includes sharing the printer so it will be visible to the clients, as well as installing a shared driver that will be accessible to the clients who need to install the printer. Care must be taken to have available drivers for all the client operating systems that might need the printer. For example, a Novell server with Windows 98 and NT clients will need to have printer drivers accessible for the Novell server, Windows 98, and NT clients—three different server print drivers. Installation of the UPS monitoring software and central connectivity device monitoring tools occurs at this time. If you have a Cisco switch or hub, there are remote management tools that can be installed on the server to monitor and manage these devices.
Install Network Software Network software includes items like database programs. Any software that is installed on the server and will be used by clients is considered a network software program. An example is an e-mail program. In in-house e-mail programs, all messages are stored on the server until retrieved by the client. This places a server in the role of a central storage facility requiring an authentication method for the messages before releasing them. After the previous step, confirming that the server hardware and operating system are functioning properly and network connectivity is running, all network-based software can be installed. Upon installing each network program, confirm with the network operating system that the software is operating successfully. This may be difficult without client access, but that step can be verified at a later time.
Install NOS Updates to Design Specifications Over time, updates are released by NOS manufacturers to repair known issues or provide advanced features. These updates are provided by all manufacturers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
230
Chapter 7
Network Operating Systems
It is a good idea to get on a mailing list with your OS manufacturer to keep up to date. One of the key elements to remember is that not every update produced must be installed on your server. Weigh the functionality and need of the update against the potential risks and possible drawbacks and see if it is really worth performing the update. Sometime it is best not to take the chance. Other times, updates are essential. Windows 2000 was not out very long before a service pack update was released to deal with serious problems in the running of the operating system. This was an obvious patch that you would want to install. Windows NT, over the course of its active existence, had six different service packs created and released to the public to repair and improve on the operating system. Read the information on the update carefully before you decide whether to install or not.
For more information see Chapter 10, “Hardware Updates,” and Chapter 11, “Software Updates.”
Client Access Once you are sure that the operating system is running stably with the hardware as well as network software, access can be granted to the clients slowly. You may have wondered why, a few steps earlier, I mentioned installing network software and partially testing it before there were clients accessing it to ensure that it was running fully. Granting client access is usually the last step when installing or upgrading a server. Until you are sure that the server is fully functional and capable of handling the stress of client requests, you should not allow access to it. Not only will you have to deal with an improperly running server if you grant access too early, but everyone who has connected to it will be calling you and letting you know that the server is down. Clients may also take the liberty of starting to store files or use the applications on the server, and if you need to restart the server for some reason, you are going to get caught in the middle of some agitated personnel. It is therefore best to ensure that everything is running ideally before granting access.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
231
Getting It All Running Probably the best situation I have had the chance to work in was a few summers ago when the school I worked for decided to expand and purchase a lot of new equipment. When the shipments arrived, I found myself on the floor surrounded by five IBM Netfinity 5500 servers, five Intel 510T switches, and 80 Dell laptops—all of which had to be networked. The nice thing was that I had all summer to perform the task without anyone over my shoulder asking if it was ready yet because they needed to check their e-mail. Having the space and time planned out allowed me to carefully and methodically unpack, inspect, install, and configure all the equipment. All the hardware and software could be tested and run for days to confirm that they would perform as expected. When problems did arise, there was ample time to research and fix each situation. Whether your project is a simple upgrade or a complete build, always leave enough time to perform the task as well as any unexpected issues that may arise.
Summary
C
hapter 7 is all about network operating systems. Focus was given to the major types of operating systems and their differences. We began with an exploration of network operating system options including application compatibility, hardware requirements, features, and cost. Each element was discussed in comparison to the three major network operating systems: Windows NT/2000, Novell NetWare, and Unix/Linux. OS/2 Warp, IBM’s server operating system, was also introduced as another alternative. Novell NetWare was released in 1983. It used a command-line-based utility that was administered remotely from another computer. Major releases of NetWare include version 3, which used a Bindery to maintain usernames and accounts; version 4, which switched from the Bindery to NDS (Novell Directory Services); version 5; and recently version 6. Novell natively ran on IPX/SPX until version 5, which changed to TCP/IP.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
232
Chapter 7
Network Operating Systems
Windows released its server operating system called NT (New Technology) in 1993. Version 3.1 was fairly buggy and not widely used. An update was version 3.51, which repaired the issues in the previous version and used the familiar Windows 3.1 GUI. NT version 4 updated numerous features, including the use of the Windows 95 GUI. Windows 2000, released more recently, included a new feature called the Active Directory to deal with users and account security. Windows had natively run on the NetBEUI protocol until Windows 2000, which changed to TCP/IP. Unix comes in many flavors due to its open architecture and low cost of ownership. Common releases include Linux, SCO Linux, and Sun Solaris. Due to the uniqueness of each release, Unix tends to be immune to virus attack. Natively, Unix runs on the TCP/IP protocol suite. Steps involved in installing a network operating system include verifying hardware compatibility. This includes compatibility with the server, external devices such as modems and printers, and the rest of the network hardware and software. Installing the network software includes programs such as database and e-mail software that are used by the clients in the network. Finally client access is given to the server after all hardware and software functions are confirmed as operating properly.
Exam Essentials Know the three main network operating systems. This includes Windows NT/2000, Novell NetWare, and Unix. Know the variables to consider when selecting a NOS. Application compatibility, hardware requirements, features, and cost are the main variables to consider. Know the basic installation requirements for each major NOS. Novell version 6 requires an Intel Pentium II or higher processor with 2GB of hard drive space, 256 of RAM, a CD-ROM drive, and a VGA adapter. Windows 2000 requires an Intel Pentium 133, 128MB of RAM, 1GB of hard drive space, a mouse, keyboard, CD-ROM drive, and a network card.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Key Terms
233
Unix requirements vary but generally include an Intel-based processor, 64MB RAM, 500MB hard drive space, a CD-ROM, and a VGA adapter. Know the major releases of Novell NetWare. NetWare version 3 used a Bindery and was generally command-line-based. Versions 4, 5, and 6 used NDS and offered a Java applet for administration. Know how Windows is administered. Windows NT is administered through User Manager for Domains, while Windows 2000 is administered through Active Directory. Know the major versions of Unix in use today. These include Linux, SCO Linux, and Sun Solaris. Know the steps to installing a server. Be able to verify hardware compatibility, verify network connectivity, configure external peripherals, install network software, install network updates, and give client access to server.
Key Terms
Before you take the exam, be certain you are familiar with the following terms: AD (Active Directory)
GUI
BASH
iFolders
Bindery
IntranetWare
Bourne
IPP (Internet Printing Protocol)
C
IPX/SPX
command line
kernel
eDirectory
Linux
FILER
NDS
flavors
network operating system (NOS)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
234
Chapter 7
Network Operating Systems
NLMs (NetWare Loadable Modules)
shell
Novell NetWare
Slackware
NTDS (NT Directory Services)
Sun Solaris
OpenServer
Syscon
OS/2
TCP/IP
PCONSOLE
Unix/Linux
Per Seat
UnixWare
Per Server
Windows 2000
Red Hat Linux
X Window
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
235
Review Questions 1. Which network operating system is referred to as a Warp Server? A. NetWare B. Unix/Linux C. Windows 2000/NT D. OS/2 2. Of all the network operating systems that we looked at in this chapter,
which one is the cheapest to acquire? A. NetWare B. Unix C. Windows 2000/NT D. OS/2 E. Linux 3. According to this chapter, Novell’s eDirectory can be used on which
operating systems? A. NetWare B. Unix/Linux C. Windows NT D. OS/2 E. All of the above 4. Which network operating system natively supports the Bindery
system? A. NetWare 3 B. Unix/Linux C. Windows 2000 D. NT 4
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
236
Chapter 7
Network Operating Systems
5. Which network operating system (or systems) is not administered with
a graphical user interface? A. NetWare B. Unix/Linux C. Windows 2000/NT D. OS/2 6. Which network operating system makes use of Active Directory
Services? A. NetWare B. Unix/Linux C. Windows 2000 D. OS/2 7. Which network operating system has been used on e-mail servers
where stability, performance, and virus immunity were mandatory? A. NetWare B. Unix C. Windows 2000/NT D. OS/2 8. What is IPP an acronym for? A. Internet Printing Protocol B. Internet Program Passage C. Intel Pilot Project D. Interlaced Protection Program
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
9. Which of the following is not a Unix shell? A. Bourne B. Bash C. X Window D. DOS 10. What is the client utility that must be installed to administer a
NetWare server? A. System 32 B. PCONSOLE C. User Manager D. Novell NetWare Client for Windows 95/98 11. Which version of Linux is designed for an Intel platform and will
support networking? A. SCO Unix B. Slackware C. Red Hat D. Susie 12. Which operating system uses a GUI in common with a desktop
operating system? A. Windows NT B. NetWare 5 C. OS/2 Warp D. Linux
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
237
238
Chapter 7
Network Operating Systems
13. What utility is used to administer the Bindery in NetWare version 3? A. Syscon B. Administrator C. Bindery Manager D. PCONSOLE E. User Manager 14. Which operating system has been around the longest? A. NetWare B. Unix C. Windows 2000/NT D. OS/2 15. What is the minimum RAM requirement for Windows 2000? A. 64MB B. 128MB C. 256MB D. 32MB 16. Which NOS would you most likely find using Visual Basic scripts? A. NetWare B. Unix/Linux C. Windows 2000/NT D. OS/2 17. Which NLM would be used for network card drivers? A. Name space B. Utility C. Disk D. LAN
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
18. Which of the following is not a NOS? A. Windows 2000 Server B. Windows NT 4 C. Novell NetWare D. Windows Me 19. Which operating system uses NLMs? A. Unix B. Windows 2000 C. NetWare D. OS/2 Warp 20. Which of the following network operating systems use TCP/IP as
their preferred transport protocol? A. NetWare B. Unix/Linux C. Windows 2000/NT D. OS/2 E. All of the above
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
239
240
Chapter 7
Network Operating Systems
Answers to Review Questions 1. D. OS/2 from IBM is known as Warp Server. 2. E. Linux is available for the price of a download. 3. A, B, C. NDS eDirectory can be ported to Unix/Linux and Win-
dows NT, as well as run on its native NetWare. 4. A. NetWare 3 supports the use of the Bindery. 5. B. Unix and Linux are primarily administered through script or
configuration files. 6. C. Windows 2000 makes use of Active Directory Services. 7. B. As much as proponents of the other operating systems would love
to argue the point, Unix is the operating system of choice for most mission-critical super-servers. 8. A. IPP is a program in NetWare version 6 that allows for Internet
based printing through the Internet Printing Protocol. 9. D. DOS is an operating system, not a shell of Unix. 10. D. Novell is administered through the use of a client computer with
the Novell NetWare Client for Windows 95/98 installed. 11. B. Slackware Linux was designed for the Intel platform and will
support Ethernet networking. 12. A. Windows NT is based around the Windows 95 GUI. 13. A. In NetWare version 3.X the Bindery was administered through
the Syscon utility. 14. B. Unix has been around for over 30 years. 15. B. Windows 2000 requires a minimum of 128MB of RAM to operate. 16. C. Visual Basic is a Microsoft product and is an integral part of the
Windows 2000 and Windows NT environment. 17. D. LAN NLMs are used to install network drivers for NetWare. 18. D. Windows Me is Microsoft’s home version operating system. 19. C. Novell’s NetWare is based around NetWare Loadable Modules. 20. E. All of the network operating systems mentioned in this chapter
would like your network to run on nothing but TCP/IP. Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
8
TCP/IP COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 6.2 Use diagnostic hardware and software tools and utilities
Identify common diagnostic tools across the following OS: Microsoft Windows NT/2000; Novell NetWare, Unix, Linux, IBM OS/2
Perform shut down across the following OS: Microsoft Windows NT/2000, Novell NetWare, Unix, Linux, IBM OS/2
Select the appropriate tool
Use the selected tool effectively
Replace defective hardware components as appropriate
Identify defective FRUs and replace with correct part
Interpret error logs, operating system errors, health logs, and critical events
Use documentation from previous technician successfully
Locate and effectively use hot tips (e.g., fixes, OS updates, E-support, web pages, CDs)
Gather resources to get problem solved: Identify situations requiring call for assistance; acquire appropriate documentation
Describe how to perform remote troubleshooting for a wake-on-LAN
Describe how to perform remote troubleshooting for a remote alert.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
N
etworking protocols are one of the most important components in a network environment, providing communication capabilities between network computers. The most commonly used protocol on networks today is TCP/IP. This chapter will introduce you to the fundamentals of the TCP/IP protocol suite. It will then go on to explain the major concepts behind IP addressing and introduce you to some of the utilities that can be used to troubleshoot an IP-based network.
TCP/IP Explained
T
CP/IP has is an Internet standard protocol that is implemented on most networks today. It is a suite of different protocols that provide communication capabilities between network computers. The following section will provide you with a brief overview of the TCP/IP protocol suite and the role each protocol plays in network communication.
What Is TCP/IP? TCP/IP has become the most widely used protocol. It is the protocol used on the Internet and on routed networks. TCP/IP is a suite of protocols that maps to a four-layer reference model known as the DoD (Department of Defense) Model. The Model basically describes how communication between two hosts on a network occurs. You may also be familiar with the OSI Model. This model was developed to implement a standard on how network communication occurs. Vendors
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Explained
243
design their products based on the OSI Model. Essentially the OSI Model enables communication between software and hardware regardless of the vendor (as long as the network components are designed to the standards of the model). The OSI Model divides network communication into seven layers, as opposed to the four layers used in the DoD Model. Each layer in the DoD Model maps to one or more of the seven layers in the OSI Model. The four layers of the DoD Model are as follows: Application, Transport, Internet, and Network. The following section will discuss the different layers of the DoD Model and how the different protocols making up TCP/IP map to this four-layer model.
Application Layer The top layer of the DoD Model is the application layer. This layer defines how applications communicate with one another on a network. Application layer protocols often provide support to client/server applications. A client application running on one computer will communicate with the server application running on another computer using the services of application layer protocols. Let’s take a moment to review these protocols in detail. Simple Mail Transfer Protocol SMTP (Simple Mail Transfer Protocol) is used to send e-mail messages from one mail server to another. SMTP is usually used to send e-mail messages over the Internet. The e-mail messages are then retrieved using POP or IMAP. When you configure your e-mail application, you have to specify the SMTP server that your e-mail application will be sending mail to. Simple Network Management Protocol The Simple Network Management Protocol is a set of protocols that are used for collecting information about a network. SNMP agents are network devices such as computers, routers, and bridges that gather information about themselves and return the information to a system running a SNMP management program. File Transfer Protocol The file transfer protocol is used to transfer files between computer systems. It is a standard protocol that allows files to be transferred between dissimilar systems. The user transferring files will usually need a username and password with permission to access the file unless a guest account is being used on the remote system. FTP uses the TCP protocol to transfer the files.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
244
Chapter 8
TCP/IP
Trivial File Transfer Protocol TFTP is a simple version of the file transfer protocol described above. It uses the UDP protocol and, unlike FTP, provides no security. A username and password are not required for TFTP. Telnet Telnet is a terminal emulation protocol used on TCP/IP networks. A client computer can use Telnet to log onto and connect to another host on the network regardless of the platform on which it is running. You can enter commands through Telnet and they will be executed on the remote system just as if you were sitting at the console. Telnet is often used for troubleshooting and connecting to and configuring routers. Hypertext Transfer Protocol HTTP is used for communication between a web browser and a web server. It is the protocol used on the Internet to format and send information. HTTP also dictates what actions to take when certain commands are issued through a web browser.
Transport Layer The next layer of the DoD Model is the transport layer. The protocols at this layer define the type of transmission service between two hosts. The transmission services provided by this level can be end-to-end and reliable or broadcast-based and unreliable. The protocols operating at this level providing transmission services include TCP and UDP. Transmission Control Protocol TCP (transmission control protocol) is a transport layer protocol that provides guaranteed delivery of packets between two hosts. It provides end-to-end communication, sequencing, and error control to ensure reliable delivery of data. Messages received from the application layer are broken down and sequenced. By sequencing the packets, TCP on the destination host is able to reassemble the message in the correct order and pass it to the upper application layer. On the sending computer TCP sends a group of packets to the destination host and waits for an acknowledgment for each one. Any packets that have gone unacknowledged will be retransmitted. User Datagram Protocol UDP (user datagram protocol) is the other transmission protocol that works at this layer. It is similar to TCP but it does not provide reliable delivery of
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Explained
245
data between hosts. It takes the messages from the application layer and breaks them down into smaller segments and uses sequencing. The difference is that UDP is not concerned with acknowledgments and does not resend packets that do not reach the destination host. Reliable delivery and error checking are performed by protocols working at the upper layers of the DoD Model.
Internet Layer Protocols operating at the Internet layer are responsible for things such as IP addressing and routing. This layer adds addressing information to the packet before it is placed on the network, resolves IP addresses to MAC addresses, and determines where a packet will be sent in order to reach the destination host. The protocols that work at this layer include IP, ARP, ICMP, and IGMP. Internet Protocol IP is by far the most important protocol working at the Internet layer and is often referred to as the mailroom of the TCP/IP protocol suite. It is here where packets from the upper layer are broken down into datagrams. IP adds addressing information to each datagram including the IP address of the sending computer and the IP address of the destination computer (refer to the section titled “IP Addressing” for more information). IP also performs routing functions because it is responsible for determining the best route for a datagram to be sent to reach the destination host. Address Resolution Protocol IP addresses are used for routing a datagram. Before a datagram can be sent to a host on a network, the logical IP address must be resolved to the physical address (or MAC address). If IP does not know the MAC address of the recipient, it is the responsibility of ARP to resolve the IP address to the MAC address. This is done via broadcast on the local subnet. ARP maintains a local cache of IP addresses that have been resolved to IP addresses. Before performing a broadcast, ARP will check the local cache to see if the IP address has already been resolved. If not, ARP generates a broadcast containing the IP address of the intended recipient. The intended recipient may be the actual host the local computer wants to communicate with or a local router if the destination host is on another subnet. All computers on the local subnet will look at the broadcast, and the host with the IP address will respond with its MAC address.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
246
Chapter 8
TCP/IP
BootP The BootP (boot program) protocol allows diskless workstations to boot up and send out a BootP request so the workstation can receive an IP address. The broadcast contains the MAC address of the client. A BootP server picks up the request and looks to the BootP file. If the BootP file contains an entry for the workstation’s MAC address, the BootP server responds with the workstation’s IP address and the name and location of the file it should boot from. Internet Control Message Protocol ICMP works with the IP protocol and is mostly a management and troubleshooting protocol. ICMP reports any packets containing error, control, or information messages. It will notify the sending host of any abnormal events that occur. The PING command, which is discussed later in the chapter, uses this protocol to test the connectivity between hosts. Internet Group Management Protocol IGMP (Internet Group Management Protocol) is used for multicasting on an IP network. It does this through the use of multicast groups. Hosts on a network use the IGMP protocol to join or leave a multicast group (host registration).
Network Layer There are no protocols and services defined at the network layer but it does perform some very important functions. Essentially, it takes datagrams from the network layer and breaks them into bits (1’s and 0’s). Then it adds the MAC address to the packet before it is placed on the network. Once placed on the network, it will determine the access method used by the network (for example, token passing, collision avoidance, collision detection). After it defines the network’s access method, it shifts its focus to the physical aspects of the network. The network layer determines the physical aspects of the network, such as the media and connectors.
IP Addressing
N
ow that you have an understanding of the protocols that make up TCP/IP and what each one is responsible for, let’s move on to IP addressing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
IP Addressing
247
There is a good chance that TCP/IP will be the protocol implemented on your network. In order to effectively implement an IP based network, it is important to have a basic understanding of IP addressing and subnetting. Even if you are not implementing the actual addressing scheme, general knowledge of how IP addressing is implemented can assist in troubleshooting addressing problems that may arise on the network.
Introduction to IP Addressing IP addresses are used to identify hosts on a given network. Every host (this includes computers, routers, and network interface printers) on an IP network requires an IP address. Each segment on a given network requires a unique network ID and every host on a segment requires a unique host ID. An IP address can be seen in two different formats—as a decimal number and as a binary number. Computers read an IP address as a 32-bit binary number like the one shown below: 10110111 11101111 10110011 10101011 For computer users, the IP address is viewed in decimal format. The binary number, like the one shown above, is broken down in four sections (called octets), each section containing eight bits. Each of the four octets is then converted to a decimal format by converting each bit to a number value and adding them up, giving you an IP address like the one shown below: 183.239.179.171 Binary uses 1’s and 0’s. Each bit in a binary number has a corresponding decimal value. The bit values within each octet are converted to a decimal format and then totaled. Table 8.1 shows the decimal value for each bit in an octet. TABLE 8.1
Converting from Binary to Decimal
Format
Value
Value
Value
Value
Value
Value
Value
Value
Binary
1
1
1
1
1
1
1
1
Decimal
128
64
32
16
8
4
2
1
Using this table, the binary number shown below can easily be converted to the decimal number below it. 11000000 10101000 00011000 10000100 192.168.24.132
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
248
Chapter 8
TCP/IP
Network and Host ID’s An IP address consists of two parts, one identifying the network and the other identifying a unique host on that network. The most common analogy used to describe network and host ID’s is in terms of your own personal address. Your address will consist of a street and house number. All houses on the same street have the same street address and each house on that street requires a unique house number. Similarly, all segments on a given network require a unique network ID to identify them, and each host requires a host ID that is unique to their segment. The next section shows you how to determine which portion of an IP address represents the network ID and the host ID. For every IP address a corresponding subnet mask is required. The subnet mask is used to distinguish which portion of the IP address refers to the network ID and which portion of it refers to the host ID. When a computer on a network needs to communicate with another computer, it must determine if the destination host is on the same network or if it is on a remote network. The subnet mask is used to determine what part of the IP address is used to identify the network ID. This is done by setting all the bits in the subnet mask representing the network ID to 1’s (the remaining bits used for the host ID are left as 0’s). For example: IP Address Subnet Mask
192.168.10.2 255.255.255.0
11000000 10101000 00001010 00000010 11111111 11111111 11111111 00000000
By looking at the subnet mask in the example above, you can see that the first three octets of the IP address are used for the network ID (192.168.10.0).
IP Address Classes Those who designed the Internet also broke the available IP addresses down into different classes that could be assigned based on network size. The number of hosts you can have per network address depends on the class of address that you have been assigned. How you determine the network and host ID’s within an IP address is also dependent on the address class. Table 8.2 summarizes the five address classes.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
IP Addressing
TABLE 8.2
249
IP Address Classes
Class
First Octet Value
Max Networks
Max Hosts Per network
Subnet Mask
A
1–126
127
16,777,216
255.0.0.0
B
128–191
16,384
65,534
255.255.0.0
C
192–223
2,097,152
254
255.255.255.0
D
224–239
Used for multicast
E
240–254
Used for experimental purposes
The value 127 is not included in the available ranges; 127 is reserved for testing purposes and cannot be assigned to any computer. 127.0.0.1 is referred to as the loopback address and can be used to test whether TCP/IP is initialized on a local computer by typing PING 127.0.0.1. Essentially what the computer is doing is pinging itself.
Certain IP address ranges from the different classes have been excluded for use on the public Internet. These are known as private IP addresses and are only used on private networks. If you implement a private IP address range on your internal network but still want to access the Internet, you will have to implement some form of gateway, such as Microsoft ISA Server, that has an interface with a valid Internet IP address. Table 8.3 lists the private IP address ranges. TABLE 8.3
Private IP Address Ranges Network Range
Subnet Mask
10.0.0.0
255.0.0.0
172.16.0.0
255.240.0.0
192.168.0.0
255.255.255.0
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
250
Chapter 8
TCP/IP
The problem with the current address classes is that they are very inefficient. For example, assigning a network of 10,000 users a Class A address means that a large number of host addresses are going unused. A network with 10,000 users being assigned a network address from a class that can support up to 17 million hosts per network is inefficient. Also, with a typical network today being essentially an internetwork—a single network made up of multiple segments—how is routing going to occur if you have only been assigned a single network ID. The following section will introduce the topic of subnetting, which has been developed to overcome the current limitations of the address classes.
Subnetting Networks today are growing in size, spanning geographical locations, and often consist of many different segments (networks within networks). You may be asking yourself why you would want to divide a network into several different distinct segments. Here are a few reasons:
It allows you to connect different types of networks such as an Ethernet network with a token ring network.
Remote offices or locations can be made a part of the main network.
Traffic can be limited to a local segment, thus reducing broadcast traffic.
If a network is to be divided into distinct segments, each segment will require its own unique network ID. If you have a single network ID that has been assigned to you by InterNIC, you must take that network ID and divide it into other network ID’s. Subnetting overcomes the limitation of a single network ID. Subnetting involves taking a single network ID and splitting that into multiple subnets (or multiple network ID’s). Each segment is separated by a router, and a custom subnet mask is created so there is a way to distinguish between the different subnets. Essentially what you are doing is taking a single network ID and dividing it up into smaller subnets. Since the subnet mask is used to determine the network ID of an IP address, you will need to create a custom subnet mask. This is accomplished by taking away some of the bits used for the host ID’s and creating a subnet address. The bits that you are taking away from the host ID’s are now going to be used to identify the different subnets within the network (this also means that you will now have fewer host ID’s available on your network).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
IP Addressing
251
Take a look at a simple example to illustrate this: Suppose you have been assigned a Class B address of 154.123.0.0. The default subnet mask associated with a Class B address is 255.255.0.0. Computer 1 and Computer 2 have been assigned the following IP addresses: Computer 1 – 154.123.15.5 255.255.0.0 Computer 2 – 154.123.20.5 255.255.0.0 Using the subnet mask it can easily be determined that the two computers are on the same subnet (by looking at the first two octets of each IP address to see if they correspond). Now suppose the default subnet mask for the Class B address is changed to the following because the network is divided into distinct segments and Computer1 and Computer2 reside on different subnets: Computer 1 – 154.123.15.5 255.255.255.0 Computer 2 – 154.123.20.5 255.255.255.0 The custom subnet mask now indicates that these two computers are on different subnets. Instead of looking at the first two octets of the IP address (which is the default for a Class B address), the subnet masks now indicate that the third octet is used to identify unique subnets. Since the decimal value of the third octet does not correspond between the two IP addresses, the computers are on different subnets. Implementing a custom subnet mask may seem like a complex process but it follows a very logical process. Use the steps outlined below to plan for your subnetted network. 1. Determine the number of subnets or the number of network ID’s that
will be required taking into account future growth. A unique network ID is required for each subnet and each WAN connection. 2. Determine the maximum number of host ID’s you are going to need
for each subnet. A host ID is required for each network card using TCP/IP, any network interface printers running TCP/IP, and for each router interface. 3. Create a custom subnet mask based on the above information that
provides the necessary number of subnets and hosts per subnet. Let’s take a look at another example to illustrate the process of creating a custom subnet mask. Suppose you have been assigned the network address of 131.107.0.0 and a subnet mask of 255.255.0.0 (Class B). Normally the first two octets would be used for the network ID and the last two octets for the host ID’s.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
252
Chapter 8
TCP/IP
To create a custom subnet address to differentiate between the different subnets on the network, you take away some of the host bits from the third octet. The number of bits you take away for the subnet mask will depend on the number of network ID’s you need. If you require six subnets, you may end up with a custom subnet mask as shown below: Decimal 255.255.224.0 Binary 1111111 11111111 11100000 00000000
Notice that the binary value for the subnet mask has now increased by three bits as compared to the default subnet mask.
Use the following steps to create a custom subnet mask: 1. Determine the number of network ID’s. 2. Convert the number of subnets (network ID’s) to binary format. 3. The number of bits represents the number of subnets required and this
is the number of bits that you need to add to the default subnet mask. 4. Once the required bits have been added to the subnet mask, convert
the number back to decimal value. Let’s take a look at another example. Suppose you are assigned the Class A address of 110.0.0.0 and you need to create eight subnets. Your first step is to convert 8 into binary format, which gives you 00001000. All bits to the left of the leftmost one are ignored. The required number of bits then is 4 and 4 bits needs to be added to the default subnet mask, giving you a binary number shown below. 11111111 11110000 00000000 00000000 Convert this binary number back to a decimal format (255. 240.0.0) to get your custom subnet mask that will be assigned to all hosts on each distinct network.
IP Version 6 Since the Internet has grown in popularity, there is a shortage of IP addresses. The discussion so far has been focusing on IP version 4. The next version of IP, version 6 (IPv6), will overcome the addressing limitations of version 4 by using a 128-bit address. It will no longer be expressed as a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Utilities
253
four-octet decimal number, but rather as hexadecimal digits, with colons as separators between the sets.
Assigning IP Addresses Each host on a network requires an IP address. You can assign IP addresses statically or dynamically. The option you choose will depend on the size of your network. In a small environment, the administrative overhead of going around to each computer to assign an IP address as well as any optional parameters may be minimal. In a large environment, this may be impossible. In such cases you can install a service such as DCHP on one of your network servers and give it a range of IP addresses that it can automatically assign to clients. In terms of administration, it can all be done from a central location; the IP address range and parameters need to be typed in just once, and there is less chance for human error. When assigning IP addresses, network servers should always be configured with the same IP address. By creating a client reservation on the server assigning IP addresses, your network servers can still have dynamic IP addresses—but with a client reservation, they will always be assigned the same one. On the other hand, having your servers dependent on another server for their IP addresses does create a single point of failure. If the server assigning IP addresses is unavailable, your servers may not be able to acquire an IP address.
TCP/IP Utilities
There will be instances in a network environment when you experience TCP/IP connectivity problems, such as a client is unable to see a server on the network. TCP/IP comes with several utilities that can be used to troubleshoot connectivity problems that do arise. You should be familiar with these tools if you administer an IP-based network or if your internal network is connected to the public Internet.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
254
Chapter 8
TCP/IP
Some of the common TCP/IP utilities that are used for troubleshooting include the following:
ARP
PING
Tracert
Ipconfig
Netstat
Telnet
Nbtstat
Many of these utilities can perform various functions depending on the switches you use with the command. The switches available may depend on the operating system you are running. The following section will outline each of these utilities and how they may be useful in troubleshooting communication in a server environment.
ARP ARP stands for address resolution protocol. When a host on an IP-based network wants to send data to another host, the host name must be mapped to an IP addresses and the IP address mapped to a MAC address. ARP is the protocol responsible for mapping IP addresses to MAC addresses. It does this by sending out a broadcast packet containing the IP address of the intended host. The host owning the IP address responds to the broadcast with its MAC address. Each host also maintains an ARP cache containing IP-to-MAC address translations. Before a broadcast is made to resolve a MAC address, the ARP cache is examined to see if there is an entry. The main purpose of this is to cut down on the amount of broadcast traffic on a network. The syntax for viewing the ARP cache on a local computer is as follows: Arp -a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Utilities
255
By default, entries stored in the ARP cache are dynamic, meaning they are not permanent and are deleted within two minutes if not referenced. Using the -s command you can add in a static entry that will not be flushed out. This is useful for frequently accessed hosts. When adding the entry you must include the IP address of the host as well as the MAC address. Once the entry has been added it is listed as static. Table 8.4 summarizes some of the other switches that can be used with the ARP command. TABLE 8.4
ARP Command Line Switches Switch
Function
-a
Displays the current entries in the ARP cache
-s
Adds a static entry to the ARP cache for the Internet address and physical address specified
-d
Deletes an entry in the ARP cache
-n
Displays the ARP entries for the specified Internet address
PING One of the most commonly used utilities when troubleshooting connectivity problems on an IP-based network is the PING (Packet Internet Groper) utility. It is a command line utility that is primarily used to see if another host on the network is reachable and responsive. It works by sending out packets to another host on the network and waits for a reply. Most TCP/IP stacks that come with the different network operating systems come with a PING utility. They function the same, with some small variations such as the confirmation message that is received. The general syntax of the PING utility is as follows: Ping w.x.y.z where w.x.y.z is the IP address assigned to the host that you are testing connectivity with. If the host is reachable and responding, you will receive a confirmation message (see Figure 8.1).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
256
Chapter 8
TCP/IP
FIGURE 8.1
PING statistics indicating no packet loss
If the host is unreachable or is not responding, you will receive a request timed out message or a destination host unreachable message (see Figure 8.2). FIGURE 8.2
PING statistics indicating request timed out
Once TCP/IP is installed and configured on a server (or client), you can use the PING utility to determine if some of the parameters, such as the default gateway, are correctly configured. If your network is subnetted and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Utilities
257
connected via multiple routers, you can use this utility to ensure that remote networks are reachable. For example, if your network configuration is similar to the diagram shown in Figure 8.3, you can use PING to make sure that TCP/IP is correctly configured on Server1 and that your server can communicate with servers on remote subnets using the steps outlined below. FIGURE 8.3
Sample network configuration with two routers Server 2 192.168.15.10
192.168.22.11 192.168.2.15
192.168.15.15 192.168.22.10
Router 2
Router 1
Server 1 192.168.2.25
1. Open the command prompt on Server1 and PING the IP address of
Server2 (ping 192.168.15.10). If you get a reply message, then TCP/IP and its parameters are correctly configured. If the PING to Server2 fails, you can continue using PING to determine where the connectivity problem is. 2. Next, PING the IP address of Server2’s gateway. If you receive a reply,
you can determine that there is a connectivity problem with Server2. If you are unsuccessful, proceed to the next step. 3. From Server2 PING the IP address of the remote gateway (ping
192.168.22.10). If you receive a reply, you can then determine that Router 2 is where the connectivity problem lies. If the PING fails, you need to determine which side of the router is not functioning. 4. PING the IP address of Server1’s default gateway. If you are unsuc-
cessful, Router 1 may be experiencing problems, but also check that the TCP/IP parameters (such as the subnet mask and default gateway) are correctly configured on Server1.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
258
Chapter 8
TCP/IP
Tracert Tracert is another TCP/IP command line utility that can be used to trace the router interfaces that a packet must pass through to reach a destination. The number of routers that a packet must pass through is displayed as a hop count. Each router that forwards the packet is one hop. Tracert can be useful for troubleshooting if you are unable to reach a destination host—for example, if a router between your server and the destination host is having problems. Using the utility will allow you to easily determine the router on the network that is failing to forward packets (see Figure 8.4). Tracert can also report the time it takes for a packet to reach its destination, which can be useful in determining how efficient a specific route is. FIGURE 8.4
Tracert helps you pinpoint traffic problems
Ipconfig Ipconfig is a command line utility that can be used to view the TCP/IP parameters assigned to a host, such as the IP address, subnet mask, and nameservers. Ipconfig is very useful on Microsoft operating systems but will not work on NetWare or Unix systems. To use the utility, type ipconfig from a command prompt. To view more detailed TCP/IP parameters assigned to a host, use the /all switch along with the command. This command can be particularly useful if dynamic addressing is being used. For example, you can use the command to view and troubleshoot the parameters that have been assigned.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
TCP/IP Utilities
259
Netstat Netstat can be used to view the current TCP/IP inbound and outbound connections on a computer. It can also provide you with information on listening ports, TCP or UDP connection stats, Ethernet stats, and it can display the contents of the routing table. Figure 8.5 shows the output of the Netstat command using the -n switch. Table 8.5 lists the switches available. FIGURE 8.5
TABLE 8.5
Output of Netstat command
Netstat Command Line Switches Switch
Function
-a
Displays all connections and listening ports
-e
Displays Ethernet statistics
-n
Displays addresses and port numbers in numerical form
-r
Displays the routing table
-s
Displays per protocol statistics
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
260
Chapter 8
TCP/IP
Telnet Telnet is a remote terminal emulation program that is most often used for troubleshooting on TCP/IP networks. The Telnet program runs on a workstation and is used to connect to another host such as a network server. Once you establish a session with a host using Telnet, you can enter commands within the Telnet console that will be executed on the remote host or server. Telnet is often used in Unix environments as well as for configuring and troubleshooting devices such as routers and switches.
Nbtstat The Nbtstat utility is used to view NETBIOS over TCP/IP statistics, such as any current connections using NETBIOS over TCP/IP, protocol statistics, and any NETBIOS names that have been resolved to IP addresses. Table 8.6 summarizes the switches available with this command line utility. TABLE 8.6
Nbtstat Command Line Switches Switch
Function
-c
Displays the local NETBIOS cache
-n
Lists local NETBIOS names
-r
Lists the NETBIOS names resolved via broadcast and WINS
-R
Purges and reloads the cache
Summary
In this chapter you learned about the fundamental concepts underlying the TCP/IP suite of protocols. Since TCP/IP plays such an important role in networking and server environments, it is important to have some understanding of it. TCP/IP maps to the four-layer DoD Model and provides communication services between hosts on a network. Each of the protocols included in the suite operates at one of the four levels performing a specific function.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
261
The chapter also covered the concepts of IP addressing and subnetting. Even if you are not setting up the addressing scheme, it is important to understand how IP addressing works for troubleshooting purposes. All hosts on a network require an IP address and a subnet mask. The IP address is made up of a network ID and a host ID. The subnet mask is used to determine whether two hosts are on the same network. To overcome some of the limitations of IP addresses, you can implement subnetting. Finally we looked at some of the utilities that can be used on an IP-based network. There will be times when you experience communication problems on an IP network. The utilities discussed can be useful in troubleshooting and determining the source of the problem.
Exam Essentials Understand the DoD Model. TCP/IP maps to a four-layer conceptual model known as the DoD (Department of Defense) Model. It defines four layers, each layer performing specific functions enabling network communication. Understand the TCP/IP protocols. TCP/IP is a suite of protocols. Each of the protocols has a specific role and operates at one of the three upper levels of the DoD Model. Each protocol plays a role in network communication between two hosts. Know the difference between TCP and UDP. TCP and UDP work at the transport layer providing transmission services. TCP is an end-to-end connection-based protocol that provides reliable delivery of information between hosts. UDP is broadcast based and does not provide reliable delivery of information. Understand IP addressing and subnetting. Every host on an IP network requires an IP address and a subnet mask. This is a 32-bit logical number. It is made up of a network ID and a host ID. To overcome the limitation of IP addressing, you can implement subnetting. This allows you to take host bits away for a subnet ID. Understand the function of the different TCP/IP utilities. TCP/IP supports many different utilities that can be used in troubleshooting an IP network.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
262
Chapter 8
TCP/IP
Key Terms
Before you take the exam, be certain you are familiar with the following terms: ARP
POP
default gateway
SMTP (Simple Mail Transfer Protocol)
IMAP
subnet mask
IP
TCP (transmission control protocol)
Ipconfig
TCP/IP
Nbtstat
Telnet
Netstat
UDP (user datagram protocol)
PING
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
263
Review Questions 1. Which of the following TCP/IP protocols provide end-to-end reliable
communication between hosts? A. IP B. UCP C. TCP D. ARP 2. Which of the following utilities can be used to view the TCP/IP con-
figuration parameters on a Windows based computer? A. PING B. Ipconfig C. Netstat D. Nbtstat 3. What TCP/IP utility will display a list of all routers a packet must pass
through to reach a destination host? A. Telnet B. PING C. ARP D. Tracert 4. What is TCP/IP? A. A protocol used in network communication B. A troubleshooting utility C. A datagram sent from one host to another D. A suite of protocols for network communication
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
264
Chapter 8
TCP/IP
5. You have just installed TCP/IP on one of your network servers. You
want to test to make sure that it is initialized on the server. What command can you use? A. Ping 127.0.0.1 B. Tracert hostname C. PING hostname D. Ipconfig 127.0.0.1 6. What Internet layer protocol is used by the PING utility? A. TCP B. IGMP C. ICMP D. UDP 7. What TCP/IP protocol is used to resolve logical addresses into
physical addresses? A. IP B. ARP C. ICMP D. TCP 8. What is the default subnet mask for a Class B IP address? A. 255.0.0.0 B. 255.255.0.0 C. 255.255.255.0 D. 255.255.255.255 9. You are a network administrator for a medium-size company. One of
your responsibilities is to administer mail servers. One of the departments reports it is unable to receive and send e-mail. At which layer in the DoD Model is the problem occurring?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
265
A. Network B. Internet C. Transport D. Application 10. Your computer is assigned the IP address 131.107.54.221. Which of
the following represents this number in binary format? A. 10000011 01101011 00110110 11011101 B. 10000011 01110111 00110110 11011101 C. 10000001 01101011 00110110 11011101 D. 01000001 10010001 01110111 10001010 11. Which of the following utilities can be used for remote
administration? A. Nbtstat B. Telnet C. Netstat D. Tracert 12. What is the default subnet mask assigned to an IP address of
129.10.115.120? A. 255.0.0.0 B. 255.255.0.0 C. 255.255.255.0 D. 255.255.255.255 13. What DoD layer is responsible for taking datagrams and breaking
them up into bits, before adding the MAC address and placing the data on the network media? A. Network B. Application C. Internet D. Transport Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
266
Chapter 8
TCP/IP
14. Which protocol performs the same function as TCP except it is
connectionless? A. UDP B. SNMP C. PPP D. NDP 15. Which of the following protocols is responsible for message address-
ing and routing functions? A. TCP B. IP C. UDP D. ARP 16. By default, what is the host ID for the IP address of 192.168.10.220? A. 192.0.0.0 B. 0.168.10.220 C. 0.0.10.220 D. 0.0.0.220 17. By default, what is the network ID for the IP address of 129.158.221.15? A. 129.158.221.0 B. 0.0.221.15 C. 129.0.0.0 D. 129.158.0.0 18. What utility allows you to display all the current connections for a
server? A. FTP B. Netstat C. Nbtstat D. PING
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
267
19. Which decimal value represents the binary number 11100000
11111110 10101011 00011010? A. 224. 254.171.26 B. 240.254.171.26 C. 224.255.171.26 D. 224.254.171.16 20. Which of the following TCP/IP utilities will allow you to view statis-
tics on NETBIOS over TCP/IP? A. Netstat B. NetBIOSstat C. Nbtstat D. Nbstat
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
268
Chapter 8
TCP/IP
Answers to Review Questions 1. C. The Transmission Control Protocol provides end-to-end reliable
delivery of packets between hosts through session establishment, sequencing, and error control. 2. B. The Ipconfig utility can be used to see the IP configuration param-
eters that have been assigned to a computer, such as the IP address, subnet mask, and default gateway. 3. D. The Tracert utility can be used from a command prompt to trace
the router interfaces a packet must pass through in order to reach a destination. 4. D. TCP/IP is a suite of protocols for network communication. It is
made up of several protocols that perform specific functions enabling network communication. 5. A. PING 127.0.0.1 is used to test if TCP/IP is initialized on a local
computer. 6. C. The Internet Control Message Protocol is used by the PING utility. 7. B. The address resolution protocol is used to map logical addresses
into physical addresses. 8. B. The default subnet mask for a Class B network is 255.255.0.0. 9. D. SMTP and POP are responsible for the sending and receiving of
e-mail messages. Therefore the problem would lie at the application layer. 10. A. When 131.107.54.221 is converted to binary, the correct binary
number is that of answer A. 11. B. Telnet will allow you to connect to a remote device such as a server
or router and perform remote administration tasks. 12. B. 129.10.115.120 is a Class B address. Therefore the subnet mask
will be 255.255.0.0. 13. A. Datagrams are broken up into 0’s and 1’s and addressed at the
Network layer of the DoD model. The data is correctly addressed with the MAC address before being sent out on the media to its destination. 14. A. UDP performs the same function as TCP only it is a connectionless
protocol.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
269
15. B. IP is the protocol responsible for addressing messages and routing
functions. 16. D. The host ID for the Class C address of 192.168.10.220 is 0.0.0.220.
The first three octets are used for the network ID. 17. D. The network ID for the Class B address of 129.158.221.15 is
129.158.0.0. The first two octets identify the network and the remaining two identify hosts. 18. B. The Netstat utility will allow you to view all current connections
for a server (or workstation). 19. A. The binary number represented in decimal format is
224.254.171.26. 20. C. The Nbtstat utility can be used to view statistics on NETBIOS
over TCP/IP.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Upgrading
PART
IV
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
9
Upgrading and Maintenance COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 1.2 Install hardware using ESD best practices (boards, drives, processors, memory, internal cables, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS
Verify SCSI ID configuration and termination
Install external devices (e.g., keyboards, monitors, subsystems, modem rack, etc.)
Verify power-on via power-on sequence
2.6 Update manufacturer specific drivers 2.8 Perform Server baseline 3.3 Add hard drives
Verify that drives are the appropriate type
Confirm termination and cabling
For ATA/IDE drives, confirm cabling, master/slave and potential cross-brand compatibility
Upgrade mass storage
Add drives to array
Replace existing drives
Integrate into storage solution and make it available to the operating system
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Perform upgrade checklist, including: locate and obtain latest test drivers, OS updates, software, etc.; Review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
3.5 Upgrade BIOS/firmware
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.6 Upgrade adapters (e.g., NICs, SCSI cards, RAID, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.7 Upgrade peripheral devices, internal and external
Verify appropriate system resources (e.g., expansion slots, IRQ, DMA, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.8 Upgrade system monitoring agents
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade 3.9 Upgrade service tools (e.g., diagnostic tools, EISA configuration, diagnostic partition, SSU, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.10 Upgrade UPS
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
4.1 Perform regular backup 4.2 Create baseline and compare performance 4.5 Perform hardware verification 4.6 Establish remote notification
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
I
n a network environment, servers play one of the most important roles. If a server is down or if it is performing poorly, it has a direct impact on the rest of the network. Network servers are expected to be up, running, and meeting the demands placed on them almost 100 percent of the time. With these points in mind, your servers will need to be upgraded at some point in the future, whether it is a software upgrade, a hardware upgrade, or both, to continue to meet the demands being placed on them. Once a server is installed and running, it can’t be forgotten. All too often servers are set up and then ignored under the motto, “If it is running fine, then leave it alone.” Much like a car, servers need to be maintained. This maintenance includes monitoring, assessment, and—over time—upgrading. Through this process, hardware, software, and operating systems will be upgraded, changed, and even retired as they age. If this process is carried out properly, then unpredictable changes and financial strain can be avoided. This chapter explores the process of assessing and maintaining a server once it is up and running. This process can be carried out through several means, including establishing baselines and reviewing monitoring agents and log files. Based on gathered information, server performance can be monitored. Over time with added client stress the need for an upgrade can be determined, through this monitoring, before server performance degeneration results in either client frustration or server failure. The following chapter will also introduce you to the procedures that should be followed any time you are performing an upgrade to a server. Reviewing the information discussed in the chapter can help to ensure that your upgrade is successful and that you are prepared for any glitches that can occur.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
277
Assessment
One of the first steps in beginning to upgrade a server is to determine exactly what needs to be upgraded. This of course will depend on the role the server plays on the network and your reasons for performing the upgrade. If a server has become a bottleneck, you will need to determine what server component needs to be upgraded. Not performing an assessment can lead to an unnecessary upgrade being performed and money being misspent. The following section will look at performing an assessment of your server to determine when to upgrade and how to determine what component to upgrade. Assessment should not be a one-time process; instead, the information gleaned from constant monitoring can be useful for planning preventative maintenance and determining upgrade paths. Monitoring tools provide a means of watching and assessing server performance. Windows 2000, for example, offers a program called System Monitor, which is located in the Administrative Tools folder within the Control Panel. Figure 9.1 is a screen shot from the System Monitor. FIGURE 9.1
Windows 2000 System Monitor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
278
Chapter 9
Upgrading and Maintenance
Notice how the System Monitor offers a visual graph to represent current performance of the computer. The information represented in the graph is user-selected. In the screen shot example, processor time is the option selected. To select an option simply click the plus button and choose the counter you want to monitor. Figure 9.2 illustrates the Add Counters screen. FIGURE 9.2
Add Counters screen in Windows 2000 System Monitor
With the System Monitor numerous counters can be used at one time. This allows data to be collected and compared on several areas at once. The data accumulated can then be analyzed to locate patterns in system behavior. For example, does the processor time increase affect the interrupts-persecond counter? Besides the System Monitor, the Windows 2000 Performance utility also shows Performance Logs and Alerts, including Counter Logs, Trace Logs, and Alerts. The Counter Logs Monitor allows you to set a period of time during which the information gathered in the System Monitor will be recorded in a text file on the hard drive. This allows you to maintain a record of performance. This record can be reviewed at a later date or used to compare to data gathered at another time. The Trace Logs Monitor lets you trace changes and actions occurring on a computer. This information is useful in locating the source of potential problems. If a program action is responsible for server stress, then the Trace
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
279
Log will assist in tracking the program through its utilization of server resources. The Alerts utility provides a means of setting a threshold on counters. For example, the processor utilization seen in Figure 9.1 can have an alert set so an action is performed should the number exceed a user-set value. This action can include logging a message, sending a network message, starting a performance data log, or running a program. With an alert set, server stress can be properly handled before it leads to a bigger problem such as system failure. Regardless of the monitoring tools that are used (numerous third-party software packages are also available), the idea is to seek out potential bottlenecks. Bottlenecks are locations where the performance is hindered due to poor performance. This can include processor speed, amount of RAM, and hard drive speeds. System monitoring will assist in locating these problem areas. Monitoring tools used over a period of time will also assist in locating areas in which performance is slowly decreasing. This is a common problem that often goes unnoticed until it has become a serious issue. Assessment also takes on the form of analysis of both the need to upgrade as well as the upgrade procedure itself. With the assistance of Performance Logs and Alerts, the decision to upgrade computer hardware or software can be planned and carried out before poor server performance becomes critical. This saves you the hassle of dealing with an emergency upgrade at a less than opportune time. Since most servers are extremely expensive and complex devices, it requires careful planning and assessment before deciding on an upgrade.
Why Upgrade As time goes on, networks change, and changing networks have a direct impact on servers. Whether it is an increase in size or the use of a new network service, these changes have a direct impact on the workload placed on the server. To meet the demands of a changing environment and to be able to perform under the expected workload, servers will need to be upgraded at some point. This upgrade may be a hardware upgrade, a software upgrade, or both. You may think that the only reason you would upgrade a server is because a component is failing or becoming a bottleneck, but there are several other reasons as well. The following topics describe a few of the reasons why you might need to upgrade a server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
280
Chapter 9
Upgrading and Maintenance
Server Role As you saw in Chapter 1, a server can play many different roles in a network environment. The type of a role that a server is playing will determine its hardware and software requirements. For example, one of the most important components in a file server is the disk subsystem, but the most important component in an application server is the processor. Changing a server from one role to another may require that the server be upgraded.
New Applications and Services Introducing new applications and services into a network environment can mean that the servers on which they will be running need to be upgraded. Most applications and services come with a list of hardware and software requirements. Meeting the requirements might mean upgrading a server. For example, if you plan to install Microsoft Cluster Service on a server, you might need to first upgrade the operating system (to Windows NT 4 Enterprise Edition or Windows 2000 Advanced Server) and add the latest service packs. The same holds true for Novell and Unix applications as well. Always make sure that the network operating system supports the software that you are trying to install. Also, it’s critical to make sure the hardware you have supports the software you are trying to add. Generally speaking, the stated minimum hardware requirements are not sufficient. Always try to have more hardware than the application or service requires, for better performance.
Network Growth An increase in the size of a network will directly impact the workload being placed on your servers. An increase in the number of users means an increase in the number of users accessing network servers, whether it is for logon validation, accessing shared resources and applications, or other services. A server that was once capable of handling the workload might now need to be upgraded to meet this increase in demand.
Hard Disk Space One of the most common components to be upgraded in a server is the hard disk. For example, if your server is acting as a file server, hosting shares and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
281
storing user data, you may quickly run out of available storage space and find yourself needing to upgrade.
What to Upgrade The examples given above describe just a few of the possible reasons for upgrading hardware components and software on a server. Regardless of the type of upgrade you are performing, preplanning is a must. Determining what server component/components need to be upgraded can be a difficult task and will depend on your reason for performing the upgrade. If you are changing the role the server plays, you will need to assess what components are most important for that given role. If you plan to make an existing server a file server, you will probably be most concerned with upgrading the server’s disk subsystem. If your reason for upgrading is poor server performance, you will need to take some time assessing the server to determine which component is causing the bottleneck. This is where a server baseline becomes important (which also falls under the category of server maintenance). Server baselines can be used by network administrators to gauge the performance of a server over time. The baseline helps to establish what normal or acceptable performance for a server is. Using the information gathered over time, you can monitor the different server components to see if they are functioning individually and as a whole. You’re not going to spend all of your time establishing baselines. You will want to establish one when you first get the server running properly, and then each time you add a component or make a major change, you will want to re-establish new baselines as necessary. This will allow you to see how the performances of different components change over time (establishing server baselines will be covered in much more detail in Chapter 12, “Performance and Hardware Monitoring”). Once you see deterioration in server performance, you can monitor your server, compare it to your baseline of acceptable performance, and use the comparison to determine what component (or components) has become a bottleneck and what may need to be upgraded. Once you’ve determined what needs to be upgraded within a server, you can then begin planning for the actual upgrade. The tasks that need to be completed before doing the upgrade will be covered in the following section.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
282
Chapter 9
Upgrading and Maintenance
What to Upgrade Monitoring the real-time performance of a server on a regular basis can give you a really good idea of how your server performs throughout the day under various workloads. The information you gather and log can be valuable when trying to determine the source of a bottleneck and then what server component needs to be upgraded. Be careful though when you are using this information to determine the source of a problem. Upgrading one server component that you think is causing a bottleneck can inadvertently cause another bottleneck. When determining the source of a bottleneck, it is important to take a holistic approach. You can analyze the performance of server components individually but it is also important to analyze the server as a whole and how the different components work together. For example, suppose you run a performance-monitoring tool and determine that you have a high number of I/Os. So you think the hard drive is the bottleneck and upgrade it. Once the upgrade is complete, the number of I/Os does not decrease and you determine through further analysis that there is actually insufficient amount of RAM in the server. Not only have you spent dollars on an unnecessary hard drive—now you have to spend more to upgrade the RAM.
Upgrade Procedures As previously mentioned, carrying out an upgrade on a server is not something to be decided on lightheartedly. A careful plan of the upgrade, including a timeline, due dates, and milestones, must be established. During this planning stage, consideration of compatibility between the upgrade and existing hardware, software, and operating system must be dealt with, as well as the clients who access the server. Will their hardware, software, and operating systems be compatible with the server’s upgrade? In order to properly and successfully perform a server upgrade, it is important to follow some sort of procedural checklist. These are just some basic but important steps that should be followed any time an upgrade procedure is performed on a server, regardless of whether it is a hardware upgrade or software upgrade. Preplanning may seem like a tedious task to do for an upgrade but, when dealing with network servers, it is always better to be safe than sorry. Take for example an operating system upgrade. This is one of the most important upgrades that can be performed on a server
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
283
and considerable preplanning is required. You may think the upgrade is as simple as putting the CD in the CD-ROM, but what happens if the upgrade fails? What about the availability of the server’s resources during the upgrade? What about the applications installed on the server? Will the server’s hardware be compatible with the new operating system? Preplanning and completing the tasks outlined below will provide you with the answers to these kinds of questions before the upgrade takes place.
Upgrade Nightmare I remember a few years ago being called out to an office where an operating system upgrade was performed and they had some problems. Upon arrival I learned that the office was originally using Windows 98 and wanted better security and file safety so they chose to upgrade to Windows NT. After the upgrade, several computers had hardware problems, especially with mice and keyboards. As it turns out, the hardware in question was interfacing with the computer through the USB port. Unfortunately, Windows NT does not support USB interfaces. Had this company researched carefully into the upgrade, it would have realized this problem before deciding on performing the upgrade.
Planning the Upgrade Prior to upgrading a server, you should perform the following tasks:
Review any technical documentation.
Choose components.
Schedule the upgrade.
Perform a full backup of the server.
Document the server’s current settings.
Create a backout (rollback) plan.
Test the upgrade.
Schedule for server downtime.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
284
Chapter 9
Upgrading and Maintenance
Reviewing Technical Documentation Most upgrades will come with some form of technical documentation outlining the upgrade process. Reviewing this information will help you familiarize yourself with the upgrade process before it is actually performed and alert you to any issues that you need to be aware of. This includes all manuals, last minute notifications, and all Readme files that were supplied with the upgrade components. Within this documentation will be information regarding installation processes, possible issues, and customer support. Depending on the type of upgrade being performed (software, hardware, or operating system), specific steps will have to be followed to ensure proper operation and the desired outcome. Most websites will provide information on upgrade procedures. Take the time to browse through the information as well as check to see if there are any newsgroups available or known issues or forums pertaining to the upgrade. Most hardware manufacturers and operating system manufacturers will have some area on their website where users can share information or post questions. Chances are you are not the first network administrator to perform the upgrade and others may have posted information or advice.
Choosing Components In deciding on an upgrade, be sure to take the time to research numerous vendors and manufacturers. The multitude of products and manufacturers may seem overwhelming, but it will give a clear idea of the options and price range available. During this time, comparison to the components currently installed in the server will prevent any incompatibility. Most hardware and software manufacturers have extensive documentation on their websites and will share potential problems as well as incompatibility and known issues. Once components have arrived, the next step is to confirm all parts are accounted for and are not damaged. Copies of invoices and order forms should be verified and then filed into a documentation folder. Should a time come when confirmation or verification of parts is needed, referral to these invoices will be of great assistance.
Schedule the Upgrade Once the upgrade compatibility is confirmed and all known issues are dealt with, a timeline on the upgrade can be estimated. This will include the process of ordering the proper equipment, shipping, installing, testing, and configuring the upgrade. This process will also include any “red tape” that
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
285
may have to be taken care of. For example approval of the upgrade from management or a board of directors may have to take place before the go ahead. Scheduling the upgrade entails determining what upgrade steps are going to be completed at what times and who is responsible for performing them. The plan that is developed will of course depend on the type of upgrade that is being performed. A simple upgrade can be scheduled to occur during a span of a few hours while a more elaborate upgrade may be scheduled to occur over a span of several days (even months in some cases). Either way, a schedule of an upgrade organizes the procedures so technical staff—and maybe nontechnical staff—know what is going to occur and when it will occur. Depending on the business policies and how relaxed they are, your schedule may just include the date and time that the upgrade will occur or it may include details such as when the hardware and software will be purchased, when the testing phase will begin, and when users will be notified of server downtime.
Backup Talk to any experienced network administrator and one of the first things they will recommend before making any changes to a server is to perform a full backup. This means backing up the entire server. Your backup should include a backup of the operating system, any applications, and all data stored on the server. Once you’ve performed a full backup, you may think that you are ready to upgrade, but there have been many instances where a network administrator has backed up data only to find that it cannot be restored. So once again, to be on the safe side, do a trial run and test the restore. You will want to have a test machine on which to run the restore, just to make sure the whole thing works. If you do not have a test machine available, it’s time to get one.
Document the Configuration Settings Chances are that your server has unique configuration settings, whether it is OS settings or application and service settings. Documenting this information can save you hours of work. If by chance the upgrade fails and you are unable to restore your server from a backup tape, your only option will be to perform a clean install. Having this information documented will make your job easier when it comes time to reconfigure.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
286
Chapter 9
Upgrading and Maintenance
Create a Backout Plan You may often hear a backout plan referred to as a rollback plan. A backout plan is exactly that. Knowing when the upgrade has failed and how to get the system back to its previous state. The backout plan should define at what point in the upgrade process you need to stop and begin attempting to recover the server. It should also outline the steps that will need to be completed to bring the server back to its original state. Again depending on the type of upgrade, the plan may be as simple as replacing the new hardware with the old.
Test the Upgrade In an ideal world you should be able to test the upgrade plan in a controlled test environment before performing the upgrade in the production environment. In that ideal world, you could test the upgrade several times. The test environment should mirror the actual production environment. If at all possible, the test server should be configured exactly the same way as the server to be upgraded, with identical hardware and the same configuration settings, applications, and services. Doing a test run of the upgrade will determine first of all whether or not it will succeed and also alert you to any minor (or major) problems that might arise and how they can be remedied. Again, unless the server is an exact replica of the server to be upgraded, the results of your test run might not be quite accurate. However, it will give you some hands-on experience with the upgrade process.
Always Read the Instructions It is interesting how, after performing many expansion card upgrades, we fall into the trap of thinking that they are all the same. The usual process involved removing the cover, installing the card, replacing the cover, turning on the computer, and finally letting the Plug and Play wizard locate and install the card and the software. The reality is that this is a common routine, but not the rule. I have encountered expansion cards that required the software to be installed first, then the actual hardware installed second. If you installed the hardware first and the software last, the card would not work.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Assessment
287
Scheduling Server Downtime Server availability is very important. During the upgrade you want to make sure that server downtime is minimal. Again, the type of upgrade that you are performing will determine the length of time that a server will be unavailable. In an ideal situation, there should be another server to take the place of the one being upgraded while it is offline, but in instances where you have a small office with a single server, this may not be feasible. However, if the server is running services that are critical to the operation of the network, a stand-in server may be necessary. Both ways, server downtime still needs to be scheduled and users notified. Users tend to understand that upgrades need to be performed as long as it does not cause too much of a disruption to their workflow. When planning to take a server offline, try to schedule it during non-peak hours; generally this means performing an upgrade in the evening or weekend. This way the impact on users will be lessened. Scheduling server downtime also includes notifying users. This can be in the form of an e-mail message telling users when the server will be down, how long it is expected to be down, and any impact this might have on them. You may also want to send a message to all users connected to resources on the server just before the outage occurs so they have time to save their work and disconnect from the server. Figure 9.3 shows an example of a console message sent from a server running Windows 2000. FIGURE 9.3
Windows 2000 console message
It’s a good idea to send out multiple messages to your clients warning them that the server is coming down. Invariably though, after you bring the server down, you will get a dozen phone calls from frantic employees that either didn’t pay attention or didn’t save their files.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
288
Chapter 9
Upgrading and Maintenance
After the Upgrade Obviously, if you are performing an upgrade you are making changes to the configuration of a server. Preplanning is of the utmost importance, but what about after the upgrade is complete? It is generally good practice and common courtesy to document any changes that have been made to the server and keep the information in a log somewhere secure. If you are the only network administrator, then obviously you are the one who monitors changes. But if you are not, it is good practice to document the exact changes that were made. Nothing can unnerve an administrator more than sitting down at a server only to find significant changes and not know when they were performed or what was done. Not only is providing documentation a common courtesy, but it also aids the next administrator in troubleshooting any problems that may occur after the upgrade has been completed.
Risk Assessment
Any time you perform a server upgrade, there are risks involved that you need to be aware of beforehand. So during the preplanning phase, one of the tasks you need to complete (and this can be done when creating a backout plan) is to perform a risk assessment. A risk can be defined as a potential problem that may arise during the upgrade. A risk assessment entails identifying the possible risks of the upgrade and having a contingency plan in place should they occur. As an example, what would happen if you upgrade Windows NT to Windows 2000 and the server’s NIC isn’t on the Windows 2000 HCL? Your overall goal in performing a risk assessment is to identify the risks, eliminate them if possible, or find ways to eliminate their impact should they occur. Part of your risk assessment plan should be to determine how critical the server is to the day-to-day operation of the business and how much downtime can be afforded if a problem does arise. Part of addressing the potential risk factor is determining if the upgrade is necessary. Do the benefits of the upgrade outweigh the potential risks? It is not only unnecessary, but also unwise, to install every available update that you can find. At times, upgrades will conflict. It is very common to see numerous versions of the same update released over time. Always check the date on the upgrades to ensure that you are not downloading an outdated
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Risk Assessment
289
version. Other updates are designed specifically for an operating system, network type, or version. If you are not using that specific network type (for example), then the patch will not be useful. In dealing with risks to operating system functionality, Microsoft introduced a new feature with Windows 2000 called driver signing. Driver signing identifies drivers that have been tested and certified to work properly with Windows 2000. When drivers are installed that are not part of the Windows 2000 driver signing, you will be prompted that they may not perform as expected. This feature helps to eliminate the potential for unexpected results with driver operations and potential risks to the operating system. Microsoft also uses an HCL (hardware compatibility list). This list includes vendors and products that were certified to operate within the Windows operating system trouble free. Other devices may work, but there is a potential for resource or driver issues. Driver signing improved on the HCL by alerting the installer to the potential risk. Resource conflicts are another potential area of risk. In a mixed expansion card environment, both PCI and ISA cards can be used. ISA card resources are configured through jumpers while PCI card resources are controlled through the BIOS and operating system. The potential for resource conflicts becomes high in this environment. As discussed earlier, Windows 2000 offers a view of shared resources and forced hardware resources in the Computer Management utility. This will assist in locating and dealing with resource problems. With any upgrades, the potential for security holes and breaches also becomes an area of risk. Careful planning during the installation and assessment process will help prevent these potential risks. For example, the installation of a dedicated Internet connection exposes the server and network to Internet-based threats such as hacking. Installing protective software such as a firewall will reduce this risk. Your risk assessment should include the following information:
Identify the risk factors associated with the upgrade—the type of upgrade you are performing will obviously determine the number of risks involved and their potential impact (high or low impact).
Determine the impact the risk factors may have. Once the potential problems have been identified, assess each one to determine what may happen if it occurs. What impact will it have on the users’ workflow and the upgrade schedule? Are there any costs associated with the risk and what effect will it have on the server?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
290
Chapter 9
Upgrading and Maintenance
Determine the likelihood of each risk factor occurring—Ask yourself or any other IT staff involved in the upgrade what the chances are of the risk actually occurring.
Develop a mitigation strategy—Once all the risks have been identified, your last step in performing your assessment will be to determine what steps can be taken to eliminate the likelihood of a potential problem occurring or finding ways to lessen the impact (especially for those problems that are likely to occur).
This is one instance where being a little on the paranoid side can be a positive thing. Always plan for the worst, even though the chance of the worst actually occurring is minimal. In the end you will feel much more confident when it comes time to perform the upgrade.
Server Availability
Your ultimate goal is to make network servers available 100 percent of the time (this is referred to as server uptime) or when users need to have access to them. If a business is up and running 24 hours a day, 7 days a week, your network servers will need to be available 100 percent of the time. Although the goal is 100 percent uptime, in some cases this may be impossible to achieve (take for instance a business with a single server). Obviously the uptime required by businesses will vary depending on the applications, services, and data being stored on the server and how critical they are to the company’s day-to-day operation.
How Much Downtime? This is a question you will need to ask yourself, other IT staff, and users on the network before performing an upgrade (particularly if it is a major upgrade). How much server downtime can the business actually afford? This
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Availability
291
will depend on the role the server plays on the network and how critical it is. Take for example a file server that is accessed occasionally by users on the network. In this case, taking the server offline will have little impact on the users. If another server is available on the network, the files can easily be duplicated and made accessible during the time the server is offline. What if the server you are upgrading is a domain controller? Taking this server offline for any amount of time can have a profound effect on the network and will mean configuring another server to take its place in the meantime. When determining how much downtime can be afforded, begin by assessing what role the server plays on the network. Document all the services, applications, and resources hosted on the server and how they apply to the operation of the business. Anything that is critical to its operation may have to be duplicated onto another server while the upgrade is done. Consider a server that is leasing IP addresses to users on the network. If this server were to be unavailable for a period of a week while an upgrade is performed, it would have a major impact on what users could do on the network. The service would then need to be duplicated onto another network server.
Increasing Availability Increasing the availability of a server will depend on the environment in which you are working. If you have access to multiple servers, then it is a matter of duplicating those services or applications onto another one. The following list includes some suggestions for minimizing the impact of server downtime, thereby increasing server uptime.
Schedule upgrades to occur during off-hours making the server available when users need access to it.
If possible, configure a server to take the place of the one being upgraded while it is offline.
Take advantage of clustering technology for critical servers.
Take the time to complete the pre-upgrade tasks so you are prepared for any potential problems that might cause the upgrade to take longer than predicted.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
292
Chapter 9
Upgrading and Maintenance
This is one instance where clustering servers plays an important role. As you recall, when servers are in a cluster configuration, one is waiting to take over the workload of another if it goes offline. This includes any planned outages for upgrade and maintenance procedures. The resources on one server can failover to another server if the cluster and downtime is decreased to a matter of seconds (users probably won’t even notice). You can then take the server off the network and perform the necessary upgrade. Once the upgrade is complete, the server can reassume its workload and all is well. Clustering is probably not necessary for servers that play a minimal role on the network. But for businesses that rely heavily on web servers for e-commerce, it can essentially mean millions of dollars.
Performing the Upgrade Once you have verified that all the parts for the upgrade have arrived, you can begin the process of performing the upgrade. Based on the plan developed earlier, steps toward performing the upgrade can be carried out in the carefully preplanned order. This will include a final reminder to all affected clients that an upgrade will be performed. This is also the stage where a full backup should be done. Performing a full backup will ensure that if a problem should occur, the data would be safe. Remember to also verify the backup before continuing with the install.
Backups and verification are covered in depth in Chapter 14, “Backups.”
If the upgrade to be performed is hardware related then ESD (electrostatic discharge) best practices must be adhered to. This includes the use of antistatic bags, ESD wrist straps, and mats to prevent static charges from damaging delicate hardware components. ESD damage is a serious threat to computer hardware and can lead to hardware operation problems.
ESD best practices are covered in Chapter 15, “Disaster Recovery.”
Depending on the hardware upgrade being performed, there may be an impact on the system’s power consumption. For example, installing redundant components within a server could require upgrading of the power
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Availability
293
supply and/or the UPS. All servers should be connected to a UPS (uninterruptible power supply). A UPS is nothing more then a battery system that will maintain power to the server in the event of an electrical failure. The battery is connected between the server and the electrical outlet. When there is a power failure, the battery system will run the server and any other devices connected to the UPS for a period of time. Depending on the size and strength of the battery system, a UPS may support minutes to hours of power. Software is also available that will interface between the UPS and server allowing for alerts and remote notification that the server is running off battery power. Another key feature that UPS software provides is a shutdown option for the server. If the electrical power is not re-established before the battery runs out, the software will alert users, close all software programs that are running, and then power down the server operating system. This prevents the hard shutdown that occurs when power fails and all open programs including the operating system are abruptly shut down. Hard shutdowns can cause loss of data as well as program corruption. If the UPS that the server is currently using is underpowered, then an upgrade to the UPS will also have to be made. UPS software also monitors the power load being placed on the UPS battery. If the load exceeds the recommended battery load, then the UPS should be upgraded. Anytime a hardware upgrade is performed, the UPS load should be checked to confirm that it is capable of handling the stress of the added component. Working in conjunction with a UPS should be a surge protector. Some manufacturers combine both a UPS and surge protector in one, but it is advisable to purchase a dedicated surge protector. A surge protector has a built-in circuit breaker that will trip should a spike of electricity arrive. This prevents the momentary increase in electricity from damaging the computer. Many surge protectors offer modem and network protection along with electrical protection. This insures that any potential damage traveling down a telephone or network line will be caught before it can reach the computer. All sensitive equipment should be protected by a surge protector (including computers, printers, fax machines, and networking products). Software upgrades include patches, new software, upgrades to existing software, and firmware. Patches are small programs that are installed to repair or add features to existing software. An example would be a patch for a database program to repair a known problem. Normally patches are simple to install, using an executable file that does all the work, but at times patches will require you to manually install files or overwrite existing files. New software includes any program, driver, or file being installed to the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
294
Chapter 9
Upgrading and Maintenance
server that has not previously been installed. Research to ensure compatibility with other software and the operating system is a must. Firmware (as discussed in Chapter 3, “Motherboards and Processors”) is software that controls hardware. Firmware updates on a server include SCSI controllers, RAID controllers, tape drives, and CMOS BIOS. Although other hardware devices have firmware, these four are the most common firmware updates. When installing firmware updates, be sure to obtain the software from the product manufacturer. The potential risks of component damage or inoperability should be a deterrent enough to not download firmware updates from just any Internet site. Manufacturer’s sites design and verify firmware updates specifically for their products. By downloading from the manufacturer’s site, you can be reasonably certain about the reliability of the firmware. Operating system upgrades and updates normally require purchasing the update on a CD-ROM or downloading it from the operating system website. Similar to software updates, operating system updates include repairs to known problems as well as enhancing features. Again, before installing any update, confirm that it will be compatible with your existing hardware and software. Windows 2000, for example, offers updates called service packs. Two service pack updates have been released to deal with known operating system problems. Operating system updates are available for Windows, NetWare, and Unix based systems. Frequently, visiting the operating system’s website will help keep you up to date on the current releases as well as their role. New operating systems such as Windows 2000 also offer notification of new patches and service packs. This alert can come in the form of an e-mail or a popup notification in the system tray.
After the Upgrade Once the upgrade has been performed, as outlined in your predetermined plan, the server should be restarted (if needed) and observed. Observation will include visually checking for problems. This includes the POST (poweron self test), any beep or visual error codes that appear, or error messages generated. Any abnormalities noted at this point will need to be immediately addressed. Even if the error message generated does not appear to have any immediate effect on the server operation, it does point to a misconfiguration. With time this misconfiguration might cause a problem. Windows 2000, for example, has a computer management feature, which is accessed by clicking the right mouse button on the My Computer icon on the desktop and selecting Manage. Figure 9.4 is a screen shot of the computer management utility.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Availability
FIGURE 9.4
295
Windows 2000 Computer Management
With this management feature you can verify software and hardware operations. The event viewer will assist in identifying potential problems with applications, Internet Explorer, security, and system. Figure 9.5 shows errors generated by the system log. Notice how errors are shown as an X in a circle graphic in the right pane, while warnings are an exclamation point in a triangle. FIGURE 9.5
Windows 2000 Event Viewer
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
296
Chapter 9
Upgrading and Maintenance
Computer Management also will analyze and display system information. This includes a system summary, hardware resources, components, software environment, Internet Explorer, and applications. System information provides a clear picture of how the computer is currently running. Any potential issues can be identified. Figure 9.6 shows the hardware resources tab expanded. Here information on system resources (IRQ, DMA, I/O, and system memory) can be seen as well as conflicts/sharing and forced hardware. Forced hardware is hardware that has resources set by the user rather than letting the operating system or BIOS determine the resources. FIGURE 9.6
Windows 2000 Hardware Resources
A final area in Computer Management, which will assist in upgrade monitoring, is the Disk Management tab. Disk Management will provide you with information on hard disks, optical drives, and removable storage (such as a Zip drive). Information on drive status, size, free space, percentage used, drive letter, file system, layout, volume, and type can be identified here. Figure 9.7 shows the Disk Management tab.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Availability
FIGURE 9.7
297
Windows 2000 Disk Management
A final step to performing an upgrade includes removing any old drivers or software to prevent potential conflicts. Although obvious, the replaced hardware should also be removed. At times this simple step is overlooked. Upgrading a 28.8 modem with a faster 56K modem should include removing the old 28.8 modem. Not only will removing the old modem prevent potential conflicts with the new modem, but also free up system resources. Removing old software and drivers will also free up hard drive space. Once the upgrade has been performed and verified as successful, access to the server can be restored. This process should be done selectively to ensure that a smooth transition occurs, as well as verifying that the upgrade has also been successful from the client side. Ideally, access to the server should be granted to one group at a time and verified. For example, if there is a sales group, management group, supplies group, and administration group, access should be given to one group at a time and confirmed that the upgrade has been successful before granting access to the second group. Through this process any potential problems can be isolated and dealt with accordingly. If access to the entire network is given all at once, any group-related problems will be more difficult to isolate—and you can expect a bombardment of calls from all the affected groups.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
298
Chapter 9
Upgrading and Maintenance
Documentation Once everything is returned to normal and the server is fully functional again, a detailed documentation of the upgrade should be created. This information can assist at a later date should the need to retrace steps occur. Also, any issues that came up as a result of the upgrade should be outlined. This documentation should be kept in a safe location and include the planning stage as well as all shipping and order invoices. Be sure to outline the upgrade procedures clearly, including screen shots of error messages and detailed steps to rectify the errors.
Unsuccessful Upgrades
F
or those of you who have experience performing server upgrades, you know that there are times when the upgrade will fail, regardless of how much time and preparation went into planning. Hardware and software upgrades can be unpredictable and when it comes to performing upgrades, sometimes failure is an option. So at some point you may have to stop trying to fix a failing upgrade and begin the recovery process. The effects of a failed upgrade can certainly be minimized by your preplanning tasks. This is when you can refer to the backout plan that you developed. The backout plan is going to tell you how to recover from the failed upgrade and restore the server to its original state (this maybe through restoring from a backup tape or reverting back to the original hardware). The backout plan should also give you an indication as to when it is time to stop the upgrade and begin restoring the server. For example, if you have scheduled the server to be unavailable for a specific amount of time and are reaching the time when it should be brought back online, it is probably time to stop trying to fix the upgrade and start trying to bring the server online again. As difficult as it may be, especially after the time and effort that is put into planning for the upgrade, at some point you will need to make the decision to cut your losses and start your restore. One of the most important steps you can take after a failed upgrade is to document the entire process. All is not lost from a failed upgrade and it should be looked upon as a learning experience. Document as much of the upgrade process as possible, such as when it failed, the steps you took to fix the problem, error messages that were generated, and any other information that will help you to determine why the upgrade failed. Chances are you will
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Maintenance
299
attempt to perform the upgrade again in the future and this information will useful for troubleshooting.
Planning Future Expansion and Availability The hardest thing to do is predict the future. When designing and building a server, you have to try to look to the future. What will the requirements be? What software will be required? What stress will the software place on the hardware? A server should be built with the room for hardware expansion, including expansion slots, room for hard drives, and redundant components. Even if current financial situations prohibit purchasing of redundant components, purchase a server case that will support the addition of redundant components. Later, when finances are available, redundant components can be purchased and added. A key component to build on is the motherboard. Server motherboards (as covered in Chapter 3) should support multiple processors, large amounts of RAM, and expansion cards. Having a motherboard that will allow you to expand will pay off in the long run with ease of expansion and upgrading. Server upgrading oftentimes is a consistent process. From the beginning point of assessment, through the component research, compatibility verification, ordering and installing, and finally returning access back to the users, it often takes a great deal of time. By the time the process is complete, there is another area that will require upgrading attention (software, hardware, or operating system).
Maintenance
R
egular maintenance on a server ties in closely with upgrading. Regular maintenance includes monitoring server functionality as well as performing regular routines to maintain server operations.
Proactive Maintenance Proactive maintenance is performed to prevent problems from occurring. An example of a common proactive maintenance activity is cleaning backup tape drives regularly. By doing this simple activity you can prevent backup failures due to dirty or magnetized heads on the tape unit.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
300
Chapter 9
Upgrading and Maintenance
Other forms of proactive maintenance include monitoring environmental conditions such as climate (heat and cold) and dust. No computer will perform well in environments that are too hot. By monitoring and maintaining a favorable temperature for your server to work in, you can prevent issues associated with overheating and premature hardware failure. Dust will accumulate over time in any environment. As these particles collect, they form a blanket on computer components, which in turn will increase the temperature within the computer. Dust particles will also, over time, collect on cooling fans and can cause premature fan failure. This has often been the reason for power supply failure. As the fan in the power supply turns, it draws air into the power supply and computer. Dust is also drawn in, which accumulates on the fan motor spindle. This will cause the fan motor to squeal and eventually fail. How to prevent this issue is to use compressed air regularly to clear dust from the computer. Compressed air comes in cans with a strawlike attachment. This attachment allows you to position and direct the high-pressure air into areas that are not easily accessible.
You should only use compressed air designed for computer use. Air compressors will use pressurized air that may contain contaminates such as oils. Using suction devices such as vacuum cleaners can cause harm by actually ripping delicate parts off.
Air filters can also be installed over the fan intake grill. These filters trap the dust particles before they can enter the fan assembly. Since servers normally contain several fans that move air throughout the server, the use of filters can be a good idea. These inexpensive devices can prevent dust buildup, especially in areas that are not readily accessible for cleaning. However, if you’re going to use them, make sure to change them frequently. The last thing you want is for them to get clogged up, causing the system to overheat. Probably the most common known area of proactive maintenance is in virus protection. Viruses are a threat to any computer, and with new viruses emerging weekly, they should be taken seriously. Virus protection in a network can be based individually on each computer, or server-centric. Servercentric virus program are called a virus protection suite. This software offers centralized protection and updates. The real benefit of a virus protection suite occurs when the time to update the virus definition comes. A virus definition is a list of the known viruses that is used by the virus protection engine to monitor your computer. If the virus program is individually based,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Maintenance
301
this definition will have to be updated on each computer in the network individually. Virus protection suites are updated on the server, which then monitors the rest of the network. Depending on the size of your network, having to update just the server as opposed to every system on the network can be a huge difference in time. Regardless of the type of virus protection that you use, it is essential that there is some form of protection in place and that it is updated regularly. A virus on a server can lead to severe consequences, including data loss and loss of productivity. Imagine a company such as eBay losing a few days of business because a virus brought its servers down. It would be a financial nightmare.
Baselines, Monitoring, and Thresholds Another element of proactive maintenance involves carefully monitoring your server’s performance. At the beginning of the chapter we discussed the use of monitoring tools for server performance as it relates to the need for upgrading hardware and software. Server monitoring is also an effective means of maintaining a server. Monitoring can provide advanced warning of performance issues before they lead to larger problems.
Baselines Baselines are measurements of server performance. This measurement is taken over a period of time to determine how well a server will handle application and stress loads. Based on the information gathered, a baseline of performance can be set. This will help distinguish acceptable server performance from unacceptable performance when the server is operating under normal and heavy loads. One of the key tools used in creating baselines in Windows 2000 is the System Monitor. As discussed earlier in this chapter, the System Monitor provides a means of visually monitoring how a server is doing. Using the System Monitor to record server performance a baseline is easily created. This Computer Management feature will even alert you if the performance dips below the established baseline.
Thresholds Thresholds are set values similar to baselines; however, with thresholds, there is an acceptable range of values. This set minimum and maximum range conforms to a safe operating limit for the computer component.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
302
Chapter 9
Upgrading and Maintenance
Thresholds are used to monitor temperature and electrical signals in a UPS. Should the electricity coming in from the outlet spike or dip below the threshold ranges, then the UPS will react accordingly. Thresholds can also be set to monitor resources within the server. CPU load, RAM usage, and free hard drive space are a few of the commonly monitored areas.
Summary
T
his chapter began with defining assessment. Understanding the need to assess, both as it relates to the need for upgrading as well as system monitoring, is the key to this chapter. Assessment in the Windows 2000 environment is done through the use of Computer Management program. Computer Management provides a means of assessing hardware and software and their interactions with the operating system. Upgrades can take on the form of software, hardware, or operating systems. Although each upgrade is unique, the stages involved in performing the upgrade can be broken down into three key areas: planning the upgrade, performing the upgrade, and managing the system after the upgrade. Planning the upgrade includes determining due dates; researching products and vendors; confirming compatibility with existing hardware, software, and operating systems; verifying component delivery; and thoroughly reading all documentation. Performing the upgrade includes performing a full backup, being aware of ESD, and actually doing the upgrade as planned. Managing the system after the upgrade covers making sure that the upgrade was performed successfully, verifying that there are no negative effects as a result of the upgrade, removing any old hardware or software, returning access to clients, and finally documenting the details of the upgrade. Server availability and upgrade failures also need to be considered before performing an upgrade. When planning for an upgrade, you will need to assess the business requirements as well as the role the server plays on the network to determine how much downtime can be afforded. Upgrade failures are bound to happen, and this is where your preplanning will be useful. Creating a backout plan prior to the upgrade will help you to recover the server if indeed the upgrade is unsuccessful.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
303
Windows 2000 Computer Management also offers a means of visually monitoring forced hardware and resource conflicts, which are potential risks to stable server operation. Planning for future expansions and availability focuses on building a server to grow with. If planned correctly a server should be upgradable to meet current as well as future demands. This includes support for redundant components, multiple processors, and more RAM. Maintenance is an important element of stable server operation. Proactive maintenance involves performing tasks to reduce the possibility of a problem. This includes tasks such as regular tape drive cleaning, using compressed air to clear dust off internal components, and filters to prevent dust from accumulating on fan motors. The use of a surge protector and UPS will protect against potential electrical issues. Virus protection suites also fall under proactive maintenance. Using a regularly updated virus program will ensure that the threat posed from viruses can also be minimized. Baselines are set values by which performance can be measured. Using the performance monitor in Windows 2000’s Computer Management program will assist in creating and monitoring server performance. With an established baseline of performance, potential bottlenecks and problem areas can be identified before they create a serious problem. Thresholds are similar to baselines, but they monitor more than one variable. Thresholds identify a range of acceptable performance. Should this range be exceeded (either higher or lower), an alert is sent out.
Exam Essentials Know the benefit of monitoring tools. Monitoring provides a means of watching and assessing server performance. Know how to use Windows 2000 System Monitor. Be familiar with the available counters in System Monitor as well as how to add counters and how to monitor performance. Know the difference between counter logs, trace logs, and alerts. Counter logs record information gathered by the performance monitor, trace logs track changes and actions, and alerts send out a notification when a threshold is reached.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
304
Chapter 9
Upgrading and Maintenance
Know what a bottleneck is and be able to identify where a bottleneck is located. Bottlenecks are areas where performance is hindered by poor performance. Windows 2000 offers Computer Management software to assist in locating bottlenecks. Perform a risk assessment. A risk assessment identifies all the potential problems that may occur during the upgrade, the likelihood of them occurring, and the steps you will take to alleviate their impact. Be able to determine the requirements for server availability. Server availability is the amount of time the server is available when users need access to it. Business requirements and the role the server plays will determine the required uptime for a server. Know the steps to planning an upgrade. These include developing an upgrade plan, researching vendors, verifying compatibility, confirming parts on arrival, and reading all documentation. Know the steps in performing an upgrade. Be aware of ESD issues, perform a full backup, and alert users to the upgrade time. Recover from a failed upgrade. At some point you will have to stop trying to fix a failed upgrade and begin the recovery process. Use the backout plan that you created during the preplanning phase to restore the server. Know what a UPS is and how it works. Assess the stress load on a UPS after an install and determine if it will require an upgrade also. Know the use of a surge protector. Be able to identify the benefit of using a surge protector to protect against electrical, telephone, and network threats. Know what a software patch and firmware update are. Software patches help fix issues with software problems; and a firmware update is an update to software that is specifically embedded in the hardware. Know the steps to confirming a problem in an upgrade. This includes identification of the POST, error codes, and error messages. Know how to create documentation after the install is complete. Include all steps performed, any problems encountered as well as steps and solutions taken to resolve them.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Key Terms
305
Know how to assess potential risks both to computer and business. Risks include any threat that may cause a problem including resource management, upgrades, Internet connections, and virus. Know steps in proactive maintenance. This includes regular cleaning, dust removal, controlling environmental variables, and using a virus protection suite. Be able to establish baselines and thresholds. Baselines are measurements of server performance; thresholds are a set range of values. Both can be set within the computer management feature of Windows 2000, or through the use of third-part software.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: alert
monitoring
assessment
monitoring agents
baseline
patches
bottleneck
POST (power-on self test)
Counter Logs Monitor
server performance
driver signing
surge protector
ESD
threshold
firmware
Trace Logs Monitor
hard shutdown
upgrading
HCL (hardware compatibility list)
UPS (uninterruptible power supply)
log files
virus protection suite
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
306
Chapter 9
Upgrading and Maintenance
Review Questions 1. Which of the following is not a means of assessing and maintaining
a server? A. Establishing baselines B. Reviewing monitoring agents C. Reviewing log files D. Visual cues 2. How often should assessment be carried out? A. Once B. Weekly C. Monthly D. Constantly 3. What Windows 2000 program allows you to assess computer
performance? A. Diagnostic Monitor B. Device Monitor C. System Manager D. System Monitor 4. What is an alert? A. A notification of software shutdown B. A means of setting a threshold on a counter C. A visual reminder of a problem D. An error code used by servers
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
307
5. What is a bottleneck? A. A blockage within a software program B. Locations where performance is hindered due to poor performance C. The funneling effect of data into one program resulting in software
freezing up D. A type of virus 6. Which of the following is not one of the three main types of upgrades
that can be performed? A. Hardware B. Software C. Operating system D. Virus 7. What does the acronym ESD stand for? A. Electrostatic discharge B. Electronic system damage C. Electrical system damage D. Electron static discharge 8. What does the acronym UPS stand for? A. Unserviceable power system B. Uninterruptible power supply C. Unusable power supply D. Unstable power system
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
308
Chapter 9
Upgrading and Maintenance
9. What type of backup should be performed prior to an upgrade? A. Differential B. Partial C. Incremental D. Full 10. What is a hard shutdown? A. An abrupt, unplanned loss of power B. Manually shutting down a computer C. Completely shutting down a computer D. Forcefully shutting down software that is not responding 11. What are patches? A. Small programs that repair or add features to programs B. Programs that are installed on a server C. A type of virus D. Updates to hardware components 12. What is a firmware update? A. A type of patch B. Software updates for hardware components C. A branch of software used on a server D. A dedicated software program for hard drives 13. Operating system updates are available for which of the following
server operating systems? A. Windows B. NetWare C. Unix D. All of the above
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
309
14. What is the purpose of establishing a server baseline? A. A baseline will help to determine what is a normal level of perfor-
mance for a server. B. A baseline will assist you in determining if the planned upgrade
will actually work. C. A baseline will determine how long the server will be down during
an upgrade. D. A baseline will determine the amount of server availability that a
business requires. 15. Mike is doing a software upgrade to a server. He’s done installing the
software and testing the server and is just about ready to put the unit into production. What one last item should he take care of before making the server a production server? A. Download and apply any service patches. B. Download and apply any NOS upgrades. C. Obtain a baseline of the computer. D. Add any necessary service tools that weren’t initially installed. 16. What is one way you can ensure that you will be able to recover a
server from a failed upgrade attempt? A. Read the technical information associated with the upgrade. B. Back up the server before beginning the upgrade. C. Test the upgrade in a controlled environment. D. Identify all the associated risks. 17. Users on the network have been complaining that one of the servers
has been very slow lately and seems to be getting worse as the weeks progress. What is your first step in alleviating the problem?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
310
Chapter 9
Upgrading and Maintenance
A. Perform an upgrade at once. B. Leave the server as it is and see if the problem persists. C. Take the server offline immediately. D. Start monitoring the server’s performance and comparing it
against your baseline. 18. How do you access Computer Management in Windows 2000? A. Through control panel B. By right clicking on My Computer C. Through the My Documents folder D. In the Program Files folder 19. What does POST stand for? A. Pre-operating system test B. Power-off system test C. Power-on self test D. Pre-on self test 20. What is the final step in upgrading? A. Turning the server back on B. Granting user access to the server C. Verifying that the install was successful D. Documenting the install
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
311
Answers to Review Questions 1. D. Visual cues are not a commonly used method of assessing and
maintaining a server as normally there is no user constantly sitting at a server. 2. D. Assessment should be an ongoing process by which server perfor-
mance is monitored. This will ensure that any gradual performance degeneration can be dealt with. 3. D. System Monitor is the Windows 2000 based program that allows
you to assess computer performance. 4. B. Alerts are a means of establishing a threshold on a counter. When
the threshold is reached an alert is sent out to notify of the problem. 5. B. Bottlenecks are spots where performance is hindered due to
poor performance. This can commonly include RAM, processor, or software. 6. D. Hardware, software, and operating system are the three major
types of upgrades that are performed. 7. A. ESD is the acronym for electrostatic discharge. In this context it
is the transfer of static electricity from human contact to computer components. 8. B. A UPS is an uninterruptible power supply. It provides battery
backup in case of electrical failure. 9. D. A full backup should be performed before undertaking any
upgrade. This will ensure that, if there is a problem, all the data is still safe on a backup. 10. A. A hard shut down is an unexpected, unplanned loss of power. It
can result in both data and software errors and should be avoided. 11. A. Patches repair or add features to existing programs. They are
located at software manufacturers’ websites. 12. B. Firmware updates are updates for hardware that contains a BIOS.
This includes RAID, SCSI, and motherboards. 13. D. Updates are available for all operating systems. They can be
located at the manufacturer’s website.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
312
Chapter 9
Upgrading and Maintenance
14. A. A server baseline is used to track server performance over time
and is later used for comparison to pinpoint bottlenecks. 15. C. Mike should run a baseline on the computer so he has a feel for its
pristine state characteristics. He will run performance-monitoring software and capture the performance statistics off to a file for later retrieval and review. This will aid him greatly should there be a problem with performance when the server goes into production. 16. B. Backing up the server’s operating system, applications, and data
will ensure that the server can be restored in the event that the upgrade does fail. Remember to test the restore process before doing the upgrade. 17. D. There is a fine line between a computer being slow and a com-
puter being broken. Compare it to the baseline and see if the users are correct or are just thinking it’s slower. Once you have data, then you can act. 18. B. You access Computer Management by right-clicking My Com-
puter and selecting Manage. 19. C. POST is the power-on self test. It is performed at system startup. 20. D. The final step in any upgrade should be documenting all the
details of the installation.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Hardware Updates
10
COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 1.2 Install hardware using ESD best practices (boards, drives, processors, memory, internal cables, etc.)
Mount the rack installation
Cut and crimp network cabling
Install UPS
Verify SCSI ID configuration and termination
Install external devices (e.g., keyboards, monitors, subsystems, modem, rack, etc.)
Verify power-on via power-on sequence
2.6 Update manufacturer specific drivers 3.3 Add hard drives
Verify that drives are appropriate type
Confirm termination and cabling
For ATA/IDE drives, confirm cabling, master/slave and potential cross-brand compatibility
Upgrade mass storage
Add drives to array
Replace existing drives
Integrate into storage solution and make it available to the operating system
Perform upgrade checklist, including: locate and obtain latest test drivers, OS updates, software, etc.; Review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
3.5 Upgrade BIOS/firmware
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
3.6 Upgrade adapters (e.g., NICs, SCSI cards, RAID, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
3.7 Upgrade peripheral devices, internal and external
Verify appropriate system resources (e.g., expansion slots, IRQ, DMA, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
3.9 Upgrade service tools (e.g., diagnostic tools, EISA configuration, diagnostic partition, SSU, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
3.10 Upgrade UPS
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade.
4.5 Perform hardware verification
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
A
s network environments change, so must servers. Situations will change and servers will need to be upgraded to meet the new demands being placed on them. All too often servers are installed and configured and then forgotten. The common phrase “if it is running fine then leave it alone” does not apply to all situations, especially servers. As a server administrator, you will undoubtedly need to perform a hardware upgrade to a server. Chapter 8, “TCP/IP,” looked at the general steps to take when performing any upgrade—hardware or software. Now we will look more closely at common hardware upgrades. Knowing how to upgrade hardware is important for the Server + Exam and for your on-the-job success.
Before Upgrading
B
efore you perform a hardware upgrade, you need to do a little planning:
Research the proposed upgrade to determine whether it is, in fact, what is needed to improve the network performance.
Read the documentation thoroughly before beginning the upgrade. Make sure you are familiar with each step in the process.
Make sure the hardware you choose is supported by the operating system running on the server.
Be prepared to comply with ESD (electrostatic discharge) best practices, including the use of antistatic bags, and ESD wrist straps and mats to prevent static charges from damaging delicate hardware components. ESD damage is a serious threat to computer hardware and can lead to hardware operation problems.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Adding a Processor
317
If the upgrade requires taking the server offline, plan a convenient time to do this and notify your users in advance.
Adding a Processor
O
ne of the most common components to be upgraded in a server is the processor, whether you are upgrading a single processor or upgrading to multiple processors.
In some cases you might be better off upgrading to a new server rather than just upgrading the processor. This will depend largely on whether or not your server’s motherboard supports current technologies.
The first thing to determine is whether a processor upgrade is going to solve the performance problem—whether it’s the component that actually needs to be upgraded. Using a tool such as Microsoft’s System monitor, assess the processor’s performance under the current workload. If you determine that a processor upgrade is necessary, you’ll need to do some research on the motherboard itself. The type of processor you upgrade to will depend on what your current motherboard can support. You can’t just take any CPU and place it in the slot or socket on the motherboard expecting it to work. Motherboards are limited to certain versions of CPUs. So before you go out and spend the money on a faster processor, make sure that the motherboard can support a faster processor. Examine the motherboard documentation to determine the maximum speed the motherboard supports. The physical layout of the board (socket or slot) will also impact the CPU upgrade. For example, you wouldn’t be able to use a socket 7 design with a socket A design. Or if you plan to upgrade to Intel’s P4 chip, which comes with a 423-pin design, the motherboard might have to be upgraded as well (a 387-pin design will obviously not support a 423-pin chip). Supporting a new processor might require a BIOS upgrade too (BIOS upgrades are discussed later in the chapter). Some motherboards will not work reliably with the new processor until a BIOS upgrade is done. Another aspect to consider is the cooling fan and heat sink currently used. If you plan to upgrade the processor, make sure that the cooling fan and heat sink will provide sufficient cooling. A processor upgrade will usually come
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
318
Chapter 10
Hardware Updates
with a new fan and heat sink, but even if you need to buy them, the cost will be small compared to possible losses from overheating. Fans and heat sinks tend to have a short life span. Check with the manufacturer as well because using a fan and heat sink that have not been tested with the processor may mean that your warranty on the new CPU becomes void. As with any other upgrade, begin by reviewing the documentation that comes with the hardware for procedures on how to add the component and perform a full backup of your server.
Performing the Upgrade The following steps outline the general process in upgrading to a new processor—the specific steps you take will follow the manufacturer’s documentation. Make sure you adhere to ESD best practices. 1. After you’ve performed a full system backup and verified that it was
successful, turn off and unplug the server. 2. Remove the cover from the server and unplug and remove the CPU fan
and the heat sink (make sure you are properly grounded). 3. How you remove the old processor will depend on whether it has
a socket or slot design. With a socket design, release the lever to remove the old processor. A slot design will probably use some form of release mechanism on either side or both sides of the processor. Either way, if you are unsure of how to remove the processor, consult the documentation. 4. Install the new processor according to the documentation and attach
the CPU fan and heat sink. 5. After the new processor has been installed, a newer motherboard
should automatically detect its speed. An older motherboard might not, so you will have to manually configure the BIOS or the jumper settings.
Make sure that you correctly insert the processor. Be very careful to seat the pins correctly before applying pressure; the pins bend easily. Make sure pin 1 on the new chip is plugged into the pin1 socket. Turning the server back on while the chip is inserted incorrectly can permanently damage both the motherboard and the processor.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Adding a Processor
319
Troubleshooting The most common problem you will face when troubleshooting a newly installed processor is the server’s failure to start. If this is the case, you will need to put your troubleshooting skills to work and determine where the problem lies. Start with these procedures:
Check to see that the newly installed processor is properly seated in the socket or slot.
Check the documentation to verify that the jumper settings are properly configured.
Remove the processor to make sure that none of the pins are damaged.
Check whether a BIOS upgrade needs to be performed.
Check the manufacturer’s support site to see if there are any known issues.
If all else fails, you still have the old component to fall back on. Reinstall the old processor—if the server starts, then the new processor is probably faulty and needs to be returned to the manufacturer.
After you determine that the upgrade has been successful, start baselining again to ensure that the new processor is meeting your performance expectations as well as the required demands.
Multiple Processors A processor upgrade might very well include upgrading from a single processor to a multiprocessor or upgrading multiple processors in a system. In today’s server environments, most servers are indeed multiprocessor systems. Your first consideration will be whether or not your operating system and motherboard support multiprocessors.
The chip itself must also support symmetric multiprocessing (SMP).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
320
Chapter 10
Hardware Updates
Stepping Another consideration in multiprocessor upgrades is processor stepping. Stepping is similar to version numbers: as updates are made to chips, the version numbers change. You’ll want to consider processor stepping particularly when upgrading a single processor system to a multiprocessor one. Mixing processor steppings does not always work well if it works at all. The general rule of thumb is one stepping (revision) between CPUs is acceptable. Information on stepping compatibility can be located from the manufacturer’s website. Try to purchase a chip with the same stepping, although if you are dealing with an older chip this may be difficult. Some operating systems will be more tolerant when mixing steppings than others will be.
CPU Speed and L2 Cache Two other considerations when upgrading a server to a multiprocessor system are the CPU speed and L2 cache. The speed of the new chip must match the speed of the existing chip. A CPU running at 200MHz cannot be paired up with a CPU running at 700MHz. Also, the size of the L2 cache must match. If the current CPU has a 250L2 cache, the processor to be added must match this.
Adding Hard Disks
M
ost servers can support multiple hard disks (also commonly called hard drives), which are frequently upgraded in a server. One reason for upgrading a hard disk is to gain increased disk space. A file server or a print server can quickly run out of hard disk space, making an upgrade to a larger hard disk or multiple hard disks necessary. An upgrade also could be done to take advantage of faster data transfer speeds in newer hard disks. Whatever the reason for the upgrade, there are certain steps that will need to be performed.
Your first step in upgrading will be to determine whether you are dealing with SCSI or IDE hard disks because this will impact which type of disk you purchase and the procedure for installing it.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Adding Hard Disks
321
Upgrading SCSI Hard Disks Several things need to be considered when upgrading or adding a SCSI disk. Be aware that SCSI disks can give off plenty of heat; if you are installing multiple SCSI disks, appropriate cooling needs to be considered. Make sure that your system can provide adequate cooling for the number of disks you install. Also, before going out and purchasing new SCSI disks, keep in mind that they should match the speed of any existing SCSI disks in the system (your slowest RPMs are also your fastest). As with any SCSI device, a hard disk must be assigned a unique SCSI ID (different from all other SCSI devices on the bus). The SCSI ID can be set using the jumpers on the hard disk (refer to the manufacturer’s documentation). If there are already SCSI devices in the server, you will need to determine which IDs are available. If there is already a primary disk within the server, set the SCSI ID to a number that is higher than that of the boot disk. If you are replacing an existing SCSI disk, the new disk can usually be configured with the same SCSI ID as the one being replaced.
Some SCSI IDs will not be set using the jumper pins. For example, if you are adding a SCSI disk to an existing hardware RAID implementation, the RAID system itself will assign the disk an ID.
Termination also needs to be considered. Most SCSI devices are now selfterminating but you will need to consult the manufacturer’s documentation to determine this (there may be a termination jumper pin that needs to be set). Usually the SCSI adapter and the last disk on the chain are terminated.
Troubleshooting SCSI Disks The following are some general troubleshooting tips for when problems arise with the installation of a SCSI disk. Consult the manufacturer as well because they will more than likely have an extensive knowledge base of known issues.
Verify the SCSI ID has been set correctly. If you encounter a problem referred to as phantom disk, where the disk can be seen but not read from or written to, then the new disk was probably configured with the same SCSI ID as another device.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
322
Chapter 10
Hardware Updates
Verify that the devices have been properly terminated.
Verify that the cables have been properly connected. Also verify that the cables are not defective.
In some cases the installation may actually have a driver problem as opposed to a hardware problem.
Pinpointing the Problem I remember setting up two servers in a cluster configuration, where both servers were connected to a single external SCSI hard disk. A process that should have taken a few hours turned into a few days because only one of the servers could see the external disk. After verifying that the SCSI IDs were set properly (several times over), not so carefully examining the cables, and removing and reinstalling the drivers, I finally detected the problem that had caused days of stress and headaches—a pinhole puncture in the controller cable.
Upgrading IDE Hard Disks Configuring IDE devices tends to be simpler then SCSI devices, but you are more likely to be working with SCSI disks in a server environment. In any case, you should still be familiar with the IDE upgrade process for the exam and for on-the-job success. As with all hardware upgrades, you will use the specific procedures outlined by the manufacturer. The following steps are intended as a general outline of the things that need to be considered during the upgrade process. One of the most important considerations when upgrading IDE disks is the master/slave relationship. If a single IDE disk is being upgraded, the new disk will be configured as a master. If a second disk is being added to the system for storage purposes, the original can be left as the master and the new one designated as a slave. If the new disk will function as the main disk, then it will be designated as the master and the existing one as the slave. Before
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Increase Memory
323
physically installing the disk, set the jumpers to establish the master/slave relationship using the manufacturer’s documentation.
If you are installing a second drive from a different manufacturer, verify its compatibility with the existing drive. Also, to save yourself some headaches, make sure there is adequate cabling before actually beginning the upgrade.
Once the jumpers are set, the drive can be mounted into an empty bay and the IDE cable attached to the new drive, making sure that pin 1 of the cable is matched up with pin 1 on the drive. Once the drive has been installed, the server can be restarted. Most servers will autodetect the drive, but you should enter the system’s BIOS to ensure that the new drive is listed. The drive should also be listed during the bootup process if it has been installed correctly. Your final step will be to format and partition the drive; how you do this will depend on the operating system installed.
Troubleshooting Troubleshooting an IDE upgrade can usually be resolved by answering these questions:
Does the current BIOS support the size of the hard disk? (If not, a BIOS upgrade will be necessary.)
Has the master/slave relationship been properly configured?
Is the cable properly connected? Has pin 1 on the cable been matched to pin 1 of the hard disk?
Is the power connected?
Increase Memory
Operating systems and software applications have RAM (randomaccess memory) requirements that must be met before the software will run properly. It seems as though each new software release needs more memory
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
324
Chapter 10
Hardware Updates
than the one before. This is probably the main reason to upgrade the server’s RAM. Fortunately, memory is one of the easier upgrades to perform. The first things you want to check are the available space in the server to add more RAM and the type of RAM currently installed. For example, if the system supports up to 512MB of RAM and there is already 256MB installed, obviously the maximum you can add is another 256MB. Before purchasing RAM, answer the following questions:
How much more RAM can the server support? This can quickly be determined from the server’s documentation or from the manufacturer’s website.
What type of RAM (SIMMs [single in-line memory modules] or DIMMs [dual in-line memory modules]) is currently installed in the server? (Do not mix EDO and non-EDO RAM or ECC and non-ECC RAM.)
What is the speed of the existing RAM? (The RAM that you add to the computer must match the speed of the existing RAM.)
What type of contacts are used? (DIMMs use gold for all contacts but SIMMs can use tin or gold. Be sure the new RAM uses the same metal as the existing RAM.)
Once you have determined the amount of RAM that can be added and the specifications of the installed RAM, you are ready to make the purchase. When purchasing new RAM, it is always recommended that you buy from a reputable manufacturer. If you do decide to purchase off-brand RAM, make sure you read the server’s documentation first to ensure that doing so will not void your warranty. Keep in mind that some servers require the RAM (usually SIMMs) be installed in pairs, but you can verify this through the server’s documentation.
Make sure to check off-brand RAM for compatibility with your current system.
When you are ready to install RAM in the server, power off the server and disconnect the power to the motherboard (you may need to disconnect a few cables to get to the socket). Remove the existing RAM and install the new memory module. It is fairly straightforward to do since the module can fit in only one way.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
BIOS/Firmware Updates
325
After you perform the RAM upgrade, you may get an error message during the POST informing you of a mismatch error. Don’t panic yet: Simply go into the BIOS and verify that the new RAM is recognized, restart the server, then save the changes and exit. This should clear the error message.
Troubleshooting The following are some general things to consider when troubleshooting a RAM upgrade:
Is the RAM properly seated and inserted all the way into the socket?
Try placing the RAM into a different socket.
Does the server boot with the old RAM alone?
Does the server boot with the new RAM?
Does the new RAM meet all the requirements to co-exist with the original RAM?
Consider that the RAM may be faulty.
Once the RAM is successfully installed, server performance can be tuned through the operating system or applications.
BIOS/Firmware Updates
Firmware (as discussed in Chapter 3, “Motherboards and Processors”) is software that controls hardware. Firmware updates on a server include SCSI controllers, RAID controllers, tape drives, and CMOS BIOS. Although other hardware devices have firmware, these four are the most common firmware updates. When installing firmware updates be sure to obtain the software from the product manufacturer. The potential risks of component damage or inoperability should be a deterrent enough to not
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
326
Chapter 10
Hardware Updates
download firmware updates from just any Internet site. Manufacturer’s sites design and verify firmware updates specifically for their products. By downloading from the manufacturer’s site, you can reduce your risk. One of the most common upgrades will be to the CMOS BIOS. Most mainboards now use a flash ROM that can be reprogrammed countless times using a flash utility. This means all you have to do is run an update utility to upgrade the BIOS and the software will make all of the necessary modifications. You will need the make and model of the mainboard and the revision number to locate the correct flash update and utility from the manufacturer’s website. The download should contain data files, a flash utility, and a Readme file. Flashing is not the only way to upgrade the BIOS but this is the most common method with newer servers.
Make sure you download the correct BIOS update for your server. Flashing the BIOS with the incorrect upgrade can leave your server unbootable.
A firmware upgrade can potentially leave your server unbootable so, like any other upgrade you perform, a full system backup should be done before proceeding. Also before upgrading the firmware, make sure to document the current CMOS settings. Since some flash utilities clear the CMOS RAM, you may need to restore some of your CMOS settings after the upgrade is complete.
Applying a CMOS Upgrade The following steps outline the general procedures for upgrading a system’s BIOS. The exact procedures you follow will be guided by the manufacturer’s documentation and may therefore vary slightly from those outlined below. 1. Download the upgrade from the manufacturer’s website. It’s a good
idea to download the current version as well if you don’t already have it in case you need to go back to it. Some flash utilities will have an option to back up the current BIOS. If the option is there, use it. 2. Most BIOS upgrades will include a Readme file. Review the contents
to determine how to upgrade the BIOS. Keep in mind that each manufacturer will have its own procedures. 3. Create a bootable floppy disk (if required) and download the BIOS
update onto the floppy. In most cases it will be a zipped file and will need to be decompressed to your floppy.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
BIOS/Firmware Updates
327
4. Restart the server using the floppy and start the upgrade as outlined in
the manufacturer’s instructions. 5. Once the upgrade is complete, remove the floppy and restart the
server. The new BIOS version should be displayed on the screen. Proceed to the CMOS settings and reconfigure your parameters.
Again these steps are going to vary by manufacturer. Some may require the CMOS settings to be cleared and others may require power to be removed from the motherboard after the upgrade for a short period of time. This is why it is important to carefully review the Readme file. If the upgrade is carried out incorrectly, your server may be unbootable in the end.
Troubleshooting a CMOS Upgrade If the upgrade was unsuccessful, you might hear one or more beeps as your server starts up. Refer to the manufacturer’s website for error messages associated with the beeps. If the flash process was interrupted, your BIOS will only be partially programmed or may now be corrupt. If this is the case you will need to contact the manufacturer for a replacement BIOS chip (you may even be replacing the entire motherboard). If the BIOS update appeared to be successful but the system behaves erratically and error messages appear, the wrong BIOS version has been installed or it is corrupt. In either case, repeat the process to restore the original version. If this restores the system to normal, verify that you downloaded the correct BIOS for your server and repeat the upgrade. If the system performs poorly after the new BIOS is installed, verify the CMOS settings and make the necessary adjustments (you should have written down the CMOS settings prior to performing the upgrade). The motherboard is not the only hardware component with a BIOS. Other components such as SCSI cards and tape drives have firmware that at some point might need to be upgraded as well. Although there is a good chance an upgrade of these components will never be necessary, you should still be aware that they do exist. An upgrade might need to be applied to correct a firmware bug, improve performance, or take advantage of new features. Check the manufacturer’s website for the latest BIOS upgrades and procedures on how to include them.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
328
Chapter 10
Hardware Updates
Replace the UPS
Depending on the hardware upgrade being performed, there might be an impact on the system’s power consumption. For example, installing redundant components within a server might require upgrading of the power supply and/or the UPS. All servers should be connected to a UPS (uninterruptible power supply). A UPS is a battery system that conditions incoming power and maintains power to the server in the event of an electrical failure. The battery is connected between the server and the electrical outlet. When there is a power failure the battery system will run the server and any other devices connected to the UPS for a period of time. Depending on the size and strength of the battery system, a UPS may support minutes to hours of power. Software is available that will interface between the UPS and server allowing for alerts and remote notification that the server is running off battery power. Another key feature that UPS software provides is a shutdown option for the server. If the electrical power is not re-established before the battery runs out, the software will alert users, close all software programs that are running, and then power down the server operating system. This prevents the hard shutdown that occurs when power fails and all open programs including the operating system are abruptly shut down. Hard shutdowns can cause loss of data as well as program corruption. If the UPS that the server is currently using is underpowered, then an upgrade to the UPS will also have to be made. UPS software also monitors the power load being placed on the UPS battery. If the load exceeds the recommended battery load, then the UPS should be upgraded. Any time a hardware upgrade is performed, the UPS load should be checked to confirm that it is capable of handling the stress of the added component. Working in conjunction with a UPS should be a surge protector. Some manufacturers combine both a UPS and surge protector in one, but it is advisable to purchase a dedicated surge protector. A surge protector has a built-in circuit breaker that will trip should a spike of electricity arrive. This prevents the momentary increase in electricity from damaging the computer. Many surge protectors offer modem and network protection along with electrical protection. This ensures that any potential damage traveling down a telephone or network line will be caught before it can reach the computer. All sensitive equipment should be protected by a surge protector (including computers, printers, fax machines, and networking products).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Upgrading Adapters
329
Upgrading Adapters
Upgrading adapters can include network interface cards, RAID controllers, and SCSI cards. The upgrade may be in the form of a firmware upgrade or replacing the old adapter with a new one. Either way, the process of upgrading an adapter is fairly straightforward. If it is relatively new hardware you are dealing with, you will probably be looking at a software upgrade. If you are dealing with legacy hardware that is becoming a bottleneck and performing poorly, chances are you will be looking at a hardware upgrade.
Network Adapters One of the most common adapters to be upgraded is the network adapter. In most cases it is a fairly straightforward process, except of course when the card is installed and doesn’t work. Then your troubleshooting skills once again come into play. When upgrading your network adapter, begin with a visual inspection of the server and determine the type of slots available. Chances are you will be using a PCI network card so you need a PCI slot available. You also want to avoid resource conflicts, so determine what IRQs, I/O addresses, and memory addresses are available. Tools such as Microsoft’s Device Manager can be used to determine what resources are available. Install the network adapter (using ESD best practices) by removing the metal plate if necessary and inserting the card. Once the card is seated all the way into the slot, it should be secured using a screw. Not doing so may result in the card creeping out of the slot and no longer working (or worse, causing a short inside of the server). Once the NIC is installed and the server is rebooted, you should verify that the link light on the card is lit.
Some NICs will come with diagnostic software that you can use to test that the NIC is functioning correctly. The software can verify that the different components on the NIC are functioning and can also provide diagnostic reports. The software diagnostics can test network connectivity. If you don’t have diagnostic software, one of the simplest tests to make sure the NIC is functioning is to log onto the server from a client desktop or, if you are running TCP/IP as the protocol, you can use the PING utility. If you are unsuccessful in pinging a host, check the IP address, the speed the network card is set to, and verify that it is not having a resource conflict with another device.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
330
Chapter 10
Hardware Updates
Summary
In this chapter you learned about some of the common hardware upgrades that are often done to a server. CPUs, hard disks, and memory are the three most common components to be upgraded in a server to improve performance. All motherboards have limitations so, when upgrading a processor, consult your documentation to determine the maximum speed supported by the board. Also consider the design of the board—determine whether it is a slot or socket design; this will impact on the type of chip your purchase. If you are upgrading to multiple processors, keep in mind that the recommended stepping between processors is one step. When upgrading hard disks, begin by determining whether you will be dealing with IDE or SCSI disks. If you are dealing with SCSI, you need to pay attention to termination issues and the SCSI ID assigned to the new device. With IDE disks you need to pay attention to the master/slave relationship. Before going ahead and increasing the memory in a server, you need to first assess the RAM that is currently installed. Consider how much memory can be added and the type and the speed of RAM already present. The type of RAM you choose should be supported by the manufacturer; some warranties will be void if RAM from another manufacturer is used. Firmware updates are applied to fix bugs and to take advantage of new technologies. Two most important things to keep in mind are to download the correct BIOS version for your system and to make sure not to interrupt the flash process; interruptions can leave your system unbootable. A UPS upgrade can involve upgrading the UPS battery, upgrading the UPS software, or replacing the entire system with a new one. Once a server has been installed and configured, it needs to be monitored and maintained on a regular basis to ensure it continues to perform optimally over time.
Exam Essentials Know the general procedures to use when upgrading hardware. There are some best practices (such as ESD) that should be adhered to when performing the upgrade of any hardware component. Know what to look for when upgrading a processor. Understand the different things to check for when upgrading a processor or adding an additional processor to a multiprocessor system.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Key Terms
331
Know how to upgrade a hard disk. Understand the difference in upgrading an IDE disk as opposed to a SCSI disk. Each type of upgrade has specific issues that you must consider. Know how to perform a memory upgrade. Understand the general steps involved in performing a RAM upgrade and what things to check for before purchasing RAM for a server. Know when to apply a BIOS update. BIOS updates can be applied to fix known bugs or to take advantage of new technologies; not all revisions need to be applied. Know how to locate a BIOS update. BIOS updates can be located from the manufacturer’s website. Make sure the BIOS applied is the correct revision for your server. Know how to apply a BIOS upgrade. Understand the general steps in performing a flash upgrade.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: BIOS
SCSI (small computer system interface)
contacts
SCSI ID
firmware
slot
flash utility
socket
hard shutdown
stepping
IDE (intelligent drive electronics)
surge protector
jumpers
termination
master/slave relationship
UPS (uninterruptible power supply)
RAM (random-access memory)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
332
Chapter 10
Hardware Updates
Review Questions 1. It has become clear that your server needs a firmware update. You are
debating when to apply this update. Which is your best option? A. During lunch when very few users are accessing the server. B. During the middle of the workday. C. The Friday night before you leave on vacation. D. During the weekend. 2. A colleague comes to you, the lead technician, and says she noticed on
the hardware vendor’s website that there is a new firmware upgrade available for your server. She thinks you ought to apply it. What will you do? (Select all that apply.) A. Apply the upgrade at once. B. Check out the Readme that comes with the upgrade. C. If your system is suffering symptoms, apply the update. D. If your system is not suffering symptoms, keep the upgrade handy
but don’t apply it yet. 3. Name some limitations that you may encounter when considering
converting a server from a single processor to a multiprocessor system. A. Lack of enough SCSI IDs B. Lack of open IRQs C. NOS limitations D. Bus limitations 4. Which of the following are considerations when deciding whether
to implement multiprocessing? (Select all that apply.) A. Will the OS support multiprocessing? B. Will the motherboard support multiprocessing? C. The maximum processor speed can’t exceed 1.2GHz. D. The processor(s) must support symmetrical multiprocessing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
333
5. When applying a firmware upgrade, which of the following should
you do? (Select all that apply.) A. Make sure you have all software and hardware components
necessary to perform the upgrade. B. Download the upgrade. C. Make sure you know how to reverse the procedure in case some-
thing goes wrong. D. Read the Readme to find out what is involved with the upgrade. E. Keep the server online throughout the entire procedure so users
have access to their data. 6. Monica is a network administrator who has been assigned the task of
upgrading the hard disks in an older server that has been running for two years now. There is little documentation available for this server. What two things must Monica immediately determine before she can go forward with her hard disk replacement? A. The number of disks in system B. The serial number of the hard disks C. The SCSI IDs of all the hard disks D. The master/slave relationship E. The type of hard disks that are in the computer 7. You’ve recently changed out your server’s IDE hard disk with a new
one but you can’t seem to get the hard disk to come up and be recognized. There is an IDE CD-ROM in the system as well. What could be the problem? (Select all that apply.) A. BIOS doesn’t recognize the correct cylinders and heads. B. CD-ROM is set to be master. C. CD-ROM and hard disk are both set to be slave. D. Termination jumper on hard disk isn’t set.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
334
Chapter 10
Hardware Updates
8. You need to upgrade the firmware in your server. What is the most
likely scenario for you to proceed with your upgrade? A. Power the server off and upgrade the firmware. B. Upgrade the firmware with the server operational. C. Disconnect all users, but leave the server running to upgrade the
firmware. D. Power the server off, replace the motherboard, and then bring the
server back up. 9. What is likely to be your best source of information about the tasks the
firmware upgrade will accomplish and how long it will take? A. The website at www.firmware.com B. The documentation that came with the server C. The documentation that came with card D. The documentation that came with the rack E. The Readme file that came with the firmware upgrade 10. What are the hardware considerations when upgrading a computer to
a multiprocessor (SMP) system? (Select all that apply.) A. The processor stepping. B. The CPU clock speed. C. The motherboard support for SMP system. D. L2 cache on both the existing and new processor. 11. Which of the following should you consider when troubleshooting the
installation of a SCSI disk? A. Master/slave relationship B. SCSI IDs C. Termination D. Cables
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
335
12. Bonnie is attempting to add some system memory to a server. The
system’s bus accepts 72-pin DIMMs. Bonnie is attempting to add one new DIMM to the existing system. After she adds the new memory she gets no errors, but the computer doesn’t recognize the new memory. What could be causing the problem? (Choose all that apply.) A. Incorrect speed on new DIMM. B. Brand of DIMM isn’t compatible with rest of architecture. C. Incorrect capacity of new DIMM. D. Current DIMMs aren’t ECC. 13. Suzanne is working on a server that has four slots in it for DIMMs.
Two of the slots have 64MB DIMMs in them already. Suzanne wants to add a 128MB DIMM, giving the system 256MB of total system memory. When she adds the DIMMs, the power-on self-test memory count shows the full 256MB but she now gets an error telling her to adjust the BIOS. What could be the problem? A. Nothing’s wrong. B. Can’t pair DIMMs of different capacities. C. First two DIMMs are ECC DIMMs, new one’s not. D. First two DIMMs are silver-tipped, new one’s not. 14. You have a server that is RAM-starved. You purchase a DIMM from
a reputable memory manufacturing company, install it, and find that the system won’t boot up. What could be the problem? (Choose all that apply.) A. The type of memory you bought isn’t supported by the computer
manufacturer. B. System requires DIMMs to be installed in pairs. C. You’ve exceeded the system’s memory capacity with the DIMM
you’re adding. D. System BIOS needs to be adjusted.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
336
Chapter 10
Hardware Updates
15. When you are upgrading a system to a multiprocessor system, what is
the acceptable level of stepping between processors? A. One step B. Two steps C. Three steps D. Four steps 16. Which of the following should be considered when performing a
RAM upgrade? (Choose all that apply.) A. Type of RAM installed B. Amount of RAM supported C. RAM stepping D. Motherboard design 17. One of Wendy’s file and print servers has a very old Future Domain
SCSI I adapter in it and she thinks that by replacing the adapter she can enhance the throughput of the disks and speed up the computer’s operation. What are some concerns that Wendy must keep in mind as she considers the upgrade? A. Updated cabling B. IRQ issues C. Memory I/O concerns D. Updating new card’s BIOS E. PCI slots in server 18. How will you know when your computer needs a firmware update?
(Choose one best answer.) A. Keep an eye on the hardware vendor’s website for release of
updates. B. The hardware vendor will notify you by mail. C. Your server will notify you via a message during a cold system
restart. D. The server’s log file will indicate that firmware is out of date.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
337
19. Luigi is going to add a second IDE hard disk to his server. He has a
Seagate 7.6GB hard disk in the system now and intends to install a Maxtor 14.2GB to the computer. Besides the master/slave relationship he has to be concerned about, what are some other issues? A. Compatibility of vendors B. Checking for adequate cabling C. Other IDE devices already in the system D. Termination jumpers 20. You suspect that your server is RAM-starved so you order some more
RAM sticks and add them to the system. You’re startled to find out that the OS doesn’t report the additional memory. What could be the problem? (Select all that apply.) A. Incompatibility in the RAM chips. B. RAM is faulty. C. OS can’t work with that much RAM. D. CMOS hasn’t been updated with new RAM numbers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
338
Chapter 10
Hardware Updates
Answers to Review Questions 1. D. Even if you think it will take just a few minutes to apply a firm-
ware upgrade, you should leave yourself plenty of time. Don’t rush off when you are done. Stick around and make sure the server is operating within specifications and nothing unexpected is occurring. 2. B, C, D. You will want to check out the Readme for relevant infor-
mation. Then, if you decide that your system is suffering symptoms, apply the update. If your system seems unaffected, keep the upgrade handy but don’t apply it yet. 3. C, D. You don’t have to worry about SCSI IDs or IRQs when
considering upgrading a single processor system to a multiprocessor unit. However, you do have to concern yourself with the question of whether you have another processor slot in the system and whether your NOS will work with the second processor when you install it. Not all NOS systems are multiprocessor-aware. 4. A, B, D. In order to have a server support multiprocessing the
operating system, motherboard, and processor(s) all must support this feature. This will ensure that full advantage of the multiprocessor environment can be achieved. 5. A, B, C, D. In order to conduct a firmware upgrade, you must down
your server, so it will be out of service, at least for a short period of time. Make sure you do all four procedures (A through D) before scheduling the outage. 6. A, E. Monica must first determine how many hard disks she’s replac-
ing and what type they are—SCSI or IDE. Once she knows what type of disks she’s dealing with, she can ascertain their SCSI IDs or the master/ slave relationship. She should also ascertain the speed of the disks, if SCSI. Most disk and schematic information is available on the manufacturer’s website. 7. A, C. Typically, new IDE hard disks are set for slave, not master. This
is something you’ll routinely want to check when you purchase new IDE hard disks. Also, on a computer with an older BIOS, you may have to key in the number of heads and cylinders that the hard disk came with so that the BIOS can recognize the disk. Since you’re replacing the hard disk, chances are remote that the CD-ROM was set for master. You don’t have termination worries with IDE—that’s a SCSI thing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
339
8. A. Upgrading firmware will require the server to be powered off,
firmware changed, and the server to be restarted. It is best to take the server out of service temporarily to perform the upgrade. 9. E. Consulting Readme files can save you hours of frustration spent
trying to figure things out yourself or waiting on hold with customer service. 10. A, B, C, D. All of these options are important considerations when
upgrading a computer to a multiprocessor system. If hardware conflicts the system may experience problems ranging from unexpected performance to physical component damage. 11. B, C, D. If you are trying to troubleshoot the installation of a SCSI
disk, begin by verifying that the SCSI IDs are properly set, the SCSI devices are properly terminated, and the cables are properly connected and not damaged. 12. A, B, C, D. If Bonnie is trying to put a 100ns DIMM in a system
that has 70ns DIMMs currently installed, she could run into trouble. Also, if the server she’s trying to upgrade has proprietary memory in it, she could create some problems by not buying manufacturerrecommended DIMMs for the system. Additionally, it’s not a wise idea to match ECC with non-ECC memory and so forth. Generally it’s a good idea to ascertain what’s currently in the system and match accordingly. 13. A. In almost all cases, after you add memory to a system, you have to
go into the system BIOS and acknowledge that the current memory count is correct. 14. C. The RAM purchased is overpowering the existing RAM. RAM
must be installed in order from the largest size to the smallest. 15. A. The acceptable stepping between processors is one step. 16. A, B, D. Before proceeding with a RAM upgrade, begin by
determining the form factor of the motherboard, the type of RAM currently installed in the server, and the maximum amount of RAM that is supported. 17. A, D, E. The new card should ultimately be set to use the old card’s
IRQ and memory I/O, so there shouldn’t be an issue there. She may have to have different cabling for the new card. If you buy a new SCSI adapter, generally you get a cable that allows one, or at most
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
340
Chapter 10
Hardware Updates
two, devices to be added onto the chain. But Wendy might have several devices and will have to provide an additional cable. Also she’ll probably want to consider verifying the card’s BIOS version and updating it if it’s older than the current one. The most important concern she should have will be verifying if there are available PCI slots in the server. The Future Domain adapter is likely to be an ISA or EISA card but most of today’s cards are PCI. This could be a big concern if the server is an older pre-PCI unit. 18. A. Check the hardware vendor’s website regularly to see if any
upgrades have been posted. If so, you should start your investigation: Read the Readme to see what the upgrade fixes. Determine if your system is having any symptoms that might indicate a need to apply the upgrade. Then make your decision. 19. A, B, C. Often overlooked, but important, is the need to make sure
the disparate vendors’ disks will play in the sandbox with each other. Also check to make sure the cabling is adequate and doesn’t need replacement and whether there are other IDE devices in the system. Finally, it might be important to figure out if you’re going to lose your IDE CD-ROM because you’re adding a second disk and you’re working with an older IDE bus that only supports two devices. You don’t need to worry about termination jumpers with IDE devices. 20. A, B, C. Even if the BIOS hasn’t yet been updated with the new
RAM numbers (most BIOS utilities today won’t let you exit without updating their configuration), the OS should report the new amount. You’ve either got a bad RAM stick, an incompatibility, or the OS can’t handle that much RAM.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Software Updates
11
COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 3.8 Upgrade system monitoring agents
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.9 Upgrade service tools (e.g., diagnostic tools, EISA configuration, diagnostic partition, SSU, etc.)
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
3.10 Upgrade UPS
Perform upgrade checklist including: locate and obtain latest test drivers, OS updates, software, etc.; review FAQs, instructions, facts and issues; test and pilot; schedule downtime; implement using ESD best practices; confirm that the upgrade has been recognized; review and baseline; document the upgrade
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
I
n addition to managing the server hardware upgrades, you will also be responsible for managing the software upgrades on the servers in your network. Sometimes the two upgrades will be very closely linked. For example, if you decide to upgrade the network card on a server, then you will also have to acquire and install the new driver for the network card. If you decide to install a new UPS, you may have to upgrade the UPS management software. More often, however, updating the software on your servers is completely separate from performing a hardware upgrade and is likely to happen much more frequently. When a new service pack comes out for your server, and it addresses a problem that you have experienced on your network, you are likely to apply that service pack without any associated hardware upgrade. Of the several possible varieties of software upgrade, the most significant would be a complete OS upgrade. In this scenario, the manufacturer has released a completely new OS and you decide to deploy the new OS in your environment. Other software upgrades include service packs or software patches; in this case, you are not upgrading the entire OS, but you are making some changes to the OS. The changes are almost always bug fixes, and occasionally they provide additional functionality to the OS. Another type of software upgrade is the installation of a new driver; in this case, you are not making any changes to the core OS, but you are making changes to one or more software drivers that control how the OS connects to the hardware devices on the server. The final type of software upgrade we will discuss is upgrading applications running on the server, including UPS management tools and server or network monitoring tools; in this case, upgrading the software is not likely to directly affect the OS.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
343
An essential component in all software upgrade procedures is risk management. Whenever you make a change to a production environment, you are taking a risk that your change will cause something on the network to stop working. This makes risk management and risk mitigation an essential component in any software upgrade. Before you deploy any software upgrade into the production environment, you must test the upgrade thoroughly to make sure that nothing will break. As well, you have to prepare a backout plan that defines what you will do if you run into unexpected problems in the software upgrade. If the upgrade is unsuccessful, you must be able to quickly get your servers back to where they were before you attempted the upgrade.
Operating System Upgrades
T
here are many reasons why you might decide to perform an operating system upgrade on your servers. In some cases, you are forced to perform the upgrade because a required business application runs only on a new version of your OS. Or you need to upgrade because you can no longer buy licenses for the older version. In other cases, you have a choice about whether you want to upgrade. Almost always the new version of the OS provides additional functionality—it is more secure, more scalable, or provides additional features that will benefit your organization. In that case, you might choose to perform the upgrade to realize those benefits. Whatever the reason for the upgrade, you are likely to perform OS upgrades every couple of years throughout your career.
In-Place Upgrade Versus Clean Install The most significant software upgrade that you can perform is an operating system upgrade, where you are upgrading your operating system from an older version to a newer version. When planning an OS upgrade, the most important question that you must answer is whether you want to perform an in-place OS upgrade or remove the existing OS from the machine and perform a clean install of the updated operating system. In this section of this chapter, we will help you answer the question of whether performing an upgrade or performing a clean install is the best option. After you have made this decision, this section will describe the processes that you have to go through to perform both types of upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
344
Chapter 11
Software Updates
Justifying an Operating System Upgrade You are the network administrator for a management consulting firm. Your network has been running an older version of a network operating system for about four years. Newer versions are out, and they all have new bells and whistles that you would love to have: things like integrated management tools, better user interfaces, and greater reliability. You know that you need to upgrade, so what’s the problem? The problem is, management does not want to spend the money. Most likely, you are a techie who loves technology and especially enjoys learning about and working with new technology. If you could make the decision yourself, you would always upgrade your OS to the latest and greatest just because of the many new features that are available in the new OS. However, the problem is that in most companies, you are not going to be the person who makes that decision, and this is for one simple reason— you are not the one paying for the upgrade. The people who actually pay for the upgrade are usually not techies—they are business managers. They may be very interested in technology and see many benefits in using technology, but they are not as likely to be impressed by the new features that techies find so interesting. The business people are usually interested in technology for one simple reason—technology assists the business in making more money. So what do you do? You need to learn to speak business language. There are very few companies who will upgrade the operating system on all their servers just because the new OS is the latest and greatest. In most companies, the OS will be upgraded only if you can make a very clear argument that the company will get a return on investment (ROI) on the upgrade. If you think that the company should adopt the new OS because it is more reliable and stable, you may have to talk to the business people about the benefits of the computer system being available all the time, and the cost of any downtime for the organization. If you think that the new OS provides better security, then you may need to talk to the business people about the security threats to their confidential information and how the new OS can help secure essential data. When talking to the business people about the upgrade, your task is to demonstrate how the new OS will solve business problems. You know that the technology is needed, and it will benefit the company. Now your task is to prove that to the people who handle the money.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
345
If you decide to reformat the hard disk on the server and perform a clean install of the OS, you will find that almost all operating systems provide in-place upgrade functionality. Often, you can start an install of the newer version of the OS on the existing server and the installation process will detect the presence of the older OS and ask you if you want to perform the upgrade. When you perform an upgrade, the configuration settings for the old OS are migrated to the new OS so you do not have to reconfigure many of your settings. The data that is stored on the server and the applications that run on the server are usually not affected by the upgrade. In many ways, an in-place upgrade is the easiest option when you need to upgrade your OS. The alternative to an in-place upgrade is a clean install of the OS. There are actually two ways to accomplish this. One option is to move all of the data that you want to keep from the server onto a backup tape or to another network location and then to format the hard disk on the server and perform a complete install of the OS. After you perform the install, you can then reinstall any applications on the server and restore the data back to the server. The second clean install option is to use a second computer. In this case, you would install the new OS on the second computer and then move the data and resources from the old computer onto the new computer. Users would then connect to the new computer to get access to the resources. You can then format the hard disk on the old computer and use it for another purpose on your network or in your test lab. It’s important to know the advantages and disadvantages of each type of upgrade. Since in-place upgrades are the most common, let’s take a look at them first.
Choosing an In-Place OS Upgrade In-place upgrades are quite common. Generally, they are less expensive, and easier to manage. The advantages of in-place upgrades are:
In most cases, the server configurations will be upgraded to the new OS. For example, if you are running an application on the server, the application settings will automatically be migrated into the new OS. Or if you are running a network service like DNS on the server, the DNS settings and zone information will not need to be reconfigured.
In most cases, applications running on the server do not have to be reinstalled. If the server is operating as a database server, you should not have to reinstall the database application after the upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
346
Chapter 11
Software Updates
This is usually the fastest upgrade path. If all goes well, you can have a new version of the operating system installed within a couple of hours.
Because all of the server settings such as computer name and IP address are unchanged by the upgrade, you do not have to reconfigure any clients that are currently connecting to the server.
Of course, no method of upgrading is perfect. When selecting an in-place upgrade, be aware of the following potential disadvantages. Not all will apply to your network, but some may. If the disadvantages are significant, you may want to choose another method. Disadvantages include:
This process has the highest risk factor. While almost all operating systems do provide an upgrade path, the chances of something failing during the upgrade are significant. The OS manufacturer tests the upgrade thoroughly before releasing the product, but it is physically impossible for the manufacturer to test all possible situations. If the in-place upgrade fails and you have not prepared for this, you will have to deal with a long and painful recovery process that may include losing some data.
One of the reasons why server upgrades fail fairly frequently is because every server has a history. This history may include OS upgrades, service pack installations, application installations and removals, unauthorized and undocumented server configurations, as well as several years of service. There is no way that the OS manufacturer can perfectly duplicate your server’s history to test the upgrade path, yet anything in that server’s history may cause the upgrade to fail.
The server is not available during the upgrade. Even with the smoothest upgrade, the server will not be available for client connections for several hours. If the server is running a business critical application, you will almost certainly be doing the upgrade after everyone else has gone home for the weekend.
Upgrading the OS may bring with it a legacy of problems. In many cases, performing an upgrade of the OS leaves you with a series of problems. In some cases, the problems are a result of an incorrect configuration in the old OS—upgrading the OS will never fix an incorrect configuration.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
347
The OS upgrade itself may create problems. For example, if the old OS used a particular system file and the new OS overwrote that system file with a newer file with the same name, any applications or services on the server that depended on the old version of the file could fail.
The old server may not be able to run the new OS. Most of the time, newer versions of an OS require more hardware to run efficiently than earlier versions of the same OS. Before starting an in-place upgrade, ensure that the old hardware is supported in the new OS.
Choosing a Clean OS Install While the clean operating system install costs more, it can alleviate problems associated with upgrading an existing machine that may have its own issues. The advantages to a clean install are significant:
The biggest advantage of performing a clean install is that you can clean up all of the server’s history. Choosing this option means that the server is restored to pristine condition, just as if it had never run any other OS, and you can perform a clean install of all applications. In most cases, this will result in a more reliable server.
If you choose to install the updated OS on a new server and move all of the resources to the new server, you will probably be able to restore service to your users quickly.
Installing a clean operating system fails much less frequently than an in-place upgrade. Usually, the only reason the install fails is due to hardware failure or incompatible hardware. These components represent a much lower risk than the risk presented by doing an in-place upgrade.
Of course there are disadvantages too:
Performing a clean install takes significantly more time and effort than performing an in-place upgrade.
If you choose to perform a clean install on the same server, the server will not be available for clients for an extended period of time. Formatting the hard disk, performing a complete OS installation, installing and configuring all the server based applications, and restoring all the data to the server can take a long time. In this case, you will not only wait until everyone has gone home for the weekend, you are also going to hope that you get everything done before they come back from the weekend.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
348
Chapter 11
Software Updates
Some client applications on your network may require that the server component be located on a computer with a specific computer name or IP address. Before you choose the option to install the OS on a new server and migrate all of the resources to that computer, you must ensure that these applications can be modified to point to the new server.
If you choose to install the new OS on a new server, you will require at least two servers.
Deciding on an Upgrade Method So what is the best option? Should you perform an in-place upgrade or should you use the clean install option to upgrade your OS? As you can tell from the earlier discussion, both options have advantages and disadvantages. In general, we suggest these guidelines: The first choice when doing a server OS upgrade should almost always be to perform a clean install. There are two reasons for this. First of all, the chance of a failure occurring during a clean install is significantly less than the chance of failure during an in-place upgrade. If the upgrade fails, you will have to perform a complete server restore in order to get the server back up and running and you will still have to do the upgrade. The second reason why the clean install upgrade is preferable is that you do not have to deal with the legacy issues on the server after the upgrade is complete. In contrast, a server that has been upgraded from another version of software will almost never be as stable as a server that has been installed cleanly. If you choose to perform a clean install, installing the new OS on a second server and then moving the resources to the new server is preferred over performing the install on the same server. If you are using a new server, you can install the OS, install and configure any applications, and copy the data to the new server without affecting the production environment. This means that the time when the server is not available on the network can be very short.
If you have applications on your network that require a specific computer name or IP address, migrating to a new server may require some configuration changes.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
349
The in-place upgrade option is rarely the best option. One scenario where this option would be the first choice is in a small company that has only one server and cannot afford the downtime to perform a complete installation of the OS and all applications.
OS Upgrade Procedure Although an in-place OS upgrade is not usually the best option, there are situations where you may want to choose this approach. If all goes well, an in-place upgrade of the OS is the easiest upgrade option. For example, to upgrade from Windows NT to Windows 2000, you can insert the Windows 2000 CD-ROM, wait for the Autorun screen to appear, and essentially accept all the defaults. (See Figure 11.1 for an example.) Upgrading a Linux or NetWare server is almost as easy. However, this perception of ease can be misleading when you are planning to upgrade a production server. The reason why this perception is misleading is because the in-place upgrade is also the highest risk upgrade. FIGURE 11.1
Upgrading a Windows NT Server to Windows 2000
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
350
Chapter 11
Software Updates
The risk of performing an in-place upgrade is that the upgrade will fail: You start the upgrade, everything works smoothly, and then the upgrade just stops. Or the server may not boot into the new OS. If you have not prepared for this to happen, you are about to spend a long night trying to get your server back in working condition before everyone else shows up for work the next morning. Almost all of the work in performing an in-place upgrade is done before you ever start the upgrade. You can split the preparatory work into two categories: first, the work that you will do to try to make sure that the upgrade will succeed, and secondly, the work that you will do to make sure that you can recover your server if the upgrade fails.
Ensuring That the Upgrade Will Succeed Before you begin the in-place upgrade, you need to make sure that the odds of a successful upgrade are in your favor. Doing so requires several steps (note that, except for step 3, all of these steps can apply to a clean install as well): 1. Check the hardware. Obviously, if you are going to upgrade to a new
OS, you have to make sure that the OS can run on the old hardware. The hardware must meet at least the minimum requirements set out by the OS manufacturer. Most OS companies set the minimum requirements very low, and you will generally need to have significantly more processing power, disk space, and memory in order to meet client expectations. Once you are sure that the hardware meets the minimum requirements, the next step is to make sure that all hardware components are supported by the new OS. You may have to locate and download all the drivers for the hardware components before beginning the upgrade. 2. Check for application compatibility issues. The second potential fail-
ure point is application incompatibility. You need to check all of the applications that are running on the server to ensure that the applications will run under the new OS. If the applications will not run in the new OS, check to see if the application manufacturer has a version that will. Usually the application compatibility information is available on the application manufacturer’s website. Even if the manufacturer’s information does not indicate any problems, this is one upgrade component that you must confirm in a lab. The manufacturer may have
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
351
tested many upgrade scenarios, but they will not have tested the upgrade on a server with your server’s history or with the particular combination of applications on your server. 3. Clean up the server. You will increase your chances of a smooth
upgrade significantly if you clean up the server before the upgrade. Cleaning up the server may include removing unnecessary applications, removing applications that will not run on the new OS, and removing data that does not need to be stored on the server. 4. Remove or disable any antivirus software running on the server. Also
disconnect the UPS. Some operating system installs will make certain UPSs shut down the server. Just make sure you re-enable the antivirus software and UPS when you’re done. 5. Test the upgrade. Before you perform the upgrade in a production
environment, perform the upgrade repeatedly in a test environment. The test environment should match the production environment as closely as possible. If possible, use the same hardware and make sure that all applications and services running on the production server are also running on the test server. Performing the upgrade on a test server first allows you to determine whether the upgrade is likely to succeed, but it also might give you some experience in troubleshooting minor issues that appear during the upgrade. 6. Read the instructions. This may seem self-evident, but it is often over-
looked. The first place to begin is to review documentation provided by OS manufacturer about the upgrade process. This documentation is usually included with the source files for the new OS in the form of Readme files. Often the support component of the company’s website includes additional information in the form of white papers, technical documentation, and troubleshooting information. A second source of instructions is the hardware manufacturer’s documentation. There may be specific issues of running the new OS on your particular hardware—often the hardware manufacturer has experienced the same problem and may provide a fix or workaround on their website. 7. Learn from other people’s experience. You are probably not the
first person to try this particular upgrade, so try to find out how the upgrade has worked for other people. All OS and most hardware manufacturers provide a forum for customers to share experiences
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
352
Chapter 11
Software Updates
about the products. These are usually accessible through the company websites. On these sites you can gain access to FAQs and companysponsored newsgroups. (See Figure 11.2 for Novell’s collection of newsgroups for NetWare.) Often there are also public newsgroups focused on the products that you are working with. These newsgroups often provide extremely valuable information about what other people have experienced and how they managed to get around problems. FIGURE 11.2
Newsgroups on the Novell website
Newsgroups do contain a great deal of information and only some of it is relevant, so an effective newsgroup search tool is essential to locate the information you need. One of the best newsgroup searching tools is located at http://groups.google.com. From this website, you can perform powerful searches of almost all public and company-sponsored newsgroups. See Figure 11.3.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
FIGURE 11.3
353
Searching newsgroups using the Google Groups website
Preparing for Failure Despite all of the preparation you put into making sure that the OS upgrade will succeed, experienced network administrators know that anything that can go wrong will go wrong—and at the worst possible time. This means that you need to prepare for the in-place upgrade to fail. To do that, follow these steps: 1. Back up your server. This backup must be a complete backup, including
the OS, the application configuration information, and all the data on the server. Once you are confident that you have a good backup, perform a test restore. Ideally, this test restore should be a complete restore of the entire computer onto another server in your test lab. Only when you are completely confident that you can restore your server back to its current state should you move on to the upgrade process.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
354
Chapter 11
Software Updates
One of the best ways to perform a complete backup of your server is to use a disk cloning application to create a complete copy of your hard disk. Then if the upgrade fails, you can restore the server back to its previous state quickly. If the server that you are upgrading is a file server with hundreds of gigabytes of data on its hard disks, just clone the OS partition and make sure you have a good backup of the data. Two of the most popular disk cloning applications are Ghost (www.symantec.com) and Drive Image (www.powerquest.com/ driveimage).
2. Document all of the settings on the server. This documentation should
include all the server configuration settings, services configuration, and any application settings. If the upgrade fails, and you cannot restore the system from your backup tape, then you might have to rebuild the entire server. In this case, the configuration documentation will save you hours of work. 3. Prepare and test a backout plan. The purpose of a backout plan is to
make sure that the server is available for users when they need it. A backout plan is a document that defines at which point you need to back out of your upgrade and begin the process of recovering the server back to its previous state. The first part of backout planning is determining how long it will take you to recover the server. For example, you may determine that it will take you eight hours to recover the server. This means that if your upgrade does not go smoothly, then at least eight hours before your users are expecting the server to be available, you must stop trying to fix the upgrade and start the recovery process. Spending a great deal of effort preparing for something that you really hope doesn’t happen may seem strange. If you spend days or weeks preparing for an upgrade to fail and the upgrade goes completely smoothly, you may feel like you were acting paranoid. However, if the upgrade fails partway through, and you can’t get the computer to boot into any operating system, you will be thankful for all of the effort you spent preparing for failure. Some experienced network administrators appear to be pessimistic—even paranoid—but they’re really just preparing. Expect things to fail and prepare for it, so you can deal with the problems if they happen. Of course, the better prepared you are, the less likely it is that anything will go wrong.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
355
Other Considerations As you get ready to perform the upgrade, there are a couple of other issues that you need to take care of. The first step is to schedule the server downtime. In most cases, operations like OS upgrades are performed during non– business hours. The server will not be available to users during the upgrade, so it makes sense to perform the upgrade when fewer users need access to the server. Even if you are planning on performing the upgrade when no one else has to be at work, you should still let users know that the server will be down. A user who decides to come in on a Saturday to get caught up on some work will be very disappointed if the server they need is not available. Some companies have little or no time when the server can be unavailable. For example, companies that depend heavily on business generated from their websites or companies with offices in many different time zones might not want the server to be unavailable at any time. If your company does not have a time window where you can perform the upgrade without causing a significant disruption in the business processes, then do not perform an inplace upgrade. In this case, you should perform a clean install using a second server to provide the service while the original server is not available. Another important component to a successful upgrade is to document everything. As you perform test upgrades in your lab, you should document all of the upgrade procedures you use. You should also test and document your recovery plan. It is very easy to miss a step in a complicated procedure if you don’t have accurate documentation. As you perform the upgrade, document any errors you encounter and how you resolved the errors. This will become valuable documentation for any future upgrades that you perform.
Clean Install Procedure The second option for performing a server operating system upgrade is to perform a clean install of the OS rather than upgrade the current OS. Performing a clean install almost always requires more time and effort than performing an OS upgrade, but the end result is a more stable operating environment. For this reason, the clean install upgrade is almost always the best option for doing an OS upgrade. There are essentially two options for performing a clean install: performing a clean install on the same server, or performing a clean install on a second server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
356
Chapter 11
Software Updates
Performing a Clean Install on the Same Server When you perform a clean install on the same server, you will back up all the data on the server’s hard disk, format the hard disk, install the new OS, reinstall all the applications on the server, and then recover all of the data. For a large server, this process takes a significant amount of time, which means that this is an upgrade option only if you can afford the server downtime while you do this work. This is also an upgrade option if you must reuse the same server and cannot replace the current hardware, even temporarily.
Many of the steps discussed in the previous section on in-place upgrade also apply to upgrades through clean installs. You still need to configure a test lab and thoroughly test every step in the process.
To upgrade the OS by performing a clean install on the same server, follow these steps: 1. Back up everything on the server. This is done for two reasons: First
of all, you might have to restore the entire server if the clean install fails, and secondly, you need the backup to restore the data after the upgrade. Again, make sure that you can restore the data that you have backed up. 2. Document all of the server and application configuration settings.
This is also done in case you need to restore the server. As well, many of the configuration settings on the new server will probably need to be the same as they were on the old server. For example, if the server is your DNS server, then you will probably need to configure the new server with the same DNS server settings. 3. Format the hard disk. After you have double-checked and triple-
checked that your backups worked, and that you have documented all the server configurations, erase everything on the hard disk by formatting the hard disk. 4. Install the new operating system. 5. Once the OS is installed and stable, configure the server settings. As
well, configure any services running on the server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
357
6. If you need any server-based applications on the server, install and
configure these. 7. Restore the data onto the server. Once you are confident that the server
is correctly configured and stable, restore the data onto the server. Restoring the data is usually the last step because you do not want to take the time to restore the data until you are sure that the server is running efficiently and that you will not have to reinstall any components. 8. Test connectivity to the server. Before putting the server back into pro-
duction, test all of the network resources provided by the server. If the server is a file and print server, ensure that clients can access the file resources and print to the attached printers. If the server is a database or messaging server, confirm that these applications are accessible from the network.
One of the best practices when configuring a server is to put all of the data on a separate partition—or even better, on a separate hard disk—from the OS. If you have followed this best practice, or if the data for the server is on a storage area network (SAN) or network attached storage (NAS) device, then you do not need to restore the data. All you have to do is format the partition where the OS was located, and install the new OS—the data is not affected by the upgrade and is still accessible.
Performing a Clean Install on a Second Computer A second option for performing a clean install is to install the new OS onto a second server. Then move all of the resources from the old server onto the new server and configure the clients to connect to the second server. This upgrade option is the best choice when you require close to 100 percent server uptime. With this upgrade option, you can install and configure the new server and test it to make sure that it is stable, and then just have the clients connect to the new server. This is also the best upgrade option if you need to move the server to a new hardware platform.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
358
Chapter 11
Software Updates
Server Uptime One of the goals of network administration is to provide 100 percent server uptime. One hundred percent uptime means that the network and servers are always available whenever any client needs to access a network resource. While this is a goal for all network administrators, companies will vary greatly on how critical it is that you achieve 100 percent uptime. This may even vary depending on which server you are working on in the company. If all of the business-critical applications in your company run on a mainframe, and the small database server that you are upgrading is only used by five people once a week, then you can probably take that server offline for a couple of days without seriously affecting any business process. However, if the server you are taking offline is the primary web server for your company’s e-commerce site, and you are right in the middle of the busiest time of year, then taking the server offline for even an hour may cost the company millions of dollars. One of the first questions you need to ask when you get ready to upgrade a server is how much downtime can you afford on this server. Or better yet, ask the business department that uses the server most heavily what would happen if the server were not available for 15 minutes, or an hour, or a day? The reaction you get from the businessperson is usually an excellent indicator of how much network downtime you can afford. Even though the goal is 100 percent, that will likely never happen. If your company can hit 99.99 percent (called “four-nines” by the cool network administrators) or even five-nines, that is extremely impressive. Four-nines uptime would mean that the server is down for less than 53 minutes per year. It’s certainly a goal worth shooting for.
To upgrade your OS by performing a clean install on a second server, use the following steps: 1. Install the new OS on the second server. Configure the server to match
the required specifications and then test the server to make sure that it is stable.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Operating System Upgrades
359
2. Install and configure the network services and applications on the new
server. In most cases, these services and applications will be configured to be identical to the old server. 3. Move the data and other resources from the old server to the new
server. Because the old server is still in production at this point, you may have to use a synchronization tool to make sure that the resources on both servers are identical and that changes made to the resources on the old server are reflected on the new server. One example of such a tool is Robocopy from the Windows 2000 Resource Kit. Robocopy can be used to copy file resources from one server to another and maintain the folder structure and the assigned permissions. After the initial copy, Robocopy can also be used to synchronize the file resources on both servers. 4. Once the server is stable and configured, test the connectivity to the
resources and applications on the new server. 5. If possible, select a small group of users as a pilot group to begin work-
ing on the new server. This pilot group is used to ensure that all of the server components are correctly configured. Using a pilot group on the production environment may not be possible if the server must have the same name or IP address as the original server. 6. Once you are confident that the server is stable and all of the resources
on the server are accessible, configure all clients to use the new server. 7. If the new server appears to be functioning smoothly, remove the old
server from the network. For the first few days, you may want to just shut down the server and leave it connected to the network. In this way, if the new server fails unexpectedly, you can bring the old server back online very quickly. Upgrading the operating system is usually not a complicated task. However, it can get quite complicated if there are applications being used on the network where the old server NetBIOS name or IP address is hard-coded in the application so that it is very difficult to change. If this is the case, it is more difficult to manage the upgrade because the two computers cannot both be used on the production environment at the same time. Often, rewriting the application to point to the new server is not feasible, so the new server will have to have the same name as the old server—but two servers with the same name cannot exist on the same network. To get around this, you can
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
360
Chapter 11
Software Updates
build and test the new server on a network that is isolated from the production environment. Then when the new server is stable and has all of the latest information, you can remove the old server from the network and connect the new server.
Service Pack Upgrades
A second type of software upgrade is a service pack install. While this is a less significant procedure than performing a complete OS upgrade, it is still an upgrade that must be dealt with seriously. While the service pack is being installed, the server will not be available for client connections. Often the server must also be rebooted after a service pack install, which again results in server outage. Sometimes a service pack install will fail, so you must be prepared for that. Occasionally a service pack fixes one problem on the OS but creates another. So installing service packs still takes a significant amount of planning and preparation.
The term service pack is not consistent across all OS manufacturers. Microsoft uses the term. However, Novell uses the term consolidated support pack for its collection of patches and fixes that are released periodically. Red Hat does not release an equivalent product—they release individual software patches for their Linux product, but not collections. IBM uses the term FixPak for its collection of OS/2 patches. Sun Microsystems provides Patch Clusters for its operating system. For simplicity, this chapter will refer to an accumulated collection of software patches as a service pack.
What Are Service Packs? As an OS is deployed by customers in a wide variety of situations, bugs are found. While each individual bug can usually be fixed with a software patch, a service pack usually includes all of the bug fixes that have accumulated since the release of the OS version. Service packs often include security fixes as well. In some cases, service packs are also used to introduce some new features to the OS. For example, in Windows NT, later versions of service packs introduced significant improvements to many of the network services such as DNS, WINS, and remote access.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Service Pack Upgrades
361
Deciding Whether to Install Service Packs Deciding whether to install a service pack is a source of much debate among network administrators. Everyone has an opinion on whether you should install service packs and when to install service packs. There are two extremes in this discussion. At one extreme are the administrators who say that you should only install the service packs that fix a specific problem that you are facing on your network. Supporters of this view argue that if a service pack does not address any problem you are currently facing on the network, then you should not install it. This approach says, if it isn’t broken, don’t try fixing it. The second point of view is to install all service packs regardless of whether they are specifically required on the servers at that point. Proponents of this view argue that all of the accumulated bug fixes should make the OS more stable and reliable. Also, the service pack might provide a fix that will prevent a problem from showing up later. Because many of the service packs contain the latest security patches, installing the service pack can increase the security of your servers. As well, these administrators often want to implement some of the new features provided with the service pack. In some cases, you may not have an option about whether you want to install a service pack. Often this is the case when you want to install a network application or service that requires a certain level of service pack. For example, to install Microsoft’s messaging server, Exchange 2000 on Windows 2000, you must have installed at least Windows 2000 Service Pack 1. To install the latest version of Novell’s firewall and proxy server, called Border Manager, you must install the latest consolidated support pack. As with all arguments of this type, the best answer (and the one chosen by most administrators) is to approach the installation of service packs with caution. If a service pack addresses an issue that is a problem on your network, then you probably want to install the service pack fairly quickly. A good approach is to wait at least a couple of weeks after the release of a service pack to ensure that it is stable and does not create additional problems. If the service pack does not address any concerns on your network, and your servers are stable, then you might choose not to install it. In most cases, service packs are cumulative, so you can choose to not install a particular service pack and just install a later version.
Service Pack Installation Although installing a service pack does not have as much impact as installing a totally new operating system, it is still a significant upgrade. Some of the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
362
Chapter 11
Software Updates
system files for the OS will be replaced. In most cases, you must also restart the server after you have applied the service pack. For these reasons, it is critical that you plan carefully for the installation of the service pack. The following steps provide a framework: 1. Obtain the service pack from the OS manufacturer. The service packs
are usually available either on a CD-ROM or on the manufacturer’s website (see “Service Pack Websites” below). 2. Test the service pack in a test lab. Although the install of a service pack
doesn’t fail very often, it can happen and potentially result in an unbootable server. You need to test the service pack against your server’s configuration to make sure that the service pack does not have unexpected results on your particular combination of software and hardware. 3. Check the documentation that comes with the service pack release.
Often a service pack release will include documentation that details known problems for the service pack install. Check the documentation to ensure that none of the known problems apply to your situation. 4. Learn from other people’s experience. Wait a month or so after the
release of a service pack to make sure that it is stable. During that month, monitor the manufacturer’s support website and monitor all the relevant newsgroups for how the install is working in other environments. Fortunately, there are enough network administrators who do install the service packs immediately upon release, so let them do some of your testing for you. 5. Back up your servers. Again, you want to prepare for disaster. If the
service pack upgrade fails, you must be able to get your server back up and running as quickly as possible. 6. Schedule the downtime. Clients should not be connecting to your
server during the service pack install and the server restart, so let them know when the server will be unavailable. Ideally, you should perform the service pack install during non-working hours to insure minimal effect on the business users. 7. Install the service pack and document the results. If you run into any
problems during the service pack install, document the problem and how you fixed it. This can be useful information as you install the service pack on other servers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Service Pack Upgrades
363
Service Pack Websites To download the latest service packs, go to the manufacturer’s website. Here are some sample websites where you can go to download service packs or software patches:
FIGURE 11.4
Microsoft Windows 2000 (www.microsoft.com/windows2000/ downloads/servicepacks)
Novell NetWare (Support.novell.com/tools/csp/ csplist.html) (See Figure 11.4)
Sun Microsystems Unix (sunsolve.sun.com/pub-cgi/show.pl)
Red Hat Linux (www.redhat.com/support)
Links for all Windows and OS/2 service packs (www.softwarepatch.com)
Novell’s Consolidated Support Pack download center
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
364
Chapter 11
Software Updates
Test Labs As you have seen frequently in this chapter, there is a strong requirement to test every software upgrade in a lab or test environment before upgrading the software in production. If things are going to break, you want them to break in the lab where few people will be affected and where you do not have the pressure of getting the servers working again immediately. This requirement means that you must have a lab available whenever you need to do any testing. In a small company, there may be significant resistance to dedicating even a couple of servers to a test lab and you may have to create the test lab when you need it from older servers or high-end desktop computers. Larger companies often have a dedicated lab environment, but sometimes the difficulty is getting access to the lab. If you work in a typical enterprise network environment, you are constantly testing software in a lab. You may be testing operating system upgrades, service packs, software patches, and new server or desktop applications. At the same time, the software developers in the company may also be testing a new application that they have been working on. Other people may want to get access to the lab to learn a new technology. In this environment, managing the lab can become almost as complicated as managing the production environment. Here are some suggestions for managing the test lab:
Appoint a lab manager: This person must have the authority to authorize use of the lab, manage the lab schedule, and enforce lab procedures.
Create a lab that mirrors the production environment: Testing is only valid if the software is tested in an environment that is similar to the production environment. This means that the lab should have a similar hardware configuration, similar logical and physical network configuration, and the same operating systems and applications installed.
Develop lab test case procedures: To make the lab time as efficient as possible, you should go into the lab with a complete lab test case. This means that before anyone is given access to the lab, they should have a detailed description of what they are testing in the lab, how they will be setting up the lab, and what the expected effects of their testing will be.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Software Patches
365
Develop a way to rebuild the lab efficiently: The point of having a lab is to be able to test changes to your network without affecting the production environment. However, you also need a mechanism to return your lab back to the current production environment as quickly as possible so that you can try another test, so someone else can use the lab and not have to deal with your changes. The most efficient way to rebuild the lab is to use disk-cloning software so you can build the lab exactly the way you want it and then take images of all the servers. Then, after someone has tested their software and made changes to the servers, you can rebuild the servers back to their original configuration within minutes.
In some cases, you can automate the installation of service packs across multiple systems. For example, you can use Group Policies in Windows 2000 Active Directory or Z.E.N.works in NetWare to automatically install service packs on multiple servers in your environment. This can be a great timesaver if you have hundreds of servers. However, this approach also requires a high level of testing and disaster recovery planning. If you think having to recover one server in the event of a disaster is tough, think about what it would be like to recover hundreds of servers. If you decide to use the automated deployment tools, then test the deployment thoroughly. Create a pilot deployment where you will deploy the service pack to a small group of servers. Even when you are confident that the pilot has gone well, deploy the service pack to a small selection of servers at one time. The most crucial question that you need to deal with is disaster recovery time. Never automate this deployment to more servers at one time than you can recover if the deployment fails badly.
Software Patches
T
he third type of server OS upgrade is a software patch. This upgrade is less significant than the service pack upgrade because a software patch usually deals with just one issue. Because a patch usually addresses only one problem with the OS, it is not uncommon for an OS manufacturer to release a new patch every few weeks. This means that managing the software patch upgrades is more of an ongoing management issue than a large-scale OS upgrade.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
366
Chapter 11
Software Updates
What Are Software Patches? Software patches (also called quick fixes or bug fixes) are small fixes to the operating system or an application. In most cases, a software patch is designed to solve one particular problem. In some cases, this is a software bug discovered by someone and repaired by the OS manufacturer. In other cases, a software patch is a security fix.
Deciding Whether to Install Patches The discussion about whether to install OS patches is similar to the discussion on whether to install service packs, but the answer is easier. Because a software patch is designed to address only one particular problem, you will usually not need to install the patch unless you need to address that problem. The patch almost always includes documentation that indicates exactly what type of problem the patch will resolve. If this problem is not applicable to your network, then you will probably not install the patch. A patch usually comes with a recommendation from the OS manufacturer on whether everyone should install the patch, or whether it should be installed only if you are faced with the issue that the patch is designed to fix. This situation may be different when the patch is designed to address a security issue, especially if your server is accessible from the Internet. Every server that is accessible from the Internet is likely to come under attack at some point, and it is essential that these servers are as secure as possible. However, read the documentation before installing the patch to make sure that the patch is applicable to your situation. For example, if the patch fixes a security problem with an SMTP server, there may be no reason to install this patch on a web server.
In most cases, service packs include all of the software patches that have been released up to that point. If a software patch does not apply to your environment, then it is a good practice to not install it until the service pack is released. This gives more time for people to discover problems with the software patch. The service pack also contains a variety of patches, all of which have been tested together rather than individually.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Software Patches
367
Software Patch Installation Although installing an OS patch is not as significant as installing a totally new operating system or a service pack, it is still a significant upgrade. Some of the system files for the OS will be replaced. In most cases, you must also restart the server after you have applied the patch. Like service packs, software patches are distributed by the OS manufacturer. Because software patches are released on a fairly regular basis, most OS manufacturers provide some automated method of alerting you when new patches are released. One option for automated alerts is through e-mail, and most OS manufacturer websites give you the option of signing up for these updates. Beginning with Windows 98, Microsoft has included the Windows Update option on the start menu for all of its operating systems—selecting this option connects you to the Microsoft websites where you can locate and install the latest patches. In Windows 2000 and Windows XP, you also have the option of configuring an automatic notification through the Internet where you are alerted through a pop-up screen when a new software patch is available. (See Figure 11.5 for an example of an automatic notification.) FIGURE 11.5
An automatic notification of software patches in Windows XP
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
368
Chapter 11
Software Updates
The procedure to deploy a software patch is almost identical to deploying a service pack: 1. Obtain the software patch. 2. Check the documentation that comes with the software patch release.
Again, you are checking for known issues with the software patch install. 3. Learn from other people’s experience. Monitor the manufacturer’s
support website and monitor relevant newsgroups for how the software patch install is working in other environments. 4. Test the software patch in the test lab. 5. Back up your servers. Service pack installs seldom fail, but you must
be prepared for the worst-case scenario. 6. Schedule the downtime. 7. Install the software patch and document the results.
Just as with service packs, you can automate the deployment of software patches using Active Directory Group Policies, NetWare Z.E.N.works, or another automated software installation service. The same cautions about testing, piloting, and managing the deployment apply.
Upgrading Hardware Drivers
U
p to this point, this chapter has dealt with software upgrades that are part of the OS itself. All of these upgrades have actually replaced system files and have been released by the OS manufacturers. Another type of software upgrade that you might need to perform is a hardware driver upgrade. In this case, you are not upgrading part of the OS but rather you are upgrading the drivers that enable the OS to communicate with the hardware devices on your computer. While this upgrade may not appear to be as critical as an OS upgrade, upgrading the drivers is still a significant procedure. In some cases, installing a new hardware driver can actually cause serious problems for the OS, including extreme problems such as not being able to restart the server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Upgrading Hardware Drivers
369
Many of the same issues apply when upgrading the hardware drivers as those that applied to working with service packs or OS patches. The first question that you need to ask is whether you need to install all of the latest drivers as soon as they come out. Just like OS patches, driver updates are usually designed to address one or more small bugs that have been located in the drivers. The documentation that is included with the drivers usually clearly identifies the bugs that are fixed in the upgrade so you can decide whether the update applies to your situation.
In some cases, you have little choice about installing the latest drivers for a particular piece of hardware. When you place a support call to the hardware manufacturer regarding a problem with their hardware, one of the first questions they ask is if you have installed the latest driver. If you haven’t, they will often tell you to install the latest driver and then call back if the problem persists.
Acquiring and Installing New Drivers The hardware drivers are produced and maintained by the hardware manufacturers. All hardware manufacturers include a section on their websites where you can go to locate the drivers that you need and download the latest drivers. (See Figure 11.6 for an example of one of these sites.) In most cases, the drivers that you download from the website come as compressed files that you must decompress before you can use them. One of the crucial issues that you need to think about when downloading a driver is whether the driver has been tested with the OS that you are using. One important reason why operating systems can become unstable is because of incompatible hardware drivers. Always check the OS manufacturer’s website in addition to the hardware manufacturer’s website to determine if there are any problems with the drivers. Search the support component of both websites to determine if there are any problems with the drivers and your OS.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
370
Chapter 11
Software Updates
FIGURE 11.6
Downloading drivers from the Compaq website
A second concern when downloading drivers from the Internet is security. When you download a driver from the Internet, you want to make sure that the driver has not been tampered with. For example, if an attacker could emulate the hardware manufacturer’s website, they could include a Trojan horse application with the hardware driver that sends all of your keystrokes to an Internet address. To prevent this, driver manufacturers now have the option to use digital signatures on their drivers so that you will receive a warning from the OS if the driver has been modified. Unfortunately, digital signatures haven’t really caught on yet, and you should always use caution with downloaded drivers. You can also order the latest drivers on a CD-ROM from the manufacturers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Upgrading Monitoring and Management Tools
371
If you work in a network environment where there are many different types of hardware, you will find yourself needing many different hardware drivers. If you don’t want to have to download the latest drivers every time you need them, you should develop some way of maintaining a copy of the latest drivers on your network. Most companies have a central share on a server where they store all drivers. If you have access to a CD burner, it is also a best practice to burn a CD-ROM with all of the most popular drivers for your network. Most drivers are less than 2MB, so you can store many drivers on one CD-ROM.
The procedure for installing hardware drivers is similar to service pack or software upgrade installs. Again, you must prepare for disaster, which means testing the driver upgrade and having a rollback plan in place before you install the new drivers on the production servers. An essential part of the rollback plan will be having the old drivers available in case the new drivers fail.
One of the new features in Windows XP and Windows .NET is the driver rollback option. These operating systems maintain a copy of the previous drivers that were installed on the server. If the new driver is causing problems, you can choose to roll back to the previous driver.
Upgrading Monitoring and Management Tools
I
n addition to upgrading the OS and hardware drivers, you are also going to be expected to upgrade the other software on the servers, such as the monitoring and management tools that you are using on the servers. Chapter 12, “Performance and Hardware Monitoring,” will describe these tools in detail. In this chapter we are concerned with the process of upgrading the management tools. These tools are used to centralize the monitoring and management of a large number of servers on your network. For example, if you have
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
372
Chapter 11
Software Updates
500 servers in three data centers, it is almost impossible to closely monitor each server. You would like to know how each of those servers is performing but you would have to have many people monitoring them to get a detailed picture. Even more importantly, you would like to have some way of receiving alerts if a server is reaching a critical threshold. If a file server is running out of disk space, you would like to be notified that this is happening before the situation becomes critical. This is where the monitoring and management tools can be very effective. Using these tools, you can monitor multiple servers and configure alerts from multiple servers from one central location. Most monitoring and management tools have two components: a server or management component that is usually installed on one or two servers on your network, and a client component, which can be installed on every server in your network. The server component is the management station. This is where you define which servers you want to monitor and what information you want to monitor on each server. This is also where you can configure the alerts or notifications that you can use to get an early warning when a server is reaching a critical threshold. For most of these applications, the server component includes a data store where the monitoring data collected from the servers is stored. This data is used for long-term trend analysis. For example, if you have six months’ worth of performance data on all of your messaging servers, you can use the data to analyze how the flow of e-mails has changed in your organization over those six months, and then extrapolate that data to predict future usage. This performance data is usually stored in a database. Because this database can get quite large, it is often stored on a separate, dedicated database server. The client component (also called an agent) is installed on all of the servers that you want to monitor and manage. The agent essentially follows the directions given to it by the server component. For example, if you want to monitor the CPU usage on all of the servers on your network, you would configure this setting through the management console. The server component then informs the agents on all the servers to collect this information. The agent collects the information for each server and then sends the information to the server component. The same process happens when you want to monitor each server for alerts. Again, you would configure the alert through the management console, which would configure the agents on each server to monitor a particular setting and send an alert when the server’s performance reaches a critical level.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Upgrading Monitoring and Management Tools
373
Upgrading the Server Component In most cases, upgrading the server component of a monitoring and management application is not difficult. These applications almost always provide an upgrade path so that when you install the new version of the application, all of the settings and data from the previous version are imported into the new version. Many of the same procedures discussed earlier in this chapter still apply when upgrading these applications. You still need to test the upgrade procedure in a lab to confirm that the upgrade works, and to confirm that the application configuration and data are available after the upgrade. The configuration information is usually stored with the application, so before starting the upgrade, back up this information. If the data is stored on the same server as the management program, back up the data as well. If the upgrade fails, you will want to restore the previous version of the software without losing the configuration information or the data.
Upgrading the Client Component Upgrading the client component is usually even easier than upgrading the server component. Most of the monitoring and management tools provide automated processes for installing the agents on multiple servers. Often when the management program is upgraded, you are also given the option to upgrade all of the agents. If you select this option, then all of the clients can be upgraded at one time. Most of the time, the upgrade just overwrites the current client installation, but some applications actually uninstall the older client first and then install the new client. Because the client itself usually does not contain any configuration information or data, you do not need to be concerned with transferring the client settings during the upgrade. Once the client upgrade is complete, the management program will reconfigure the clients to monitor the required server components. Upgrading the client component requires careful testing. If the server component upgrade fails, then you have lost just the monitoring application. However, because the agent is installed on all of your production servers, a failure in the agent upgrade could potentially affect all of your servers. This means that you need to test the client upgrade thoroughly in your lab.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
374
Chapter 11
Software Updates
UPS Upgrades
Another software component that is often installed on your servers is the UPS software. The UPS software is used to configure the UPS itself. For example, you might want to configure alerts on the UPS so that you receive a notification whenever the power goes out, even if the power outage was just for a short period of time and the servers were not shut down. The UPS software is also used to gracefully shut down servers in the event of a long power outage that exhausts the UPS’s battery power. Upgrading the UPS software is similar to upgrading the monitoring tools. In some cases the software includes a server component that is installed on one server to manage the UPS and an agent that is installed on each server that is protected by the UPS. Upgrading the UPS software sometimes requires that you remove the old version of the software first and then install the new software. In most cases, however, the new version of the software can be installed over the old version and all of the settings will be retained. Upgrading the UPS can also include replacing the batteries or updating the firmware. If you are upgrading the battery in the UPS, disconnect it from the power source, disconnect the terminals from the battery, and then proceed with the replacement. Once the battery has been replaced, it will need to be charged, so it is a good idea to have a second UPS on hand to protect your servers from a power outage.
Summary
I
n this chapter, you learned about the various software upgrades that you might need to apply to the servers on your network. The first type of upgrade, and the most significant, is the operating system upgrade where your entire OS is replaced with a newer version. When planning an OS upgrade, the most important question that you need to answer is whether you want to perform an in-place upgrade or a clean install upgrade. You learned some of the reasons why you would choose either option, as well as the procedures for performing both upgrades. The second type of software upgrade that you learned about was the service pack and software patch upgrades. In this case, you are applying fixes to the operating system rather than performing a complete upgrade of the OS.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
375
You learned when you should apply the service pack and software patch upgrades, as well as the procedures for performing the upgrades. The last major topic covered in this chapter discussed upgrading other software that is installed on the servers but is not part of the OS. These software components include hardware drivers, monitoring and management tools, and UPS software. While these software upgrades may not directly affect the OS, they must still be planned and managed carefully. This chapter completes the major section of this book discussing all of the different upgrades that you may need to perform on your servers. The next section of the book focuses on proactive maintenance, or all of the things you can do to make sure that your network is always available to the clients. The first chapter in the next section discusses monitoring and management tools and procedures.
Exam Essentials Know how to prepare for possible failure when performing any software upgrades on your servers. An essential component in any software upgrade is to do everything you can to insure that the upgrade will succeed, as well as do everything you can to prepare for a quick recovery if the upgrade fails. Know which OS upgrade path is best for a given situation. The clean install upgrade is the best upgrade option because it has the lowest chance of failure as well as providing the most stable operating system after the upgrade. Understand when you need to install service packs and software updates. Service packs and software updates are primarily bug and security patches for the operating system. In most cases, you should install these only if they affect you or if they are recommended by the OS manufacturer. Understand the procedure for installing service packs and software updates. Installing service packs and software updates is easy, however, you must test the installation to insure that the upgrade works smoothly and prepare a rollback plan in case the upgrade fails.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
376
Chapter 11
Software Updates
Understand the procedures for upgrading hardware drivers, monitoring and management tools, and UPS software. In most cases, upgrading these types of software is fairly easy and not as risky as upgrading OS components. However, you must still prepare for potential failures through testing and backup.
Key Terms
B
efore you take the exam, be certain you are familiar with the following terms: clean install
server uptime
digital signature
service pack
in-place upgrade
software patch
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
377
Review Questions 1. Which of the following are advantages to performing an operating
system upgrade as opposed to a clean install? A. All of the previous configuration settings are lost when you
perform an upgrade. B. Applications do not have to be reinstalled. C. All of the configuration settings are upgraded with the operating
system. D. Server downtime is minimized. 2. You are deciding whether to perform an upgrade of your server oper-
ating system or a clean install. Your network administrator has told you to clean up the server and that server downtime must be minimal. What would be the recommended way to proceed? A. Format the server and perform a clean install. B. Perform an operating system upgrade. C. Install the operating system on a second server and move resources
to the new server. Then perform a clean install. D. Install the operating system on a second server and move resources
to the new server. Then perform an upgrade of the operating system. 3. What is one of the first things you should do before upgrading or
installing a new operating system on a server? A. Format the hard disks. B. Document the current server configuration. C. Take the server off the network. D. Back up the server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
378
Chapter 11
Software Updates
4. What are service packs? A. Bug fixes for operating systems B. Upgraded hardware drivers C. New versions of operating systems D. Fixes for computer applications 5. Your network administrator is planning on performing an in-place
operating system upgrade to one of your network servers. During the past few months you have been experiencing problems with the server and your network administrator feels that this will fix any existing problems. You want him to move the server’s resources to another network server and perform a clean install. What are some of the disadvantages to performing an upgrade that you could convey? A. Any existing configuration settings that are problematic will be
migrated. B. It will take considerably longer to perform an upgrade as opposed
to a clean install. C. The server’s resources will be unavailable during the upgrade. D. An upgrade will allow you to reconfigure the server’s settings. 6. What are software patches? A. Quick fixes to solve a particular software problem B. Firmware updates for hardware C. Fixes for a list of operating system problems D. Feature-rich enhancements for an operating system 7. Which of the following steps are you least likely to perform before
beginning an upgrade of an operating system? A. Test for application compatibility. B. Verify hardware compatibility. C. Test the upgrade in a controlled environment. D. Document the server’s configuration settings.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
379
8. You have performed a full backup of your server and developed a roll-
back plan. Before doing the upgrade in the production environment, what should you do first? A. Notify users that the server will be offline. B. Test the upgrade plan in a test environment. C. Move the resources to another network server. D. Document the server’s configuration. 9. What is a group of operating fixes that can be applied at once
known as? A. Software patch B. Service fix C. Service pack D. Software fix 10. Which of the following tasks should you do before installing a
new driver? A. Perform a full system backup. B. Establish a rollback plan. C. Ensure the driver is compatible with the operating system. D. Ensure you have a copy of the old drivers. 11. When should you install a service pack? A. As soon as it is released. B. When it will fix a known bug. C. To take advantage of new features. D. Service packs should never be installed. 12. Before proceeding with a service pack update on your server, what
tasks should be performed?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
380
Chapter 11
Software Updates
A. Back up the server. B. Document the server settings. C. Make sure you have the correct updates. D. Review the documentation. 13. What steps need to be completed when replacing a battery in a UPS? A. Shut down your servers. B. Disconnect the battery from the terminals. C. Disconnect the UPS from the power source. D. Notify users that the UPS is being upgraded. 14. IBM has just released a collection of software patches. What type of
patch will you apply? A. FixPak B. Service pack C. Consolidated Support Pack D. Software pack 15. In terms of new drivers, what is a digital signature used for? A. It verifies that the driver will work with your operating system. B. It verifies that the driver has not been modified. C. It verifies that the driver has been successfully installed. D. It identifies the creator of the driver. 16. You are upgrading the server component of your network manage-
ment software. Before proceeding with the upgrade, what tasks should be completed? A. Back up the application data. B. Uninstall the existing management software. C. Uninstall the client component. D. Shut down the server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
381
17. Once you have tested an upgrade plan in a controlled environment
and are ready to do the upgrade in the production environment, what should you do before you take a server and its resources offline? A. Forcibly disconnect users from the server. B. Notify users of the server downtime. C. Disconnect clients from the network. D. Unplug the server. 18. Novell has just released a collection of fixes. What type of patch will
you be applying? A. Service patch B. FixPak C. Consolidated Support Pack D. Service pack 19. What are some of the disadvantages to performing a clean install of an
operating system as opposed to upgrading? A. Applications must be reinstalled. B. Data must be restored. C. Settings are migrated. D. Client applications may need to be modified. 20. You are installing Windows 2000 Server as an upgrade to Win-
dows NT 4 Server. During the hardware detection phase, the machine mysteriously reboots. You start the upgrade again, and again the system reboots during the hardware detection phase. What is the most likely cause of the problem? A. You have a bad copy of the Windows 2000 Server CD. B. The UPS needs to be disconnected from the server. C. The hard drive needs to be replaced in the server. D. Instead of performing an upgrade, you should wipe the system out
and perform a clean install of Windows 2000 Server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
382
Chapter 11
Software Updates
Answers to Review Questions 1. B, C. Two advantages of performing an operating system upgrade
are that the server configuration settings are migrated and that applications do not need to be reinstalled. Server downtime is not minimized because the server is unavailable during the upgrade. 2. C. Performing an upgrade would migrate all the server’s configura-
tion settings—you want to clean up the server so you will want to perform a clean install instead. In order to minimize server downtime, you should install the operating system on a second server and move all resources to it, making the second server available to users. Then perform a clean installation on the original server. 3. D. Before making any changes to a server, including upgrading or
installing a new operating system, the first thing you should do is perform a full backup. 4. A. Service packs contain fixes for bugs that are found in operating
systems. 5. A, C. Performing an upgrade will not allow you to reconfigure the
server’s settings, so any settings that may have been problematic will be migrated with the upgrade. Performing an upgrade also means that the server’s resources are unavailable during this time. 6. A. A software patch is a quick fix for a reported bug or security
glitch. A patch is not as extensive as a service pack. Software patches are usually released every few weeks. 7. D. Although it is a good idea, documenting the server’s configuration
settings is the least likely step for you to perform since all the settings are migrated during the upgrade. 8. B. Before you go ahead with the upgrade in the production environ-
ment, you should first perform the upgrade in a test environment. 9. C. Service packs are a group of operating system fixes. Software
patches usually contain quick fixes for a particular bug. 10. A, B, C, D. All of the steps outlined should be performed before
installing a new driver.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
383
11. B, C. Not every service pack released needs to be installed. A service
pack should be installed when it will address a known bug with the operating system or when you want to take advantage of new features. 12. A, C, D. Making any changes to a server means first performing a
full backup of the system. Before applying the service pack make sure you have the correct updates and review the documentation that comes with it. 13. B, C. When replacing the battery in a UPS, make sure the UPS is dis-
connected from the power source and the battery itself has been disconnected from the terminals. 14. A. IBM refers to a collection of software patches as a FixPak. 15. B. The digital signature is used for security purposes and verifies that
the driver has not been modified. 16. A. Before upgrading the server component of the management soft-
ware, make sure the application data is backed up so it can be restored in case the upgrade is unsuccessful. 17. B. Before actually taking the server offline, notify users of the outage
so they have sufficient time to save their work and disconnect from any server resources. 18. C. Novell refers to their collection of fixes as a Consolidated Support
Pack. 19. A, B, D. If you are performing a clean install, any applications that
were running on the server will have to be reinstalled and reconfigured. Data will need to be restored. Client applications may need to be reconfigured. 20. B. During the installation of Windows NT and Windows 2000, the
operating system will check the serial ports for serial mice. The signal that the OS sends out can be interpreted by some UPS devices as a shutdown signal. The UPS will shut down the server. To alleviate this problem, disconnect the UPS from the serial port.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Proactive Maintenance
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
PART
V
Chapter
12
Performance and Hardware Monitoring COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.7 Install service tools (SNMP, backup software, system monitoring agents, event logs, etc.) 2.8 Perform Server baseline 2.9 Document the configuration 4.2 Create baseline and compare performance 4.3 Set SNMP thresholds 4.5 Perform hardware verification 4.6 Establish remote notification
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
M
onitoring hardware should be a regular routine that you get into. Server hardware operates on a constant cycle with no rest. Varying levels of stress are placed on servers as the workday evolves. This stress takes on different forms as the day progresses also. In the morning large numbers of clients may check and send e-mail. This places stress on the Internet access and resources related to the Internet hardware. As the day progresses the stress load may turn to printing or database access. Monitoring hardware and its various stresses is an important element to successful daily server operations.
Monitoring
Before setting up baselines, performance, and hardware monitoring, you must first understand what monitoring is, why you should monitor, and what to monitor. Unless you understand the reason behind a task, and the expected outcome, you are wasting your time. Monitoring is used to watch system performance, as well as assist with determining the MTBF (mean time between failures). If we consider the server as one whole component, the MTBF will be reliant on the proper operation of each individual component. Should one component or software application stop responding, then a failure will be recorded. The importance of keeping track of MTBF becomes evident over the lifetime of the server. Trends in product life spans can be determined to best match components within your server environment. Normally MTBF is used to track useful life period of hardware components such as hard drives. Within a server, hard disks are working in a stressful pace. Multiple client requests and RAID implementation often will push hard disks to their limits. Unfortunately, each server’s operating
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Monitoring
389
environment and stress loads create unique situations for each hard disk. A hard disk that operates well in one situation may not in another. Manufacturers will often quote MTBF for their hard drives. This information should be taken in context because your implementation will be different and therefore your results can and often will be different.
What Is Monitoring? Monitoring is the process of watching the effects and outcomes of a computer’s actions. This can include hardware, software, and resources. For example, monitoring resources will allow you to get a clear understanding on how the computer is using (or not using) resources during its daily operations. Monitoring is not a one-time task. It should occur on a regular basis and over a period of time so you can see how the server will perform during all the tasks that it faces. This will include all the varying stress loads (users, Internet, extranet, remote access, backups) and situations that the server will face.
Why Monitor? Through the process of monitoring you are ultimately looking for trends in server behavior. Is there a time when the server seems to be performing poorly? What is happening during this time that could be a reason for this poor performance? What is causing this performance problem? On the other side of the coin there may be times when the server is performing extremely well. Documenting the server settings (including resources used and where) will assist you in creating a baseline. A baseline describes initial server performance and provides a standard against which you can compare future performance. Creating a baseline will involve assessing server performance over a period of time. Based on the varying stress loads, an expected level of performance, or adjusted baseline, can be determined.
How to Monitor Finally a decision must be made on how to monitor. Not only will this require setting up monitoring times but it will also require deciding on what monitoring software and resources you will use. There are a multitude of different monitoring tools available. Some software is included with
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
390
Chapter 12
Performance and Hardware Monitoring
network operating systems, but other third-party software is also available. Which to choose will depend on the complexity of the monitoring required, the operating system, and the desired result. Some of the advanced monitoring software will take aggressive action should performance dip below a baseline. Other software will only record the dip in performance in a log file. The different options available as monitoring tools will be discussed in detail later in this chapter.
Third-Party Monitoring On the store shelves and the Internet are a multitude of third-party utility programs that will provide hardware monitoring. Norton Systemworks, and Norton Utilities, for example, will monitor system performance, as well as data received from the SMART utility (explained below under the “Hard Disks” section). Unfortunately, using a third-party program can lead to other issues such as compatibility with operating systems and installed software. Running these programs creates even more stress on the resources that are being monitored!
What to Monitor Deciding what to monitor will vary depending on the server’s role within the network environment. For example, if the server’s primary role is a print server, then monitoring would include the print service, print queue, as well as the network connection used to give access to the print server. Generally monitoring involves carefully watching a few key areas within the server itself, including processor performance, hard disks, memory usage, and resource usage. These key elements not only provide a core by which the server operates but also support software and operations for the entire network.
Processor Performance Processor performance is obviously a key area of server operation. If the processor is taxed to the point that it cannot run programs, even the operating system will begin to suffer. This can result in an operating system crash or software failure. At best it will result in an extremely slow operation. Processors for high-performance servers generally are unique in their cache size as well as general structure. As you remember from Chapter 3, “Motherboards
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Monitoring
391
and Processors,” there are several server-specific processors, such as the Intel Xeon and Itanium, or the AMD MP processors. Even with these specialty processors, problems stemming from too much workload can grind the system to a stop. Performance monitoring for the processor will assist in watching for this trend and dealing with it before it becomes a serious problem. Monitoring a processor is done through software utilities. Manufacturers for motherboards also provide monitoring tools that will watch motherboard performance, including processor voltages and fan speeds. Most processor monitoring is done through the use of network operating system utilities (covered later in this chapter).
New Server Upgrade When I started my last job, I walked into a room full of new Dell computers and a shiny new Dell server. The hardware (including the network) was completely brand new and installed. One month into running the new equipment we realized that the database-style software used to deliver programs to the desktop computers was literally killing the server. Performance on the client side would regularly grind to a halt and even freeze. This would result in lost data and time. After confirming that the problem was not client-side, I turned my attention server-side. After running some performance tests I realized that when the database program was started, the processor utilization would max out at 100 percent. The memory usage would also reach 100 percent. The server was using all of its power to run the database program, leaving none to do anything else. Unfortunately this server was also responsible for the Internet, e-mail, authentication, file sharing, and printing, but whenever the need for another of these services arose, the server would run out of free resources and lock up. The solution was painfully evident. The server was underpowered. Through performance monitoring I was able to determine that the server required more RAM and a secondary processor. This was painful for the company because this was a new server. Had the people responsible for ordering that server better understood the software demands, they might have made a better choice.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
392
Chapter 12
Performance and Hardware Monitoring
Hard Disk Monitoring Hard disks contain moving parts. With moving parts comes wear and tear. Whether it is the tires on a car or the hinges on a door, everything that faces constant movement eventually wears out and fails. Every time power is applied to a hard disk, the platters spin up to their set RPM. This process creates a cushion of air that then lifts up the read/write heads off of the surface of the platter. When the power is shut down, the air cushion is lost and the heads fall back down to rest on the platters. Normally the heads come to rest on a specific area called the landing zone. The landing zone is used so the head will not land on a section of the hard disk that has information stored on it. However, every time that this start/stop cycle occurs, some wear is applied to the platters. Normally a hard disk will have a minimum of 30,000 to 50,000 start/stop cycles in its lifetime. If you charted a hard disk’s service life, the chart would normally indicate an inverse bell curve: a large number of infant (or new) disk failures, very few failures in drives that are a couple of years old, and an increase in failures in drives that are over five years old. With the multitude of moving parts and the delicate nature of data-storing mechanisms involved, hard disks are normally expected to last five to seven years. Disks commonly last over seven years, but in server environments they undergo an incredible amount of stress (especially in file and database servers). Several tools are available to help you determine—before catastrophic data loss—that a disk needs replacement. Using performance and hardware monitors in assessing your hard disks is not only a good idea but also a must. Most hard disk manufacturers provide software and firmware updates to support disk monitoring and assessing. This diagnostic software will allow you to test and diagnose potential problems with the drives. Most of the diagnostic software is used through the medium of a boot disk. Once the software is downloaded from the manufacturer’s website, it is executed and will create a boot disk containing the disk diagnostics. The computer is then restarted with the diagnostic software, which will perform tests on the drive. Figure 12.1 is a screen shot of Fujitsu hard disk drive diagnostics.
Use the diagnostics provided by your disk manufacturer. Attempting to use a diagnostic program from one manufacturer on a disk from a different manufacturer could result in lost data or damage to the drive.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Monitoring
FIGURE 12.1
393
Fujitsu hard disk drive diagnostics
SMART Disks Beyond diagnostic tools, manufacturers are now incorporating logic into drives that will constantly monitor the disk and act as an early warning system against disk failure or damage. This tool is called Self-Monitoring Analysis and Reporting Technology, or SMART. Available on IDE hard disks, this feature is integrated into the hard disk’s controller and uses sensors to monitor the disk. In order for the feature to work, you must also have a BIOS that supports the SMART disk feature. SMART evolved from an IBM initiative called Predictive Failure Analysis (PFA). Both SMART and PFA are based around the concept that early warning signs of disk failure can be found and reported before the disk fails. This will give the administrator enough time to locate a suitable replacement and copy the data from the failing drive. Unfortunately not all failures are slow progressions that the SMART or PFA technology will pick up on. A chip failure, for example, will be a sudden failure that will occur without warning. This would not be caught by the SMART or PFA utilities.
Memory Monitoring With the price of RAM at an all-time low, out-of-memory errors and memory performance issues are happening less and less. Servers are containing more memory as motherboard manufacturers develop boards that now support gigabytes of RAM. Memory usage should still be monitored. This will ensure
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
394
Chapter 12
Performance and Hardware Monitoring
that as new software is installed the server will continue to perform its tasks as well as cope with the stress of operating the new software. RAM errors fall into two categories: hard and soft. Hard errors are permanent physical damage to a RAM module (commonly a damaged chip, or stuck bit that is returning the same value every time). Hard errors, once they happen, will continue to happen until the RAM is replaced. Soft errors are more sporadic. In a soft error, a problem will occur and then vanish for a period of time. As a result, soft errors are more difficult to diagnose, and they are more common than hard errors. Soft errors result from failing RAM, ESD, or RAM that is poorly matched to the motherboard. Dealing with diagnosing RAM issues is a serious matter. If RAM fails, the system will suddenly come to a halt. Damage to software and operating systems that were running is a serious concern. Traditionally RAM was created in a non-parity format. This means that there is one bit of RAM memory for each bit of data that will be stored in RAM. Therefore eight bits of RAM will store eight bits of data. Parity RAM contains an extra bit of RAM that is not used for data storage but rather for error checking. Parity checking is a rudimentary method of detecting simple, single-bit errors in a memory system. It in fact has been present in PCs since the original IBM PC in 1981, and until the early 1990s was used in every PC. In order for parity checking to work, the BIOS must support parity RAM and have the feature enabled. A newer method of error checking, called ECC (error correcting circuits), began with the Pentium class of computers. Parity checking provided single-bit error detection for the system memory, but did not handle multi-bit errors and provided no means to correct memory errors. ECC will detect both single-bit and multi-bit errors, as well as attempt to correct single-bit errors. Like parity checking, ECC requires a setting in the BIOS program to be enabled.
Resource Monitoring Resources within the server are the last key area of monitoring. Resources fall under the category of IRQ (interrupt request lines), DMA (direct memory access), and I/O (input/output channels). All of these are general system resources that are used by every computer. Servers face more stress in resource management because they implement other network-based programs that can be, and often are, simultaneously accessed by other computers on the network. In earlier times of computing, MS-DOS included a program called MSD (Microsoft System Diagnostics). This simple utility would show which
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
SNMP
395
resources were free and which were in use. At a time when expansion cards were configured manually through the use of jumpers, this was a valuable tool. Modern computers and servers have moved away from manual resource management and ISA cards to BIOS-controlled resources. At times though, resources are still shared among numerous devices. Being able to monitor this sharing and potential problems resulting from shared resources is a must. Figure 12.2 is a screen shot from Windows 2000 Computer Management showing the Conflicts/Sharing monitor under Hardware Resources. Notice how you can view the shared resources. FIGURE 12.2
Windows 2000 Conflicts/Sharing monitor
The Hardware Resources monitor also allows you to view the DMA, IRQ, Forced Hardware, Memory, and I/O information. We will look closer at the Computer Management feature later in this chapter.
SNMP
S
imple Network Management Protocol (SNMP) is a network management specification developed by the Internet Engineering Task Force (IETF), a subsidiary group of the Internet Activities Board (IAB), in the mid 1980s to
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
396
Chapter 12
Performance and Hardware Monitoring
provide standard, simplified, and extensible management of LAN-based internetworking products such as hubs, bridges, and routers. As you found out in Chapter 8, “TCP/IP,” SNMP is part of the TCP/IP suite. If you want to use SNMP, you must be running TCP/IP. SNMP was designed to reduce the complexity of network management and minimize the amount of resources required to support it. SNMP provides for centralized, robust, interoperable network management, along with the flexibility to allow for the management of vendor-specific information. Benefits of SNMP include simplicity of implementation. Being part of the protocol suite, it is easy to install and use. It also does not require large computational or memory resources from the devices that do accommodate it. This limits the use of system resources to manage network devices. SNMP however does have some drawbacks. The performance impact on the network being managed should be considered when using the polling scheme that SNMP relies on for collecting information from distributed agents. A higher frequency of polling, which may be required to manage a network effectively, will increase the overhead on a network, possibly resulting in a need for additional networking or processor resources. Bandwidth can suffer as a result of using SNMP. The frequency of polling can be controlled by the SNMP manager, but can be dependent on what kind of messages (generic or enterprise-specific) a device vendor supports. Many vendors offer generic trap messages on their devices rather than enterprisespecific messages, because that approach is easier and takes less time for the vendor to implement. Devices that provide only generic trap information must be polled frequently to obtain the granularity of information to manage the device effectively.
CMIP
C
ommon Management Information Protocol (CMIP) may be a better alternative than SNMP for large, complex networks or security-critical networks. CMIP is similar to SNMP and was developed to address SNMP’s problems. However, CMIP takes significantly more system resources than SNMP, is difficult to program, and is designed to run on the ISO protocol stack.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
397
The best feature in CMIP is that an agent can perform tasks or trigger events based upon the value of a variable or a specific condition. For example, when a computer cannot communicate with the network print server, an event can be generated to notify the administrator. With SNMP, a notification alert would have to be performed by a user, because an SNMP agent does not analyze information.
Performance Monitoring
O
bjective assessment is based on logical analysis and benchmarking. In this form of assessment, specific tools are used to accurately measure performance of a hardware component. Usually benchmarking is the preferred means of assessing hardware performance. An example would be taking two comparable hard disks and installing them in identical computers. Tests based on software usage and access time can then be gathered and compared. Since the disks are installed in identical computers, any noticed differences must be as a result of the different disks because that is the only variable. There are many different programs that are used to benchmark hardware. High-Level Benchmarks These are programs that use code from popular application software such as web browsers and office suite programs. The idea is to create the stress that standard users would normally create if they were using the hardware. Hardware performance is then measured under these common stresses. Low-Level Benchmarks This type of benchmarking attempts to isolate the component directly and remove any extraneous interference (such as the OS). This type of testing is sometimes discounted by vendors because it does not simulate normal computer use. Real-World Benchmarks This type of benchmark can be performed outside the lab, often by enthusiasts rather than engineers. For example, someone might install several CD-ROM drives in one computer and then measure how long it takes to install a popular game using each drive in turn. The performance of each drive would then be compared and published.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
398
Chapter 12
Performance and Hardware Monitoring
Regardless of the method used to perform the benchmark, you need to remind yourself that the performance that was achieved might not be what you achieve. Even if you had an identical computer, your software and environmental considerations (heat and humidity, for example) will play a role in how your hardware performs.
Caveat Emptor I have seen several computer technicians fall into the trap of purchasing components based on subjective performance and opinions. The worst place to get caught up in these situations is at computer fairs. Manufacturers are at these trade shows with equipment set up and running. Of course they are connecting the equipment to the best computer components that money can buy. The video card they are demonstrating looks fantastic. It will play the latest games with no slowdowns. However, what are the other factors that are influencing that performance? What processor and RAM are installed? Always look for concrete facts on benchmarking of the product. Try to locate information from unbiased sources. You can bet that the manufacturer’s literature will not have anything negative to say about their product.
Network Operating System Utilities NOS performance monitoring software overlaps with the monitoring discussed earlier. Hardware and performance are closely related and the programs that monitor hardware often monitor system performance as well. Performance is a measure of how well the system is doing its tasks. A subjective approach would be to go by the feel of things. “The computer is doing fine because I don’t sense a change in performance.” This may be fine in a desktop environment, but when there are numerous clients accessing a server and they feel differently about the performance, the subjective method does not work very well. The objective approach to performance monitoring is through the use of software programs that will monitor the server’s performance as it relates to the daily routines and tasks that it must perform. Traditionally third-party software was the product of choice due to its advanced features and capabilities; however, new network
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
399
operating systems from Microsoft, Novell, and Unix vendors have provided performance-monitoring software that is as capable if not better than many third-party providers.
NetWare Novell implements several software programs that will assist in monitoring system performance as well as in locating potential problem areas. Network management software such as ManageWise and NetWare Management Portal are used to monitor system and network performance. Novell also offers the Monitor program (which comes free as a part of NetWare). The Monitor program acts as an interface for the administration of the server from a remote console. ManageWise ManageWise consists of a server component and a console component. (This follows along with the Novell structure of remotely maintaining and administering a NetWare server). ManageWise includes several components that are installed on the server: The server half of ManageWise includes the following pieces:
NetWare Management Agent 1.6
NetWare LANalyzer Agent 1.0
The server components of LANDesk Virus Protect 2.1
The server components of LANDesk Manager 1.51
The Net Explorer component of NMS 2.0
Once installed, ManageWise provides several different management services. Server problems are automatically detected, and notification is sent to the ManageWise console, as well as to any other SNMP management program that the server is configured to report to. ManageWise also allows you to monitor and view key areas of server performance including available cache memory, CPU utilization, and disk usage. In addition to detecting server issues, ManageWise will also monitor and detect network problems including analysis right down to the individual packet level. ManageWise can capture and decode packets, and track what
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
400
Chapter 12
Performance and Hardware Monitoring
applications are doing on the network. ManageWise will also monitor network usage and performance. This will allow you to determine how growth is affecting the network, and avoid possible problems such as those discussed in the “New Server Upgrade” section above. ManageWise also protects the network from viruses, on both workstations and servers. Workstations are automatically scanned for viruses when they are powered on, and again when they log into the network. ManageWise also scans every file when it’s opened or closed, and immediately notifies the network administrator if it detects a virus. Infected files are automatically quarantined until the network administrator decides what to do with it. Finally, ManageWise creates an inventory on both hardware and software for each workstation, and stores it in a database. This database is distributed across all the servers on the network, each storing the information for their local workstations. When the administrator, at a ManageWise console, asks for inventory information on a particular device, the ManageWise console automatically queries that device, determines where its inventory information is stored, and retrieves the information. Having information on network hardware and software inventory can help you plan future upgrades. The console part of ManageWise includes the NetWare Management System 2.0 and the console portions of LANDesk Manager 1.51 and LANDesk Virus Protect 2.1. All the console pieces are automatically installed by the ManageWise console install program. The ManageWise console provides the user interface for all of the services discussed above. The console is built around a map of the network automatically generated by ManageWise. For instance, to manage a particular workstation, a ManageWise user simply needs to find the workstation on the map and then double-click it. This will bring up the Desktop Access window for that workstation. From there the user will be able to remotely control the workstation, view its hardware and software inventory data, transfer files to and from the workstation, and so on, just by clicking the appropriate icon in the Desktop Access toolbar. NetWare Management Portal The NetWare Management Portal allows administrators to manage TCP/IP based NetWare servers from any web connection on the network. This provides convenience in management of multiple servers. If you had a network, for example, with several servers distributed throughout the building, the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
401
Management Portal would allow you to assess and monitor these servers through any computer with an Internet connection and browser. Through this management tool, administrators can perform a multitude of tasks including:
Modify and view configuration parameters
Load and unload NLMs (NetWare Loadable Modules)
Start and stop server processes
Check the way server memory is used
View and change registry settings
View and clear server connections
Set parameters for network interface cards, drivers, and disks
View the status of certain processes
Manage disk volume information
Compress large files
Change the attributes of volumes and files
Manage the file system
More information on Novell’s ManageWise, Management Portal, and Monitor are available at www.novell.com.
Unix As mentioned earlier in this book, there are a multitude of Unix flavors. Each flavor has noticeable differences and tweaks that make it suitable for a specific application. With Unix operating systems being created with open source code, third-party software is abundant. Monitoring and performance assessment software are available from a variety of vendors. We will take a look at a few of the more common utility programs.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
402
Chapter 12
Performance and Hardware Monitoring
Ntop The ntop tool shows network usage, and was designed to run on most Unix based operating systems (including Linux). Ntop software will analyze network data traffic and provide the following functions:
Sort network traffic according to protocols
Show network traffic sorted according to various criteria
Display traffic statistics
Show IP traffic distribution among various protocols
Analyze IP traffic and sort the analysis according to the source/ destination
Display IP traffic subnet matrix
The ntop utility will run on fiber, token ring, and Ethernet networks. It will also work over various protocols including IP, IPX, DecNet, AppleTalk, Net BIOS, OSI, and DLC. Figure 12.3 is a screen shot from ntop. Notice the pie chart comparing the types of network traffic. FIGURE 12.3
The Unix based ntop utility displays global traffic statistics
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
403
HardDrake Project The HardDrake Project is a software program that makes configuration of hardware in Linux easier. It provides hardware detection through the use of a hardware detect library. It is run through a simple GUI and supports Ethernet and sounds cards. If you have used Linux before, you are well aware of the difficulty that can arise in installing hardware. The HardDrake Project helps alleviate this issue. Figure 12.4 is a screen shot from HardDrake. FIGURE 12.4
HardDrake Project aids hardware configuration on a Linux-based server
KHealthCare KHealthCare is a hardware-monitoring program that was designed for Linux. It helps to predict possible hardware failures by using hardware monitoring sensors and chips located on most modern motherboards. Most of the ATX motherboards sold today support direct connection to fans and the power supply. Through this means the motherboard controls fan RPMs through voltages. The administrator sets threshold limits on items such as fan RPMs, temperatures, and voltages. If a threshold is breached, an alert can be sent to the administrator or KHealthCare can also be programmed to automatically shut down the server. Figures 12.5, 12.6, and 12.7 are screen shots from KHealthCare.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
404
Chapter 12
Performance and Hardware Monitoring
FIGURE 12.5
KHealthCare General tab
FIGURE 12.6
KHealthCare Monitoring tab
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
FIGURE 12.7
405
KHealthCare Temp Sensors tab
Lm-Sensors The lm-Sensors monitor can monitor the hardware health of a Linux system. Much like the KHealthCare program, lm-Sensors must be run on a system that supports hardware monitoring. Big Brother Big Brother is a bit different than the other monitoring programs discussed. Big Brother actually collects information that is broadcast from other systems to a central location. At the same time Big Brother also polls connected systems over the network. This process creates a redundant method of monitoring system performances over a network. A colorful web-based GUI is used to help decipher the information coming in. Simplicity was the focus in creating this GUI: red is bad and green means all is good. Big Brother is supported on Linux, Unix, and Windows based operating systems. Figure 12.8 is a screen shot from the Big Brother program.
Many monitoring and performance assessment utilities are available for Unix based operating systems. For more information go to www.linux.org/apps/ index.html.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
406
Chapter 12
Performance and Hardware Monitoring
FIGURE 12.8
In a Big Brother screen, green is good
Windows The System Monitor has always been Microsoft’s primary tool for measuring and monitoring system performance. The System Monitor is located in the Administrative Tools folder under Performance. Figure 12.9 is a screen shot from Windows 2000. FIGURE 12.9
Windows 2000 Performance screen highlighting its System Monitor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
407
The System Monitor is based around the use of counters. Counters are the measurable values that are assessed. These values are selected by clicking on the add (+) button located at the top of the System Monitor. A list of counters is then displayed, as seen in Figure 12.10. FIGURE 12.10
Selecting counters in the Windows 2000 System Monitor
If you are unsure of the counter’s significance, then the Explain button will give you more information on what the counter will actually measure. The real excitement comes when you add more than one counter. By adding multiple counters, data can be compared between the counters. Is there a trend in performance degeneration? Do the interrupts per second influence the processor usage time? By collecting and analyzing data from multiple counters at one time, you can establish trends in performance and system behavior. As you see in Figure 12.11, three different counters are running at one time.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
408
Chapter 12
Performance and Hardware Monitoring
FIGURE 12.11
Windows 2000 System Monitor running three different counters
Performance data does not have to be analyzed in real time. Logs can be generated over a period of time and then analyzed at a later time. This will help you learn the trends of the network and resource traffic that your server is facing on a daily basis. It becomes clear that there are specific trends in behavior of the clients that access the server. If your server is providing multiple services rather than being dedicated to one task, then you can determine the performance for each task and make a careful decision on the need for upgrading. For example it is common to find that the server is hit hard for e-mail requests first thing in the morning as everyone arrives at work and checks their email. Later in the day that stress load may switch over to print requests or database requests. How are these stresses handled by the server?
Log files can become extremely large. Make sure that you have plenty of hard disk space to accommodate the file. It is advisable to run the log file for a brief period (such as 10 minutes). Stop the log, and check its size. This number can then be used to calculate the probable total size of your log file based on the length of time that you were hoping to collect data for.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Performance Monitoring
409
When collecting data you need to be conscious of the fact that your monitoring activities are actually increasing the load. Depending on the server’s power (RAM and processor specifically), your results may be affected significantly. Hardware Sensor Monitor Much like the Unix operating systems, Windows network operating systems have numerous third-party programs that will monitor hardware and system performance. The Hardware Sensor monitor (also called Hmonitor) is a shareware program based on motherboards that support monitoring through sensors. Hmonitor will monitor temperatures, fans, voltages, CPU, and thermo controls. It will also provide logs of performance over a period of time. Figures 12.12 and 12.13 are screen shots from the Hardware Sensor monitor. This program supports Windows 9X, Me, NT, 2000, and XP. FIGURE 12.12
Hmonitor screen showing temperature settings
FIGURE 12.13
Hmonitor screen showing thermal throttle control settings
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
410
Chapter 12
Performance and Hardware Monitoring
Remote Notification
Because most servers are secured in a safe environment, they often go for extended periods of time without being checked on. Many servers also have the keyboard, monitor, and mouse removed to prevent unwanted access or tampering. With this limited contact, servers need a means of establishing communication with the network administrator should a problem arise. Throughout this chapter we have identified and explored various means of monitoring and identifying problems related to both hardware and performance. Identification of these potential problems is no good if the information is not received by the administrator in time to take proactive measures. This is where remote notification comes in. Whether it is notification of a potential virus, power loss and UPS takeover, hardware problems, or performance issues, remote notification is an important component of server operations. Even in an environment where there are limited numbers of users and only one server operating, remote notification will ensure that you know as soon as possible that there is a concern with the server. Unfortunately this then places you on a 24-hour standby with the server. The benefit of a remote notification is that if something like a fan fails on a Friday night, you do not have to worry that the server was operating without the fan and potentially overheating throughout the entire weekend. If urgent enough, then you can deal with the issue immediately. Remote notification can take on many different forms. E-mail alerts are a common means of notification that something is not right, but are effective only if you are constantly connected to the e-mail. Remote pager alerts or phone calls are another option. Pagers fit nicely on your belt or pocket and can go with you anywhere.
It Will Find You Anywhere! I had the opportunity to set up a server with remote pager notification. It really does work well. Part of my job found me one day crawling around in the attic running lengths of UTP to expand a network. A fan failure in a server located in another town was able to locate and page me. Since this was a Friday afternoon, I would have otherwise not known about the fan failure until Monday morning. By that time, the system could have overheated and caused other components to fail.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
411
Other forms of remote notification can occur over a network. Network paging alerts can be sent that will inform users and or network administrators that the server is experiencing difficulty. Even if the users are not able to repair the problem, they can at least take precautionary measures to ensure that they will not lose any valuable data. Combining remote notification with hardware-monitoring and performance-monitoring tools will ensure that your server is performing as expected. Should performance fall below established baselines, you will be alerted and can take appropriate action to resolve the issue. Unpleasant surprises are not welcome in the world of server management.
Summary
T
his chapter began with an exploration of hardware monitoring. Monitoring is a key responsibility of the server administrator. Monitoring involves watching system performance in hope of catching potential failures before they become a serious problem. Monitoring is also used to extend the Mean Time Between Failures (MTBF). Monitoring usually involves watching system resources, processors, RAM, and hard disk performance. Monitoring can also be used to watch application performance. Memory monitoring over time will tell you whether the server’s RAM remains adequate for changing conditions and will also alert you to errors. Parity is an extra data bit that is used for error checking. Newer forms of RAM use ECC (error correction code) to monitor errors in RAM. ECC RAM will also attempt to recover from memory errors. ECC also supports checking multiple bits rather then just single-bit errors. Hard disks contain many moving parts, and due to their stressful life, are commonly the devices that will fail within a server. When a hard disk is spun up and then powered down, it is called its start/stop cycle. Most hard disks are guaranteed to live through 30,000 to 50,000 start/stop cycles. Most hard disk manufacturers provide special diagnostic software to assess their hard disks’ performance and current operability. These utilities can be invaluable in monitoring and assessing your hard disk. SMART is a new feature that uses sensors combined with your BIOS and operating system to monitor hard disk performance. SMART technology evolved from IBM’s Predictive Failure Analysis technology.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
412
Chapter 12
Performance and Hardware Monitoring
Resource monitoring involves watching IRQ, DMA, and I/O performance within the server. These resources are used by the server as well as network-based applications. We explained that SNMP is part of the TCP/IP protocol suite. It is a management protocol that is used to assess network performance. CMIP was created to replace SNMP. Common Management Information Protocol uses less overhead (system resources) then SNMP and runs more efficiently. Performance monitoring is based on objective and subjective testing. Objective testing is based on logical analysis and benchmarking. Benchmarking falls under three main types: high-level, low-level, and real-world. High-level benchmarking uses code from popular applications to perform tests. Low-level benchmarking tries to isolate hardware performance independently of other variables. Real-world benchmarking tests performance using real everyday scenarios. Subjective benchmarking is based more on user feel and impressions and is viewed as less credible than objective testing. Network operating system utilities perform assessment and monitoring of both hardware and system performance. NetWare has ManageWise, NetWare Management Portal, and the Monitor utility. Unix, with its many flavors and open source code, has many utilities, including ntop, HardDrake Project, KHealthCare, lm sensors, and Big Brother. Windows’ primary monitor is part of the System Monitor, which graphically displays Performance Counters. Remote notification ties in closely with performance and hardware monitoring. Through remote notification administrators can be alerted to potential problems before they result in system or network failure.
Exam Essentials Know the benefits of monitoring. Monitoring is the process of watching system resources and hardware to maintain an established baseline of performance. Know what a baseline is. Baselines are set standards of expected performance.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
413
Know the key areas that are monitored. This include processor, RAM, resources (IRQ, DMA, I/O) and hard disks. Know the types of memory error control. Parity is an extra bit used to check for RAM errors; ECC is error correction code, which can also attempt to recover from memory errors. Know what SMART hard disks are. SMART (Self-Monitoring Analysis and Reporting Technology) monitors hard disks through motherboard circuits. Be familiar with MSD. MSD (Microsoft System Diagnostics) is software created in the days of DOS that allowed you to assess and view system resources. Know what SNMP is. Simple Network Management Protocol is part of the TCP/IP suite and is used to monitor network performance. Know what CMIP is. Common Management Information Protocol is an improvement over SNMP that runs with less overhead. Be familiar with the different forms of benchmarking. These include high-level (using code from popular applications), low-level (testing isolated components), and real-world (using common everyday situations to test performance). Know the performance utilities for the three main NOSs. NetWare uses ManageWise, NetWare Management Portal, and Monitor. Unix/Linux uses a variety of third-party utilities including ntop, HardDrake Project, KHealthCare, lm-Sensors-Source, and Big Brother. Windows has relied on System Monitor but does support third-party software such as Hmonitor. Know the benefits of remote notification. Alerting administrators by e-mail, pager, or network notification will allow for proactive approaches to dealing with potential problems before they become serious network failures.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
414
Chapter 12
Performance and Hardware Monitoring
Key Terms
Before you take the exam, be certain you are familiar with the following terms: baseline
MSD (Microsoft System Diagnostics)
CMIP (Common Management Information Protocol)
MTBF (mean time between failures)
DMA (direct memory access)
parity RAM
ECC (error correcting circuits)
performance
I/O (input/output channels)
PFA (Predictive Failure Analysis)
IRQ (interrupt request lines)
SMART (Self-Monitoring Analysis and Reporting Technology)
landing zone
SNMP (Simple Network Management Protocol)
ManageWise
start/stop cycle
Monitor
System Monitor
monitoring
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
415
Review Questions 1. What is monitoring used for? A. Watching system performance B. Developing a baseline of performance C. Determining the MTBF D. All of the above 2. What does MTBF stand for? A. Mean Time Between Failures B. Motherboard Terminal Board Format C. Marginal Temperature Base Figure D. Monitoring Temperature Before Failure 3. What is commonly monitored within a server? (Choose all that apply.) A. Hardware B. Software C. Resources D. Peripherals 4. When should monitoring occur? A. Once a month B. When performance is falling C. Regularly D. On a new server only 5. Through the process of monitoring, ultimately, what are you
looking for? A. Hardware failure B. Trends in server behavior C. Problems D. Conflicts Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
416
Chapter 12
Performance and Hardware Monitoring
6. What is a baseline? A. A performance standard against which future performance can be
compared B. Instructions for setting performance levels C. The low point in performance D. The high point in expected performance 7. Specific server hardware that is commonly monitored includes which
of the following? A. Processors B. Hard drives C. RAM D. Expansion card bus speeds 8. Name two categories of RAM errors? A. Hard and soft B. ECC and parity C. SD and EDO D. Faults and crashes 9. What is parity? A. A method of error correcting that fixes hard errors B. An extra bit of data that is used for error detection C. A type of RAM error D. A function of the operating system that repairs RAM errors 10. What does ECC stand for? A. Extra Correction Circuit B. Expandable Correction Code C. Error Correcting Circuits D. Extended Correction Code
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
417
11. In the context of hard disk technology, what is the landing zone
used for? A. It is a location on the hard disk for the read/write head to rest on. B. It is a location on the hard disk where the read/write head orients
itself with the data. C. It is the end of the read/write head on a hard drive. D. It is the location on a hard disk where data is saved. 12. What is the range of start/stop cycles that a hard disk is expected to
survive? A. 20,000 to 30,000 B. 30,000 to 50,000 C. 50,000 to 60,000 D. 20,000 to 50,000 13. What does SMART stand for? A. Self-Monitoring And Repair Technology B. Self-Managing And Reporting Technology C. Self-Monitoring Analysis and Reporting Technology D. Self-Managing Analysis and Reporting Technology 14. What does PFA stand for? A. Performance Failure Analysis B. Predictive Failure Analysis C. Preventative Failure Analysis D. Proactive Failure Assessment 15. Select three resources that are commonly monitored. A. IRQ B. DMA C. I/O D. ECC
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
418
Chapter 12
Performance and Hardware Monitoring
16. What does MSD stand for? A. Microsoft System Diagnostics B. Motherboard System Development C. Microcomputer System Diagnostics D. Monitoring System Defaults 17. What does SNMP stand for? A. Selective Network Management Protocol B. Simple Network Monitoring Protocol C. Simple Network Management Protocol D. Simple Network Monitoring Procedures 18. SNMP is part of what protocol suite? A. IPX/SPX B. AppleTalk C. NetBEUI D. TCP/IP 19. What does CMIP stand for? A. Common Management Information Protocol B. Common Monitoring Information Protocol C. Current Monitoring Information Protocol D. Current Management Information Protocol 20. What commonly used component of the Windows 2000 OS is used to
monitor system performance? A. Device Manager B. System manager C. System Monitor D. ManageWise
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
419
Answers to Review Questions 1. D. Monitoring will provide a means of watching system perfor-
mance, developing a baseline, and determining the MTBF. 2. A. MTBF stands for mean time between failures and is a measure
of the average length of time that a component will operate between failures. 3. A, B, C. Hardware, software, and resources are commonly moni-
tored within a server. 4. C. Monitoring should occur regularly in order to get a clear under-
standing of performance trends. 5. B. Although monitoring will turn up hardware failures, problems,
and conflicts, you are ideally looking for trends in server behavior to proactively deal with. 6. A. A baseline is a standard performance level that you can use to help
troubleshoot a problem. By comparing your server’s future performance samplings against its baseline, you can identify changes. 7. A, B, C. Processors, RAM, and hard disks are commonly monitored. 8. A. Two RAM fault categories are hard errors and soft errors. 9. B. Parity is an extra bit used to detect errors in RAM. 10. C. Although there are several possible names for ECC, the only
possible answer from among the options is C. 11. A. The landing zone is a position on the hard disk where no data is
saved and the head is allowed to rest. 12. B. Normally a hard disk will support 30,000 to 50,000 start/stop
cycles in its lifetime. 13. C. SMART, or Self-Monitoring Analysis and Reporting Technology,
is a hard disk performance monitoring tool used with IDE drives. 14. B. PFA, or Predictive Failure Analysis, is an IBM initiative designed
to monitor hard disk performance. 15. A, B, C. IRQ, DMA, and I/O are the three resources that are
commonly monitored.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
420
Chapter 12
Performance and Hardware Monitoring
16. A. MSD, or Microsoft System Diagnostics, is an old technology used
in manual resource management in ISA busses. 17. C. SNMP, Simple Network Management Protocol, is used to
monitor network performance. 18. D. SNMP is a component of the TCP/IP suite. 19. A. CMIP, or Common Management Information Protocol, was
created to replace SNMP. 20. C. System Monitor is the common utility in Windows 2000 used to
monitor performance.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
13
Managing and Securing the Server Environment COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 5.1 Recognize and report on physical security issues
Limit access to server room and backup tapes
Ensure physical locks exist on doors
Establish anti-theft devices for hardware (lock server racks)
5.2 Recognize and report on server room environmental issues (temperature, humidity/ESD/power surges, back-up generator/fire suppression/flood considerations)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
W
hen you consider the amount of information that is located on servers today, security should be a major consideration when planning the server environment and network. If a resourceful person wanted to bring a company to its knees, all they would have to do is destroy the server. There are numerous precautions that you can take to limit the possibility of server damage from either natural or human causes. Chapter 13 explores the concepts of securing the server environment. This includes environmental and other variables.
Server Room Security
S
ecuring a server room takes a lot more planning and effort than most people realize. Security involves all access to the server including direct and indirect (network and remote connections such as Internet). Simply locking a server in a closet is not good enough. People can remotely connect to a server through a modem or local area connection and cause nearly as much damage as if they were directly using the server. Planning for a secure server environment includes physically securing the server hardware and software, but also securing the system from remote risks.
Securing a Rack-Mounted Server Rack-mounted servers are easier to secure than tower servers because rack servers are bolted into the rack. Special bolts can be used to ensure that they are not easily removed. The entire rack is then secured to the wall and/or floor. If the location has a concrete floor, all the better! Special concrete screws can be used to fasten the rack to the floor. It would then be virtually impossible to move the rack. Besides the server console, other networking
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server Room Security
423
components—including UPS, monitor, keyboard, and mouse—should all be kept in the server rack. Special trays can be purchased that are used for supporting the keyboard and monitor. After all components are securely attached to the rack, a locking door should be attached to the front. This will ensure that the components are completely hands off. Most racks are located within a locking cabinet, which provides protection from all sides. Some cabinets contain fans and grills for cooling, while others are made out of a metal mesh that allows air to flow around the server and other installed components. It really doesn’t matter what the rack system looks like in the end, as long as it keeps curious fingers away from the server. If you have a lot of space or money to spend, the entire rack system can be kept in a dedicated room for the server. This provides an even higher level of security because not only can you prevent people from touching the server, you can prevent them from even getting close to it. A dedicated room should have ample cooling and ventilation to ensure that the equipment will not overheat. If you decide to go the route of a dedicated room, it should be an interior room with no windows. Having your server in a dedicated room with an outside window gives a thief an easy way to break in and take the server. Exterior walls also pose the potential for external disasters. I have seen everything from cars smashing through exterior walls to infestations of ants nesting in the bottom of the rack. Why take the risk?
Securing a Tower Server Because of their physical shape and size, tower servers are more difficult to secure. Larger servers often have options for rack mounting. Special rails can be purchased through the server manufacturer that adapt the server to a rack option.
Wheels? The most ridiculous adaptation that I have seen is a server on wheels. Many servers were built with wheels on the bottom. I guess the idea was that when you needed to move the server you could roll it out for maintenance or other tasks. However, could you make it any easier for thieves? They could just roll the server out the door!
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
424
Chapter 13
Managing and Securing the Server Environment
Another way to secure a larger tower server is to bolt it to the floor. Many of the larger servers do have provision for bolting. However, when you need to perform server maintenance, will you be required to move the server? This method may result in a lot of work at a later date. A dedicated server room is probably the best option to use with a tower server. Remember that if your business expands and your network requires a cluster of servers, you will have more than one server to protect. Having a dedicated server room will allow you to install and place the servers to your liking within the room. Physical security is then left primarily to the quality of the lock on the door and to who has keys to it. Don’t be tempted to set the server up in a closet. I have worked at businesses where they tucked the server away in a closet or under a cabinet in the staff kitchen. Not only are these locations insecure, they also do not provide proper ventilation.
Limiting Server Access After you have decided on a secure installation method for your server, you will need to focus on limiting access to it. Regardless of the type of server (rack or tower) and the method you used to secure it, you will need to decide who has access to it, when they have access to it, and under what circumstances. Limiting server access will begin with deciding on who gets keys. If your server is in a locking rack or a dedicated server room, who will be allowed to access it? It is important that there be more than one set of keys, and more than one person who can access the server, in case the primary person is unavailable. On the other side of the coin you don’t want everyone to be able to access the server either. You may want to select one or two trustworthy people who will hold keys in case you are not available. They should also be trained in what to do in the event of your absence. These tasks will include changing backup tapes, basic troubleshooting, and even rebooting the server. Simple key access to the server room may not be secure enough for you. At times the servers and their data will require more advanced security measures. If you remember back to Chapter 1, “Server Types and Roles,” we discussed a variety of means of providing physical security through authentication. Biometrics has been used extensively in larger corporations that require high levels of security. This includes items such as fingerprint identification, retinal scanning, and voice recognition as a means of identification and ultimately determining access. Swipe cards and smart cards are also used
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Access
425
as a security measure. These cards are preprogrammed and can provide access to a secure location and also can electronically monitor access. Another similar means is using a keypad and code system. This method is not as secure as biometric methods because codes can be stolen or carelessly shared between employees. Besides limiting access, you might also want to consider recording devices to monitor what is actually occurring. Keypad access codes can limit access to specific individuals, but you are still at the mercy of what they are doing. If you also have video recording devices installed, you have physical proof as well as a visual report on what was happening. This can come in handy if there is a discrepancy between the employee testimony and server events. Of all the security access methods mentioned (except the good lock), video recording devices are probably the most affordable. In small-business environments a signout sheet is often used. This “honor system” has staff sign out items that they are going to use and then sign them back in on return. In this environment, security is not a major concern. Usually the password protection on the server is the only security feature installed. The level of security that you implement will reflect the environment that you work in and the potential risks that the server may face.
Remote Access
D
irect physical contact is not the only concern when dealing with servers today. With the ever-growing number of VPN and WAN connections being used, remote access to the server is a serious area of threat. High-speed Internet connections can also provide a door in for remote connections as well as unauthorized access. Careful planning and addressing of security issues when dealing with remote access is a must.
Remote Access Safeguards Remote access has been a blessing in many ways. Information that was once available at the office alone can now be accessed virtually anywhere that you have a phone or Internet line. Unfortunately this also opens the door for serious security breaches. Depending on your operating system, you can set specific limits on remote access. Limits set could include not only allow or disallow connections, but also the time of connection (both time of day and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
426
Chapter 13
Managing and Securing the Server Environment
duration of connection) and file and folder access; you can also set the OS to log each connection. If your business has a large number of personnel that are remotely connecting to the server, implementing these remote access features would be a valuable security measure. Authentication at this point is also critical. Each user logging in to the server remotely should have an individual password and user account.
Passwords Passwords are a strange thing. You were always told when growing up to pick something that is easy to remember. In computer passwords, choosing something that is “easy to remember” is the last thing in the world that you want to do. Personal names or memorable names do not provide for a secure password. Secure passwords are based on the following characteristics:
A combination of alphanumeric characters is used, including mixedcase letters and symbols (e.g., Iron$Steel67).
Passwords are frequently changed.
Password lists are maintained by the server, thus preventing people from selecting the same password twice in a row.
A strict policy on password secrecy is enforced. There should be no shared passwords.
A minimum length of eight characters for a password is required.
Enforce account lockout after three unsuccessful password attempts.
Remote Threats
T
he Internet poses a tremendous threat to server security. If you consider the fact that a hacker can sit in the safety of his or her home and continually attempt to break into a server until successful, this is probably the biggest threat to the server security. In its essence the Internet is nothing more than an immense wide area network. Connectivity is through the TCP/IP protocol suite that opens doors to a multitude of potential security holes. Many of the local area threats are identical to Internet threats so there is some comfort in knowing that
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Threats
427
securing the network against Internet threats will also provide security against local threats also. In order to effectively deal with the potential for attacks through a network (whether local or the Internet) you must first understand the types of attacks and how they work.
Types of Attacks Attacks on networks are done for several purposes. Attackers can be motivated to seek out information from your server. Other times they are looking for the gratification of knowing that they can hack into a computer. At times they are motivated by the knowledge that they are causing harm to someone else. The nature of the attacker and his/her motivation can vary, but the strategies used are similar. Attacks often take on the form of IP spoofing, PING of death, WinNuke, and SYN flood.
IP Spoofing IP spoofing involves sending packets of information with a fake source address through the network or Internet. The server is led to believe that the packets are coming from within the network. Using this method hackers can trick the server into thinking that the hacker’s computer is part of the internal network, and thus gain access. The use of a firewall can help in preventing this form of attack.
Ping of Death The PING of death is a denial of service attack (DoS). A DoS attack prevents any users (including legitimate ones) from using the network. The PING utility is part of the TCP/IP protocol suite and is primarily used to confirm connectivity through sending and receiving responses from another network device. It is a type of echo test. The PING of death involves sending very large packets rapidly, which results in the receiving computer’s buffer overflowing. The result is that the computer will stop responding, or reboot. Patches available from operating system manufacturers that will assist in preventing the PING of death.
WinNuke WinNuke is a hacking method that is only usable against a Windows-based operating system. If your network is using Novell NetWare, or Unix, you are
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
428
Chapter 13
Managing and Securing the Server Environment
not susceptible to this form of attack. WinNuke sends special TCP/IP packets with an invalid TCP header. Windows-based operating systems do not know how to deal with these headers, and the packets will crash the operating system. Microsoft refers to these crashes as “Out-of-Band data.” What results is the blue screen of death, a blue screen with a Windows error. The computer becomes unresponsive and will require you to shut the power completely off and then restart the computer (what is known as a hard shutdown). Because Windows was not shut down properly, you will also have to run a scandisk and most likely repair fragmented files that were open when the crash occurred. Hopefully they are all recoverable.
WinNuke is not only a threat to Windows network operating systems. Any Microsoft operating system is vulnerable to this type of attack, including the desktop operating systems (Windows 95, 98, 2000, Me, and XP).
You can prevent WinNuke from happening by installing a patch from Microsoft. Go to http://support.microsoft.com/servicedesks/ technet/ and then search for WinNuke.
SYN Flood SYN floods are another kind of DoS attack. In normal TCP/IP communication the session is started with a packet containing a SYN flag. This SYN flag requests that the receiving computer reply to confirm that it is ready to start communication. A SYN flood attack involves flooding the receiving computer with a multitude of meaningless packets all containing the SYN flag. The receiving computer attempts to respond to all the requests and in doing so consumes all of its resources. The result is an overburdened computer that can’t respond to any more requests, even legitimate ones. Network operating system manufacturers offer patches to help prevent this type of attack.
Firewalls Whenever you connect a private network to the public network (Internet), you are opening doors for potential threats. In today’s ever-advancing world, remote users and remote connections have become a staple of network activity. Virtual private networks, corporate wide area networks, remote access, and always on Internet connections provide a multitude of
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Threats
429
security holes in a network. Firewalls protect a private network from public network traffic. Firewalls can be hardware, software, or a combination of the two. In its essence a firewall examines data packets to determine if they belong within the network. Access in and out of the private network is granted or denied by the firewall. Many different firewall products are available today. Software firewalls are available as an add-on supplied by the NOS manufacturer, or as third-party software. Hardware firewalls are often called a black box. Black box firewalls sit between the private network and the public connection. Let’s first look at firewall technology a little closer.
Firewall Technology Firewalls can use several different technologies to limit packet and information flow. Some of the more common means are access control lists, dynamic packet filtering, protocol switching, and DMZs (demilitarized zones). Access Control Lists An access control list (ACL) is a list of rules regarding network traffic. ACLs are used within routers to control traffic flow. For example, computer A is allowed to connect to computer B but computer C is not allowed to connect to computers A or B. ACLs work effectively in determining traffic flow rules but, working alone, they are susceptible to IP spoofing and must therefore be used along with other safeguards. Demilitarized Zone A demilitarized zone (DMZ) is a dedicated section of your network that is neither public nor private. It sits between these two areas. Since outside users will access specific servers, such as web and e-mail servers, they are placed in this special zone. The idea is that hackers will also go after these specific servers. By placing them in a segregated area, away from the core of your local area network, you take away the risks. Normally a DMZ firewall computer has three network cards. One goes to the Internet connection, one to the DMZ network computers, and the third goes to your private LAN. Figure 13.1 is an example of a DMZ. The local network connects to the firewall via the network switch. The DMZ also connects through a switch to the firewall. The firewall then connects to the Internet. This prevents direct connection to the Internet by either the DMZ or the local area network.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
430
Chapter 13
Managing and Securing the Server Environment
FIGURE 13.1
This configuration prevents direct Internet connection by either the DMZ or LAN. DMZ
To Public Internet
Firewall
Private Network
Critical servers such as data servers should not be kept in the DMZ, but rather in the private network. Web, FTP, and e-mail servers are normally kept in the DMZ. Protocol Switching Protocol switching is another means of protecting your network from outside influences. The TCP/IP protocol suite, as you know, drives the Internet. Most local networks also use TCP/IP. As you learned in Chapter 7, TCP/IP is the protocol of choice for Windows 2000, Unix, and NetWare 5 and 6. With many of the network attacks relying on the TCP/IP protocol, this creates an easy avenue for an attack to occur. Protocol switching involves two possibilities:
Use a different protocol on the local area network to prevent TCP/IP based attacks from being effective.
Create what is called a dead zone between your local area network and the Internet. This dead zone will contain a different protocol. Using this approach you can still maintain the TCP/IP protocol on your local area network. Figure 13.2 is an example of using dead zone protocol switching.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Threats
FIGURE 13.2
431
Protocol switching using a dead zone Internet using TCP/IP
Dead Zone using IPX/SPX
LAN using TCP/IP
In implementing a dead zone you will have to use two devices, such as routers, to perform the protocol transitions. This can prove to be a costly endeavor because routers are expensive. Dynamic Packet Filtering Packet filtering is the ability of a router or firewall to disregard packets that do not meet set requirements. This process is done through the use of a dynamic state table. The dynamic state table keeps track of all communication sessions between stations inside and outside of the firewall. The list is called dynamic because it is constantly updated as communication sessions are established and ended. Dynamic filtering is highly effective in preventing IP spoofing, because the state table will recognize that someone is trying to use an already established session and block them out. Proxy Servers Proxy servers are in common use today. They act on behalf of an entire network. They are used to mask IP addresses of each of the internal computers that are connecting to the public network. Since some hacking software attempts to identify the IP address of computers on the local area network (which can then be used to attempt to gain internal access), the proxy is a good means of protecting private networks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
432
Chapter 13
Managing and Securing the Server Environment
When a proxy server receives a request, it will first dissect the packet, analyze it, and reassemble it. The request is then sent out onto the Internet. The same dissection process is done when the information is received from the Internet. Proxy servers often offer a variety of added features such as web restrictions, virus monitoring, and tracking features. There are many different types of proxy servers available. The following is a list of the more common types of proxies: IP Proxy will hide the IP address of all stations on the local area network. As requests are made to the public network, the proxy will exchange its own IP address for that of the requesting computer. This makes all requests appear as though they are coming from the one IP address (the proxy). Web Proxy will handle all HTTP requests. Much like the IP proxy this form of proxy will send all web-based requests through its own IP address. Web proxies are also used to filter out HTTP requests as well as files coming in. If you do not want your users to be able to download music files from WinMX, then that can be blocked through the web proxy. Another great feature of web proxies is their caching ability. When a request is granted on a web proxy, a copy of the information is kept for a period of time in a cache file. If another request is made for the same file, rather than going onto the Internet to retrieve it, the proxy will check its cache file. This will dramatically speed up the retrieval of files. FTP Proxy is used to upload and download files between a server and a workstation. FTP proxies offer the same filtering and protection as web and IP proxies. SMTP Proxy is used to handle e-mail requests. SMTP proxies will dissect and examine incoming and outgoing email for viruses as well as content deemed insecure.
Many firewall software programs require at least two network cards to be installed in your server. Be sure to consult the manufacturer on the firewall product that you intend to install prior to purchasing it.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Threats
433
Operating System Firewalls The three NOSs (NetWare, Unix, and Windows) that we discussed in Chapter 7, “Network Operating Systems,” all support firewall software. In this section we will explore the possibilities of each NOS and the common firewall software supported. Unix The majority of the Internet is driven by the Unix operating system. Several flavors of Unix have been created to address the Internet and firewall technology directly. Many firewall products were created with Unix technology. Unix firewall protection can even be configured so that it is the only service running on the server. This is an added deterrent to hackers as there is nothing to see, steal, or damage on the server if the proxy is the only thing running. Unix-based firewalls also offer the greatest flexibility in implementation, supporting over 32 network cards. This allows connectivity to numerous network segments and can control information flow between network segments on the private side as well as the public side. NetWare supports 16 network cards while Windows is limited to 4. In the past a definite downside to the Unix structure was the command line interface. It took people back to the days of DOS (having to remember commands that were typed in manually). Now Unix supports X Window, which will give you a GUI interface with mouse support to interface with the OS and firewall. NetWare NetWare uses BorderManager as its firewall software. BorderManager uses a NetWare administrator snap-in, which allows it to be managed through NetWare’s Administrator utility. BorderManager offers superb client compatibility with support for Windows 95/98, NT, DOS, OS/2, and Mac OS. Combined with the NetWare OS, BorderManager is considered to be one of the best firewall protection systems available. Windows NT/2000 With the security holes present in Windows operating systems, there has been some hesitation in using products such as Windows NT Server as a
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
434
Chapter 13
Managing and Securing the Server Environment
NOS for larger networks. With patches to fix attacks such as WinNuke, many third-party firewall programs have been written. These third-party programs run with NT domain security or with the new Active Directory system in Windows 2000. A major benefit of Windows-based firewall software is that it is managed through the familiar Windows-based interface. Part of Microsoft’s server operating system is Microsoft Proxy, which provides proxy and firewall services in an easy to set up and maintain user interface. The Black Box Firewall Black box firewall implementations use a specific hardware component to perform proxy and/or firewall service. This box contains its own operating system (usually Unix based) and software. It is a self-contained computer with network cards that then plug into the network. You will have to configure a black box during its setup, which is usually done through a command line interface. After configuration the black box basically runs on its own. The advantage of using a black box is the fact that the resource load is taken off the server. Using a proxy can require a large amount of hard drive space for the cache files. Processor and RAM are also used by the proxy, which can become taxing on smaller servers. The downside of a black box is its cost. These devices do not come cheap. It is also another piece of equipment to mount in the rack, or provide physical security for. Another concern is ease of use. Configuration can be complex, especially if you are unfamiliar with the operating system that the black box is using.
Detecting Intrusions It is great to install a firewall and proxy server, but if you are not monitoring what is going on, then the added protection is nullified. Monitoring will ensure that any holes that form in your defense, and any attempts to break in, can be dealt with accordingly. Intrusion detection will take on three forms: active, passive, and proactive.
Active Detection Active detection uses system monitoring to search for hackers or suspicious activity. Some advanced active detection software will also shut down sessions that appear to be suspicious. Some active detection products available include Cisco’s NetRanger, Memco’s SessionWall, and SATAN.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Temperature and Humidity Issues
435
Passive detection Passive detection involves using devices that will monitor network or server activity but nothing more. These forms of detection will use log files to store attempts to break into the network but not take any action. Passive detection will require frequent visitation by network administrators to check the log files for suspicious activity.
Proactive detection Proactive defense involves analysis of your network to determine possible openings for threats before they can occur. This is commonly done through careful research and planning. The network administrator must be constantly researching and preparing for all known plans of attack. Programs such as SATAN allow you to scan your network and assist in identifying security holes. These can then be fixed before the hackers can find them.
Temperature and Humidity Issues
T
emperature and humidity are controllable environmental conditions. You might not think that they have anything to do with managing and securing your server environment but they actually do. Managing your server environment also includes controlling environmental variables as much as possible. Extremes of both temperature and humidity can be a serious threat to the daily operations of your computer. Much like people, servers prefer a small range of temperature and humidity. Extreme changes in temperature and humidity will have negative consequences on your server’s operation.
Temperature Temperatures in the environment around your server should be kept at 70 degrees Fahrenheit. Computer components that run in a hot environment will not last as long as components that run in a cooler one. However, extreme cold will also have negative results on performance. Remember that many of the mechanical components (hard disks, fans, optical drives) use a lubricant on their moving parts. Extreme cold temperatures can cause the lubricants to become too viscous. This will result in added stress to the motors and gears that turn these components.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
436
Chapter 13
Managing and Securing the Server Environment
Lower temperatures also create an environment where ESD becomes more of a threat. Electrostatic discharge is a serious threat to computer components. More information on ESD is found in Chapter 15, “Disaster Recovery.”
ESD As I have been sitting here writing this chapter, I can honestly say that you do not have to be working within your computer to see the consequences of ESD. I recently got up from the chair to stretch. When I sat back down and touched the mouse, I felt a shock and the computer rebooted. ESD traveled from my hand through the mouse to the computer and caused a hard shutdown. Lucky for me I saved my work before the shock occurred!
An often-overlooked area with temperature occurs overnight. Many offices program their thermostats to turn the air-conditioning system off overnight, because there is no one in the office at that time. The temperatures within the office can climb quickly (especially if your office is in an urban setting with lots of concrete) resulting in your server working in a stressful setting throughout the night. Add to this that servers are often performing major tasks through the night such as data backups, and you are taking a big risk. You should also be cautious of running equipment that is extremely cold before it has a chance to slowly warm up to room temperature. Although you will not take your server out into the freezing cold of winter, you might be carrying removable hard drives, optical disks, and magnetic media for tape backup drives. Any new hardware that arrives after being exposed to extremely cold temperatures should be allowed to warm up to room temperature naturally before using. A serious risk of component damage occurs when condensation forms on these components from rapid warming in the presence of water vapor. Condensation can damage sensitive components or cause a short circuit to occur.
Humidity Humidity poses threats similar to those posed by temperature extremes. Computers prefer 50 percent relative humidity. More-humid environments
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Power Issues
437
can result in condensation, while less-humid environments create a higher potential for ESD. The worst combination is low temperatures and low humidity. For those of you who live in areas that receive snow in the winter months, you know that static electricity is much more common during the cold months. Laser printers, for example, begin to jam more as pages become stuck together with static charges. Humid air is also more difficult to cool. This will cause the fans to spin at a higher RPM and still not be able to move heat away from the server adequately. Working in such an environment can lead to shorter MTBF (mean time between failures).
Power Issues
P
ower issues include concerns with electricity coming in from the wall to the server, as well as power control within the server itself. Electrical problems are often the result of low electrical power, or large bursts of electrical power. Both extremes of electricity are potentially harmful for an operating server. Low electrical supply is often called a brownout or sag. This is a dip in electrical current. You may have experienced a brownout, or sag, in your home when someone turned on a high-power-consumption item such as a vacuum cleaner. The lights within the room would dim. The effects of a brownout or sag on a server include stress on operating components such as cooling fans and hard disk motors. Most brownouts are temporary and after a few moments the power will increase back to normal levels. At times, though, brownouts may be the result of an overloaded circuit. If at all possible, a server should be on a dedicated electrical circuit directly from the electrical panel. This will ensure that brownouts originating within your building can be avoided. A complete loss of electrical power is called a blackout. In the case of a blackout there really is nothing you can do. The electrical power is lost until the source of the problem can be located and repaired. Power spikes and power surges are the opposite of a brownout. A power spike is a brief intense gain in electrical current. You can also experience power spikes in your home. During the early evenings (from 5 P.M. till 7 P.M.) you might find that the lights in your home can at times brighten for a second or two. This is a power spike. It is caused by the multitudes of people who
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
438
Chapter 13
Managing and Securing the Server Environment
are arriving at home and using high-energy-consumption appliances to make their supper. As the demand for electricity is increased and decreased with these appliances turning on and off, the electricity being supplied through the wires also fluctuates as it tries to meet the demands. A power surge is an increase in power, much like a power spike, but it lasts from a few moments to a few minutes. Both power surges and power spikes are extremely dangerous for servers.
Surge Protectors A surge protector is a must for every server. Realistically a surge protector should be used to protect every electronic device in your office or home. These simple devices contain a special electronic circuit that monitors the incoming voltage level and trips a circuit breaker when the overvoltage reaches a certain level. The level is called the overvoltage threshold. Care must be taken when selecting your surge protector because many have a threshold that is set too high. Always purchase a surge protector that is specifically created for computer use.
Line Conditioners Line conditioners provide better protection than surge protectors when dealing with surges and spikes. Line conditioners use several electrical circuits to clean the electrical signals that are coming in. They are effective against power spikes, surges, and brownouts. A UPS is an example of a line conditioner. Issues with “dirty power” can also be rectified with line conditioners. Dirty power contains signals that are from other devices, such as fluorescent lighting, that have strayed into the electrical line.
RFI RFI (radio frequency interference) is caused by interference between server operation and radio signals. This can be a result of a nearby radio or television, cellular device, or two-way radios. Using high-grade shielded cables will assist in eliminating problems resulting from RFI. If you are using external SCSI hard drives, you should definitely look at spending the extra money to purchase shielded external SCSI cables. This will protect data being saved to the external drives. Another solution to combat RFI is to use fiber optic cabling. Fiber cable is completely immune to RFI as well as EMI (see the following section).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Power Issues
439
EMI EMI (electromagnetic interference) is caused by interference from magnetic fields. The result can be a temporary problem or, if the computer is left within the field for an extended period of time, a permanent one. Sources of EMI include electrical motors, transformers, electrical panels, and heaters. Key components within your server that can be affected include hard disks, floppy disks, and network data traffic.
EMI Influence I have seen the effect of EMI firsthand. I once had a client bring me his computer tower after the hard disk became corrupted. After formatting and rebuilding the operating system and data on the hard disk, I returned the computer to him. Oddly enough, it was only a month later that he returned with the same problem. Once again I reinstalled his OS and programs. This time I assumed that it was user error so I spent some time with him in using his computer, including properly shutting down Windows to prevent OS corruption. However, like the song, The Cat Came Back, he returned approximately one month later with the same problems. At this point we were both getting annoyed. I rebuilt the computer yet again. This time I delivered the repaired computer to his home. He was not there but his wife asked me to set it back up for him. She then proceeded to guide me to the basement where he had his computer desk right under the electrical panel. He was plugging his computer right into an outlet directly on the electrical panel. EMI from the electrical panel was causing data corruption on his hard disk. Eventually, within a month, the corruption had been spreading to the point where it damaged his operating system.
UPS/SPS A UPS (uninterruptible power supply) will provide protection against brownouts, blackouts, spikes, and power sags. A UPS consists of a battery and line conditioner. Electricity from the wall enters the UPS and is filtered through the line conditioner. From there the power charges the battery. The server runs off of the battery. If the electrical power fails, then the server continues to run off the battery until power is restored or the battery is depleted.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
440
Chapter 13
Managing and Securing the Server Environment
Software is used in combination with the UPS to alert users, as well as the administrator, that the server is running on battery power. Software can also gracefully shut the server down. This will include exiting all programs that are running, as well as the operating system, before the battery is depleted. An SPS (standby power supply) is similar to a UPS except that it uses a switching circuit to switch between AC (alternating current) and DC (the battery system). If a power drop occurs, the circuit will switch the server to run on battery power. The major problem with an SPS is that if the circuit does not react fast enough, power to the server can be lost and the server will experience a hard shutdown. A UPS is preferred to the SPS because there is less chance of the server facing an abrupt shutdown if it is on a UPS.
Summary
The chapter began with the physical aspects of server security. This includes ensuring that the server is safe in its location. With a rack-mounted server, this is an easy job because everything bolts into the rack, which should then be bolted to the floor. Rack-mounted servers can also have a locking door on the rack, which will limit physical contact with the server and other components in the rack. Tower servers are more difficult to secure, because they are bulkier than rack-mounted servers. Provision can be made to mount these servers within a rack system or bolt them directly to the floor. The best solution is creating a dedicated server room. This room should not have any windows (to prevent break-ins) and should include security measures to limit physical access, such as a strong door and lock. Limiting server access covers several advanced measures that can be incorporated to ensure that only authorized personal are entering the server room and accessing the server. These methods include biometrics, swipe cards, smart cards, keypads, and video recording equipment. Remote access is becoming a staple in most server operations. Remote users connect to access data files and e-mail, and to perform tasks. Securing remote access to servers involves using secure passwords that are frequently changed, and enforcing a strict policy on password and network use. Remote threats include IP spoofing, PING of death, WinNuke, and SYN flood. Each of these attacks can occur through the private network or come
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
441
in from the Internet (or public network). IP spoofing involves sending packets of information to the server with a fake source address in hope of tricking the server into believing that the hacker’s computer is part of the private network. The PING of death is a type of denial of service attack. The idea is to overload the server with packets in hope of forcing the server to crash, or at least stop responding. WinNuke attacks Microsoft operating systems. It uses the operating system’s inability to effectively deal with invalid TCP/IP packet headers. The result is a blue screen of death and an operating system that stops responding. SYN flood is another form of denial of service attack. It involves flooding the server with TCP/IP packets requesting a reply. The server will become overrun with these tasks and unable to process private network requests. Firewalls protect private networks from public traffic. Firewalls can be software, hardware, or both. Firewall technology use access control lists, demilitarized zones, protocol switching, and dynamic packet filtering to perform their job. Access control lists are a set of rules regarding network traffic. A demilitarized zone is a dedicated section of the network that is available to the private and public networks; located in these zones are web, FTP, and e-mail servers. Protocol switching uses a dead zone to switch to another protocol in hopes of creating a barrier that hackers cannot penetrate. Dynamic packet filtering happens when a firewall identifies suspicious packets; this is done through a dynamic state table that is constantly updated with new connection sessions that are occurring in the private network. Proxy servers are another line of defense in securing your network. A proxy server submits requests on behalf of the private network. Common forms of proxy servers include web, IP, FTP, and SMTP. Operating system firewalls include proprietary and third-party software that is used as part of the network operating system. Unix supports many third-party proxy services and is the driving force behind many web servers. Novell offers BorderManager as well as third-party proxy support. Windows servers are often considered the weakest of the operating systems in terms of security breaches, but Microsoft does offer Proxy, which is an easy-to-use and easily set up proxy service. Black box firewalls take the strain of the firewall service off of the server and into a dedicated separate device. Most black boxes are configured with a Unix operating system and are self running (once configured). Intrusion detection is based around three areas: active, passive, and proactive detection. Active detection involves software that constantly scans the server and network for specious activity. If found, an alert can be sent, or the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
442
Chapter 13
Managing and Securing the Server Environment
software can even shut down the communication session. Passive detection will only record suspicious activity in a log file. It is then up to the administrator to locate and repair these security holes. Proactive detection involves analyzing your network and locating the security breaches before they are discovered by hackers. Once located, the problems can be fixed or secured before hackers attempt to break in. Temperature and humidity are controllable environmental conditions. Ideally temperature should be kept at 70 degrees Fahrenheit. If the temperature is too high, the server will not be able to cool the components properly and the MTBF will drop. If the temperature is too cool, the chances of ESD rise and moving components can become stiff, putting extra stress on the motors that operate them. Humidity can also cause harm within a server. High levels of humidity can lead to condensation on components, resulting in a short circuit. Low levels of humidity will increase the chances of ESD damage. The ideal humidity is 50 percent. Power issues include low voltage problems (brownouts and failures) as well as overvoltage problems (spikes and surges). Both undervoltage and overvoltage problems can be addressed through the use of surge protectors, line conditioners, and UPSs (uninterruptible power supplies). Other impacting factors include RFI (radio frequency interference) and EMI (electromagnetic interference). Both can be problematic in data safety as well as component failure if exposure is extended. Ensuring adequate server power involves the use of a UPS or SPS. A UPS is preferred over an SPS (standby power supply) because the UPS is more effective at preventing a hard shutdown resulting from a sudden power loss.
Exam Essentials Be able to plan for a secure server environment. This includes direct contact security (hardware and software) as well as remote access threats. Know the methods to limit access to the server. Be familiar with security measures such as biometrics, swipe cards, smart cards, and keypads. Know the elements that make for a strong password. This includes incorporation of both alpha and numeric characters, frequent password changing, setting minimum password lengths, enforcing account lockouts on failed attempts, and establishing a strict password policy.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
443
Know the different types of server attacks. Some common server attacks include IP spoofing, PING of death, WinNuke, and SYN floods. Be familiar with what firewalls are. Firewalls protect private networks from public network traffic. Understand common firewall technology. This includes access control lists, demilitarized zones, protocol switching, and dynamic packet filtering. Know what a proxy server does. Proxy servers act on behalf of the entire network. Their purpose is to mask IP addresses of the internal devices on the private network. Be able to explain a black box firewall. A black box firewall is a separate component that attaches to your network. It contains its own operating system (normally a Unix operating system), which runs independently of the server. Know the three main categories of detecting network intrusions. Three main intrusion detection categories are active, passive, and proactive. Be familiar with the effects of extreme temperature and humidity on server operations. Temperature and humidity must be maintained at specific levels for optimal server performance. If the temperature and humidity stray too far up or down from the acceptable levels, server hardware performance can be jeopardized. Preferred levels are a temperature of 70 degrees Fahrenheit and 50 percent humidity. Know common power issues. This includes brownouts, blackouts, power sags, spikes, EMI, RFI, and surges. Know the preventative hardware available to deal with power issues. Surge protectors, line conditioners, SPSs, and UPSs are common devices used to cope with power issues.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
444
Chapter 13
Managing and Securing the Server Environment
Key Terms
Before you take the exam, be certain you are familiar with the following terms: demilitarized zone
PING of death
access control list
power spikes
authentication
power surges
biometrics
protocol switching
brownout
proxy servers
denial of service attack (DoS)
remote access
dynamic state table
RFI (radio frequency interference)
EMI (electromagnetic interference) smart cards ESD
SPS (standby power supply)
firewall
surge protector
IP spoofing
swipe cards
line conditioners
SYN flood
packet filtering
UPS (uninterruptible power supply)
passwords
WinNuke
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
445
Review Questions 1. Which form of server is generally easier to secure? A. Rack serves B. Tower servers C. Desktop servers D. Component servers 2. Besides the server, which of the following items should be kept in the
rack? (Select all that apply.) A. Monitor B. Keyboard C. UPS D. Mouse 3. Can tower servers be rack mounted? A. Yes B. No C. Depending on form factor (AT, NLX, or ATX) D. Depends on manufacturer 4. Which of the following is an example of biometric security? A. Video camera surveillance B. Swipe card entry C. Keypad entry D. Fingerprint scanning 5. Besides limiting server access, what else might a network administra-
tor use to monitor server access?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
446
Chapter 13
Managing and Securing the Server Environment
A. A sign-in sheet B. Warning signs C. Video recording devices D. Firewall software 6. Which of the following is an example of remote access to a company
server? A. A user connecting to a web page B. A user checking his e-mail when at home C. A user retrieving data from the server when at home D. A user sending files to the server though the Internet e-mail system. 7. Which of the following example is a secure password? A. Iron$Steel13 B. Betty C. 53995 D. Porsche 8. Which of the following does not meet secure password standards? A. Enforcing password lockouts after three unsuccessful attempts B. Enforcing regular password changes C. Creating a log of all user passwords for administrative purposes D. Preventing users from using the same passwords 9. What is IP spoofing? A. Sending fake packets in order to trick the server into believing that
you are inside the network B. Sending multiple IP packets in an attempt to overrun the server C. Requesting multiple replies from the server in an attempt to over-
run the server’s buffers D. Sending special TCP/IP packets with invalid headers in an attempt
to crash the server’s operating system
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
447
10. What is a PING of death? A. Sending fake packets in order to trick the server into believing that
you are inside the network B. Sending multiple IP packets in an attempt to overrun the server C. Requesting multiple replies from the server in an attempt to over-
run the server’s buffers D. Sending special TCP/IP packets with invalid headers in an attempt
to crash the server’s operating system 11. What is WinNuke? A. Sending fake packets in order to trick the server into believing that
you are inside the network B. Sending multiple IP packets in an attempt to overrun the server C. Requesting multiple replies from the server in an attempt to
overrun the server’s buffers D. Sending special TCP/IP packets with invalid headers in an attempt
to crash the server’s operating system 12. What is SYN Flood? A. Sending fake packets in order to trick the server into believing that
you are inside the network B. Sending multiple IP packets in an attempt to overrun the server C. Requesting multiple replies from the server in an attempt to
overrun the server’s buffers D. Sending special TCP/IP packets with invalid headers in an attempt
to crash the server’s operating system 13. What is DoS? A. Directory of service B. Denial of service C. Disk operating system D. Drive of system
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
448
Chapter 13
Managing and Securing the Server Environment
14. What does a firewall do? A. Protects a private network from the public Internet B. Prevents viruses from attacking your computer C. Scans your network for errors D. Blocks all incoming network signals 15. What are access control lists? A. Rules for Internet connections and communication B. Rules for TCP/IP communication on a network C. Rules regarding network traffic D. Rules for establishing and maintaining a communication session 16. What is a DMZ? A. A section of your network that is most secure B. A dedicated section of your network that is neither public
nor private C. A type of security feature that requires granted access to use D. A standard security feature created by the U.S. military for
network communication 17. What is protocol switching? A. Adding another protocol between the private network and the
public network B. Using a less common protocol to communicate with your servers C. A means of masking your internal protocol through the cover of
another protocol D. Using different protocols between clients and servers
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
449
18. What do dynamic packet filters use to keep track of communication
sessions? A. Log files B. Dynamic state tables C. Access lists D. RAM 19. What does a proxy server do? A. Perform tasks on behalf of the network B. Block DoS attacks C. Hide network traffic D. Create a secure environment to run your server in 20. Which of the following are categories of intrusion detection methods?
(Select all that apply.) A. Active B. Passive C. Proactive D. Black box
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
450
Chapter 13
Managing and Securing the Server Environment
Answers to Review Questions 1. A. Rack-mounted servers tend to be easier to secure due to their
shape and design. 2. A, B, C, D. All items linked directly to the server should be kept
within the rack. This will ensure that when the rack is locked no access to any server components will be allowed. 3. A. Most tower server manufacturers offer a rack mount feature for
their tower servers. These rails can be purchased separately and added to the server. 4. D. Fingerprints are one means of biometric identification. Biometric
identification is based on using unique human characteristics as a means of identifying people. 5. C. Monitoring servers often will include the use of video recording
devices. This will assist if a discrepancy arises as to who was using the server. 6. C. The only option presented that creates a remote connection to the
company server is C. All the other options that are presented are accessing the public network. 7. A. The only option presented that meets secure password require-
ments is answer A. Secure passwords should be at least eight characters long, and contain both alpha and numeric characters. 8. C. By maintaining a list of user passwords, you are jeopardizing net-
work security. Should someone see this list, they would be able to gain access to the network. 9. A. IP spoofing involves sending fake packets to trick the server into
believing that you are inside the private network. 10. B. The PING of death is a method of overrunning the server’s buffers. 11. D. WinNuke is only effective on Windows operating systems. It is an
attack against the operating system that will result in the OS crashing. 12. B. SYN floods involve sending multiple packets with a SYN flag in an
attempt to overrun the server’s ability to respond to requests. 13. B. DoS is the acronym for denial of service attack. It is a means of
overrunning a server so it will not be able to perform any tasks.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
451
14. A. Firewalls protect your private network from public Internet
access. They can comprise hardware, software, or both. 15. C. ACLs are rules that govern network traffic. They are used by
firewalls to control network access. 16. B. A DMZ, or demilitarized zone, is a dedicated section of your
network that is separate from the private and public networks. By placing e-mail and web servers in the DMZ, you are placing them at risk but taking the risk away from your private network. 17. A. Protocol switching is the process of using a different protocol
between the private network and the public network. 18. B. Dynamic packet filters use dynamic state tables to keep track of
communication sessions. These tables are constantly being updated. 19. A. Proxy servers perform requests on behalf of the entire network.
These can include IP, web, e-mail, or FTP services. 20. A, B, C. Active, passive, and proactive are the three main categories
of intrusion detection.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Backups
14
COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.7 Install service tools (SNMP, backup software, system monitoring agents, event logs, etc.) 3.1 Perform full backup
Verify backup
4.1 Perform regular backup 6.4 Identify and correct misconfigurations and/or upgrades 7.1 Plan for disaster recovery
Plan for redundancy (e.g., hard drives, power supplies, fans, NICs, processors, UPS)
Use the technique of hot swap, warm swap, and hot spare to ensure availability
Use the concepts of fault tolerance/fault recovery to create a disaster recovery plan
Develop a disaster recovery plan
Identify types of backup hardware
Identify types of backup and restoration schemes
Confirm and use off site storage for backup
Document and test disaster recovery plan regularly, and update as needed
Please see Chapter 12 for further coverage of CompTIA objective “Install service tools,” Chapter 9 for further coverage of objective “Identify and correct misconfigurations and/or upgrades,” and Chapter 15 for further coverage of objective “Plan for disaster recovery.”
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
T
his chapter looks at backup devices and backup strategies to protect the data if a complete system failure occurs. This data protection is normally done through regular, scheduled backups of the server data. On the surface, backing up your data seems like a simple enough process: Select a backup device, install it, put in the backup media, and let it run. Rarely though is it so simple. Careful selection of backup hardware, software, and media must take place to best match the environment that the server operates in. You need to consider the capacity of the backup drive and the speed at which it will perform, the software’s ease of use and interoperability with your network, cost of the media, cost of the backup unit, and reliability of the drive.
Backup Defined
A
backup is nothing more than a duplicate of all files and folders on a hard drive. This duplicate would be needed in case of damage or unwanted change to the original. The key is unwanted change. Businesses often need to restore data from a backup after an unwanted change has occurred to the running copy. For example, a corrupted database can be corrected by restoring from the backup copy. Consideration must be taken before doing this restoration since the time that elapsed from the last backup to the point of restoration translates to lost data. There are many different backup devices and programs available, but generally they all perform the same tasks in roughly the same way: The backup software is installed and configured to run with the backup device. The software is then pointed to the drive on which the data to be backed up is located, the destination of the data is selected, and finally the backup is set to start. Before getting to this stage though, you will have to decide which backup device best serves your needs, so let’s begin there.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Devices
455
Backing up vs. archiving: These two terms are often confused. Making a backup means creating another copy of your data, usually on a removable storage device that is kept in a safe place. Archiving means preparing data for long-term storage. For example, you can compress and archive unused sections of a database. Archiving files does not copy them over to a removable storage device for safety; backing them up does.
Backup Devices
I
n the earlier days of personal computers, backups were done to one medium only—the floppy drive. Operating systems included a simple backup program for backing up data from a hard drive onto floppy disks. When hard drives held only 5 or 10 megabytes, this was an adequate solution. This method was cheap (requiring you to purchase only floppy disks) and simple to run. Once the data was backed up, the floppies could be stored in a safe location. As technology advanced, backing up to floppies became impossible. Remember that a floppy disk can hold no more than 2.88MB. New applications and operating systems resulted in file sizes that made the floppy disk an unsuitable method of backing up data. Today there are a multitude of different devices available to back up data. Magnetic tape, DAT (digital audio tape), DLT (digital linear tape), optical disks, and removable hard disks are all currently used. What is paramount is that the data being backed up can be removed. The RAID configuration discussed in Chapter 5, “Fault Tolerance and Redundancy,” is an important means of maintaining data availability when the server is running, but if there is a complete system failure (resulting from fire, flood, or other natural disaster, or from malice), then the information on those hard drives becomes inaccessible. A backup device lets you copy your data and then take the copy offsite for security. Gaining popularity is the optical drive. Optical drives use a laser to read (and write) to compact disks. Optical disks are made out of a thin film compressed between layers of plastic. Unlike magnetic media, there is no contact between the drive and the disk in optical devices. The laser reads information from the disk without coming into contact with the media. This
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
456
Chapter 14
Backups
not only limits drive wear, but also improves the longevity of the optical media. Provided that the optical media is not scratched or physically broken, it will last indefinitely. There are currently two main forms of optical drives in use today, CD-RW and recordable DVD. The CD-RW (CD-Rewritable) is becoming the device of choice for small networks. With the price of optical devices and media dropping, CD-RWs provide an affordable way to back up data quickly and securely. Another real benefit of this method is the long-term life span of the CD. Once the data has been backed up to the disc, the disc remains virtually indestructible, as opposed to data on magnetic tape, which can be damaged by magnetic disturbances. Although media sizes are increasing, CD technology is currently limited to less than a gigabyte on one CD. Recently a recordable DVD drive has been released. Several different variations on disk capacity and drive technology with recordable DVD are currently in development and initial release. Once standardized, this technology will offer optical disk backups with gigabytes of storage on one disk. One DVD standard that is becoming a leader in future DVD standards offers 8 gigabytes of storage on one DVD media disk. Compared to the 1.44MB of available space on a standard floppy disk, it is clear to see how the DVD technology is of great interest for many users. Removable hard disk drives are another option for backing up data, but the costs outweigh the benefits (especially when compared to the other possible methods of backing up data). Removable hard drives are mounted within a case on rails that allow it to slide into an opening on the computer. Connectors at the back of the case allow for connectivity to the computer. When you leave you can simply slide the hard drive out and take it with you. Care must be taken with the drive to prevent rough handling. Of these available devices, magnetic devices are the most popular. This includes the DAT and DLT drives as well as portable drives such as Iomega’s Zip and Jaz drives. These media hold large amounts of data (tens of gigabytes on one cartridge), the replacement cost of the media is reasonable, and in general the media are reliable. Iomega offers products ideal for small-business and personal backup solutions. Available as both an internal and external device, the Iomega Zip and Jaz are affordable backup solutions. The Zip drive is available in 100MB and 250MB options, while the Jaz is available in 1GB or 2GB sizes. Iomega media is readily available at most retail outlet stores at a competitive price. External drives interface through a USB port to the computer, and the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Devices
457
included backup software is simple to use. Unfortunately, for medium to large businesses, 2GB of storage space on a disk is too small. Further information on the Iomega products can be obtained through www.iomega.com. DAT and DLT drives are capable of backing up extremely large amounts of data and are widely used by medium to large businesses. DLT cartridges hold 75GB or more. DAT drives are also available in an autoloader. This interesting invention is similar to a multi-disc CD player except that it houses multiple tapes. If your server contains more data than will fit on one tape, then this device will rotate and select the next tape after the first one has filled up. This eliminates your having to wait to change tapes manually. Table 14.1 outlines the various types of backup devices and their common capacities. TABLE 14.1
Common Backup Devices and Capacities Device
Capacity
Floppy drive
1.44MB, 2.88MB
Iomega Zip
100MB, 250MB
Imation SuperDisk
120MB
Removable hard disk
Varies (80GB common)
Iomega Jaz
1GB, 2GB
Sharq drive
1.5GB
Syquest cartridge
1GB, 1.5GB
CD-RW
650–800MB
DVD
4.7–17GB
QIC
100MB and up
DAT drives
Gigabytes
DLT drives
35GB and up
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
458
Chapter 14
Backups
Backup Methods
There are four different backup methods from which to choose for your backup strategy. Each method has benefits and drawbacks. Which method you choose depends on how much data needs to be backed up each time and how much time is available for actually doing the backup. Although it may seem best to do a full backup every day, it might not be physically possible. Some backup software, for example, will not back up files that are open or currently in use. If your backup takes several hours to perform, then a backup during business hours will not work. If your business works on a 24-hour basis, then a full backup every day is not possible and you should choose another strategy. Let’s look at the available backup methods.
Full Backups A full backup is simple. Every time a backup is performed, all data is backed up without skipping any files. The immediate benefit to this backup type is that only one tape (or group of tapes if more than one is needed) is used. Should the need arise to restore, only one tape (or group) must be located and used. Full backups are the simplest type to perform, but they are also the most time consuming because all data is being backed up every time the process is performed. If you back up every day, then a full backup will occur every day. With each of these daily full backups, information that has not changed is also being backed up. For this reason, full backups are not the most efficient. Figure 14.1 shows the data being backed up for a full backup schedule. Each day of the week represents a typical backup schedule. As most businesses operate on a Monday to Friday cycle, a full backup schedule would involve performing a full backup on each of these days. Since the office is not open on Saturday or Sunday there is no need to perform a backup on these days. Notice that the amount of information being backed up (expressed in gigabytes) is the same each day.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Methods
FIGURE 14.1
459
Full backup schedule 30GB
20GB
10GB
Monday
Tuesday
Wednesday
Thursday
Friday
Differential Backups With this backup strategy, a full backup is done periodically (usually once a week), and a more-frequent backup (usually daily) is done only to those files that have changed since the last full backup. Should there be a need to restore, you will need the last full backup and the most recent differential backup. The backup software uses an archive bit to achieve this. The archive bit is an attribute that is modified each time a file is accessed. When the differential backup starts, it looks for the changed archive bits and backs up these files only. When the next full backup is performed, the archive bit is cleared and the process starts over again. Figure 14.2 shows a differential backup schedule. Notice that in a differential backup schedule the information being backed up grows each day until the full backup is reached again. A full backup has been performed on Monday; each other day is a differential backup. FIGURE 14.2
Differential backup schedule 30GB
20GB
10GB
Monday
Tuesday
Wednesday
Thursday
Copyright ©2002 SYBEX, Inc., Alameda, CA
Friday
www.sybex.com
460
Chapter 14
Backups
Incremental Backups An incremental backup schedule is the fastest backup option. Usually, a full backup is scheduled for once a week, and only files that have changed since the previous incremental backup (usually done daily) are backed up. The archive is cleared each time a backup occurs. Since each day’s backup is different from other days, all tapes will be needed to restore the data. This is the slowest restoration of the three backup methods. Figure 14.3 is an example of an incremental backup schedule. In this example you can see that the information backed up each day varies in gigabyte size. A full backup is performed on Monday, and every other day of the week only the files that have changed since the previous day are backed up. FIGURE 14.3
Incremental backup schedule 30GB
20GB
10GB
Monday
Tuesday
Wednesday
Thursday
Friday
Custom Backups Many of the third-party software backup packages that are available offer a custom option. With this option, you can customize which files will be backed up and with which backup method. The benefit is that critical files can be set to back up fully every time, and less-critical files can be backed up incrementally or differentially.
Backup Plans
A
lthough it would be ideal to keep a warehouse full of backup tapes, so that every day of your company’s existence would be kept and catalogued
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Plans
461
for future reference, there is obviously no way this could be a reality. Backup media and storage space cost money. If you spent $40 for each tape and had one tape for every day in a year, it would cost you $14,600. Even to have a basic rotation of tapes to use on a regular schedule will cost a substantial amount of money. How you plan your backup rotation will depend on several factors, including available resources to purchase tapes.
Rotation Schedules Rotating tapes is a method of reusing tapes in a predetermined cycle. This ensures that data is kept for a period of time on tape and then, when that data becomes dated or redundant, that tape can be reused for a new backup. There are several common rotations available. Depending on your backup needs as well as your need to refer to past data, tape rotations offer several possible solutions.
Daily Rotation Not surprisingly, daily rotation is not considered a suitable backup strategy. In fact, there is no actual rotation that occurs at all. Unfortunately, in small businesses, or environments where nontechnical employees take care of technology, it can happen. In a daily rotation the same tape is used every day. The problem is that if data becomes corrupt there is no means of restoring unless you catch the problem before the backup occurs. Daily rotation also falls short in the fact that there is no offsite data safety. One of the key elements of a backup strategy is that there is a copy of data off site. In a daily rotation, there is one tape and often it never leaves the tape drive.
Weekly Rotation Weekly rotations are based on a set of tapes for a week. Each day of the week gets a tape. When you reach the end of the week, you start over, reusing the tape from the last week. For example, the Monday tape would be used on Mondays only, and so forth. At best, you can restore back one business week. The benefit of this backup rotation is that it requires only one tape for each business day in the week. The downside is that you can’t go back in history very far. If today you notice a problem that damaged data more than a week ago, you can’t restore the data and fix the problem.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
462
Chapter 14
Backups
Monthly Rotation Monthly rotation involves a weekly rotation but, in addition, each Friday’s tape is kept for an entire month. This allows you to go back to any week within a one-month period. A total of nine tapes are used (Monday to Friday, and four Fridays for the month). Monthly rotations are based around the idea that any data errors requiring a restoration will be reported shortly after the error occurred. If they occur within the week then a restore can take place from the previous day. Otherwise the restoration will have to come from the weekly backups, resulting in data since that last weekend backup being lost.
Yearly Rotation The yearly rotation builds on the monthly rotation. Along with having daily tapes for each weekday and weekly tapes for each Friday, you also keep the last tape from each month for a year. This allows you to go back daily for a week, weekly for a month, or monthly for a year. It should go without saying that you should carefully label your tapes, but many times people will not do this simple step. Carefully label each tape with its position within the rotation. In a monthly rotation there will be several Friday tapes (one for each Friday in the month) and each one will have to be labeled with its position in the monthly rotation, e.g., 1st Friday, 2nd Friday, and so on. You don’t want to start mixing the tapes up. Some backup software actually identifies the tape and will not allow tapes to be used out of order. If you bring the wrong tape in to work, you will have to make another trip to your offsite storage place to locate the right one!
Grandfather-Father-Son Rotation One of the more commonly used tape rotations is the GFS (grandfatherfather-son) strategy. Daily backups are known as the son. The last full backup of the week (Friday, for example) is known as the father. The last full backup of the month (which is kept in the yearly rotation) is known as the grandfather. This rotation is based on the yearly rotation plan.
Tower of Hanoi Rotation The Tower of Hanoi rotation method is based on a mathematical puzzle of the same name. In this rotation, one media set (A) is used every other backup session. Start day 1 with A and repeat every other backup (every other day). The next media set (B) starts on the first non-A backup day and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Plans
463
repeats every fourth backup session. Media set C starts on the first non-A or non-B backup day and repeats every eighth session. Media set D starts on the first non-A, non-B, or non-C backup day and repeats every sixteenth session. Media set E alternates with media set D. With each additional media set added to the rotation scheme, the backup history doubles. The frequently used media sets have the most recent copies of a file, while less-frequently-used media retain older versions. The decision regarding the frequency of rotation should be based on the volume of data traffic. To maintain the required history of file versions, a minimum of five media sets should be used in the weekly rotation schedule, or eight for a daily rotation scheme. The Tower of Hanoi is the most complex to use, but provides the best data protection.
Media Storage Once you have decided on a backup rotation, you need to plan on the media storage. Magnetic tapes are the most popular media in use today and need careful storage. Much like the cassette tapes that preceded CDs in the music industry, magnetic tapes are easily damaged by ultraviolet light, extreme heat, extreme cold, and magnetic fields. Care must be taken in transporting tapes. Don’t leave them where they will face any of the previously mentioned dangers. Ideally the first question will be, who is responsible for switching and transporting the tapes? Where will the offsite storage be? What will happen if the person responsible can’t perform the task? Obviously the traveling salesperson is not an ideal candidate for this role because she is seldom in the office. Also, more than one staff member should be aware of the offsite storage site and have access to it in case the person primarily responsible for the tapes is unavailable. Your offsite storage site can be as simple as a safe, dry location within your home, or as complex as a locking fireproof cabinet at a secure location. How simple or complex will depend on the level of safety that your data needs. The key is that the tapes do not stay in the same location as the server. Remember the idea here is to have a safety net in place so if the server is damaged, stolen, or destroyed, you still have your data.
Verification and Restoration Creating and deploying a backup strategy is pointless if, when the time comes to get the data from the backup media, it can’t be restored. Backup
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
464
Chapter 14
Backups
software offers an option to verify the backup upon completion. Verification compares the original data and the data copy on the media to ensure that they are the same. Restoration is the process of extracting the data from the backup to an operational state. Normally, when information is placed on backup media, it is compressed to take up less space. There are numerous compression schemes, but a popular Windows compression program is Winzip, which compresses files into a single zip file. Care must be taken when using compression software because it often requires that identical software be used to decompress the files. In the case of the media being decompressed on a different server, identical drives and software must often be used. This matching also must take into consideration firmware and driver versions. If you are purchasing a backup device, you should take into consideration the current and predicted future size of the data being backed up. Select a drive and media capacity that will allow for growth without the use of data compression if possible.
Learning the Hard Way The IT head at a large engineering firm had been in charge of the data server for over three years when the server failed and the data on the drives was corrupted. Unfortunately, he had not attempted to do a restore before. When he started the restore, he realized that the data had not been verified either. Even more problematic was the fact that the backup unit had not been backing up properly to begin with. In the end, the engineering firm lost drawings worth $2,000,000 and the IT head was fired. The moral of the story is clear. Always check up on how your backup is doing. Just because an error message doesn’t appear on your screen doesn’t mean that everything is working as you expect.
Data restoration should be attempted on a regular basis. This will ensure that not only is the data being backed up properly, but it can be restored as well. There have been cases where data was successfully backed up but not restored properly due to a configuration error. Becoming familiar with the process of restoration before you actually need to do it in an emergency is
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Software
465
also important. This will not only give you confidence that you know what you are doing, but also reduce the chance that you will make a mistake when it counts.
Backup Software
O
riginally backup software was extremely basic. It would back up files selected through a command line interface on a local computer only. There were no options for network use, and no advanced options. The Backup utility for Windows has evolved from a command line program to a GUI program. NetWare includes a backup program called SBackup, and Unix has a command-line-based backup program called Tar (short for tape archiving). Although these backup programs will work, third-party programs offer more options. Figure 14.4 is a screen shot from Microsoft’s Backup utility. FIGURE 14.4
Microsoft Backup
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
466
Chapter 14
Backups
The backup software you select must be compatible with the drives and perating system. Some devices come with their own backup software designed specifically for the device. For example, Iomega drives come with proprietary Iomega software. Many of the third-party utilities will let you back up files that are secure within a password-protected folder. This will be extremely important in your server if you have folders for your users that are password-protected. If you use a backup utility that is unable to gain access to these folders, the data will not be backed up. Other features to be aware of are automatic verification of successful backups and notification of problems. Some of the advanced programs can e-mail alerts when a possible error is detected with the tape drive, while others offer data reduction tips, such as not backing up scratch files, duplicate files, trash folders, or games. Although these features come at a price, it may be worth the investment if you do not have the time to regularly check up on the server. Increasing in necessity and popularity are real-time 7×24 systems that will back up open files Because all files are backed up, even those within applications that are running, ideally no data will be lost if a failure occurs. This expensive solution is seen in high-availability servers. Regardless of your backup device choice, a software program will be needed to run the backup. There are many choices available in features and prices. Select your software carefully to meet your current and future needs.
Backup Troubleshooting
B
ackup drives, no matter what type and form they are, contain moving parts. With the nature of the environment that they operate in, backup devices do require regular maintenance to prevent component failure. Backup software and media may also require troubleshooting in order to maintain proper operation. Software may need to be updated as well as matched appropriately with other operating software to ensure compatibility. Media will deteriorate over time and require replacement. This section will explore common troubleshooting issues when dealing with backup devices, software, and media.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Backup Troubleshooting
467
Cleaning Your Drive Regular drive cleaning is essential for magnetic tape drives. Dust and other fine particles can accumulate on the heads of the tape drive. This can lead to failed read/write attempts, premature read/write head wear, and even head failure. Most backup software will prompt you on a regular basis to clean the tape drive. Cleaning is a simple process of inserting a special cleaning cartridge and allowing it to run for a few minutes. Not only does the cleaning cartridge remove the contaminants from the drive head, it also removes any magnetic charge buildup that has accumulated on the heads. If you do not regularly clean the drive, it will fail.
Remember to clearly label your cleaning cartridges. I have been to service calls where a backup drive was not working only to find out that someone was trying to use a cleaning cartridge as a backup tape! This may seem rather foolish but the cleaning cartridge and the regular tape looked identical except for the fine print.
Oftentimes a backup failure is due to a dirty tape drive. Clean the drive and attempt a backup again. If the backup still fails, then it may be the actual media that is the problem.
Media Problems Magnetic tapes do not last forever. Eventually wear and tear will cause the tape to stretch out or the magnetic film to stop responding to read/write requests. A common problem with large-capacity magnetic media occurs when only a portion of the tape is used. As the tape is partially used, and rewound and used again, the tape tension within the cartridge becomes inconsistent. This causes problems for the tape drive motor and gears as the mechanism tries to roll the tape. With the varied tape tensions, the drive will face uneven resistance, which can result in the tape jamming within the drive or the tape wrapping around the spindles in the drive. Other media problems can occur from improper storage. Tape that has been stored at extreme temperatures (too hot or too cold), or in any other environment that is unfriendly to magnetic media, can cause performance problems.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
468
Chapter 14
Backups
Some drives support several types and sizes of media. Before you purchase your media, confirm with the drive manufacturer the exact details of supported media. If you select an incorrect media, there is a chance that the backup will not perform as expected. Optical drive media (discs) are immune to the issues of magnetism seen in the tape drives but face their own problems. Special care must be taken when handling optical discs because the media communicate through light sources and must be free from scratches, fingerprints, or any other visual obstructions.
Hardware Problems Most backup devices connect to the server through the SCSI bus. If the tape drive is not working upon installation, there may be a problem with the drive installation. Confirm the SCSI ID, LUN, cabling, and termination (refer back to Chapter 4, “Storage Devices” for more information on SCSI). If these configurations are not done properly, the backup device will not operate properly. Confirm also that the drive has been cleaned recently. As previously mentioned, a dirty drive might not perform as expected, and drive failure is a possible result of continual use of a dirty drive. Drive heads can become so contaminated that the dirt causes physical damage to the drive components. Magnetic buildup on the drive’s internal components can also lead to hardware problems, such as causing the tape to become tangled within the drive.
Software Problems Software problems often focus on the operating system’s interaction with the backup drive. Depending on the type and version of operating system on the server, specific drivers may be needed. The drivers provided with the backup drive may also be outdated. Ideally you should check with the drive manufacturer’s website to be sure you have the correct driver. Is there a new driver available? If you update your operating system on the server, is there a new driver available for the new operating system? SCSI-based magnetic backup drives also contain firmware that might need to be updated to ensure proper operation with both your operating system and your selected backup software. It is advisable to check regularly
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
469
with the manufacturer of your drive for firmware updates. Many websites offer the opportunity to join a mailing list for updates, which is a nice way to keep informed of updates for your products. Third-party software problems can also occur. Compatibility between the hardware, operating system, and the third-party drivers can lead to problems. Before purchasing your software, confirm that it will be compatible with your hardware and operating system.
Media Retirement Because old tapes can cause a problem, tape retirement is a key element of preventative troubleshooting. Magnetic tapes, cartridges, optical disks, and other backup media all have a finite useful life. Check the backup media log to determine the number of times that the media has been used. This should then be compared with the media manufacturer’s recommendations for use. Planning ahead for media retirement can prevent possible problems in the future.
Remote Backup Service
F
or a fee, you can have a specialty company connect to your server remotely and back up your data for you, eliminating the need to purchase a backup drive, media, and cleaning cartridges, as well as the need for a secure storage site and staffing. Remote backups use a high-speed Internet connection. Be sure to carefully research all aspects of outsourcing your backups, including data security, cost, and convenience.
Summary
T
his chapter explored the options for backing up data that is on a server. Various devices are available to ensure data is safely copied and stored. Backup hardware falls into one of two categories: optical and magnetic. Magnetic devices are currently the most popular.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
470
Chapter 14
Backups
Backup methods fall under four main types: full, differential, incremental, and custom. Full backups do a complete backup of all files each time the backup is run. Differential backups back up all files that have changed since the last full backup. Incremental backups do a backup of all the files that have changed since the last backup (whether full, differential, or incremental). A custom backup requires you to manually specify how the backup runs, and can comprise a blend of the other three methods. Media rotation schemes specify which tapes are used at which times in your backup strategy. Weekly rotation uses the least number of tapes and allows for files to be restored from up to one week earlier. Monthly rotation uses a weekly schedule but also keeps each end-of-week backup for a period of one month, allowing for data to be restored from each week up to a one month earlier. Yearly rotations build on the monthly rotation to keep the last backup of each month for a period of one year. This method of rotating tapes through a one-year cycle is often referred to as the GFS (grandfather-fatherson) rotation. The Tower of Hanoi is the most complex tape rotation plan, but can provide the widest time range of backups. Safe media storage is an essential element to a successful backup strategy. Whether optical or magnetic, backup media need to be carefully handled and stored. Media should be kept in a dry environment free from extreme environment changes and dangers. Once a backup strategy is implemented, periodically a restoration should be attempted to ensure that a successful restoration could occur when needed. Most backup software also provides data verification. Verification compares the original data to the copy on the backup media to ensure that it was copied correctly. Backup utilities provided in the major operating systems include Backup for Windows, SBackup for NetWare, and Tar for Unix. Tape drives often come bundled with proprietary backup software. You can also purchase fullfeatured backup software from third-party vendors. Troubleshooting includes dealing with hardware, software, and configuration problems with backup systems. Preventative troubleshooting includes regular cleaning of magnetic heads and planned media retirement. Monitoring the age and use of media will minimize problems resulting from media failure.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
471
Exam Essentials Know the difference between archiving and backing up. Make sure that you know the definitions of, and differences between, these two key terms. Know the different backup devices available. Be able to list the major backup devices and their media capacities. Explain the difference between a full, differential, incremental, and custom backup. Know which backup methods clear the archive bit; know how each method backs up data. Explain the common rotation schedules. Know the difference between a daily, weekly, monthly, and yearly rotation. Understand the terminology in the grandfather-father-son rotation. Explain the Tower of Hanoi tape rotation. Explain effective media storage. Know the elements involved in effective media storage, including cost control, personnel management, and safe offsite location. Define verification and restoration. Know the difference between the terms verification and restoration as they pertain to backing up data. Know the backup software available in operating systems. Know that Windows includes Backup, NetWare includes SBackup, and most Unix distributions include Tar as backup software. Be able to explain common troubleshooting for backups. This includes SCSI device configuration, media problems, hardware problems (e.g., cleaning heads), and software problems.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
472
Chapter 14
Backups
Key Terms
Before you take the exam, be certain you are familiar with the following terms: archive bit
Jaz
archiving
monthly rotation
backup
recordable DVD
Backup
restoration
CD-RW (CD-Rewritable)
SBackup
daily rotation
Tar
DAT (digital audio tape)
Tower of Hanoi
differential backup
verification
DLT (digital linear tape)
weekly rotation
full backup
yearly rotation
GFS (grandfather-father-son)
Zip
incremental backup
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
473
Review Questions 1. What is archiving? A. A means of copying data onto a disk B. Using a third-party device to back up C. Preparing files for long-term storage D. The method of data verification 2. What is a backup? A. A copy of computer files. B. Moving data to another location. C. Compressing data on a hard drive. D. Redoing previously done steps. 3. Which one of the following backup devices is not commonly used by
businesses today? A. Optical device B. DLT drive C. Floppy drive D. Zip drive 4. What does DLT stand for? A. Digital linear tape B. Digital logical transport C. Discrete line tape D. Discrete logical transport
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
474
Chapter 14
Backups
5. What does DAT stand for? A. Digital acute tape B. Digital audio tape C. Digital advanced tape D. Digital actuator tape 6. What is the current maximum size of CD-RW media? A. 750MB B. 850MB C. 700MB D. 1GB 7. What are the current capacities of an Iomega Jaz drive media? A. 1GB and 2GB B. 2GB and 4GB C. 1GB and 4GB D. 3GB and 4GB 8. What is the data size of DLT media? A. 20–50GB B. 35GB and up C. 100GB D. 20–50GB 9. What is the media size of a DVD disk? A. 4.7–17GB B. 20–50GB C. 1–3GB D. 650–800MB
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
475
10. Which of the following is the most commonly used backup device? A. Optical device B. Removable hard drive C. Internal hard drive D. Magnetic device 11. A differential backup performed after the full backup will back up
what data? A. All changed data since the last full backup. B. Only the data that has changed since the last differential backup. C. Only the data that has not changed since the last backup. D. All data regardless of the last full backup. 12. Does a differential backup use an archive bit? A. Yes B. No C. It depends on the backup software used. D. Only if the differential backup is part of a grandfather-father-son
rotation schedule. 13. Which option best describes the files that will be backed up in an
incremental backup? A. Data that has changed since the last full backup B. Data that has changed since the last backup C. All data D. Only open data files
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
476
Chapter 14
Backups
14. Which backup method requires the least amount of tapes for a
restoration? A. Full B. Differential C. Incremental D. Custom 15. Which backup method requires the most tapes for a restoration? A. Full B. Differential C. Incremental D. Custom 16. In a Monday through Friday weekly rotation, how many tapes
are used? A. Four B. Three C. Five D. One 17. In a monthly rotation what is the maximum time period that you can
go back for a restoration? A. One month B. One week C. One day D. Depends on whether you are using incremental or differential
backups.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
18. The Tower of Hanoi rotation requires how many sets of media if
performing a weekly rotation? A. One B. Four C. Five D. Three 19. Which of the following is the backup software provided in Unix
operating systems? A. Tar B. Backup C. Unix backup D. SBackup 20. What is media retirement? A. Use of old media that still may work. B. Planned removal of aging media. C. Assessment of age of information on a backup. D. Backing up of old data.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
477
478
Chapter 14
Backups
Answers to Review Questions 1. C. Archiving processes infrequently used files for long-term storage,
often compressing the data to minimize space requirements. 2. A. A backup is a copy of selected files, often to a format unreadable
without the software used to create the backup. 3. C. Floppy drives are not commonly used today due to their limited
capacity. 4. A. These devices are called digital linear tape drives because of the
way the magnetic tape moves across the read/write heads. 5. B. DAT drives use digital audio tape to store data. 6. C. Currently the largest capacity of CD-RW media in use is 700MB. 7. A. The Iomega Jaz drive supports disk capacities of either 1GB or 2GB. 8. B. DLT drives will support media size of 35GB and larger. Currently
DLT drives support over 100GB on a single tape. 9. A. DVD media, although still in development and refinement, will
support media between 4.7 and 17GB. 10. D. Magnetic devices, due to their reliability and large media capacity,
are the most commonly used backup devices. 11. A. Differential backups focus on data that has changed since the last
full backup only. 12. A. Differential backups rely on an archive bit to monitor files that
have changed since the last full backup was performed. 13. B. Incremental backups back up data that has changed since the last
backup. 14. A. Full backups are done on a daily basis, so only one tape would be
required to restore. 15. C. Incremental backups require the most tapes for a restoration. You
would need the last full backup and every incremental backup since the last full backup. 16. C. Provided that you back up on a Monday to Friday basis, you
would require five tapes.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
479
17. A. With a monthly rotation, you can go back one month because the
tape for each Friday is kept for a one-month period. 18. C. The Tower of Hanoi requires a minimum of five media sets. 19. A. Unix operating systems use Tar as their default backup software. 20. B. Media retirement is planned removal of well-used media before it
leads to problems. An effective media retirement schedule relies on careful monitoring of media age and use.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Disaster Recovery
15
COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 2.9 Document the configuration 3.1 Perform full backup
Verify backup
4.6 Establish remote notification 5.1 Recognize and report on physical security issues
Limit access to server room and backup tapes
Ensure physical locks exist on doors
Establish anti-theft devices for hardware (lock server racks)
6.5 Determine if the problem is hardware, software, or virus related 7.1 Plan for disaster recovery
Plan for redundancy (e.g., hard drives, power supplies, fans, NICs, processors, UPS)
Use the technique of hot swap, warm swap, and hot spare to ensure availability
Use the concepts of fault tolerance/fault recovery to create a disaster recovery plan
Develop a disaster recovery plan
Identify types of backup hardware
Identify type of backup and restoration schemes
Confirm and use off site storage for backup
Document and test disaster recovery plan regularly, and update as needed
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
7.2 Restoring
Identify hardware replacements
Identify hot and cold sites
Implement disaster recovery plan
Further information on CompTIA objective “Recognize and report on physical security issues” can be found in Chapter 13, “Managing and Securing the Server Environment.” Further coverage of objective “Restoring” can be found in Chapter 14, “Backups.”
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
T
his chapter is an exploration into the worst nightmare that a server technician can face: a disaster. Disasters can come from two broad categories—natural or non-natural. No matter the source, the end result is the same: the server is no longer functioning. Disaster recovery is an important consideration when setting up your server. Development of a disaster recovery plan is a must. Although there may never come a time when the plan must be implemented, it is always best to prepare for any circumstance. One element of disaster recovery is prevention. In a server, disaster prevention takes on the form of fault tolerance. As you learned in previous chapters, fault tolerance involves including redundant components in a computer to ensure that when a component fails, a second or third exact copy of the component can instantly take over.
Defining the Disaster
D
isasters can come from a multitude of sources. Natural disasters are unpredictable, but it is possible to narrow the possibilities and to plan ahead. If you live along the west coast of North America, for example, there is an obvious concern with earthquakes, whereas a company located within the central plains of the United States would be more concerned with a tornado. Natural disasters can come in the form of severe weather, such as floods, lightning, cold and heat, and storms (tornadoes, hurricanes, earthquakes, etc.). The damage caused by each natural disaster is different but the outcome is still the same. Creating an environment in which a company can operate regardless of the disaster is the key to disaster recovery. This will take careful planning as well as involvement from several organizations, including representation from the company, community, and specialists in environmental issues.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
484
Chapter 15
Disaster Recovery
Non-natural disasters include theft, vandalism, system failures, or other issues brought on by non-environmental influences. Disasters are created by non-natural means more often than natural. Disgruntled employees or recently terminated personnel can pose a serious threat. One element of server environment planning is creating a secure environment where access to the server, as well as potential for intentional harm, is limited. Commonly though, non-natural disasters are a result of component failure. Servers operate within stressful environments and, with time, there is a high potential for component failure. Planning for a hardware failure begins with building the server. As you remember from Chapter 5, “Fault Tolerance,” combining redundant components within key areas of the server will reduce the potential for system failure should one component fail. For example, multiple network cards within a server will ensure that connectivity to the network will continue even if one network card fails. This creates a redundant server and can be considered a component of disaster prevention. Regardless of the cause of the disaster, the effects are still the same. Planning on how to deal with the potential of a disaster and its outcome is the focus of disaster recovery.
Creating the Disaster Plan
A
successful disaster plan is a living entity. It is a carefully planned and constantly updated strategy on how to cope and recover from a system failure. This plan must involve the entire organization at some level. Creating a plan that only the IT manager is aware of doesn’t help when the manager is away and a disaster strikes. Carrying out the disaster plan as seamlessly and smoothly as possible will require the cooperation and careful training of all staff. As previously mentioned, the disaster plan is a living entity. It must be frequently revisited, as changes both environmental and technical will require that alteration to the plan be made on a regular basis. This will ensure that if the need arises to use the plan, it will continue to be valid and implementation will be as smooth as possible. Creating a disaster recovery plan requires at least six key steps. Some disaster plans, due to complexity, will require many more planning steps, but the following six steps will cover the essential areas of focus in order to create and maintain an effective safeguard. In many ways the lines between each of
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Creating the Disaster Plan
485
these steps is blurry. Some information presented in one step might just as easily fit into another step, but here are the working categories:
Exploring the risks
Understanding the impact
Creating strategies
Training for strategy implementation
Plan Maintenance
Documentation
Exploring the Risks Before a plan can be developed the risks involved must be determined. This can be a daunting task. How do you evaluate the unknown? The best approach to take is to involve a group of people. This group should include specialists from within the organization as well as outside. Technical specialists can provide information on potential hardware and software issues. Management specialists can provide information on staffing concerns. Outside agencies can provide insight into possible community and natural issues. At this stage a list should be created outlining the possible risks and the impact of these risks on the network. Having the involvement of a diverse group will ensure that many possible risks from many sources can be gathered.
Understanding the Impact Once a list is defined of the possible risks that the network would face, an assessment of each of these risks and their impact on the business must be determined. Each risk should be evaluated and prioritized as to its severity. Variables to consider include the probability of the disaster occurring. For example, although there is a possibility of a meteoroid hitting the business and destroying the server, the likelihood is extremely small and therefore the priority of this risk should be near (or at) the bottom. Another important variable to consider is the impact of this risk should it occur. How much disruption would occur? What is the severity of the disruption, both in business functionality as well as financial loss? What is the financial
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
486
Chapter 15
Disaster Recovery
commitment for preparing for each disruption? The potential impact extends beyond physical disruption to computers and users but also into understanding the financial commitment required to prepare for and deal with a disaster.
Creating Strategies After determining the risks, assessing their impact, and prioritizing the list based on severity of the risk, it is time to develop strategies to deal with each disaster potential. This stage will involve creating, in some cases, several possible solutions to deal with each risk. In the case of hardware failure it would include the following possible strategies:
Having spare parts on hand
Establishing contact with a local supplier to determine availability of parts and shipping timelines
Training staff to identify as well as effectively deal with the problem
For example, a printing company relies on specific printer hardware to perform most of their printing tasks. Strategies to cope with printer failure would include having a backup printer available and training staff on how to connect to and use the secondary printer. Oftentimes the strategy development stage is difficult to define. Exact costs of parts will change with time. Even parts availability will change dramatically within a few months. (See also “Plan Maintenance,” below.) Careful consideration must be given to the possibility that a server containing dated hardware may not be easily repaired should a disaster strike. Older components may not be readily available, and if located these parts may also be quite costly. This can be seen in the world of RAM. EDO RAM, which was used prior to SD RAM, is rather difficult to obtain today, as it is no longer stocked at most computer stores. The price of EDO RAM, as compared to SD RAM, is extremely high. For example, current prices for 128MB of SD RAM is $39.95, while only 32MB of EDO RAM is currently $74.95. I can’t even find a price for 128MB of EDO for comparison! Another consideration is involvement of staff at this stage. Determining which staff will be involved and to what degree can be a difficult task. Obviously there will need to be people involved in carrying out the disaster recovery plan. Technical knowledge, leadership, as well as other favorable traits should be carefully considered.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Creating the Disaster Plan
487
Training for Strategy Implementation Creating a disaster recovery plan is not useful unless there will be personnel capable of implementing the steps within the plan. Regular training will ensure that staff are current on their role within the plan strategy. It is imperative that you develop a plan for regular staff training that covers the following two aspects of the plan: What the plan is Staff should understand the elements of the plan, the entire scope of implementation, and their individual as well as collective roles within the plan. This will ensure that there is minimal confusion, gaps, or overlap with plan implementation. How the plan is executed All staff need to understand what to do and when. There will be logical steps that must occur within a set sequence in order for the plan to be carried out effectively. This could be as simple as knowing when to restart their computers. Regardless of complexity, making sure that staff are aware of plan execution will definitely limit the confusion. Regular training is often the step that is most commonly missed. As the plan changes, training must bring staff up-to-date both on their individual roles as well as the roles of others in carrying out the plan. This will ensure that if the time comes to use it, a suitable plan can be carried out smoothly.
Plan Maintenance Maintenance of the plan involves frequent plan visitation to update on newly identified potential disasters as well as changes within the business that would warrant updates. Changes that might warrant a plan update would include introduction of new software and hardware to the network, expansion of the business, new staff, or new technology use. The frequency of plan maintenance will be determined by the business. If there are no changes to the business and no foreseeable new disaster threats, then maintenance to the plan will be limited. This step should also include verification of available hardware and software used within the disaster recovery plan. For example a slightly outdated plan might specify that a hard disk failure would require the purchase of a new 2GB hard disk. The price and availability of this hard
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
488
Chapter 15
Disaster Recovery
disk will be significantly different within six months of the plan creation. If this plan were still in use today without any update, it would be impractical and perhaps impossible to fulfill because a new 2GB hard disk is no longer available.
Documentation Documentation is the last step in creating an effective disaster recovery plan. Without clear documentation chaos would occur. When a severe disaster strikes, people normally panic. Having clear documentation will serve as a visual reminder of the steps that need to be taken, but also will help in restoring some form of order to an environment that seems out of control. Documentation should include detailed steps to carry out the plan, as well as copies of all updates to the plan. Having a list of plan updates will allow you to track all changes that have been made, as well as allow for acceptance or rejection of the changes. This way, when the plan has to be carried out, reference to previous revisions can be made. Copies of the plan documentation should also be made. These copies should include hard copies, digital copies, and backup copies located offsite. This will ensure that no matter what the nature of the disaster, there will still be access to the plan.
Identifying Hot and Cold Sites
A
lthough most disasters that a business will face are small disruptions, there is the potential for catastrophe. When deciding on how to deal with a catastrophic disaster there are three backup options available: hot, cooperative, and cold sites.
Hot Sites A hot backup site is an exact copy of the original business located in a different physical space. This includes equipment, software, and data. Although a hot site is the ideal situation, it is extremely expensive to create and maintain. The costs would include everything from renting/purchasing
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Identifying Hot and Cold Sites
489
a second facility, equipment costs, software licensing, to maintenance costs. Every update and patch that is applied to the primary location must then be applied to the hot backup site. Maintaining a secondary site often requires hiring additional technical staff to assist with the workload. If the disaster occurs, a hot site is brought online by restoring data on its server. The transition to the hot site is relatively easy. Some hot sites will use a VPN or WAN connection to the primary site to maintain constant data updates, thus eliminating the need to restore data should the failure occur. Regardless on how the data is updated, a hot site will normally be ready to go at a moment’s notice. The only transition is relocating staff to the hot site facility.
Cooperative Hot Sites Cooperative hot backup sites are an ideal way to cope with the high prices associated with implementation of a hot site. Cooperative hot sites are created and maintained by several companies. The site is then available to any of the cooperating companies if needed. The hope is that only one company will need the site at one time. Although this approach seems like an ideal solution to dealing with creating a hot site, difficulty can arise in meeting each company’s business and technology requirements. This will include facility, hardware, and software requirements.
Cold Sites Cold backup sites normally have equipment available but availability is not at the level of a hot site. Computers will be available but not at the identical configuration to the primary systems. The idea is that there will be enough equipment to run the business but at a basic state until the primary facility can be repaired. An example would be using a simple dial-up Internet connection as opposed to a high-speed link that would be available at the primary site. Cold sites are a much more affordable option. However, the transition between the primary and cold site is more difficult, often requiring that computers be set up and configured, and patches be applied as necessary. Often cold sites are not maintained regularly. This can lead to unpleasant surprises, including hardware and software conflicts.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
490
Chapter 15
Disaster Recovery
The benefit of cold sites over hot sites is affordability. Eliminating the cost of regular maintenance and equipment matching makes cold sites substantially more affordable and popular.
Replacing Failed Hardware
A
s previously mentioned, disasters will often take on the form of hardware component failure. Dealing with this type of disaster is more of a routine task for most technicians, but care must be taken throughout this process. Identifying the component that has failed is the first step. If the component has indeed failed then replacement of the component must occur. At this step, verifying hardware compatibility and following ESD best practices will ensure that the replacement goes successfully.
Identify the Failure Modern servers offer technology to make hardware failure identification easier. Servers often spend long periods of time without any human contact, especially if the server is locked in a cabinet or a specialty room. New technology offers options for remote notification when a hardware failure occurs. This notification can take on the form of an e-mail or pager alert, or even a phone call with a prerecorded message. Regardless of the form, remote notification allows for immediate notification of hardware issues, which in turn allows for faster response time. Another server technology that has increased in popularity is the addition of visual displays. Visual displays are seen within numerous devices within a computer, such as network cards. Link lights on the back of a network card provide a visual verification of connectivity. This concept has expanded to include lights on hot plug hard disks as well as LED panels on the server that provide a visual representation of hardware status. These lights can be compared to traffic signals: green for OK and red for failure. Notification, whether it is visual or remote, simplifies the troubleshooting process significantly. Rather than searching through the server to determine if and where a hardware issue may be, the server will point you in the correct direction.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Replacing Failed Hardware
491
Once the problem is identified, corrective measures can then take place. If the hardware has indeed failed, replacement is the only option. At this point a full backup should be done. This will ensure that any unforeseeable problems that may occur as a result of the hardware repair will not result in any data loss.
Always Remember to Back Up! It is amazing the risks that technicians often take. A simple update such as installing a utility can result in catastrophic consequences. One of the servers I once worked on had experienced a problem with a tape drive. Upon consultation with the server manufacturer, I decided to install a utility program that I had downloaded from the manufacturer’s website; the utility would do a diagnostic on the tape drive as well as the SCSI channel that the drive was connected to. When I performed this task, the server (running Windows NT Server) did a physical memory dump and basically died right before my eyes. The entire operating system became corrupt and the system failed. Fortunately I had backed up the server the night before and there was no data loss. The server had to be reinstalled with the operating system and a restore from the backup tape to return the data as well as security on files and folders. Had there not been a backup done, I would have had to re-input all the users as well as set up their access and permissions. Remember, it doesn’t matter whether you are doing a major system upgrade, installing a patch file, or even doing diagnostics: always perform a full data backup. Whatever can go wrong often does when you least expect it.
ESD Best Practices ESD (electrostatic discharge) is a computer’s worst enemy. The transfer of electrical shocks to computer components through human contact is what we’re referring to as electrostatic discharge. ESD often occurs during component handling during either installation or maintenance. The effects of ESD can be mild or severe, depending on the component and the amount of static charge. This is analogous to a stroke in humans. Some people
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
492
Chapter 15
Disaster Recovery
will lose short-term or long-term memory, others will be paralyzed on one side, others will die, and some people will make a full recovery. No one can predict how people will react to a stroke. ESD is similar in that the damage to components can vary dramatically. Unfortunately you can be causing damage to a computer component without even knowing it. The smallest charge that a human can physically feel is approximately 3,000 volts. It takes 10,000 volts before you can see a spark. A shock of as little as 30 volts can damage a computer. It is highly likely that damage will occur without your even noticing the discharge. When working on hardware you should take special precautions to prevent ESD damage. The first step is to work within an environment that will limit the potential for static from forming. The worst possible environment is cold and dry. If you live in a northern climate you will have experience in the annoyance during the winter months: Paper tends to jam in photocopiers and printers more often, every time you reach for a door handle you get a shock, your kids take pride in shuffling their feet across the carpet and then lightly touching your ear to give you a shock. This is the ideal ESD environment. If you need to perform work with hardware, you want to avoid these conditions. Having a humidity control within the room where the work is to be done will help significantly.
ESD Wrist Strap An ESD wrist strap is an essential device during any hardware upgrade regardless of the time of year. The potential for ESD occurring is constant. An ESD wrist strap is a Velcro band that wraps around your wrist. Attached to the strap is a wire containing a small resistor that bleeds charge away from your body. The other end of the wire attaches to a ground source. The ideal ground source is the ground pin on an electrical outlet. When properly attached, the wrist strap will prevent electrical charges from transferring from your body to the computer components.
ESD Mat A major problem with the ESD strap is that the cable tethers one of your hands. This will limit your mobility, and at times, the cable will become entangled with the computer that you are working on. It is also possible (and often does happen) for the wire to become disconnected from the ground
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Replacing Failed Hardware
493
source. Many ESD straps use a coiled wire that does not provide much distance between you and the outlet. An ESD mat is a better solution. This mat is actually a rubber mat with the resistor and cable attached to it. It grounds the computer against damage from both human contact as well as charge from the table. Oftentimes an ESD wrist strap is used in conjunction with an ESD mat. This will provide protection from both human and tabletop ESD contact.
Antistatic Bags All computer components are shipped within a special antistatic bag. These special bags prevent static charge from coming into contact with the computer components. It is highly advisable to keep these bags. At some point you may need to transport a component or remove one temporarily. Having an antistatic bag to store the component in will protect the component while it is outside of the computer.
Antistatic Bags Antistatic bags can also be used as gloves. Since the bag prevents the transfer of static charge, technicians have used them as gloves when they need to get a better grip on a component. An example of this use is installing expansion cards. At times considerable force is needed to seat the card properly in the slot. Using the antistatic bag as a glove will allow you to manipulate the card with a better grip. Once an antistatic bag has been used for this purpose, it should not be used to store computer components in. The interior of the bag can contain residual charges from your hands.
Planning for Hardware Replacement Once you have determined which hardware component has failed, it is time to plan for the replacement. Keeping the ESD concerns in mind, hardware replacement will have to be planned. This planning stage will include locating a suitable replacement part, assessing the complexity of the replacement, planning the time to perform the replacement, and notification (if necessary) of staff that there will be repairs done.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
494
Chapter 15
Disaster Recovery
Locating Suitable Replacement Parts In new servers locating replacement parts is often not a difficult task. Everything from power supplies, hard disks, RAM, to processors is readily available. Older servers are a little more problematic. For example a failed ISA network card may seem like a simple replacement but many retail outlets are not stocking ISA expansion cards anymore. The same hold true for older processors and RAM. It is highly advisable to plan ahead with your hardware. Before any failures occur you should become familiar with the hardware within your server and take the time to locate suppliers for the parts. If you can build a positive relationship with a supplier you will hopefully be able to locate parts quickly when you need to. Unfortunately at times you may not be able to locate suitable replacement parts. If you can identify this problem before a disaster strikes, steps can be taken towards planning a server upgrade or replacement. The worst-case scenario is that a component fails within the server and the need for a simple replacement results in extended server downtime while a part is located and then ordered, or the entire server undergoes an unplanned upgrade. Carefully monitoring the age and availability of components within a server will provide needed information so that suitable replacement parts can be located as quickly as possible. This same information can be helpful for making decisions about a planned upgrade to deal with aging server components.
Assessing Replacement Complexity How hard can it be? Take the cover off, remove a couple of cables and screws, and swap the parts. Sometimes it is this easy. Other times it seems as though the entire computer has to be stripped down before you can even get access to the failed component. Depending on the server and its design, component replacement can be a simple or an extremely complex task. Always refer to the technical manuals provided by your server manufacturer before you proceed to replace any hardware. This will help you understand the proper steps to take to gain access to and replace parts within the server. Hot swappable hard disks provide the easiest means of replacing a hard disk. Simply grab the handle of the failed hard disk, release the locking mechanism, and slide the drive out. The replacement drive slides in and the handle locks into position. If there is a RAID configuration, it will automatically identify the new drive, format it, and begin copying data to the drive. This process does not require that the server be shut down. For the users accessing the server, this hardware replacement will go unnoticed.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Software Failures
495
Planning Replacement Time Planning the time for the replacement will rely heavily on the complexity of the replacement. In the previously discussed hot swap example, the replacement can occur at any time because there would be no disruption to the users. A motherboard replacement, however, would result in the server having to be shut down for an extended period of time. This planned replacement time would have to occur during a low-access time to the server (possibly during the night). Plan to add extra time to the estimated time for the replacement to allow proper testing of the new component and extra time for fixing any possible glitches that might interfere with regular operations. Starting to replace a motherboard in a server at 8:30 A.M. when staff are arriving and will need to access the server at 9:00 A.M. is not going to work out in your favor.
Notification If the repair to the server cannot occur during a time where there will be no access, then proper notification will need to take place. This includes advanced notification to all people who will be affected by the shutdown. With this notification include the nature of the repair, the fact that the server will be inaccessible, the start time, and estimated completion time. Advanced notification should be done at least a week prior to the repair. This notification can be done via in-house e-mail, regular in-house mail/fax, or verbally. Regardless of the delivery method, you should include a verification process to ensure that all intended recipients received and understood the notification. Should there be any discrepancy at a later date, you will have proof that the notice went out and was acknowledged by all intended people. Finally, a second notification, much like a reminder, should be sent 24 hours before the repair is to take place. This will ensure that those people who forgot will be reminded and plan their day accordingly.
Software Failures
Software failures can also have a significant impact on server operations. Before applying any update to a server, thorough testing should be done. The unforeseeable impact on both the operating system as well as installed programs can be severe. In an ideal environment a separate test server would be used to verify every patch, every new software installation,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
496
Chapter 15
Disaster Recovery
and every firmware update before they are installed on the production server but it is rarely possible to afford an exact copy of the production server to use for testing purposes. Carefully researching the software compatibility issues before installation will normally reveal any potential negative consequences. Before installing or applying any software update, you should do a full backup. Before installing any update, first consider the reason for performing the update. Is the update needed? It is not necessary to install every available update. If there are no benefits or fixes that are going to provide a positive impact for your environment, then why take the risk? Refer back to Chapter 11, “Software Updates,” for more information.
Summary
T
his chapter explored the development and implementation of a disaster recovery plan, including defining and creating an effective means of dealing with both minor and severe system failures. Development of a disaster recovery plan includes exploring the risks, understanding the impact, creating strategies, training staff, implementing the plan, maintaining the plan, and documenting the plan. When deciding on how to deal with a severe disaster, consideration must be given to creation of a hot backup site, a cooperative hot backup site, or a cold backup site. A hot site will be an exact copy of the original site, including hardware, software, and operating facility. This is the most expensive and complex method to set up and maintain but provides the easiest transition should the need arise to use it. A cooperative site is a hot site created and shared by several companies with the intent to share the cost. Cold sites contain equipment for use but often at a more affordable level than the equipment used at the primary site. Cold sites often require quick setup and adjustments in order to make them functional. Replacing failed hardware is the most common service performed with a disaster recovery. In order to successfully accomplish this task, you must take several steps first. First you must identify the failure. Modern technology can assist with this task, providing servers with a means of monitoring and displaying the status of the hardware. Once the hardware failure is determined, you must plan for the repair. Planning also includes being constantly aware of ESD and the dangers it poses to computer components.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
497
ESD best practices include monitoring temperature and humidity as well as the use of antistatic wrist straps, mats, and component bags. The next step is locating suitable replacement parts, ensuring compatibility with the server’s existing components. Next comes assessing the complexity of the replacement. This step should be done with reference to technical guides from the server and replacement component manufacturers. Planning the replacement time will assist in creating a smoother transition. Finally, notifying users of the repair well in advance will ensure that everyone affected can properly prepare for the downtime. Software failures can also play an important role in disaster recovery and planning. Many simple patch and firmware updates can go wrong and result in a network disaster. Careful research and testing of the software will protect the production server from disaster.
Exam Essentials Know the two broad categories of possible disasters. This includes natural and non-natural disasters. Be able to provide examples of both types of disasters. Natural disasters result from naturally occurring and unpreventable events such as tornado and flood, while non-natural disasters include vandalism, theft, and user error. Be able to identify key elements of a disaster recovery plan. Know the steps involved in creating a disaster plan including exploring the risks, understanding the impact, creating strategies, training for strategy implementation, plan maintenance, and documentation. Know the difference between hot, cooperative, and cold backup sites. Hot sites are exact copies of the primary site, cooperative sites are hot sites shared between businesses, cold sites contains minimal equipment will need some configuration before getting up and running. Know the steps to identify and replace failed hardware. This includes identifying the failure through visual as well as notification cues, planning the replacement, locating suitable parts, assessing the complexity of the replacement, planning the replacement time, and notification.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
498
Chapter 15
Disaster Recovery
Know the dangers of ESD. Be able to identify the risks involved in performing a hardware change, including environmental considerations and electrostatic voltage levels. Know how to take measures to prevent ESD damage. Know the uses of antistatic wrist straps, mats, and bags in preventing ESD damage from occurring. Know the potential risks in performing software updates. This includes patches, software updates, and firmware.
Key Terms
Before you take the exam, be certain you are familiar with the following terms: antistatic bag
hardware failure
backup
hot backup site
cold backup site
LED panels
cooperative hot backup site
natural disasters
disaster recovery
non-natural disasters
disaster recovery plan
patch
documentation
plan maintenance
ESD
RAID
ESD mat
remote notification
ESD wrist strap
risks
firmware
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
Review Questions 1. Which of the following is an example of a natural disaster? A. Electrical fire B. Theft C. User error D. Flood 2. Which of the following is an example of a non-natural disaster? A. Tornado B. Flood C. Electrical fire D. Lightning strike 3. Are disasters more commonly the result of natural or non-natural
events? A. Natural B. Non-natural 4. What is the main focus of disaster recovery planning? A. Planning on dealing with the potential of a disaster and its
outcomes B. Dealing with a system failure after it happens C. Learning how to rebuild company assets once a disaster occurs D. Building a business that is completely immune to a disaster
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
499
500
Chapter 15
Disaster Recovery
5. What is a disaster plan? A. A scheme to create potential problems within an organization B. A carefully planned and constantly updated strategy on how to
cope and recover from a system failure C. A “set in stone” plan that is created once and locked away on how
to deal with every potential problem that a business could face D. A secret plan of action for fixing potential problems 6. How many steps at a minimum are required in creating a disaster
recovery plan? A. Five B. Six C. Seven D. Eight 7. What is the first step in creating a disaster recovery plan? A. Exploring the risks B. Understanding the impact C. Creating strategies D. Assessing the business requirements 8. Training for strategy implementation involves which two steps? A. What strategies to use and how to use them B. Prioritizing strategies and assessing their impact C. What the plan is and how the plan is executed D. Creating strategies and maintaining strategies
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
501
9. What does plan maintenance involve? A. A quick scan through the disaster recovery plan to ensure that it is
still functional B. Having a third party assess the validity of the disaster recovery
plan to ensure that it has been created correctly C. Frequent visitation to update the plan on new potential disasters as
well as company changes D. Revisitation of the disaster recovery plan on a yearly basis to
update staffing changes 10. What is a major reason for providing clear documentation of the
disaster recovery plan? A. For insurance purposes B. In case the person in charge is not available to carry out the plan C. To serve as a visual reminder of the steps that need to be taken
when the time comes for the plan to be implemented D. So everyone knows their role and there will be no questions 11. What format should copies of a disaster recovery plan be kept in? A. Hard copy B. Digital copy C. Backup copy D. All of the above 12. What is a hot backup site? A. An exact copy of the primary site B. A copy of the primary site that will require setup before use C. A shared site between several companies D. A partnered business, which will take over the primary company
should a disaster strike
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
502
Chapter 15
Disaster Recovery
13. What is a stumbling block in creating a cooperative backup site? A. Establishing the partnership between companies B. Matching the technological and business requirements of each
company C. Locating a facility large enough to house all businesses within the
partnership D. Fiscal planning between each company to cover the costs of the site
and technology 14. Do cold backup sites require any setup or configuration before use? A. Yes B. No C. Depending on whether they are also cooperative backup sites D. Only if the site is not owned by the corporation 15. What is the most common form of disaster that a technician will have
to deal with? A. Software failure B. User error C. Hardware failure D. Natural disasters 16. Which of the following is a form of remote notification? A. LED displays B. E-mail alerts C. Beep error codes D. Text alerts
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
17. What does ESD stand for? A. Electrical shock discharge B. Electro-shock discharge C. Electrostatic discharge D. Environmental static discharge 18. How many volts does it take to damage a computer component? A. 30 volts B. 1,000 volts C. 50 volts D. 500 volts 19. What does an ESD wrist strap or mat contain that removes ESD
charges safely? A. Transistor B. Diode C. Capacitor D. Resistor 20. Computer components that are not within the computer should
be stored in which of the following options? A. A cardboard box B. An antistatic bag C. A bag D. Any protective container
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
503
504
Chapter 15
Disaster Recovery
Answers to Review Questions 1. D. A flood is a naturally occurring disaster whereas the other options
are influenced or caused by people. 2. C. An electrical fire is a result of an electrical problem. This is a
non-natural event while the other options presented are all naturally occurring events. 3. B. Most of the disasters that occur result from non-natural events
such as user error and hardware failure. 4. A. Disaster recovery planning involves analyzing, and preparing for a
disaster before it happens. This will ensure that if a disaster does happen, repairs and positive action can proceed as smoothly as possible. 5. B. A disaster plan is a carefully crafted and continually updated doc-
ument providing valid, up-to-date guidelines for coping with system failure. It must be shared with and understood by all employees, to ensure that they will remain calm and carry out the steps in the safest and most efficient way possible. 6. B. A minimum of six steps are required in creating a disaster
recovery plan. 7. A. The first step in creating any disaster recovery plan is exploring
the potential risks. This involves creating a detailed list of all potential threats that your company faces. 8. C. This stage of the disaster plan is the final step and involves train-
ing staff on what the plan is and how the plan is to be executed. 9. C. Disaster recovery plans require frequent visitation to update
any changes and assess new potential threats. The frequency that this revisitation occurs at will vary depending on the nature of the company and environment that it exists in. 10. C. Clear documentation will serve as a visual reminder of the
planned steps when the time comes to carry them out. This will also assist in maintaining order during a stressful and chaotic time. To maintain clear documentation, frequent visitation to the plan and adjustments as necessary must be done.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
505
11. D. Ideally you should keep your disaster recovery plan in as many
different formats as possible. This will ensure that if you need to, you can resort to several different means of accessing the plan. 12. A. A hot backup site is an exact copy of the primary site, including
equipment, and software. Hot backup sites are the most costly to create and maintain, but they provide for the smoothest transition. 13. B. In a cooperative backup site one backup facility is shared between
several businesses. Creating an environment that will meet the needs of all partnered businesses is the major stumbling block. 14. A. Cold backup sites will require setup of equipment as well as
configuration of software and data before they can be used. 15. C. Hardware failures are the most common form of disaster. Servers
operate within a stressful environment, and with time hardware components will fail and require replacement. 16. B. Modern servers have the ability to send e-mail alerts to report on
potential problems with the operation of the server. This is a form of remote notification. 17. C. ESD is the acronym for electrostatic discharge. ESD is a serious
concern when performing a hardware upgrade or replacement. Static discharge can damage or destroy computer components without the technician even knowing a discharge has happened. 18. A. It can take as little as 30 volts to seriously damage or destroy a
computer component. At this small of a voltage you would not even be aware that the damage has occurred. 19. D. An ESD wrist strap and mat contain a resistor that slowly bleeds
any charge away from you and the computer to a ground source. 20. B. Components that are not installed in the computer should be
stored in an antistatic bag to prevent ESD damage.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting
PART
VI
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
Problem Determination
16
COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 6.1 Perform problem determination
Use questioning techniques to determine what, how, and when.
Identify contact(s) responsible for problem resolution
Use senses to observe problem (e.g., smell of smoke, observation of unhooked cable, etc.)
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
O
ne of the most trying tasks a server administrator faces is troubleshooting problems when they arise. This means seeking out the problem and eliminating it or its cause. Fixing the problem is sometimes the easy part while determining the source of the problem can be very difficult. A server administrator must be efficient in recognizing a problem, especially for those servers that require a high level of availability. Problem recognition is definitely a skill that requires logical thinking, reasoning, and technical knowledge. Server troubleshooting is a major part of any server administrator’s dayto-day tasks and it is also covered in great detail on the Server+ exam. This chapter is dedicated to problem determination. It will introduce you to some general troubleshooting steps that should be followed when trying to determine the source of a problem as well as some of the things you should look for in the server environment.
Troubleshooting Steps
P
inpointing a problem can be very difficult but following some simple procedures can make the troubleshooting process much easier. Experienced administrators won’t just rely on their own knowledge to solve a problem but will use all the resources available to them to help achieve an accurate diagnosis. This includes questioning users on the network, interpreting the information in server logs, and even using your own senses. Once a problem has been detected, following the steps outlined below can ensure proper diagnosis and resolution of the problem at hand. 1. Determine the priority of the problem. 2. Gather information by asking questions and checking logs.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
511
3. Physical Problem Detection. 4. Identify contacts/responsible parties. 5. Fix the problem. 6. Document the solution.
Determine Problem Priority One of the first things a server administrator needs to do is assess the problem at hand to determine its severity and assign it a priority. Once you’ve assessed the problem you may determine that there are other matters that need to be addressed before attempting to resolve the problem. In other situations you will determine that the problem requires immediate attention. The severity of a problem will be based on the impact it is having—or could have. One of the most important things to consider is data loss. If the problem could result in the loss of network data, it will require your immediate attention. For example, a failing hard disk would need to be replaced as soon as possible, or a backup device that is not functioning would need to be fixed right away.
Chances are if the problem is related to server hardware, it will require immediate attention.
If you recall from Chapter 9, “Upgrading and Maintenance,” server uptime is the amount of time that a server is available to users when they need access to it. If a problem could impact server uptime, it probably needs to be addressed immediately. Of course this will also be determined by the importance of the server on the network. If the server is rarely accessed, it can probably be assigned a lower priority. However, if the server plays an important role on the network, such as a domain controller or a web server, the problem will need to be fixed as soon as possible. If the problem could lead to future downtime if it is not fixed immediately, then assign it a high priority and begin troubleshooting. Keep in mind when assigning a priority to a problem that your perception and a user’s perception might differ. A downed Internet connection or the inability to send e-mail messages may be high priority to users on the network but not on your list.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
512
Chapter 16
Problem Determination
Gather Information There are many ways that a server administrator can acquire information pertaining to a reported problem. This can be done in a variety of ways but two of the most common and efficient ways is to ask questions and use the information in the error/event log.
Determine Problem Origin Determining the source of a problem can quickly lead to a solution. Server problems can be caused by malfunctioning hardware or software, or could be due to a virus. When diagnosing why a problem has occurred, begin by doing a virus scan to eliminate this as a possibility. If you’ve been updating the virus signature file on a regular basis and performing regular virus scans, the chances of the problem being virus-related are minimal (recovering from a virus will be discussed in the next chapter). Hardware-related problems are easier to diagnose than software related problems. If there is a problem with a hardware component, most servers will generate some type of report, warning sign, or error message. Different utilities and tools will also allow you to monitor the status of hardware and determine if a component is malfunctioning, failing, or in conflict with another device. Solving a hardware-related problem usually involves reconfiguring the hardware settings or replacing the failed hardware. Software related problems are the most difficult to track to their source. Servers are often running multiple services and applications that can end up conflicting with one another. An application or service may stop responding or cause the server to hang. Most often an error message of some form will be generated regarding the cause of the problem (such as a corrupt file). Solving software related problems might entail installing service packs, software updates, or the entire operating system.
This is where it becomes extremely important to track any changes that are made to a server. Even the smallest configuration change made to one application or service can impact on another service or application that was previously functioning.
Ask Questions When a problem occurs on a server, usually the first people to notice it or feel the effects of it are the users on the network. Dealing with users can be
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
513
frustrating if they do not understand the technologies behind servers and networking, but don’t count them out as a source of information because their input can prove invaluable. Often users on the network are the first to report a problem. The report that you get might be vague—“the network is down,” perhaps—but if you ask the right questions, you can soon discover some important information. When questioning users, or even other technical support staff, use the following questions as a guideline: What is wrong? Try to get as much detail as possible, such as any error messages that appear. What are the symptoms of the problem? Find out from the individual how often the problem is occurring, what applications are open when it occurs, and whether the problem is experienced by one or multiple users. When did the problem begin? Determine if this is the first time the problem has occurred. If the problem has occurred before, ask the user how often it occurs and if it does so at specific times. What has changed? One of the most important things that can help you troubleshoot the problem is to determine if any changes have been made recently that can be the source of the problem.
Interpret Logs Logs are essential in ensuring that your servers run successfully. Logs list events that have occurred and record activity on your server. Entries in a log file usually report errors and warnings generated, when they occurred, an event ID, and sometimes an event description. Log files can be overwhelming to a server administrator because of their size and complexity. When troubleshooting, log files are one of the first places you should look for information on the problem. Some log files will provide a description of the event while others will only provide you with an event or error code. Even if you cannot understand the information within a log, vendor support personnel should be familiar with the error messages and error codes. Some websites will also allow you to type in the error or event code or the description and provide you with details on the cause of the problem and the solution. Most operating systems, services, and applications will write events to some sort of log file. Where the logs are located and their format will of course depend on the operating system. For example, NetWare servers write
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
514
Chapter 16
Problem Determination
information to one of three log files (Console.log, Abend.log, and the Sys$log.err), which can be used to diagnose server-related problems. Microsoft operating systems write information to a System Log. Figure 16.1 shows an example of the System Log in Microsoft’s Event Viewer. In Windows 2000, Event Viewer can be accessed from Administrative Tools or through the Control Panel. FIGURE 16.1
Microsoft’s Event Viewer
The System Log shows events pertaining to the failure of a driver or another system component. Double-clicking an event within Event Viewer will bring up more-detailed information on the error, such as the error ID and a description (see Figure 16.2). If you are using one of Microsoft’s operating systems, you can then go to Microsoft’s support site and search for information regarding the specific event ID (see Figure 16.3). Chapter 17, “Troubleshooting Tools and Techniques,” will look more closely at how to use log files for troubleshooting.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
FIGURE 16.2
System error in Event Viewer
FIGURE 16.3
Event ID support
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
515
516
Chapter 16
Problem Determination
The System Log displayed within Microsoft’s Event Viewer gives you the date and time that the error or warning occurred, the source of the error or warning (which server component generated the event), an event ID, and a description of the event.
It is good practice to regularly review the information in log files, making it part of your daily or weekly routine. Some logs will generate warning messages alerting you to a possible problem so it can be dealt with before it becomes more serious.
Physical Problem Detection We have discussed gathering information by questioning users and reviewing server logs. Another means of troubleshooting a problem is to rely on your own senses—your sense of sight, smell, and sound. Your own senses can help you determine quickly the cause and solution of any physical problems.
Use Your Eyes If a problem is suspected with a server, start looking around. Missing a visual clue in the physical environment could cost you hours spent troubleshooting a simple problem. Does anything look out of the ordinary? Has someone other than you recently had access to the server? If anything looks out of place, you will want to find out who last accessed the server and what changes, if any, that person might have made. Also check the physical cable connections, check the cables themselves, and check to make sure that all components are properly connected. For example, noticing a disconnected network cable can save you time in troubleshooting a server’s loss of network connectivity (if only troubleshooting all server-related problems could be so simple).
Use Your Nose Using your sense of smell can also assist in problem determination. Check the server environment for any usual smells, such as smoke or an “electrical” smell. For example, if a video card burned out, you would probably detect its very distinct odor.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
517
You will recall from earlier discussions that excessive heat can have a negative impact on a server, and that servers should be placed in a room where the temperature can be carefully controlled and monitored. When troubleshooting any server-related problems, check the temperature of the server room. There are two issues to be aware of when considering heat. First, servers and components generate a fair amount of heat. If a fan in a power supply goes out, the box will let off a lot of heat. Or if a CPU fan goes, you may notice erratic behavior in your server, such as the icons disappearing from the desktop (this can obviously be more difficult to detect). If the server itself is overheating internally, it can also cause hardware components to fail. The second issue involves a fluctuation in room temperature, which can cause components to physically shift and lose their connection (which could be the cause of any hardware-related problems you may be having).
Use Your Ears Listen for any unusual sounds that might indicate a failing or malfunctioning component. Server rooms are notoriously noisy, but if you are in tune with the environment, you should be able to pick up on any unfamiliar sounds. Take for example an internal fan. Before an internal fan fails, it usually makes a loud grating or humming noise that can alert you to the problem; then you can replace the fan before it actually does fail. Or if a spindle is about to go out on a hard drive, you might notice a very-high-pitched hum. A rhythmic clicking coming from your hard drive is another ominous sound. If you haven’t noticed any problems with the server already, get that hard drive replaced before something tragic happens.
Notify Responsible Parties In many cases, depending on the size and structure of the network, you will be responsible for all aspects of server and network administration. In other cases, particularly in a large network, several administrators might be responsible for different areas of server and network administration. This would mean that, when it came time to fix a problem, it might not be in your area of administration and expertise. In such cases, once you have detected a problem, you should notify the individual responsible for this area of administration to fix the problem. It could also be appropriate to notify a third party. Take, for example, a case when users report they cannot access one of the servers on the network. After examining the server, you determine that it is
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
518
Chapter 16
Problem Determination
functioning as it should be and the problem is in network connectivity and a malfunctioning router. In this case, you may need to notify the person responsible for maintaining internetworking and routers to fix the problem. In some cases the contact to fix the problem may be a third party offering support for a product. If the problem is due to hardware or third-party software and you are unable to determine the cause of the problem, one of the first things to do is contact the manufacturer’s support team. Chances are they have encountered the problem before and will be able to provide a solution or, if they do not have a solution, will be quick to find one for you.
Fix the Problem Once the trouble and its cause have been identified, you are ready to move onto the next step, which is finding and implementing a solution. An experienced administrator might know the exact fix and be ready to implement it if they have encountered the problem before or have expertise in that specific area. Those who are new to server administration (and even those who are experienced but encountering a new problem) should be aware of the different resources available to them and where to locate or access them. You might need to ask for assistance to get the problem solved. Remember, your goal is to get the server fixed as soon as possible to avoid the chance of server downtime, so use all the resources you have available to you to get the problem solved.
I have yet to meet an experienced server administrator who does not consult some documentation, such as a knowledge base, to solve some server related problems.
Find Available Resources A good server administrator will be aware of the many resources that are available for troubleshooting. A resource can be another person or some form of documentation that provides insight into the problem at hand. There are many places that a server administrator can go for support, some of which are listed below.
Telephone support
Technical support websites
Technical support CDs
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
Search engines
Readme files
Newsgroups
Chat rooms
519
Locate and Use Documentation An abundance of information is available for troubleshooting: readme files, technical support CDs, support websites, and newsgroups. All can be useful when determining a solution to a problem. Some manufacturers and vendors have newsgroups available on their website where customers can go to seek assistance and post information. Chances are you are not the first customer who has encountered the problem, and someone might have posted the cause and solution. If there is nothing pertaining to your problem on the newsgroup, you can also post a question that another customer or support person can answer. Readme files are usually found on a manufacturer’s installation disk or CD. A readme file will contain installation information, tips, and configuration settings not to be found in a manual. Figure 16.4 shows the contents of a sample readme file. FIGURE 16.4
Sample readme file
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
520
Chapter 16
Problem Determination
Telephone support is another troubleshooting resource. Most vendors and manufacturers will provide their customers with phone support for a minimal cost. This can be for a specific period of time or on a per-incident basis. If it is available to you, it is a resource that should not be overlooked because the support technician on the other end will be familiar with the product and should be able to answer both basic and complex questions. There are drawbacks to telephone support, such as the length of time you might be on hold waiting to get through to a support representative. The support technician will most likely ask you for configuration information, so you will need to be close to the server. You will probably be asked to install any service packs or software updates to current versions before you will be provided with any more assistance. Many manufacturers and vendors are moving away from the telephone support and providing technical CDs as a troubleshooting resource. For example, Novell and Microsoft both publish monthly technical CDs that are available for a small yearly fee. The CDs contain the latest knowledge base articles, software updates, service packs, fixes, resources kits, and in some cases drivers. Almost all vendors and manufacturers provide technical support through their websites. This is often the best place to look for information because it tends to be the most up-to-date source. Websites also tend to be the easiest to access and most readily available. Examples of technical websites can be found at http://support.microsoft.com and http://support.novell.com. Figure 16.5 shows Microsoft’s support home page. From Microsoft’s website you can access a knowledge base with extensive support articles regarding Microsoft products. Also, don’t forget about Help files. They can often provide good information about how a specific service or program is supposed to work, and even advice on what to do when something isn’t working. Almost all operating systems and programs have a Help feature. It’s typically accessed by hitting the F1 key on your keyboard, or by typing in help at a command prompt.
Ask for Assistance Why waste time troubleshooting a difficult problem when a call to the manufacturer’s help desk could solve it quickly? An efficient server administrator uses all available resources to get back online as quickly and efficiently as possible, even if this means asking for assistance.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Steps
FIGURE 16.5
521
Microsoft’s technical support site
This is not to say that every time a problem arises you should call for support. If you can afford the time, first consult the documentation, help files, and any web resources you can find. If you are unable to locate a solution, then your next step should be to get help from a more seasoned server administrator or the manufacturer’s support team.
Document the Solution Once the solution has been implemented and tested, your last step will be to document the entire process (this is one step that is often overlooked by administrators). This information could be useful to you the next time you need to correct a similar problem, and could be even more useful to other administrators responsible for server troubleshooting. The documentation should be as thorough as possible and be written by the responsible troubleshooter. Keep the documentation in a safe location.
It is good practice to keep this information in a server maintenance log. Everyone making changes to the server—whether those changes are upgrades, troubleshooting, or anything else—should document them in the maintenance log.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
522
Chapter 16
Problem Determination
So once a fix has been found, implemented, and tested, you must document everything from start to finish. Your documentation should include the following information:
Description
Cause
Timeframe
Symptoms
Any error messages generated
Solution
Person responsible for troubleshooting
Any configuration changes made as a result of implementing the solution
Log It! Documenting may seem like a tedious task but it can make everyone’s job just a little bit easier. When I look back and compare two technical support teams that I was a part of, I can really see its importance. One was very relaxed in making changes to the servers. If problems arose, no one was notified and whoever was around fixed the problem with no documentation left behind. This led to chaos, confusion, finger pointing, and what seemed to me like an increase in server downtime. It was difficult to pinpoint what configuration changes were made, and there were times when these changes brought both the server and network down. Being in the dark about what the technician before you did made it really difficult to troubleshoot. The other team was far stricter about who did what, how it was done, and what documentation they kept. Upgrades and troubleshooting were far less chaotic and more often successful. If any one of the technical staff needed to know what was done on the server last, finding out was as simple as looking in our server maintenance log. It included a detailed description of the problem, screen shots of any error messages, the step-by-step solution, and who performed it. As far as I am concerned, you can never document too much when it comes to server troubleshooting.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
523
Summary
We began by defining the term troubleshooting. Understanding the troubleshooting process can make problem detection and resolution much easier and reduce server downtime. Troubleshooting a server problem begins with assigning the problem a priority. Server administrators need to determine which problems need to be dealt with immediately and which can be put on hold for a short time. Gathering information on a reported issue entails determining whether the issue stems from software, hardware, or virus trouble. To get basic information, ask questions of users on the network. Error/event logs record precise information about server events, so this is one of the first places to look for details about a problem. Using your senses can provide valuable information when troubleshooting. Assess the server environment for any unusual sounds or smells. A visual inspection of cables and connectors should also be performed to eliminate these as the source of the problem. Once the source has been determined, the person/persons responsible for troubleshooting in this area should be notified. Large networks will most likely be administered by experts in different technical areas. The appropriate individual, the one responsible for providing support in the area of concern, should be notified. An abundance of technical resources assist server administrators in troubleshooting. You should be familiar with some of the basic resources available and how to access them. Possible resources include telephone support, readme files, technical support CDs, technical support websites, and newsgroups. Any one of these or any combination can be used to determine a solution to the problem. In some situations it may be necessary to ask for assistance to get the server functioning as it should. This may include looking to the manufacturer’s or vendor’s support personnel for assistance or asking another administrator on staff. Finally, the last step in the troubleshooting process is to document. Documentation should include a description of the problem, any error messages that were generated, step-by step instructions for implementing the solution, names of personnel performing the troubleshooting, and any configuration changes made as a result of implementing the solution.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
524
Chapter 16
Problem Determination
Exam Essentials Know the general troubleshooting procedures. The steps to follow when troubleshooting a problem will increase the likelihood of correctly identifying the problem and finding a solution. Know how to gather information about a reported problem. Problems can be hardware, software, or virus related. Gathering information allows you to appropriately diagnose the problem. Know how to use error/event logs. Event logs, such as the System Log in Windows Event Viewer, maintain information about events and actions occurring on a server. They can provide detailed information on any warnings or alerts caused by malfunctioning hardware or software. Know how to use your senses. Using your senses of smell, hearing, and sight when assessing the server environment can help you detect any physical problems. Know how to locate resources. Abundant troubleshooting resources are available to a server administrator. Know how to document solutions. Include all steps performed and any problems encountered.
Key Terms
Before you take the exam, be certain you are familiar with the following terms: error/event log
readme file
event ID
resources
Event Viewer
technical support CD
knowledge base
troubleshooting
newsgroup
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
525
Review Questions 1. When you are troubleshooting a server problem or error, where
should you look to gather information? A. Network users B. Technical support CD C. Error/event logs D. Online support E. All of the above 2. Of the following, which is considered the most important when
troubleshooting a server-related problem? A. Amount of server downtime B. Documenting the solution C. Preventing data loss D. Gathering appropriate information 3. You are performing an inspection of the server environment. You
notice an unusual grating sound coming from within the server. What is most likely causing the problem? A. There is no problem. Servers always make this noise. B. A CPU fan is failing. C. A hard disk has failed. D. The video card has shifted. 4. Users in the accounting department are complaining that when they
run their month end report, their workstations often lock up and require a reboot. Accountants have a server that is dedicated to the department. This report ran just fine last month. Where will you begin searching for clues that will tell you what has gone wrong?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
526
Chapter 16
Problem Determination
A. The maintenance log B. The network map C. The wiring diagram D. The server configuration documentation 5. What are some common methods or resources you can use to gather
information about a server-related problem? A. Event logs B. Maintenance logs C. Asking questions D. Looking, listening, sniffing 6. Why are maintenance logs important? A. They provide a clear picture of what the service techs have been
doing. B. They provide a background of what has been done to a computer. C. They provide an instruction manual for doing routine tasks. 7. You have an application server that permits people from several
different areas to access the computer. Today the server went down for no apparent reason and is sitting at a stop screen. What is your first step in problem determination? A. Write down the stop code and stop syntax (if any). B. Talk to the people involved with the server to see if a change has
been made. C. Reboot the server. D. Check the manuals. 8. You have a dedicated application server. Lately the application has
been acting somewhat erratically, even though no changes have been made to the system for a long time. Where should you begin checking?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
527
A. Error/event logs B. Network connections C. Server I/O D. System documentation 9. What are some resources that you can use to diagnose and solve
problems? A. Friends and coworkers in the business. B. Online knowledge bases. C. System documentation. D. Try different things in an attempt to solve the problem. 10. Last night you were working on a server, changing out its NIC. Coin-
cidentally, the network team was working on a router at the same time. When you left, the NIC seemed to be working OK. When you came into work today, you were bombarded with complaints that no one could reach the server. Where should you begin checking first? A. Check with the network team to see what changes were made. B. Check the NIC to make sure it’s plugged in. C. See if you can ping the NIC. D. Check the speed the NIC is set for. 11. You are just starting a new server administration job when a server
fails and the reason it failed isn’t evident through conventional troubleshooting techniques. Where should you begin checking first? A. Check previous administrator’s documentation. B. Check system documentation. C. Check event logs. D. Call some networking friends. 12. Your server is running Windows 2000 Advanced Server and has been
freezing lately during certain operations. Where should you go first to find support on this issue?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
528
Chapter 16
Problem Determination
A. Microsoft’s Knowledge Base B. Newsgroups C. Server documentation D. Call for support 13. You need to look for a new device driver. Where should you begin
looking? A. Newsgroups B. Call support C. Manufacturer’s website D. Knowledge base 14. What is the final step in troubleshooting? A. Notify users B. Power off the server C. Verify D. Document 15. In Windows 2000, how do you access the System Log? A. Through the Control Panel B. In the My Documents folder C. Right-clicking My Computer D. Network Neighborhood 16. How can newsgroups be useful in troubleshooting? A. Allow you to connect with other users who may have experienced
the same or a similar problem B. Provide updated device drivers C. Provide exact solutions to server problems D. Provide access to knowledge base articles related to server
troubleshooting
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
529
17. There was a problem with one of your network servers. Over the
weekend another network administrator solved the problem. On Monday when you arrive at work the server is down. What is your first step? A. Call for technical support B. Look over the maintenance log from the weekend C. Go directly to the support website D. Question users 18. What resources are available through a subscription to Microsoft’s
TechNet? A. Service packs B. Drivers C. Resource kits D. Knowledge base articles 19. What type of information is contained within a Windows 2000
System Log? A. Error ID B. Date and time C. Solution to the error D. Source 20. What does an error/event log do? A. Lists the solutions to server errors. B. Logs events as they occur on a server. C. Tracks changes made to a server. D. Provides links to online support.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
530
Chapter 16
Problem Determination
Answers to Review Questions 1. E. Network users are often first to report a problem, and are worthy
of close questioning. Error/event logs provide critical event data and an event ID to help pinpoint the problem. Tech support—whether live, online, or on CD—should yield a solution. 2. C. Although all the options are important in terms of troubleshoot-
ing, the most important one would be to prevent the loss of data. 3. B. A loud grating sound coming from within a server will usually
mean that a fan is failing. 4. A. A maintenance log is a listing of all the work done on a particular
system. It should include details like who did the maintenance, what they did, why they did it, what changes were made, what time the server came down, what time the server went back in service, what problems (if any) were encountered, and the steps taken to solve a problem. 5. A, B, C, D. Any of the above methods can be used to gather infor-
mation about a server-related problem. 6. B. Maintenance logs provide a background of what has been done to
a computer. 7. A. Before you do anything else, write down the stop code, if there is
one, and the syntax of the stop message, if there is one. You’ll need this information as you investigate the cause of the problem. Then you begin talking to others about what may have been done to the server. 8. A. Typically, an application written for the NOS on which it is
running will post events to the system’s log files. You can glean tons of information simply by reading the logs to see if you can find out what’s wrong. If you come up blank, begin to dig into the system documentation, or use the documentation along with the log files to interpret what’s happening. 9. A, B, C. Answer D is something that you shouldn’t let yourself get
involved with. Ask friends and coworkers who are familiar with systems, check knowledge bases, and consult system documentation, but don’t try to solve problems by trying one thing after another!
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
531
10. A. First check with the network team to see what configuration
changes were made during the evening. 11. A. Answer C is wrong because the question states that conventional
troubleshooting has not yielded any information. Begin by checking to see if the previous administrator left any documentation on this system. Checking the system documentation is a good idea, but probably not your first choice. 12. A. The first place that you should look for a solution to the problem
is Microsoft’s Knowledge Base, which can be accessed from their support site or on the Technet CD. 13. C. The best place to look for a new device driver is the manufac-
turer’s website. 14. D. The final step after resolving any server-related problems is to
document the entire process. 15. A. The System Log can be accessed with Start Settings Control
Panel Administrative Tools Event Viewer System Log. 16. A. Newsgroups provide of way for a server administrator to connect
with other users who may have experienced the same or a similar problem. Keep in mind that the information on newsgroups is not always accurate but it can be used as a starting point. 17. B. The first thing you should do is review the other administrator’s
documentation so you have an idea as to what was done to the server over the weekend. 18. A, B, C, D. All of the above are available with a yearly subscription
to Microsoft’s TechNet. 19. A, B, D. The System Log within the Event Viewer tells you the date
and time the error occurred, the Error ID, and also the component that generated the error (source). 20. B. Error/event logs are used to log events and actions that occur on a
server, such as error or warning messages that are generated by server components.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Chapter
17
Troubleshooting Tools and Techniques COMPTIA EXAM OBJECTIVES COVERED IN THIS CHAPTER: 6.2 Use diagnostic hardware and software tools and utilities
Identify common diagnostic tools across the following OS: Microsoft Windows NT/2000; Novell Netware, UNIX, Linux, IBM OS/2
Perform shut down across the following OS: Microsoft Windows NT/2000, Novell Netware, UNIX, Linux, IBM OS/2
Select the appropriate tool
Use the selected tool effectively
Replace defective hardware components as appropriate
Identify defective FRUs and replace with correct part
Interpret error logs, operating system errors, health logs, and critical events
Use documentation from previous technician successfully
Locate and effectively use hot tips (e.g., fixes, OS updates, E-support, web pages, CDs)
Gather resources to get problem solved:
Identify situations requiring call for assistance
Acquire appropriate documentation
Describe how to perform remote troubleshooting for a wake-on-LAN
Describe how to perform remote troubleshooting for a remote alert.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
6.3 Identify bottlenecks (e.g., processor, bus transfer, I/O, disk I/O, network I/O, memory) 6.4 Identify and correct misconfigurations and/or upgrades 6.5 Determine if problem is hardware, software or virus related
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
I
n one respect, it’s ironic that troubleshooting always seems to be the last chapter in technical books. From technical manuals to study guides like this, troubleshooting is always tucked away at the very end. Being able to solve problems on your computers and networks is arguably the most critical skill you can develop. If this is the case, then why present the most important information last? It’s simple really. While troubleshooting is indeed a critical skill, you can’t begin to fix a problem until you understand all of the components that could be causing the problem. If you have no idea how an automobile works, it’s not a good idea to attempt to fix a broken transmission on your own. The same holds true for computers. Not knowing what you’re doing can create more problems than originally existed. Troubleshooting can be a frustrating and humiliating experience. Good troubleshooting—fixing a problem—can also provide an exhilarating thrill of victory. The best way to learn to troubleshoot is to practice, and the only way to practice is to have problems. Although there is no good substitute for experience when it comes to troubleshooting, you can help yourself out by having a solid background in troubleshooting fundamentals. Another thing to remember is that you will never know everything. If you run across something you don’t know, just know where to look to get yourself closer to a solution. Chapter 17 provides some solid fundamentals, and points you in the right direction to get the troubleshooting process started.
Common Issues
I
once worked for a computer company that said, “We do not have problems. We have issues and situations.” In fact, if you were caught calling
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
536
Chapter 17
Troubleshooting Tools and Techniques
the customer’s issue (or situation) a problem, you could be seriously reprimanded. It’s all a matter of semantics really, but there are negative connotations with using the word “problem.” When working on computers, there are some areas in which problems—er, issues—commonly occur.
Bottlenecks In the computing world, it seems that bottlenecks are everywhere. A bottleneck is defined as a limiting system resource. It’s the component or components that slow the machine down. If you have a nice 1.5GHz processor in your machine, but only have 32 megs of RAM, obviously something is wrong. More than likely memory will be your bottleneck. Bottlenecks can occur because of virtually any component in your system. It could be your motherboard, processor, memory, I/O devices like network cards and modems, or even network cables. You will never eliminate all bottlenecks within your computer. I know that sounds pessimistic, but it’s generally true. If memory is your bottleneck and you upgrade your RAM, another component will now be the slow one, like your motherboard. Since you cannot completely get rid of bottlenecks, the goal is to minimize them to the point where they’re not a nuisance. Ideally, the computer should always be waiting for the human to act next. We should slow the computer down, not the other way around.
Identifying Bottlenecks So now that you know what a bottleneck is, it’s time to track them down. There are many diagnostic utilities on the market that will help you in this pursuit. But before you go spend money on additional software, see what is currently at your disposal. First of all, don’t forget your senses. Does the computer seem slow? If not, and you are always happy with its performance, don’t bother looking for a problem. Chances are, if your computer’s performance is always great, the bottlenecks you do have are not an issue. Go enjoy another cup of coffee. If the machine does seem slow, then you want to take a look to find out why. That’s where troubleshooting tools can greatly come in handy. Someone may tell you that the server seems slow, but how do you know if they’re right or not? Troubleshoot it with monitoring software. By using your diagnostic software, you can get a snapshot of how the system is performing at any given moment. Oftentimes, you can look at processor,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Common Issues
537
memory, disk, and network performance, as well as a host of other items. But taking that snapshot won’t do you a lot of good unless you have some frame of reference to compare it against. In other words, is the server slowing down over time, or is the performance normal—just slow? To do this, you need to establish a baseline of system performance. Baselines are typically established when the server is first put into production. Baselines are also re-established when you make major configuration changes, like adding more RAM or a new processor. All the baseline does is give you the comparison point you need to see if your server is slowing down over time or not. Resource monitors will call their objects—the things they monitor—by different names. No matter which program you choose, always make sure that you can look at the four most critical server components: processor, memory, hard disk, and network card. Microsoft Windows NT Server 4 provides a utility to diagnose bottlenecks called Performance Monitor. Windows 2000 Server comes with System Monitor, which is essentially the same utility as Performance Monitor, but with a few new features. Figure 17.1 shows resource monitoring using System Monitor. FIGURE 17.1
Windows 2000 System Monitor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
538
Chapter 17
Troubleshooting Tools and Techniques
Notice that in Figure 17.1, we are specifically looking at processor, memory, and hard disk activity. There are literally thousands of items you can monitor the performance of, both hardware and software. The vast majority of them you will never look at. If you find a set of counters that you find is relevant to the health of your server, you can save it as a log, and then open the log whenever you need to monitor your system performance. This will save you the time of adding the individual counters every time you want to monitor your server. Figure 17.2 shows an example of a saved counter log. FIGURE 17.2
Counter log in System Monitor
NetWare 5 also provides a basic monitoring utility. From a console prompt, type in load monitor. Monitor allows you to isolate performance bottlenecks, optimize server performance, and troubleshoot and resolve server issues. Figure 17.3 shows what the general information screen in Monitor looks like.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Common Issues
FIGURE 17.3
539
Monitor’s General Information screen
Monitor also allows you to look at a variety of other items, including server error logs, disk drives, cache statistics, and user accounts. NetWare 5 also allows you to use ConsoleOne for system monitoring. IBM’s OS/2 Warp comes with a System Monitor application. Most versions of Unix also come with their own built-in monitoring software. There are so many versions out there, it’s impossible to list all of the monitoring utilities here. Linux also has monitoring tools. As an example, Red Hat Linux PowerTools comes with loadmeter, mon, slmon, and wmmon, all of which are resource-monitoring utilities. If you can’t seem to find a resource monitor for your server, a quick search on the Internet will list thousands of products available to meet your needs. It can be a pain sifting through all of them, but find one you like, and use it regularly.
Acceptable Performance Resource monitoring tools are great for showing you how your server is performing, at least based on the numbers. System Monitor may tell you that your processor is working at about 50 percent capacity, there is plentiful memory, and the hard disks have about 20 percent free space. Are those numbers good, bad, or do they even matter? Here are some guidelines as to generally recognized acceptable performance numbers:
Processor: Under 80 percent utilization
Memory: Under 75 percent utilization, and no more than 20–30 pages per second written to virtual memory
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
540
Chapter 17
Troubleshooting Tools and Techniques
Hard disk: Under 80 percent read/write time, and under 90 percent disk space utilization
Network interface: Under 40 percent for Ethernet networks, 80 percent for Token Ring networks
Again, these are just general guidelines. Also keep in mind that performance spikes are normal. When you open an application on a computer, the processor utilization will spike to 100 percent for a short time, and then drop back down. This doesn’t indicate a processor bottleneck. However, if the processor is constantly running at 90 or 100 percent, it’s time to find it some help. Ultimately, you will be the one who has to decide if your server is performing within acceptable limits.
Fixing Bottlenecks Identifying the limiting system resource is only half of the battle. Once you have located the component that is slowing down your system, you need to do something about it. Many operating systems, such as NetWare 5, are excellent at self-optimization. However, there is only so much optimizing an operating system can do with limited physical resources. Perhaps the most obvious solution is to upgrade or replace the hardware. If your server’s memory is overtaxed, get more RAM. If the hard disks are full, get new ones. If the processors are working overtime, get more or faster processors. If you can’t upgrade the server’s hardware, consider offloading some of its services onto another machine. Even though this one server may be overworked, you might have another server that is relatively idle. If you can balance the server workload across your entire network, everything will run much more efficiently.
Failed Configuration Change You purchase a brand new software management system that is going to make your administrative life easy. You install the package, reboot your server, and the system crashes. Or in an effort to optimize the system, you make some changes to critical configuration files. You reboot to find that nothing changed at all. These types of things can happen. When a configuration change goes wrong, it’s important to get the server back to proper working order quickly.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Common Issues
541
The Change That Didn’t The easiest type of failed configuration change to deal with is the one that doesn’t do anything. In other words, the setting adjustment you made was supposed to produce a desired effect, but nothing happened. What could the problem be? The first thing to do is be thankful that nothing bad happened. This may sound like a pessimistic view, but reality says that if the server was working (or we can assume it was) and you made a change, and it’s still working, then life is good. Of course, we still have the problem of wanting a change to do something, and it didn’t. There are a couple of things to check. Was the change you made a permanent one, or was it a temporary one that might have gone away after you rebooted? In the case of a Windows environment, did you hit the OK button to effect the change, or did you absentmindedly hit the Cancel button instead? (It’s okay, it happens to all of us.) If your server is running NetWare, does the change need something in the startup.ncf or autoexec.ncf (NetWare 4) or servcfg.000 (NetWare 5) files? What about arguments that you may need to execute to load the change in a Linux or Unix environment? Before you assume that your change did nothing, make sure that it’s still in effect. If the change did stick, but still didn’t seem to have an effect, try reversing the change and re-enabling it. It sounds silly, but sometimes toggling the effect like that can make it work. If you still didn’t get the desired results, check the product documentation, or check your vendor’s website for any issues related to what you are dealing with. There may be an undocumented feature (known as a “bug” in some circles) that you are unaware of.
Unhealthy Results A worse-case scenario is when you make a configuration change to your server and something bad happens. Obviously, you need to find a way to get the server back in working order quickly. How do you proceed? It all depends on what change you made and what operating system you have. For failed configuration changes in Windows 2000, you can boot into Safe Mode. Safe Mode doesn’t load very many drivers and services—only the keyboard, mouse, and basic video. You can then remove the problem component, and reboot the server normally. If you can’t even get to the boot menu, you will need to boot from a floppy disk.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
542
Chapter 17
Troubleshooting Tools and Techniques
Safe Mode is accessed by pressing F8 to invoke the advanced boot options as Windows 2000 loads. Watch the bottom of your screen, and it will tell you when.
Microsoft recommends installing software through Add/Remove Programs in Control Panel. If you have installed an application that seems to be problematic on a Windows NT or Windows 2000 Server, you can use Add/ Remove Programs to remove the application that is causing the issue. It’s best to use Control Panel to remove software as opposed to just deleting the software directory. Deleting the directory does not remove references to the software from the registry, and you may still have problems. If you are using a NetWare server, check your configuration files for things that shouldn’t be there, or things that you added that need to be removed. If you are using Unix or Linux, there are startup command line arguments that you can execute to prevent various services from loading. You may also want to try rebooting into an alternate run level. Software that is causing problems on a Unix or Linux server can be easily removed by the rpm utility, the same utility you might have used to install the package. To remove the software, use the following command, where package refers to the name of the application: rpm –e [package] You can also remove problematic modules from Unix and Linux machines by executing the rmmod [module] command. To simply view your current configuration on a Linux or Unix machine, you can execute config, menu-based menuconfig, or xconfig, which is a graphical utility. Consult with your server documentation to see what the manufacturer recommends doing if the server won’t boot right. Oftentimes you will get good advice as to how to proceed. The absolute worst thing that can happen after a failed configuration change is that your server simply will not work. You have tried everything you can, but nothing will get the server to boot. If that happens, you will need to restore your server from a backup. Hopefully you have followed good backup procedures, and you can get the server running quickly.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Common Issues
543
Hardware Issues Underneath all of your operating system fluff lies the hardware. Most of the time, we don’t think much about it. The server runs, and we leave the hardware alone. When you have a hardware failure though, life can become stressful. If you have failed hardware, it’s important to isolate the piece of hardware that failed and replace it as quickly as possible. Sometimes isolating the hardware failure is easy. If there is smoke pouring out of your power supply, you have a good indication that something is wrong. Other times, it’s not so easy to figure out what’s wrong. If you can’t access a hard drive, it could be the drive itself, or the controller that it’s plugged into. Logic can help solve this too. If other drives that are plugged into the controller are still working, chances are the controller is fine. If you are ever unsure of what part failed, try replacing it and see if the replacement works. If not, then you were probably wrong about what failed. Try replacing something else. Keeping hot pluggable hardware around is a good idea. If you can keep an extra hard drive (or two), motherboard, processor, memory, power supply, and network card around, you can often replace the part quickly. Keeping extra hardware around can get expensive, however, so it’s not always feasible. If you can’t do it, just make sure you have quick access to replacement parts. Some parts are easily replaceable, and others are not. It depends on the part you are dealing with. Parts that are easily replaced in the field are referred to as field replaceable units (FRUs). Some examples of FRUs are hard disks, motherboards, power supplies, network cards, and video cards. Individual chips on the motherboard (except for the BIOS) are not often considered to be an FRU. There is one more important thing to remember about hardware. Not all of it works with all operating systems. Be sure to check your operating system manufacturer’s website to see if the hardware you have (or want to purchase) works with their operating system. Most NOS vendors have a hardware compatibility list (HCL) that lists hardware that is known to work with the OS. If your hardware is not on the list, you could be in for difficult times getting the piece to work. Also check the hardware vendor’s website for drivers that are specific to your operating system. If they don’t exist, getting the hardware to work with your operating system does not look promising.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
544
Chapter 17
Troubleshooting Tools and Techniques
Troubleshooting Hardware I was on vacation visiting my in-laws when we had a huge thunderstorm. The power was out for nearly an hour. When the power came back, we discovered quickly that the company my father-in-law worked for had been hit too, and their e-mail server appeared to be down. A few phone calls indicated that people were frantic. He called his consultant and told him to meet us at the office. When we got there, sure enough, the e-mail server was down. So was the air conditioning. Heat sensors were flashing everywhere. One server rack was completely powerless, and the other was complaining about the conditions. The young consultant started ripping at cords, trying to get rid of the defunct UPS. I stood by and watched as an amused observer. He found more power outlets, and started plugging items (including the e-mail server) back in. After an hour of watching him troubleshoot why he couldn’t get to any external sites from the server room, I was not as amused. It was hot, and I was supposed to be on vacation. He had spent the last half hour in the router configuration tables muttering about how they all looked right, but something just had to be wrong with the router, because he couldn’t get out. I looked around at the rack for a few minutes, and politely asked him what “that little black box that doesn’t have any lights on it” was. It was the CSU/ DSU for the incoming T1 connection, and he had neglected to plug it back in. As soon as we powered the CSU/DSU up, magically, everything worked again. We had an external connection. The moral of the story: Always, always check your hardware connections first, before you start troubleshooting everything else.
File Corruption and Viruses Sometimes there appears to be no reason why a file is corrupted. It just mysteriously happened. Other times it seems as though your server is playing a frustrating game with you, corrupting critical files at the most inopportune
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Common Issues
545
moments. There are times though when a computer gets improperly shut down, or crashes unexpectedly, and corrupt files appear. No matter how you acquired the corrupt files, they all need to be fixed. Applications installed on Windows 2000 Server may be able to automatically repair themselves if they were installed through Add/Remove Programs in Control Panel. If an application was installed with an .msi file, it can detect the corrupt file (if it’s directly related to the operation of the program), and repair it automatically. In the case of data files, the only reliable way to retrieve them is to restore them from a backup. If files are important to you, back them up early and often. If you are the network administrator, it’s one of your main responsibilities to back up the servers that store user data. Not having an adequate backup to corrupted files can be disastrous. Viruses come in many shapes and sizes. They vary from simple joke viruses to worms, Trojan horses, and polymorphic stealth viruses. Some just make your screen look funny. Others corrupt or delete files, while some can even wipe out your whole machine. On a server, even a “joke” virus is no laughing matter. The only surefire way to avoid a virus is to avoid the Internet, and keep all diskettes away from the machine. Better yet, don’t install any software at all, and leave the computer powered off. That strategy defeats the purpose of having a network at all, and makes your server quite useless. All network servers should be running an antivirus software like Norton AntiVirus or McAfee VirusScan. Regular virus scans should be performed on the servers (and all clients if possible), and infected files must be immediately cleaned or destroyed. Most antivirus programs have configurable options designed to clean or destroy infected files automatically. Also, a good antivirus program will periodically download new virus updates from the Internet. If your server does get infected with a virus, and data is deleted or destroyed, you need to start from scratch. Completely wipe out all drives on the server, and restore from tape backup. With any luck, the tape backup will not be infected. Also, be sure to warn all clients on your network about the virus. Educate your users about the dangers of viruses, and how to best avoid them.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
546
Chapter 17
Troubleshooting Tools and Techniques
Incompatibility Issues Incompatibility issues with computers can involve both hardware and software. The most common hardware incompatibility issue involves RAM. When you upgrade the RAM in your computer, make sure to get the same brand that you originally purchased. If possible, get the same exact type as well, including speed and size. This can sometimes be a difficult task, especially if you bought the machine already assembled. In that case, contact the manufacturer of your server and see if you can purchase the memory directly from them. Another common hardware incompatibility issue is with the processor. Some applications and operating systems will not work with certain types of processors. Be sure to check your NOS documentation before purchasing the hardware. As an example, Windows NT Server will work with a MIPS processor, but Windows 2000 Server will not. Occasionally you will run across issues with hard drive incompatibility as well. When mixing brands of hard drives on the same cable, whether the drives are IDE or SCSI, you can encounter problems. In the case of IDE, try to reverse the master/slave relationship to resolve the issue. If that does not work, put the drives on separate controllers if possible. With SCSI, you often have fewer problems between drive manufacturers. However, if you have a problem you can try changing the SCSI ID on the drive to fix it. Software incompatibility can drive a network administrator crazy. It rears its ugly head when you install one application, and then find out that another application ceases to function because of it. Fortunately, this does not seem to be as common a problem as it used to be. If you do encounter software incompatibility issues, you need to remove one of the applications. Install the application on another server, and test to see if everything works okay. If you do not have another server to install the application on, then see if the vendor of either program has a workaround for the problem. Give their website a look, or call their technical support for assistance. Another software compatibility issue is when the application does not run on your operating system. This one should be easy to avoid. Just make sure that the application was designed for use with your operating system before you purchase it.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Using Log Files
547
Using Log Files
Troubleshooting servers is not an exact science. You will often be under a great deal of time pressure, and have limited information as to what the problem is. Fortunately, most server products produce log files that can help you determine where the problem is happening. Most log files are purely informational. That is, they are not going to give you step-by-step solutions as to how to fix the problem. However, what they can give you is valuable information that will allow you to fix the problem faster.
Windows 2000 Event Viewer Windows 2000 Server comes with a logging utility called Event Viewer. By default, Event Viewer has three logs: System, Application, and Security. Event Viewer is shown in Figure 17.4. FIGURE 17.4
Windows 2000 Event Viewer
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
548
Chapter 17
Troubleshooting Tools and Techniques
Logged events will fall under one of three categories: information, warning, and error. Informational events do not need to be acted on. They are there for your general benefit. Warnings have a yellow sign with an exclamation point next to them. They indicate potential problems. They are generated when an error happens, but the error was not critical to the operation of the server. Errors have a red stop sign next to them, and these are what you are looking for when troubleshooting problems. Figure 17.5 illustrates information, warning, and error signs. FIGURE 17.5
Events in the System Log
Each log has a specific purpose, and each can help you troubleshoot very specific server problems: System Log The System log is enabled by default. It will display events related to the startup and shutdown of the server, as well as server related services like DHCP, DNS, WINS, and RRAS. Application Log The Application log, as its name indicates, logs errors dealing specifically with applications. Exchange Server, SQL Server, and other applications generate errors into this log.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Using Log Files
549
Security Log If you have auditing enabled on your server, you will generate messages in the Security log. Note that the Security log does not use the information, warning, and error symbols. Rather, it uses two icons: a padlock for an unsuccessful security attempt (such as a failed logon), and a key for a successful security attempt (like accessing a file to which one has permissions). By double-clicking an event, you can see details about the event, such as the computer it took place on, the user that was involved, the time it took place, and an error code. Figure 17.6 shows the details of an event. FIGURE 17.6
Error event in the System log
Although the bottom pane of the event detail box gives you information in common language, the information that it provides may not be very helpful. You can search for the Event ID listed on Microsoft’s Knowledge Base site for more-useful information.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
550
Chapter 17
Troubleshooting Tools and Techniques
If you have configured a domain and Active Directory, you will also have a Directory Service log and File Replication Service log. Some other services, like DNS, will install their own log as well. Windows NT Server also comes with Event Viewer, but it is limited to the System, Application, and Security log files.
Other Microsoft Log Files While Event Viewer is useful for a variety of error messages, it does not log all events that happen on your Windows 2000 Server. Internet Information Services logs its setup information in the C:\winnt\iis5.log file. Windows 2000 Routing and Remote Access (RRAS) logs information about authentication and remote access in the ppp.log and device.log files located in the C:\winnt\system32\logfiles folder. If users are unexpectedly disconnected while dialing in to your network, the device.log file is a good place to check in Windows NT and Windows 2000.
NetWare Log Files Novell NetWare also creates logs to help you monitor server activity and to assist in troubleshooting. Novell recommends checking the error logs at least once a week, even if you do not suspect problems, as a good preventative maintenance measure. You can view the logs by using the EDIT utility on the server, or from any text editor on a workstation. These logs are found in SYS:SYSTEM:
boot$log.err lists errors that occurred during server startup.
sys$log.err includes server errors, such as system messages, alerts, and security violations.
vol$log.err displays volume errors.
tts$log.err is for data backed out by the Transaction Tracking System.
abend.log holds information related to server abends. Normally you won’t see it. However, it will be in SYS:SYSTEM after the server is rebooted after an abend.
There are also two important log files for Novell web servers: error log and access log. These files will be located in the /NOVONYX/SUITESPOT/ HTTPS-SERVERNAME/LOGS directory. The error log will list all errors that
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Using Documentation
551
the server has experienced, and the access log tracks all requests made of the server, and the responses made by the server. Novell allows you to customize what is included in the access log file. A log analyzer is provided to generate server statistics.
Unix and Linux Logs During boot up, Linux servers can be configured to log errors. The /etc/ sysconfig/init file controls how the system acts during boot. Specifically, you can use the LOGLEVEL=
parameter. The default is 7. You may choose a number from 1 (which logs nothing except for kernel panics) to 8 (which logs everything). Two other Linux logs you will deal with are SysLog and logger. SysLog displays system errors, while logger is used more for Internet and network connections. Because there are so many flavors of Unix and Linux on the market, be sure to check with your vendor’s documentation to see which specific logs will be available to you.
Using Documentation
I
t’s sad to say, but most of us are reluctant to crack open a manual in an attempt to solve a problem. If we do, it’s the last resort. We’ll open the book only after we’ve asked all of our friends, consulted a psychic, and sent an instant message to grandma asking for advice. We think that using documentation is a sign of weakness. It’s really not. With so much information and so many products out there, it’s impossible for one person to know everything. Fortunately for us, the people that produce these products know a great deal about how they work, and are willing to write it all down on a website or technical manual. You won’t always find the answer you’re looking for directly out of the manuals. But even if you don’t, they will lead you in the right direction to solve the problem, or give you an idea as to what else to try. The documentation you will use falls under two general categories: product documentation and previous technical documents about the specific device.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
552
Chapter 17
Troubleshooting Tools and Techniques
Product Documentation Why does your VCR still flash 12:00? More importantly, where is the manual that tells you how to set the time? It may be a natural tendency to discard manuals when we open new toys (and server hardware qualifies as toys, for purposes of this discussion). However, it can be much easier to configure the device and troubleshoot it if you have problems when the manual is handy. Besides, if you configure it right the first time, it’s less likely that you will run into problems and need the manual again. Many companies have a bookshelf or filing cabinet set aside for manuals. If you don’t have a central repository for technical manuals, it’s about time to get one. It would be tragic for you to get up the courage to crack a book open, and then not be able to find the book. Of course, manufacturer websites are also great sources of information. Configuration settings with full-color pictures, FAQ lists, troubleshooting tips, and even discussion forums are all available at your fingertips. Bookmark your vendor websites in your browser for easy access. If you are under time pressure to get something fixed, the last thing you want to do is waste time searching for your vendor’s website. Here are some good websites to have bookmarked for troubleshooting help:
http://support.microsoft.com/
http://www.microsoft.com/technet/
http://support.novell.com/
https://www.redhat.com/apps/support/
http://www.sun.com/service/support/
http://www-1.ibm.com/support/search/
The majority of the time, you will find an answer on one of these help sites. Product upgrades, patches, and hot fixes are also at these locations on the vendor websites.
Previous Technician Documents Your company should have a log book for each server. The log book should contain, among other things, technical notes from everyone that has worked
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Using Documentation
553
on that server. At a bare minimum, the time, date, technician, problem encountered, and resolution should be entered. There have been some interesting methods employed to help organize a log book. One way is to have someone go back through the log and type everything up. It makes the book look a lot nicer (some of us have terrible handwriting), but it does take time. Another good idea is to write keywords in the outside margin indicating what the problem was. That way, the next technician can skim the keywords looking to see if this problem has been encountered before. Also, there is no need to write down everything you did. The steps you used to successfully fix the problem should be sufficient. Not keeping a server log can cause inordinately large problems when it comes to fixing your servers. Say you worked for two hours on a server to fix a problem. The problem comes back in a few days, and I am assigned to work on it. If I don’t know what you did, it may take me two hours as well. However, if I am armed with your knowledge, I may be able to fix it much more quickly. Next time, you may want to reference my notes as well. It’s a win-win situation for everyone in your department. If you are new to the field or new to the company, keep your own private log book as well. A spiral-bound 4 × 6 notebook (or similar size) works great. Write down the problem, and what you did to fix it. Since it’s your own book, you can write down everything you tried. Just make sure to highlight or denote what actually worked. Also write keywords in the outside margin to help you find things quickly. Keeping a book like this is a great idea because when you are new, you will be absorbing a nauseating amount of information. It’s impossible to keep it all straight. The book will help you as a memory assistant. Eventually, you may find that you know enough to not need to carry the book around anymore. Still keep it around somewhere, because you never know when you might need to reference it.
When using a log book, it’s important to write down good technical information. However, never write down passwords!
No matter if you have the best documentation in the world, there will be situations where you cannot seem to find an answer to the problem. In situations like these, call someone for help. In the cases where you are in over your head, making guesses to fix the server could only compound the problem. If the server is a production server, you could cost the company more money by trying to guess and fix the situation than you would by calling
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
554
Chapter 17
Troubleshooting Tools and Techniques
someone and asking for assistance. Put your ego aside and make the call. It’s better to be safe than sorry when dealing with an unknown situation.
Remote Troubleshooting
Y
ou’re not always going to be able to get to the machine that is not functioning properly. This usually means you will have to talk someone through a resolution over the phone. Most of the time, the person you are helping will not have nearly the computer experience that you have. Patience is a key. Other times, you will be able to remotely control the machine, and fix it that way. This section looks at remote troubleshooting of servers, and also looks at how to troubleshoot a wake-on-LAN.
Tools for Remote Troubleshooting Depending on your operating system, you may have a lot of built-in tools at your disposal. It also depends on what kind of remote problem you are trying to fix. Trying to replace a failed hard disk remotely is quite a challenge, whereas resolving a permissions issue may be a lot easier to deal with. Windows NT and Windows 2000 Servers can be used to remotely troubleshoot client machines. Utilities such as Event Viewer and Performance Monitor can be used to examine remote machines for errors. If your network is using TCP/IP, then utilities like telnet can be used to log in to remote computers. Windows 2000 Server also comes with Terminal Services, which can allow you to take remote control over a computer. NetWare 5 has a remote managing utility called Z.E.N.works. Z.E.N.works allows an administrator to remotely manage Windows 9x and NT clients. You can also remotely install and administer applications, gather hardware inventory, take remote control, and remotely administer computers. Some versions of Unix also have specific remote troubleshooting and remote control utilities. For the most part, remote troubleshooting in the Unix world is done through telnet and rlogon. Both telnet and rlogon allow you to log on to a remote machine, and troubleshoot its problem from there. There are also a number of third-party services available. One of the most famous is PC Anywhere, which allows you to take remote control of machines. Others, like Netfor, provide remote troubleshooting services for a fee. Of
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Remote Troubleshooting
555
course, all of the products mentioned suppose that your remote machine is running. But what if it’s not? If you cannot get the remote machine to work, you will have to troubleshoot over the phone. Ideally, you will have a technician at the site who is computer savvy. More often than not, you are working with someone who has little to no computer experience. They are frustrated because the machine does not work, and the frustration is compounded because they don’t feel that they should be the one working on the problem. When troubleshooting over the phone, remember to keep your patience, and take it slow. Explain what you are trying to do, and allow that person to see that you need and value their help. Between the two of you, hopefully the problem can be fixed.
Wake-on-LAN Wake-on-LAN (WOL) is a wonderful technology that allows an administrator to boot a machine at a remote location. After the machine is working, the administrator can perform maintenance tasks, such as backups and virus scans, during off hours. This decreases interruptions faced by users during the day. The WOL technology was originally developed by AMD, and termed “magic packet.” The network adapter maintains a very low power state even when the computer is powered off. The NIC then looks for special packets on the network indicating it should wake up the machine. Windows products, NetWare, Unix, and Linux all support wake-on-LAN technology. Your motherboard must also support it, and have a cable running from the NIC to the motherboard’s WOL connector. The motherboard BIOS must also support WOL. However, if your motherboard has a WOL connector, it’s likely that the BIOS supports it as well. Figure 17.7 shows what a typical wake-on-LAN configuration might look like. FIGURE 17.7
Wake-on-LAN connection to motherboard WOL Connector
Ethernet Card
Ethernet
Motherboard
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
556
Chapter 17
Troubleshooting Tools and Techniques
Power to the network adapter comes from one of two sources, depending on how your machine is configured. Power can come from the PCI bus where the network card is plugged in, or from an auxiliary power cable coming from the power supply. It all depends on how your machine is configured. In either case, the network card has power even when the rest of the machine is off. The only way to turn the network card off is to unplug the power cable from the back of the machine. To make wake-on-LAN technology work, you will need management software as well. Microsoft’s Systems Management Server (SMS) 2, Novell’s Z.E.N.works, and IBM’s NetFinity are all examples of WOL management software.
Diagnostic Tools
E
ach operating system comes with its own set of diagnostic tools for your use. Although many of these tools have been covered already in this chapter, this section will summarize some of the more important ones. Also, the troubleshooting process frequently involves rebooting the server. This section will also cover the steps required to reboot your machine if you need to.
Windows NT/2000 Although Windows NT and Windows 2000 are very similar in structure, they do have different names for utilities that perform the same tasks. One of the most important tools for troubleshooting in Windows NT is Event Viewer (see the “Event Viewer” section above). It contains three logs: System, Application, and Security. Errors reported by the system will appear in the System log. To troubleshoot users, use User Manager for Domains. Servers can be troubleshot through the Server Manager utility. Use Windows Explorer to deal with Security issues. Windows 2000 also contains an Event Viewer. It has the same functionality as its Windows NT counterpart, except that it has additional logs available. In a domain, you have Active Directory Users and Computers, Active Directory Sites and Services, and Active Directory Domains and Trusts available for a variety of management responsibilities. Also, you can right-click
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Diagnostic Tools
557
My Computer and choose Manage to open Computer Management, which allows you to troubleshoot your hard drives, shared folders, and services on the server. Windows 2000 also comes with Device Manager for help in troubleshooting hardware issues. Windows NT and Windows 2000 both have Performance Monitor (although it’s called System Monitor in Windows 2000) to measure local and remote system performance, Network Monitor to monitor network traffic, and Task Manager to close unresponsive applications. Task Manager is accessed by hitting Ctrl-Alt-Del, or by right-clicking the taskbar and selecting Task Manager. To reboot a Windows NT or Windows 2000 Server, you have two options. One is to click the Start button, select Shut Down, and then choose Restart. Another is to hit Ctrl-Alt-Del to invoke the Security Dialog Box, and then select the Shut Down button.
NetWare NetWare provides built-in tools for administration and troubleshooting as well. In NetWare 4, NWAdmin is the ultimate management and troubleshooting tool. It has an easy to use interface, and allows you to control virtually every aspect of the server. NetWare 5 replaced NWAdmin with ConsoleOne. The Monitor utility on NetWare servers is also good for looking at configurations to see if there is a problem. NetWare also uses extensive logging, and the logs can be viewed with any text editor. For repairing the NDS tree, there is dsrepair, dstrace, and dsdiag. To reboot your NetWare server, type down from the server prompt. When returned to a command prompt, type restart server, and the server will reboot.
Unix and Linux The scope of available Unix and Linux tools is almost as broad as the variety of operating systems themselves. Since Unix and Linux are open source, many diagnostic utilities have been created. Some of the common configuration tools are linuxconf and (Caldera Open Administrative System) COAS, invoked by typing in coastool at the prompt. Both configuration utilities have a status section, which can be used to troubleshoot. The fsck utility can be used to check for file system errors. Fsck –r/ will start at the root of the volume and check all directories.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
558
Chapter 17
Troubleshooting Tools and Techniques
Other configuration utilities include menuconfig and xconfig, which is graphical. To remove software, use the rpm utility, and to remove problematic modules, use the rmmod utility. On most Unix or Linux machines, running the ps command will show you all running processes. The kill command can be used to kill misbehaving processes. The specifics on how to shut down a Unix or Linux machine differ based on the actual version of the operating system you are using. However, most implementations will recognize the shutdown command. Some will also recognize a restart command. The syntax for shutdown on a Red Hat Linux server is: shutdown –arguments (time) “message” shutdown –r +5 “Save all work and log out!” The shutdown example listed will tell the server to automatically reboot (-r), wait five minutes to shutdown (+5), and sends a message to all connected users to save all work and log out. Some of the command line arguments that you can use with the shutdown tool are displayed in Table 17.1. TABLE 17.1
Shutdown Parameters Switch
Function
-r
restarts the server
-h
halts the server
-f
performs a fast reboot
-k
displays the warning, but does not shut down the server
-c
cancels a running shutdown
+(mins)
waits a specified number of minutes before shutting down
The linuxconf and coastool utilities also have their own shutdown panels. If you cannot find a troubleshooting tool that does what you need it to, remember that there are a large number of third-party vendors that produce troubleshooting tools for specific operating systems. Go to your favorite search engine and use your operating system and the word troubleshooting as keywords. You are guaranteed to find some tools.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Troubleshooting Checklist
559
Troubleshooting Checklist
When troubleshooting computers, you want to make sure your troubleshooting path takes a logical flow. After all, computers are logical beasts. Here are some steps to follow when troubleshooting a problem: 1. Determine the problem’s priority. 2. Gather information about the problem. 3. Detect and isolate the problem. 4. Solve the problem. 5. Document your solution.
The first thing to do is determine how important the problem is. Most companies have a grading scale of the problem’s importance. The higher it is on the priority scale, the quicker you need to fix it. If it’s a choice between fixing the corporate e-mail server, or fixing a user’s soundcard (after all, they can’t listen to MP3s now), I would go with the e-mail server. Find documentation, and gather everything you can about the problem at hand. Sometimes this may be just you and a screwdriver. Other times you will want to bring along technical documentation. Find out what you need, and have it with you. It’s quite difficult to solve a problem if you’re not sure exactly what’s wrong. In the case of failed hardware, isolate the problem to the specific component. Try another component if you can, to see if it works. Once you have located the exact part that’s broken, it’s much easier to fix. If you are dealing with a software error, see if shutting down the application and reopening it helps. If not, you may want to reboot the machine in question. Rebooting a machine fixes many software problems. I always tell my clients, “Reboot. And if it goes away, it’s not a problem.” Of course, if the problem persists, you may need to reinstall the software. Once you have figured out exactly what the problem is, fix it. I know this sounds elementary, but some people forget this step. And last but certainly not least, document what you did. Make sure your documentation finds its way into the server log books. That way, the next technician that works on the machine knows what you did. Good documentation serves a few functions. One, it saves everyone time in the long run. Two, if there are more problems later, you have covered your bases.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
560
Chapter 17
Troubleshooting Tools and Techniques
The checklist above is just an example of what you can do when working on machines. You may modify it slightly to suit your own style. However, I do not recommend skipping any of the listed steps.
Real World vs. Exam Troubleshooting
A
lot of test takers will come out of the testing room shaking their heads. They will tell you that the test was totally different than real life, and that the test sometimes had no right answers. Or even the other case, where all of the answers seemed right. To their credit though, the makers of the Server+ Exam have tried to make the troubleshooting in the test as close to real life as possible. Remember that these test writers are human too. They may not do something exactly like you would do it. As a general rule, real-life troubleshooting experience won’t hurt you on this test. The more experience you have, the better off you will be. If you have never seen a server in real life, much less troubleshot one, you could be in for a long test. Reading books like this certainly helps get you ready for an exam, but nothing beats real-world experience. At the same time, real-world troubleshooting can get you in trouble on the test. Many times, we take shortcuts to get us to the end. We think we know what the problem is, so we jump to a solution. While we can get away with that in life, that may cause problems on the test. One thing you can do to help yourself out is to know what the manufacturer says to do to resolve problems. In other words, read the manual and do what they tell you to do. It’s likely that the test writers got their questions from reading a technical document, not sitting in front of a server trying to fix a problem. They will want you to do things by the book on the test. Along those same lines, remember that third-party tools will probably not be the right answer. If you are troubleshooting a NetWare server, use a NetWare tool. There are some great third-party hardware and software troubleshooting tools available, but you won’t see them on the test. Another thing you can do to help yourself out is realize that some questions do have more than one right answer, and some questions seem to have no right answer at all. The test writers do this on purpose. Remember that your goal is to pick the best possible answer. Who cares if you would never do it that way in real life! Your objective when sitting in front of the testing terminal is to pass the test. And in order to do that, you have to play their
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Summary
561
game. Look through the answers, and eliminate ones you know are wrong. If you only have one left, then that must be the right answer. Knowing what menus, tools, and utilities you have available helps. If you are presented with an answer that uses a tool that you have never heard of, chances are it doesn’t exist. It may sound like the perfect tool for the job. It may also be a really good wrong answer, because it’s not a real tool. Know your product, and know what you can use. Most of all, relax. This is only a test that measures how much you know about various server products. It’s not a measure of your self worth. If you are too tense, you can vapor lock and your brain can freeze up. It’s hard to answer questions when you can’t think because you are too nervous. Relax, think of a happy place, and tackle the question in front of you.
Summary
In this chapter, we looked at some troubleshooting fundamentals for network servers. First, we looked at some common problems, or issues, that servers may have. Bottlenecks are very common. So common, in fact, that you will probably never get totally rid of them. Your goal is to minimize them as much as you can. Failed configuration changes can be problematic. They need to be reversed quickly. Having the wrong hardware can keep your server from running, and it’s important to know how to replace failed hardware with the correct part. Viruses and file corruption can hamper productivity. Make sure to back up files regularly, so if files are corrupted they can be retrieved. Run virusscanning programs on all of your servers, and all of your clients as well if you can. Also, hardware and software components can sometimes cause conflicts with each other, or not work at all with another component. Next, we looked at log files. Almost every operating system generates log files of some sort. They provide good information to help you in troubleshooting server problems. Log files can also warn you of potential problems so you can fix them before they happen. Documentation can save you a lot of headaches and time when fixing servers. Have a central location where all relevant server documentation is stored. This includes a log of all maintenance and configuration changes
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
562
Chapter 17
Troubleshooting Tools and Techniques
performed on the server. Not keeping track of this sort of information can cause ugly problems. Next, we explored remote troubleshooting. Some operating systems have tools built in for this purpose. Not all remote troubleshooting tools are created equal. If possible, it’s nice to be able to take remote control of the machine you are troubleshooting. Wake-on-LAN network cards are also handy for remote troubleshooting, and remote maintenance and administration of client machines. There are quite a few common diagnostic tools that you will use. The tools vary depending on the operating system. Generally, the ones that come with Windows-based servers are easy to use with menu-driven options. In the Unix and Linux worlds, you will often face command-line tools, and you will need to know the proper syntax to make them work. Check your documentation for details on their usage. Last, we looked at a troubleshooting checklist, and discussed real-life troubleshooting versus test troubleshooting. Real-world experience is generally nothing but a positive thing when testing. Just remember that your job on the test is to pick the best answer out of the choices you are given.
Exam Essentials Understand what a bottleneck is. Bottlenecks are limiting system resources. Because of a bottleneck, the system runs slower than it probably should. Know how to eliminate bottlenecks. You will probably never eliminate all bottlenecks in your server. But if you can eliminate as many of them as possible, your server will run well and clients will be happy. Sometimes tweaking a server configuration can help. However, the best way to reduce bottlenecks is by adding faster (or bigger) hardware to the server. Know how to undo a failed configuration change. This depends on your operating system. As an example, in Windows 2000 you can boot into Safe Mode, and undo the change you made. Or if you installed an application that is causing problems, remove it with Add/Remove Programs in Control Panel. To remove an application on a Linux server, use the rpm utility.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Exam Essentials
563
Know how to identify and replace failed hardware. The failed piece of hardware is the one that’s not working. All joking aside, isolate the problem by trying different hardware and seeing if it works. Alternately, you can try the suspect piece of hardware in another functional machine. Actual step-by-step details on replacing hardware vary per device. However, reading the hardware manual or looking at the vendor’s website can give you good instructions. Understand how to protect against viruses. A good antivirus program is your best protection. Know that if you are on the Internet though, you can never be 100 percent certain that you will not contract a virus. Know how to deal with corrupt files. Corrupt files need to be restored from the most recent valid tape backup. Know what log files are good for. Log files won’t magically fix anything by themselves, but they will give you clues as to what the problem is. If you receive information in a log file that does not make a lot of sense (like the Event IDs in Microsoft’s Event Viewer), check the vendor’s online documentation for more details on how to proceed. Understand the importance of documentation. Vendors don’t publish manuals with their products because they think the books make the package lighter and reduce shipping charges. Manuals are there to assist you in the installation, configuration, and troubleshooting of their product. If the manual does not have the information you are looking for, check the vendor’s website for the latest news. Know what wake-on-LAN is. Wake-on-LAN is a technology that allows administrators to boot remote computers from their network cards. It’s useful for remote troubleshooting and administration. Know how to troubleshoot for the exam. If you know what tools you have available, and what each of the tools does, you will be in good shape. Remember, your job on the test is to pick the best answer available.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
564
Chapter 17
Troubleshooting Tools and Techniques
Key Terms
Before you take the exam, be certain you are familiar with the following terms: baseline
NetFinity
bottleneck
Systems Management Server (SMS)
field replaceable units (FRUs)
wake-on-LAN (WOL)
hardware compatibility list (HCL)
Z.E.N.works
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
565
Review Questions 1. You are the server administrator for your company. The company has
three servers, one of which holds the users’ home directories. The network is connected to the Internet through a Cisco router. Recently, files have started to disappear off of the servers. It appears to be random and intermittent. You perform a security audit, and there is not one user account responsible for the deletions. What is the most likely cause of the problem? A. The server hard drives are getting old and need replacement. B. The server I/O bus is getting old and needs replacement. C. There is a virus on the network. D. One of the users is randomly deleting files. 2. You are the network administrator for an insurance firm that has five
offices throughout the state. Users complain that when you update their machines during the day, it slows their productivity greatly. They cannot service their customers as well, don’t make as many sales, and their supervisor is not pleased. What technology could you implement to reduce the interruptions associated with updating the user workstations throughout the company? A. PC Anywhere B. Wake-on-LAN C. Software Automater D. Systems Management Automater 3. You are the NetWare administrator for your network. You have
four NetWare servers, all in the same NDS tree. The servers are running NetWare 5.1. Recently, one of the servers performed an abend, and had to be brought back up manually. You want to know what caused the problem. Where should you look?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
566
Chapter 17
Troubleshooting Tools and Techniques
A. The abend.log file in sys:system B. The boot$log.err file in sys:system C. The vol$log.err file in sys:system D. The sys$log.err file in sys:system E. The crash$log.err file in sys:system 4. You are running four Windows 2000 Server computers on your net-
work. You have configured a domain called mycompany.local. Two of your servers are domain controllers, and the other two are member servers in the domain. Your domain controllers also provide DNS services for your network. You believe that one of your processors in one of your domain controllers is being overworked. What utility should you use to verify this? A. Network Monitor B. System Monitor C. Monitor D. System Resource Meter 5. Your network has two Linux servers. You want to reboot one of the
servers. You want to warn the users, have the server wait ten minutes, and then reboot automatically. What command should you execute? A. shutdown –r +t10 “Save your work now, the server is rebooting!” B. shutdown –r +10 “Save your work now, the server is rebooting!” C. reboot –r +t10 “Save your work now, the server is rebooting!” D. reboot –r +10 “Save your work now, the server is rebooting!” 6. You are the NetWare administrator for your network. You have
four NetWare servers, all in the same NDS tree. The servers are running NetWare 5.1. You suspect that someone is trying to hack into one of your servers by using brute force. Where should you check to see if this is the case?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
567
A. The abend.log file in sys:system B. The boot$log.err file in sys:system C. The vol$log.err file in sys:system D. The sys$log.err file in sys:system 7. You are the hardware administrator for your company’s seven servers.
Recently, you were instructed to purchase new memory for one of the machines. You purchased the required memory, and have installed it in the server. However, upon rebooting the server, the new memory is not recognized. You take it back to the store, where they test it and determine the memory to be functional. Their store policy is to not accept refunds or exchanges for open memory. What is the most likely cause of why the RAM is not recognized? A. The RAM is nonfunctional. B. You must install new RAM chips in pairs, not individually. C. The new RAM chip has more memory than your current RAM
chips, and you cannot mix different sizes in one machine. D. The RAM you purchased is incompatible with the current RAM
installed in the server. 8. You are the network administrator on a mixed Windows NT 4 and
Novell NetWare 4.11 network. You have a total of seven network servers. Recently, users have been complaining of unusually slow server access. It seems to be related to all servers, which are on their own network segment. However, accessing other clients does not seem to be a slow process. What tool can you use to see if there is excessive network traffic on the servers’ network segment? A. System Monitor B. Network Monitor C. Network Resource Meter D. Performance Monitor
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
568
Chapter 17
Troubleshooting Tools and Techniques
9. You have recently installed an application called Finance on one of
your Linux servers. The application seems to be causing problems with other applications that were previously installed. What can you execute to remove the Finance application without disturbing the other applications? A. rpm –e Finance B. rpm –r Finance C. linuxconf –remove Finance D. linuxconf –delete Finance 10. You are the network administrator for your company. You have three
NetWare 5.1 servers, and fifty client machines. You know that NetWare is self-tuning when it comes to performance, but you want to know how busy your processors are in the server. What utility will allow you to check this? A. Performance Monitor B. System Monitor C. Monitor D. Since NetWare is self-tuning, this cannot be done. 11. You are the hardware administrator for your company. One of your
servers has just had a problem, and you go to investigate. One of the other administrators says that a hard drive crashed, and needs to be replaced immediately. You notice that the case has not been removed from the server. How should you proceed? A. Get a new hard drive and replace the failed drive immediately. B. Test the machine to make sure it’s the hard drive that failed. C. Replace the defective hard drive immediately and document your
solution in the server log book. D. Go back to getting the soundcard to work on your personal work-
station.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
569
12. You are the NetWare administrator for your network. You have
four NetWare servers, all in the same NDS tree. The servers are running NetWare 5.1. You suspect that one of your hard drives may be experiencing errors. Where should you check to see if this is the case? A. The abend.log file in sys:system B. The boot$log.err file in sys:system C. The vol$log.err file in sys:system D. The sys$log.err file in sys:system 13. You are the hardware administrator for your company’s five servers.
Recently, you were instructed to purchase new memory for one of the machines. You purchased the required memory, and have installed it in the server. However, upon rebooting the server, the new memory is not recognized. You place the RAM into another server to test it, and it works properly. What is the most likely cause of why the RAM is not recognized in the intended server? A. The server’s motherboard already has the maximum amount of
RAM that it will support installed. B. You must install new RAM chips in pairs, not individually. C. The RAM is nonfunctional. D. The system BIOS does not recognize the new memory chip. 14. You are the administrator of a Windows 2000 Server. You recently
installed a new third-party name-resolution service on your server. Now, when you reboot the server, you receive many error messages, and then the server hangs. You need to make the server operational as quickly as possible. How should you proceed? A. Reinstall the server from the Windows 2000 Server CD. B. Reinstall the server from the most recent tape backup. C. Boot the server into the Recovery Console, and use ntdsutil to
restore the server to its previous state. D. Boot the server into Safe Mode, and remove the new service.
Reboot the server.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
570
Chapter 17
Troubleshooting Tools and Techniques
15. You are the network administrator for your company. While running
Performance Monitor on one of your Windows NT servers, you notice that your processor time is constantly between 90 and 100 percent. What should you do, if anything, to rectify the situation? (Choose all that apply.) A. Install a second processor in the server. B. Install a new, faster processor in the server. C. Install more RAM into the server. D. Install new SCSI hard disks into the server. E. Do nothing. It’s normal to have the processor working above
90 percent. 16. You are the NetWare administrator for your network. You have
four NetWare servers, all in the same NDS tree. The servers are running NetWare 5.1. One of the servers was powered off last night, and you are not sure why. When you attempt to boot the server now, it seems to proceed normally, and then hangs up. You attempt to reboot again, but it appears to have the same problem. What file do you most want to look at to see what the problem is? A. The abend.log file in sys:system B. The boot$log.err file in sys:system C. The vol$log.err file in sys:system D. The sys$log.err file in sys:system 17. One of your network servers has recently experienced corrupted files.
Three users insist that they lost important project files that were stored on the server. How should you proceed in an attempt to recover the missing files?
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Review Questions
571
A. Have each user use the rollback command from the command
prompt to restore the files. B. Have each user open the application that the files used. The appli-
cation will have a cached copy of the missing files. Save those files, and have the users use them. C. Restore the files from the most recent tape backup of the server. D. Scold the users for not having a local copy of these important files.
Remind them about the importance of backing up critical files. 18. You are the network administrator for your company’s Microsoft
Windows NT network. You have four servers, and have a domain. After performing an upgrade on the server that functions as your DHCP server, you reboot the machine. You receive an error message saying that the DHCP Service has failed to start. Where should you check to get more information on this error? A. Event Viewer, System log B. Event Viewer, Application log C. Microsoft’s support website D. The Windows Help file on DHCP E. DHCP Manager 19. You are a network administrator for your company. You have twelve
servers, including one Microsoft Windows 2000 Server functioning as your dial-in server. Periodically, users complain that they are disconnected from the RRAS server without any warning. What source should you check to see if you can find out what the problem is? A. The ras.log file B. The ppp.log file C. The device.log file D. The RRAS Connection Manager utility
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
572
Chapter 17
Troubleshooting Tools and Techniques
20. You are the server administrator for your company. One of your users
has noticed that every time they perform a specific operation within one of your mission critical applications, it crashes unexpectedly. You verify that this happens. You delete and reinstall the application, and the crash continues to persist. What should you do to rectify the situation? A. Check with your hardware vendor’s website to see if there are any
known fixes or patches. B. Check with your software vendor’s website to see if there are any
known fixes or patches. C. Delete and reinstall the application again, and see if the crash
goes away. D. Uninstall the application.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
573
Answers to Review Questions 1. C. Viruses can do many things, and one of the things they do best is
to delete files. In the question, it mentions that there is not one user account responsible, so that rules out answer D. Old hard drives do not randomly delete files, nor do old I/O busses. If a hard drive were to fail, it would likely take all of the files with it, not just some of them. 2. B. Wake-on-LAN is a technology that allows you to remotely boot the
machines. You can then schedule the machines to wake at night, perform the necessary maintenance and/or troubleshooting tasks, and then have the machines power back down. There will be no need to bother the users unless their machine has problems during the workday. 3. A. When NetWare servers perform an abend, it’s not pretty. An
abend is a hard system crash, which means the server needs to be rebooted. After the reboot following an abend, there will be an abend.log file in the sys:system volume. Check there for helpful information. Of the possible answers, only the crash$log.err file does not exist. 4. B. Network Monitor is used to capture and examine network pack-
ets. System Monitor is the Windows 2000 performance monitoring utility. Monitor is a NetWare monitoring utility. System Resource Meter comes with Windows 98. 5. B. The proper command to use is shutdown. The –r switch tells the
server to automatically reboot. When indicating time, you just need a + sign and the number of minutes you wish to give the users. Warning messages should be in quotes. 6. D. The sys$log.err file records system messages, including server
errors, system alerts, and security violations. 7. D. The RAM was tested, so you know it works. Most likely, how-
ever, it doesn’t want to play nice with the RAM you have currently installed in the server. Oftentimes there is no clear reason why; it just doesn’t want to work. It may indeed be a different size (512MB versus 256MB, for example), but that is irrelevant.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
574
Chapter 17
Troubleshooting Tools and Techniques
8. B. Network Monitor is a Windows NT utility that allows you to ana-
lyze network traffic. It may be that the cause of the slowdown on the server segment is that one of the network cards is failing and is starting to broadcast excessively. Network Monitor can help you track down broadcast offenders. System Monitor comes with Windows 2000. Performance Monitor can tell you how busy the NIC is, but it will not tell you who is causing the problem. 9. A. To remove an application from a Linux server, you can use the
same utility (rpm) that you used to install the application. The correct switch to remove software is –e. 10. C. The Monitor utility is used to view system statistics, including
how busy your processor is. Performance Monitor and System Monitor are Windows NT and Windows 2000 utilities, respectively. 11. B. If the case has not been removed, it’s unlikely that the other tech-
nician has done much (if any) hardware troubleshooting. It’s best to test things first, and make sure the hard drive is indeed the culprit, before you replace parts. Of course, you want to document your solution, but once again, test to make sure you know what’s broken before you replace parts. 12. C. The vol$log.err file records errors regarding the volumes on
your servers. 13. A. You tested the RAM, so you know it works. Obviously, the BIOS
does not recognize the memory, but that doesn’t answer the question of “why?” The best answer is that your motherboard is already maxed out in RAM. Check with your motherboard’s documentation to see how much RAM it can support. 14. D. Reinstalling the server may work, but it’s certainly not a time-
friendly option. The best way to proceed is to boot into Safe Mode and remove the evil service. 15. A, B. The processor should run consistently below 80 percent. Spikes
above 80 are normal, but the processor should not consistently run that high. Installing a second processor or a faster processor will help. It’s possible that more RAM or new hard drives may help, but not as significantly as directly addressing the problem. The processor is overworked.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Answers to Review Questions
575
16. B. The boot$log.err file records all events during the boot process.
Granted, in this case, if you can’t boot the server up, it may be hard to get to that file. However, it’s the one you would want to look at if you could get to it. 17. C. It’s the administrator’s responsibility to back up file servers. If the
users are missing files, then the administrator can restore them from a recent tape backup. Generally, you should not leave it to the users to back up their own files. The rollback command, in relation to restoring files, does not exist. 18. A. Error messages that pop up when you boot will log more informa-
tion in the System log of Event Viewer. Go there first to find out more information. If you are still stumped as to how to fix the problem, you can use the provided Event ID and search Microsoft’s support site for more information. 19. C. The device.log file will log all activity that goes through the
serial ports of your RRAS server. If users are being intermittently disconnected, this file may be able to give you an indication as to why. 20. B. This is a good time to check with the software vendor and see if
they know about the problem that you’re having. Their website may have a fix or patch that alleviates the problem. If not, you will certainly want to call their tech support and see if they can fix it. If they are unwilling or unable to, search for an alternate product.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Server+ Glossary
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
578
Glossary
10Base2 An Ethernet standard which uses thinnet coaxial cable baseband communication at 10 megabits per second (Mbps) over a maximum distance of 200 meters.
802.11 The family of 802.11 IEEE standards includes several varations on high-speed wireless networking, including 802.11a and 802.11b.
10Base5 This Ethernet standard uses thicknet coaxial wire with 10 megabits per second (Mbps) transfer speed at a maximum distance of 500 meters.
80286 Also called the 286. A 16-bit microprocessor from Intel, first released in February 1982 and used by IBM in the IBM PC/AT computer. Since then it has been used in many other IBM-compatible computers. The 80286 uses a 16-bit data word and a 16-bit data bus, and it uses 24 bits to address memory.
10BaseT An Ethernet standard that uses twisted-pair cabling at a transmission speed of 10 megabits per second (Mbps) and a maximum distance of 100 meters. 386 enhanced mode In Microsoft Windows, the most advanced and complex of the different operating modes, 386 enhanced mode lets Windows access the protected mode of the 80386 (or higher) processor for extended memory management and multitasking for both Windows and non-Windows application programs. 802.3 An IEEE standard that defines a bus topology network that uses a 50-ohm coaxial baseband cable and carries transmissions at 10Mbps. This standard groups data bits into frames and uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) cable access method to put data on the cable. 802.5 The IEEE 802.5 standard specifies a physical star, logical ring topology that uses a token-passing technology to put the data on the cable. IBM developed this technology for their mainframe and minicomputer networks. IBM’s name for it was Token Ring. The name stuck, and any network using this type of technology is called a Token Ring network.
80287 Also called the 287. A floating-point processor from Intel, designed for use with the 80286 CPU chip. When supported by application programs, a floating-point processor can speed up floating-point and transcendental math operations by 10 to 50 times. The 80287 conforms to the IEEE 754-1985 standard for binary floating-point operations, and it is available in clock speeds of 6, 8, 10, and 12MHz. 80386DX Also called the 80386, the 386DX, and the 386. A full 32-bit microprocessor introduced by Intel in October 1985 and used in many IBM and IBM-compatible computers. Available in 16-, 20-, 25-, and 33MHz versions, the 80386 has a 32-bit data word, can transfer information 32 bits at a time over the data bus, and can use 32 bits in addressing memory. The 80386 is equivalent to about 275,000 transistors, and can perform 6 million instructions per second. The floating-point processor for the 80386DX is the 80387. 80386SX Also called the 386SX. A lowercost alternative to the 80386DX microprocessor, 80386SX was introduced by Intel in 1988. Available in 16-, 20-, 25-, and 33MHz
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
versions, the 80386SX is an 80386DX with a 16-bit data bus. This design allows systems to be configured using cheaper 16-bit components, leading to a lower overall cost. The floating-point processor for the 80386SX is the 80387SX. 80387 Also called the 387. A floating-point processor from Intel, 80387 was designed for use with the 80386 CPU chip. When supported by application programs, a floating-point processor can speed up floating-point and transcendental math operations by 10 to 50 times. The 80387 conforms to the IEEE 754-1985 standard for binary floating-point operations and is available in speeds of 16, 20, 25, and 33MHz. 80486DX Also called the 486 or i486. 80486DX is a 32-bit microprocessor introduced by Intel in April 1989. The 80486 represents the continuing evolution of the 80386 family of microprocessors and adds several notable features, including on-board cache, built-in floating-point processor and memory management unit, as well as certain advanced provisions for multiprocessing. Available in 25-, 33-, and 50MHz versions, the 80486 is equivalent to 1.25 million transistors and can perform 20 million instructions per second. 80486DX2 Also known as the 486DX2. A 32-bit microprocessor introduced by Intel in 1992. It is functionally identical to and 100 percent compatible with the 80486DX, but it has one major difference: the DX2 chip adds what Intel calls speed-doubling technology— meaning that it runs twice as fast internally as it does with components external to the chip. For example, the DX2-50 operates at 50MHz
579
internally but at 25MHz while communicating with other system components, including memory and the other chips on the motherboard, thus maintaining its overall system compatibility. 50- and 66MHz versions of the DX2 are available. The 486DX2 contains 1.2 million transistors and is capable of 40 million instructions per second. 80486SX Also called the 486SX. A 32-bit microprocessor introduced by Intel in April 1991. The 80486SX can be described as an 80486DX with the floating-point processor circuitry disabled. Available in 16-, 20-, and 25MHz versions, the 80486SX contains the equivalent of 1.185 million transistors and can execute 16.5 million instructions per second. 80487 Also called the 487. A floating-point processor from Intel, designed for use with the 80486SX CPU chip. When supported by application programs, a floating-point processor can speed up floating-point and transcendental math operations by 10 to 50 times. The 80487 is essentially a 20MHz 80486 with the floatingpoint circuitry still enabled. When an 80487 is added into the coprocessor socket of a motherboard running the 80486SX, it effectively becomes the main processor, shutting down the 80486SX and taking over all operations. The 80487 conforms to the IEEE 754-1985 standard for binary floating-point operations. 8086 This 16-bit microprocessor from Intel was first released in June 1978, and it is available in speeds of 4.77MHz, 8MHz, and 10MHz. The 8086 was used in a variety of early IBM-compatible computers as well as the IBM PS/2 Model 25 and Model 30. The 8086 uses a 16-bit data word and a 16-bit data bus.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
580
Glossary
The 8086 contains the equivalent of 29,000 transistors and can execute 0.33 million instructions per second. 8088 This 16-bit microprocessor from Intel was released in June 1978, and it was used in the first IBM PC, as well as the IBM PC/XT, Portable PC, PCjr, and a large number of IBMcompatible computers. The 8088 uses a 16-bit data word, but transfers information along an 8-bit data bus. Available in speeds of 4.77MHz and 8MHz, the 8088 is approximately equivalent to 29,000 transistors and can execute 0.33 million instructions per second. 8-bit bus The type of expansion bus that was used with the original IBM PC. The bus can transmit 8 bits at a time. Accelerated Graphics Port (AGP) bus A type of 32-bit expansion bus that runs at 66MHz. It is a very high-speed bus that is used primarily for video expansion cards and can transfer data at a maximum throughput 508.6MBps.
Active Directory The Active Directory, a feature of Windows 2000, stores information about users, computers, and network resources. The Active Directory is stored in databases on special Windows 2000 Server computers called Domain Controllers. Active hubs A type of hub that uses electronics to amplify and clean up the signal before it is broadcast to the other ports. active matrix A type of liquid crystal display that has a transistor for each pixel in the screen. active-matrix screen An LCD display mechanism that uses an individual transistor to control every pixel on the screen. Active-matrix screens are characterized by high contrast, a wide viewing angle, vivid colors, and fast screen refresh rates, and they do not show the streaking or shadowing that is common with cheaper LCD technology. actuator arm The device inside a hard disk drive that moves the read/write heads as a group in the fixed disk.
access control list A method of controlling network resources by allowing or denying access to users. This list of rules is created and maintained on the server. access time The period of time that elapses between a request for information from disk or memory and the information arriving at the requesting device. Memory access time refers to the time it takes to transfer a character from memory to or from the processor, while disk access time refers to the time it takes to place the read/write heads over the requested data.
adapter fault tolerance This process involves installing and configuring more than one network card (adapter) in a computer to provide continuous operation should a fault arise in a network card. address bus The internal processor bus used for accessing memory. The width of this bus determines how much physical memory a processor can access. address The precise location in memory or on disk where a piece of information is stored. Every byte in memory and every sector on a disk have their own unique addresses.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
Administrative Tools In Windows 2000 Professional, this is the group of utilities used to manage many common configuration and maintenance tasks. Alert A message sent by an agent to inform an administrator that a problem has occurred or a threshold has been reached. allocation unit An allocation unit is a portion of the hard drive that is used by the computer when saving information to the drive. Smaller allocation units are generally more efficient, because they result in less wasted space. alpha Extremely early versions of computer software are called “alpha code.” Alpha code is generally incomplete and unusable, and it is almost never released to the public. analog Describes any device that represents changing values by a continuously variable physical property such as voltage in a circuit, fluid pressure, liquid level, and so on. An analog device can handle an infinite number of values within its range. antistatic bag A bag designed to keep static charges from building up on the outside of a computer component during shipping. The bag will collect some of the charges, but does not drain them away as ESD mats do. antistatic wrist strap (ESD strap) A specially constructed strap worn to guard against the damages of ESD. One end of the strap is attached to an earth ground and the other is wrapped around the technician’s wrist. antivirus program An application program you run to detect or eliminate a computer virus
581
or infection. Some antivirus programs are terminate-and-stay-resident programs that can detect suspicious activity on your computer as it happens, while others must be run periodically as part of your normal housekeeping activities. Application layer The seventh, or highest, layer in the International Organization for Standardization’s Open Systems Interconnection (ISO/OSI) model for computer-to-computer communications. This layer uses services provided by the lower layers, but is completely insulated from the details of the network hardware. It describes how application programs interact with the network operating system, including database management, e-mail, and terminal emulation programs. application servers Also called appservers, these servers share out applications (software programs) to users over a network. archive bit A file attribute that is used to determine whether a file has been updated since the last backup. A bit is set in the file directory to indicate the archive status. archiving The process of compressing numerous files into one compact file. ARP ARP stands for address resolution protocol. When a host on an IP based network wants to send data to another host, the host name must be mapped to an IP address and the IP address mapped to a MAC address. array A grouping of hard disks that are the same size, speed, and type. Often used within a RAID conifguration.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
582
Glossary
ASCII Acronym for American Standard Code for Information Interchange. A standard coding scheme that assigns numeric values to letters, numbers, punctuation marks, and control characters, to achieve compatibility among different computers and peripherals. assessment An evaluation performed to measure the current status of either software or hardware operations. Assessments are normally performed objectively with a set standard to measure performance. asynchronous Describes a type of communication that adds special signaling bits to each end of the data. The bit at the beginning of the information signals the start of the data and is known as the start bit. The next few bits are the actual data that needs to be sent. Those bits are known as the data bits. Stop bits indicate that the data is finished. Asynchronous communications have no timing signal. AT bus Another name for the ISA bus. See also ISA. ATA version 2 (ATA-2) The second version of the original IDE (ATA) specification that allowed drive sizes of several gigabtyes and overcame the limitation of 528MB. It is also sometimes generically known as Enhanced IDE (EIDE). Attached Resource Computer Network (ARCNet) A network technology that uses a physical star, logical ring, and token passing access method. It is typically wired with coaxial cable. ATX A motherboard form factor in which the processor and memory slots are at right
angles to the expansion cards, thus allowing the fan from the power supply to assist in cooling the CPU. authentication The process of determining the identity and legitimacy of a user, node, or process. Username and password are commonly used to provide authentication. AUTOEXEC.BAT A contraction of AUTOmatically EXECuted BATch. AUTOEXEC.BAT is a special DOS batch file, located in the root directory of a startup disk, and it runs automatically every time the computer is started or restarted. auto-ranging multimeters A multimeter that automatically sets its upper and lower ranges depending on the input signal. These multimeters are more difficult to damage by choosing the wrong range setting. See also multimeter. Autorun On a CD-ROM, the Autorun option allows the CD to automatically start an installation program or a menu screen when it is inserted into the CD-ROM drive. availability Availability relates to a resource, such as a server, which is currently accessible. By including redundancy within your server configuration, you are increasing the availability of the server. baby AT A type of motherboard form factor where the motherboard is smaller than the original AT form factor. backup A duplicate copy made to be able to recover from an accidental loss of data.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
Backup The Backup utility for Windows has evolved from a command-line program to a GUI program. backup drive A device used to create a backup of computer data for safe storage. Backup devices normally use removable media that hold the backed-up data. backup set media.
A related collection of backup
backup software Programs and utilities used to back up data to a tape drive or other device. Third-party backup programs offer more features than the standard utilities included with operating systems. backup source backed up.
The device or data being
bandwidth In communications, the difference between the highest and the lowest frequencies available for transmission in any given range. In networking, the transmission capacity of a computer or a communications channel stated in megabits or megabytes per second; the higher the number, the faster the data transmission takes place. baseline A measure of performance during what is considered a normal workload. BASH Bourne Again SHell is GNU’s command interpreter for Unix. See Bourne also. basis weight A measurement of the “heaviness” of paper. The number is the weight, in pounds, of 500 17"× 22" sheets of that type of paper.
583
batch file File with a .bat extension that contains other DOS commands. By typing the name of the batch file and pressing Enter, DOS will process all of the batch file commands, one at a time, without need for any additional user input. baud rate In communications equipment, a measurement of the number of state changes (from 0 to 1 or vice versa) per second on an asynchronous communications channel. Berg connector A type of connector most commonly used in PC floppy drive power cables; it has four conductors arranged in a row. beta Beta code is software that has reached the stage where is usable and generally stable, but it is not completely finished. Beta code is often released to the public for testing on an “as is” basis, and user comments are then used to finish the release version of the product. bias voltage The high-voltage charge applied to the developing roller inside an EP cartridge. Bindery Novell’s database containing all the information about users, workstations, servers, and other objects recognized by the server. The Bindery was replaced in version 4 by NetWare Directory Services (NDS). binary Any scheme that uses two different states, components, conditions, or conclusions. In mathematics, the binary (base-2) numbering system uses combinations of the digits 0 and 1 to represent all values.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
584
Glossary
biometrics The integration of computer authentication and unique human characteristics. Biometrics will often include fingerprints, retinal scanning, voice recognition, or identification of other unique human characteristics. BIOS (basic input/output system) The ROM-based software on a motherboard that acts as a kind of interpreter between an operating system and a computer’s hardware. BIOS CMOS setup program Program that modifies BIOS settings in the CMOS memory. This program is available at system startup time by pressing a key combination such as Alt+F1 or Ctrl+F2. BIOS shadow memory.
A copy of the BIOS in
bit Contraction of BInary digiT. A bit is the basic unit of information in the binary numbering system, representing either 0 (for off) or 1 (for on). Bits can be grouped together to make up larger storage units, the most common being the 8-bit byte. A byte can represent all kinds of information, including the letters of the alphabet, the numbers 0 through 9, and common punctuation symbols. bit-mapped font A character in a specific typestyle and size, defined by a pattern of dots. The computer must keep a complete set of bitmaps for every typestyle you use on your system, and these bitmaps can consume large amounts of disk space. boot The loading of an operating system into memory, usually from a hard disk, although occasionally from a floppy disk. This is an automatic procedure begun when you
first turn on or reset your computer. A set of instructions contained in ROM begin executing, first running a series of power on selftests (POSTs) to check that devices, such as hard disks, are in working order, then locating and loading the operating system, and finally passing control of the computer over to that operating system. bootable disk Any disk capable of loading and starting the operating system, although most often used when referring to a floppy disk. In these days of larger and larger operating systems, it is less common to boot from a floppy disk. In some cases, all of the files needed to start the operating system will not fit on a single floppy disk, which makes it impossible to boot from a floppy. bottleneck Bottlenecks are locations where the performance is hindered due to poor performance. This can include processor speed, amount of RAM, and hard drive speeds. Bourne An early command interpreter and script language for Unix created by S.R. Bourne of Bell Laboratories. BPS (bits per second) A measurement of how much data (how many bits) is being transmitted in one second. Typically used to describe the speed of asynchronous communications (modems). bridge This type of connectivity device operates in the Data Link layer of the OSI model. It is used to join similar topologies (Ethernet to Ethernet, Token Ring to Token Ring) and to divide traffic on network segments. This device will pass information destined for one
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
particular workstation to that segment, but it will not pass broadcast traffic. broadcasting Sending a signal to all entities that can listen to it. In networking, it refers to sending a signal to all entities connected to that network.
585
decimal portion of the version number; for example, the revision level may advance from 2 to 2.01 or 2.1, rather than from 2 to 3. bus A set of pathways that allow information and signals to travel between components inside or outside of a computer.
brouter In networking, a device that combines the attributes of a bridge and a router. A brouter can route one or more specific protocols, such as TCP/IP, and bridge all others.
bus clock A chip on the motherboard that produces a type of signal (called a clock signal) that indicates how fast the bus can transmit information.
brownout A short period of low voltage often caused by an unusually heavy demand for power.
bus connector slot A slot made up of several small copper channels that grab the matching “fingers” of the expansion circuit boards. The fingers connect to copper pathways on the motherboard.
browser A piece of software used to access the Internet. Common browsers are Netscape’s Navigator and Microsoft’s Internet Explorer. bubble-jet printer A type of sprayed ink printer, this type uses an electric signal that energizes a heating element, causing ink to vaporize and get pushed out of the pinhole and onto the paper. bug A logical or programming error in hardware or software that causes a malfunction of some sort. If the problem is in software, it can be fixed by changes to the program. If the fault is in hardware, new circuits must be designed and constructed. Some bugs are fatal and cause the program to hang or cause data loss, others are just annoying, and many are never even noticed. bug-fix A release of hardware or software that corrects known bugs but does not contain additional new features. Such releases are usually designated only by an increase in the
bus mastering A technique that allows certain advanced bus architectures to delegate control of data transfers between the Central Processing Unit (CPU) and associated peripheral devices to an add-in board. bus mouse A mouse connected to the computer using an expansion board plugged into an expansion slot, instead of simply connected to a serial port as in the case of a serial mouse. bus topology Type of physical topology that consists of a single cable that runs to every workstation on the network. Each computer shares that same data and address path. As messages pass through the trunk, each workstation checks to see if the message is addressed for itself. This topology is very difficult to reconfigure, since reconfiguration requires you to disconnect and reconnect a portion of the network (thus bringing the whole network down).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
586
Glossary
byte Contraction of BinarY digiT Eight. A group of 8 bits that, in computer storage terms, usually holds a single character, such as a number, letter, or other symbol. C One of several commonly used shells for administering Unix. (See also Bourne and BASH.) (C is also a programming language.) cable access methods Methods by which stations on a network get permission to transmit their data. cache Pronounced cash. A special area of memory, managed by a cache controller, that improves performance by storing the contents of frequently accessed memory locations and their addresses. When the processor references a memory address, the cache checks to see if it holds that address. If it does, the information is passed directly to the processor; if not, a normal memory access takes place instead. A cache can speed up operations in a computer in which RAM access is slow compared with its processor speed, because the cache memory is always faster than normal RAM. cache memory Fast SRAM memory used to store, or cache, frequently used instructions and data. capacitive keyboard Keyboard designed with two sheets of semi-conductive material separated by a thin sheet of Mylar inside the keyboard. When a key is pressed, the plunger presses down and a paddle connected to the plunger presses the two sheets of semiconductive material together, changing the total capacitance of the two sheets. The controller can tell by the capacitance value returned which key was pressed.
capacitive touch screen Type of display monitor that has two clear plastic coatings over the screen, separated by air. When the user presses the screen in a particular spot, the coatings are pressed together and the controller registers a change in the total capacitance of the two layers. The controller then determines where the screen was pressed by the capacitance values and sends that information to the computer in the form of x,y coordinates. capacitor An electrical component, normally found in power supplies and timing circuits, used to store electrical charge. card services Part of the software support needed for PCMCIA (PC Card) hardware devices in a portable computer, controlling the use of system interrupts, memory, or power management. When an application wants to access a PC Card, it always goes through the card services software and never communicates directly with the underlying hardware. carpal tunnel syndrome A form of wrist injury caused by holding the hands in an awkward position for long periods of time. carriage motor Stepper motor used to move the print head back and forth on a dot-matrix printer. cathode-ray tube
See CRT.
CCD (charge-coupled device) A device that allows light to be converted into electrical pulses. CCITT Acronym for Comité Consultatif Internationale de Téléphonie et de Télégraphie. An organization, based in Geneva, that develops
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
worldwide data communications standards. CCITT is part of the ITU (International Telecommunications Union). The organization has been renamed ITU-T (ITU Telecommunications Standardization Sector). CD-ROM Acronym for compact disc readonly memory. A high-capacity, optical storage device that uses compact disc technology to store large amounts of information: up to 650MB (the equivalent of approximately 300,000 pages of text) on a single 4.72" disk. CD-RW (CD-Rewritable) An optical disc that lets you write on it in multiple sessions. One of the problems with CD-R discs is that you can only write to them once. With CD-RW drives and discs, you can treat the optical disc just like a hard disk and write data onto it multiple times. Central Processing Unit (CPU) The computing and control part of the computer. The CPU in a mainframe computer may be contained on many printed circuit boards, the CPU in a minicomputer may be contained on several boards, and the CPU in a PC is contained in a single extremely powerful microprocessor. centralized processing A network processing scheme in which all “intelligence” is found in one computer and all other computers send requests to the central computer to be processed. Mainframe networks use centralized processing. Centronics 50 A high-density 50-pin connector commonly used for SCSI interfaces.
587
Centronics parallel interface A standard 36-pin interface in the PC world for the exchange of information between the PC and a peripheral, such as a printer, originally developed by the printer manufacturer Centronics, Inc. The standard defines eight parallel data lines, plus additional lines for status and control information. CGA Acronym for Color/Graphics Adapter. CGA is a video adapter that provided lowresolution text and graphics. CGA provided several different text and graphics modes, including 40- or 80-column by 25-line, 16-color text mode, and graphics modes of 640 horizontal pixels by 200 vertical pixels with 2 colors, or 320 horizontal pixels by 200 vertical pixels with 4 colors. CGA has been superseded by later video standards, including EGA, VGA, SuperVGA, and XGA. charge-coupled device See CCD (chargecoupled device). charging corona The wire or roller that is used to put a uniform charge on the EP drum inside a toner cartridge. checksum A method of providing information for error detection, usually calculated by summing a set of values. checksumming An error-checking routine that runs a mathematical equation against a set of data and comes up with a result, called a checksum. The data is then transmitted, and the receiver then runs the same formula against the data transmitted and compares the result to the checksum. If they are the same, the transmission is considered successful.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
588
Glossary
chip creep The slow self-loosening of chips from their sockets on the system board as a result of the frequent heating and cooling of the board (which causes parts of the board— significantly, the chip connector slots—to alternately expand and shrink). chip puller A tool that is used on older (pre-386) systems to remove the chips without damaging them. clean install A process by which the current application or operating system is completely removed and a new copy is installed. All traces of the original version are completely removed. cleaning step The step in the EP print process where excess toner is scraped from the EP drum with a rubber blade. client A network entity that can request resources from the network or server. client computers A computer that requests resources from a network. client-server Client-server architecture describes computer programs specifically designed to use the processing power of both the server and the client machines in the completion of their tasks. Generally this means that the client makes an initial request to the server, and the server then does some initial processing on the request. The result of that processing is then returned to the client, or to another machine for additional work to be done with it. client software Software that allows a device to request resources from a network.
clock doubling Technology that allows a chip to run at the bus’s rated speed externally, but still be able to run the processor’s internal clock at twice the speed of the bus. This technology improves computer performance. clock rate
See clock speed.
clock signal Built-in metronome-like signal that indicates how fast the components can operate. clock speed Also known as clock rate. The internal speed of a computer or processor, normally expressed in MHz. The faster the clock speed, the faster the computer will perform a specific operation, assuming the other components in the system, such as disk drives, can keep up with the increased speed. clock tripling A type of processor design where the processor runs at one speed externally and at triple that speed internally. cluster The smallest unit of hard disk space that DOS can allocate to a file, consisting of one or more contiguous sectors. The number of sectors contained in a cluster depends on the hard disk type and operating system. clustering Connecting two or more computers together in such a way that they behave like a single computer. Clustering is often used to provide parallel processing, Load Balancing, and fault tolerance. CMIP (Common Management Information Protocol) Designed as a replacement for SNMP, but not yet widely adopted, CMIP is a network management protocol. CMIP
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
provides better security and better reporting of unusual network conditions. CMOS Acronym for Complementary Metal Oxide Semiconductor. An area of nonvolatile memory that contains settings that determine how a computer is configured. CMOS battery A battery used to power CMOS memory so that the computer won’t lose its settings when powered down. cold backup site A backup site that contains basic equipment for running a business in case of disaster at the primary location. Cold backup sites require hardware and software setup and configuration before use. command line Describes a computer interface that uses basic prompts and requires the user to type in commands; also the line itself. COMMAND.COM Takes commands issued by the user through text strings or click actions and translates them back into calls that can be understood by the lower layers of DOS. It is the vital command interpreter for DOS. Complementary Metal Oxide Semiconductor See CMOS. computer hardware faults A failure that occurs in computer hardware that is being monitored. The fault is generally reported by the operating system or third-party hardware monitors. computer name The name by which a Microsoft computer is known on the network. This is a NetBIOS name (up to 15 characters in length), which must be unique on the network.
589
In Windows 2000, the computer name is always the same as the machine’s host name, while in Windows 9x the two can be different. conditioning step The step in the EP print process where a uniform charge is applied to the EP drum by the charging corona or charging roller. conductor Any item that permits the flow of electricity between two entities. CONFIG.SYS In DOS and OS/2, a special text file containing settings that control the way that the operating system works. CONFIG.SYS must be located in the root directory of the default boot disk, normally drive C, and is read by the operating system only once as the system starts running. Some application programs and peripheral devices require you to include special statements in CONFIG.SYS, while other commands may specify the number of diskread buffers or open files on your system, specify how the disk cache should be configured, or load any special device drivers your system may need. connectivity devices Any device that facilitates connections between network devices. Some examples include hubs, routers, switches, and gateways. contacts DIMMs use gold for all contacts but SIMMs can use tin or gold. When adding RAM, be sure the new RAM uses the same metal as the existing RAM. Control Program for Microcomputer (CP/M) A computer operating system that was an early competitor of Microsoft’s DOS
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
590
Glossary
system. CP/M was a command-line system that was developed by Gary Kildall. conventional memory The amount of memory accessible by DOS in PCs using an Intel processor operating in real mode, normally the first 640K. cooperative hot backup site A cooperative hot backup site (see entry for hot backup site) is shared between two or more businesses in hope of reducing the total costs of ownership (TCO). The backup site is designed to meet the needs of each company involved. cooperative multitasking A form of multitasking in which all running applications must work together to share system resources. corona roller Type of transfer corona assembly that uses a charged roller to apply charge to the paper. corona wire Type of transfer corona assembly. Also, the wire in that assembly that is charged by the high voltage supply. It is narrow in diameter and located in a special notch under the EP print cartridge. Counter Logs Monitor Lets you set a period of time during which the information gathered in the System Monitor will be recorded in a text file on the hard drive. This allows you to maintain a record of performance. This record can be reviewed at a later date or used to compare to data gathered at another time. CPU (Central Processing Unit) Processing Unit (CPU).
See Central
CPU clock Type of clock signal that dictates how fast the CPU can run.
crosstalk Problem related to electromagnetic fields when two wires carrying electrical signals run parallel and one of the wires induces a signal in the second wire. If these wires are carrying data, the extra, unintended signal can cause errors in the communication. Crosstalk is especially a problem in unshielded parallel cables that are longer than 10 feet. CRT Acronym for cathode-ray tube. A display device used in computer monitors and television sets. A CRT display consists of a glass vacuum tube that contains one electron gun for a monochrome display, or three (red, green, and blue) electron guns for a color display. Electron beams from these guns sweep rapidly across the inside of the screen from the upperleft to the lower-right of the screen. The inside of the screen is coated with thousands of phosphor dots that glow when they are struck by the electron beam. To stop the image from flickering, the beams sweep at a rate of between 43 and 87 times per second, depending on the phosphor persistence and the scanning mode used—interlaced or non-interlaced. This is known as the refresh rate and is measured in Hz. The Video Electronics Standards Association (VESA) recommends a vertical refresh rate of 72Hz, noninterlaced, at a resolution of 800 by 600 pixels. cylinder A hard disk consists of two or more platters, each with two sides. Each side is further divided into concentric circles known as tracks, and all the tracks at the same concentric position on a disk are known collectively as a cylinder. daily rotation Daily rotation is not considered a suitable backup strategy. In a daily
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
rotation, the same tape is used every day. There is no offsite storage of media, and no opportunity to restore data unless the problem is discovered within a day. daisy-chaining Pattern of cabling where the cables run from the first device to the second, second to the third, and so on. If the devices have both an “in” and an “out,” the in of the first device of each pair is connected to the out of the second device of each pair. daisy-wheel printer An impact printer that uses a plastic or metal print mechanism with a different character on the end of each spoke of the wheel. As the print mechanism rotates to the correct letter, a small hammer strikes the character against the ribbon, transferring the image onto the paper. DAT
See digital audiotape (DAT).
data bits In asynchronous transmissions, the bits that actually comprise the data; usually 7 or 8 data bits make up the data word. data bus Bus used to send and receive data to the microprocessor. data compression Any method of encoding data so that it occupies less space than in its original form. data encoding scheme (DES) The method used by a disk controller to store digital information onto a hard disk or floppy disk. DES has remained unbroken despite years of use; it completely randomizes the information so that it is impossible to determine the encryption key even if some of the original text is known.
591
Data Link layer The second of seven layers of the International Standards Organization’s Open Systems Interconnection (ISO/OSI) model for computer-to-computer communications. The Data Link layer validates the integrity of the flow of data from one node to another by synchronizing blocks of data and by controlling the flow of data. data set ready
See DSR.
data terminal equipment data terminal ready
See DTE.
See DTR.
data transfer rate The speed at which a disk drive can transfer information from the drive to the processor, usually measured in megabits or megabytes per second. daughterboard A printed circuit board that attaches to another board to provide additional functions. DB-25 A 25-pin connector used to interface external devices with the computer. Commonly used for a parallel port or original SCSI-1 connector. DB connector Any of several types of cable connectors used for parallel or serial cables. The number following the letters DB (for data bus) indicates the number of pins that the connector usually has. de facto Latin translation for by fact. Any standard that is a standard because everyone is using it. default gateway The router that all packets are sent to when the workstation doesn’t know
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
592
Glossary
where the destination station is, or when it can’t find the destination station. de jure Latin translation for by law. Any standard that is a standard because a standards body decided it should be so. debouncing A keyboard feature that eliminates unintended triggering of keystrokes. It works by having the keyboard controller constantly scan the keyboard for keystrokes. Only keystrokes that are pressed for more than two scans are considered keystrokes. This prevents spurious electronic signals from generating input. decimal The base-10 numbering system that uses the familiar numbers 0–9. dedicated server The server that is assigned to perform a specific application or service. default gateway If a user needs to communicate by TCP/IP with a computer that is not on their subnet (the local network segment) the computer needs to use a gateway to access this remote network. The default gateway is simply the path that is taken by all outgoing traffic unless another path is specified. defragmentation The process of reorganizing and rewriting files so that they occupy one large continuous area on your hard disk rather than several smaller areas. demilitarized zone (DMZ) A dedicated area located between the private network and the public Internet. Servers and resources that need to be accessed by both networks are located in this zone, while the private servers and services are located in the private network. A DMZ helps protect the private network.
denial of service attack (DoS) A type of network attack that prevents users, even legitimate users, from accessing the network. DES
See data encoding scheme (DES).
Desktop Contains the visible elements of Windows and defines the limits of the graphic environment. Desktop Control Panel Windows utility that is used to configure the system so it is more user friendly. This Control Panel contains the settings for the background color and pattern as well as screen saver settings. developing roller The roller inside a toner cartridge that presents a uniform line of toner to help apply the toner to the image written on the EP drum. developing step The step in the EP print process where the image written on the EP drum by the laser is developed, that is, it has toner stuck to it. device driver A small program that allows a computer to communicate with and control a device. Device Manager A utility in Windows 9x and Windows 2000 that allows the user to view and modify hardware settings. Device drivers can be installed or upgraded, and problems with devices can be found and dealt with here. DEVICE= Command found in the DOS CONFIG.SYS that tells DOS which driver to find and load into memory at boot time. DEVICEHIGH= Command that is used to load the device drivers into upper memory
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
blocks, thereby freeing up space in conventional memory. diagnostic program A program that tests computer hardware and peripherals for correct operation. In the PC, some faults are easy to find, and these are known as “hard faults”; the diagnostic program will diagnose them correctly every time. Others, such as memory faults, can be difficult to find; these are called “soft faults” because they do not occur every time the memory location is tested, but only under very specific circumstances. differential backup A type of backup that backs up files that have changed since the last full backup. digital audiotape (DAT) A method of recording information in digital form on a small audiotape cassette. Many gigabytes of information can be recorded on a cassette, and so a DAT can be used as a backup medium. Like all tape devices, however, DATs are relatively slow. digital signal A signal that consists of discrete values. These values do not change over time; in effect, they change instantly from one value to another. digital signature A digital signature is used to verify the identity of the sender and/or origin of the message. It is a unique value associated with a transaction and cannot be forged. DIMM (Dual Inline Memory Module) Memory module that is similar to a SIMM (Single Inline Memory Module), except that a DIMM is double-sided. There are memory chips on both sides of the memory module.
593
DIN-n Circular type of connector used with computers. (The n represents the number of connectors.) DIP (Dual Inline Package) A standard housing constructed of hard plastic commonly used to hold an integrated circuit. The circuit’s leads are connected to two parallel rows of pins designed to fit snugly into a socket; these pins may also be soldered directly to a printedcircuit board. If you try to install or remove dual inline packages, be careful not to bend or damage their pins. DIP switch A small switch used to select the operating mode of a device, mounted as a Dual Inline Package. DIP switches can be either sliding or rocker switches and are often grouped together for convenience. They are used on printed circuit boards, dot-matrix printers, modems, and other peripherals. direct memory access memory access).
See DMA (direct
directory Directories are used to organize files on the hard drive. Another name for a directory is a folder. Directories created inside or below others are called “subfolders” or “subdirectories.” Direct Rambus A memory bus that transfers data at 800MHz over a 16-bit memory bus. Direct Rambus memory models (often called RIMMs), like DDR SDRAM, can transfer data on both the rising and falling edges of a clock cycle. Direct Rambus RAM A type of memory created by Rambus Inc. with transfer speeds of up to 800MHz.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
594
Glossary
directory services Software that stores information about objects on a network and makes this information available to users and network administrators. Windows 2000 uses AD, while Novell 4 and newer versions use NDS. direct-solder method A method of attaching chips to the motherboard where the chip is soldered directly to the motherboard. disaster recovery The process involving rebuilding or repairing computer systems/data after a disaster has struck. disaster recovery plan A carefully created plan, which is regularly updated, that outlines the steps to follow in dealing with a data disaster. It can include disaster prevention, or fault tolerance planning. disk cache An area of computer memory where data is temporarily stored on its way to or from a disk. A disk cache mediates between the application and the hard disk, and when an application asks for information from the hard disk, the cache program first checks to see if that data is already in the cache memory. If it is, the disk cache program loads the information from the cache memory rather than from the hard disk. If the information is not in memory, the cache program reads the data from the disk, copies it into the cache memory for future reference, and then passes the data to the requesting application. disk-caching program A program that reads the most commonly accessed data from disk and keeps it in memory for faster access. disk controller The electronic circuitry that controls and manages the operation of floppy
or hard disks installed in the computer. A single disk controller may manage more than one hard disk; many disk controllers also manage floppy disks and compatible tape drives. disk drive A peripheral storage device that reads and writes to magnetic or optical disks. When more than one disk drive is installed on a computer, the operating system assigns each drive a unique name—for example A and C in DOS, Windows, and OS/2. disk duplexing In networking, a faulttolerant technique that writes the same information simultaneously onto two different hard disks. Disk duplexing is supported by most of the major network operating systems and is designed to protect the system against a single disk failure; it is not designed to protect against multiple disk failures and is no substitute for a well-planned series of disk backups. diskless workstation A networked computer that does not have any local disk storage capability. disk mirroring In networking, a faulttolerant technique that writes the same information simultaneously onto two different hard disks, using the same disk controller. In the event of one disk failing, information from the other can be used to continue operations. Disk mirroring is offered by most of the major network operating systems and is designed to protect the system against a single disk failure; it is not designed to protect against multiple disk failures and is no substitute for a well-planned series of disk backups. disk operating system
See DOS.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
distributed processing A computer system in which processing is performed by several separate computers linked by a communications network. The term often refers to any computer system supported by a network, but more properly refers to a system in which each computer is chosen to handle a specific workload and the network supports the system as a whole.
595
plan (as well as the collection itself). All relevant information is documented and kept in a safe place for future reference. domain The security structure for Windows NT Server and Windows 2000 Active Directory; the namespace structure of TCP/IP’s DNS structure.
DLT (digital linear tape) DLT is a form of backup media that uses magnetic ribbon tape within a cartridge to store data.
Domain Name System (DNS) DNS allows TCP/IP-capable users anywhere in the world to find resources in other companies or countries by using their domain name. Each domain is an independent namespace for a particular organization, and DNS servers manage requests for information about the IP addresses of particular DNS entries. DNS is used to manage all names on the Internet.
DMA (direct memory access) A method of transferring information directly from a massstorage device such as a hard disk or from an adapter card into memory (or vice versa), without the information passing through the processor.
dongle A special cable that provides a connector to a circuit board that doesn’t have one. For example, a motherboard may use a dongle to provide a serial port when there is a ribbon cable connector for the dongle on the motherboard, but there is no serial port.
DMA channels Dedicated circuit pathways on the motherboard that make DMA possible.
dongle connection A connector on a motherboard where a dongle will connect.
docking station A hardware system into which a portable computer fits so that it can be used as a full-fledged desktop computer. Docking stations vary from simple port replicators (that allow you access to parallel and serial ports and a mouse) to complete systems (that give you access to network connections, CDROMs, even a tape backup system or PCMCIA ports).
DOS Acronym for disk operating system, an operating system originally developed by Microsoft for the IBM PC. DOS exists in two very similar versions: MS-DOS, developed and marketed by Microsoft for use with IBMcompatible computers; and PC-DOS, supported and sold by IBM for use only on computers manufactured by IBM.
DIX Ethernet The original name for the Ethernet network technology. Named after the original developer companies, Digital, Intel, and Xerox.
documentation The process of carefully collecting information pertaining to an event or a
DOS Environment Variables Variables that specify global things like the path that DOS searches to find executables.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
596
Glossary
DOS extender A small program that extends the range of DOS memory. For example, HIMEM.SYS allows DOS access to the memory ranges about 1024K.
downtime The measurement of time during which a computer system is unusable. This includes both time during a failure as well as the time involved in repairing a failure.
DOS prompt A visual confirmation that DOS is ready to receive input from the keyboard. The default prompt includes the current drive letter followed by a right angle bracket (for example, C>). You can create your own custom prompt with the PROMPT command.
DRAM
DOS shell An early graphic user interface for DOS that allowed users to manage files and run programs through a simple text interface and even use a mouse. It was soon replaced by Windows. dot-matrix printer An impact printer that uses columns of small pins and an inked ribbon to create the tiny pattern of dots that form the characters. Dot-matrix printers are available in 9-, 18-, or 24-pin configurations. dot pitch In a monitor, the vertical distance between the centers of like-colored phosphors on the screen of a color monitor, measured in millimeters (mm). dots per inch (dpi) A measure of resolution expressed by the number of dots that a device can print or display in one inch. double data rate synchronous dynamic RAM (DDR SDRAM) Supports data transfer on both edges of the clock cycle, which effectively doubles memory chip throughput. double-density disk A floppy disk with a storage capacity of 360KB.
See dynamic RAM (DRAM).
drawing tablet Pointing device that includes a pencil-like device (called a stylus) for drawing on its flat rubber-coated sheet of plastic. drive bay An opening in the system unit into which you can install a floppy disk drive, hard disk drive, or tape drive. drive geometry Term used to describe the number of cylinders, read/write heads, and sectors in a hard disk. drive hole Hole in a floppy disk that allows the motor in the disk drive to spin the disk. Also known as the hub hole. drive letter In DOS, Windows, and OS/2, the drive letter is a designation used to specify a particular hard or floppy disk. For example, the first floppy disk is usually referred to as drive A, and the first hard disk as drive C. driver
See device driver.
driver signing In order to prevent viruses and poorly written drivers from damaging your system, Windows 2000 uses a process called driver signing that allows companies to digitally sign their device software, and it also allows administrators to block the installation of unsigned drivers. driver software D-Shell
See device driver.
See DB connector.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
DSR Abbreviation for data set ready. A hardware signal defined by the RS-232-C standard to indicate that the device is ready. D-Sub
See DB connector.
DTE Abbreviation for data terminal equipment. In communications, any device, such as a terminal or a computer, connected to a communications channel or public network. DTR Abbreviation for data terminal ready. A hardware signal defined by the RS-232-C standard to indicate that the computer is ready to accept a transmission. dual-booting If a single machine must be used for many tasks, it may be necessary for it to have multiple operating systems installed simultaneously. To do this a boot manager presents the user with a choice of which operating system to use at startup. To use a different OS the user would have to shut down the system, restart it, and select the other OS. Dual Inline Memory Module See DIMM (Dual Inline Memory Module). Dual Inline Package Package).
See DIP (Dual Inline
dumb terminal A combination of keyboard and screen that has no local computing power, used to input information to a large, remote computer, often a minicomputer or a mainframe. This remote computer provides all the processing power for the system. duplex In asynchronous transmissions, the ability to transmit and receive on the same channel at the same time; also referred to as full
597
duplex. Half-duplex channels can transmit only or receive only. Most dial-up services available to PC users take advantage of fullduplex capabilities, but if you cannot see what you are typing, switch to half duplex. If you are using half duplex and you can see two of every character you type, change to full duplex. duplex printing Printing a document on both sides of the page so that the appropriate pages face each other when the document is bound. dynamic electricity
See electricity.
Dynamic Host Configuration Protocol (DHCP) DHCP manages the automatic assignment of TCP/IP addressing information (such as the IP address, subnet mask, default gateway and DNS server). This can save a great deal of time when configuring and maintaining a TCP/IP network. Dynamic Link Library (DLL) files Windows component files that contain small pieces of executable code that are shared between multiple Windows programs. They are used to eliminate redundant programming in certain Windows applications. DLLs are used extensively in Microsoft Windows, OS/2, and in Windows NT. DLLs may have filename extensions of .dll, .drv, or .fon. dynamic RAM (DRAM) A common type of computer memory that uses capacitors and transistors storing electrical charges to represent memory states. These capacitors lose their electrical charge, and so they need to be refreshed every millisecond, during which time they cannot be read by the processor. DRAM
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
598
Glossary
chips are small, simple, cheap, easy to make, and hold approximately four times as much information as a static RAM (SRAM) chip of similar complexity. However, they are slower than static RAM. Processors operating at clock speeds of 25MHz or more need DRAM with access times of faster than 80 nanoseconds (80 billionths of a second), while SRAM chips can be read in as little as 15 to 30 nanoseconds. dynamic state table A dynamic state table is used for packet filtering. The dynamic state table keeps track of all communication sessions between stations inside and outside of a firewall. The list is called dynamic because it is constantly updated as communication sessions are established and ended. ECC (error correcting circuits) Began with the Pentium class of computers. Parity checking provided single-bit error detection for the system memory, but did not handle multi-bit errors and provided no means to correct memory errors. ECC will detect both single-bit and multi-bit errors, as well as attempt to correct singlebit errors. Like parity checking, ECC requires a setting in the BIOS program to be enabled. edge connector A form of connector consisting of a row of etched contacts along the edge of a printed circuit board that is inserted into an expansion slot in the computer. eDirectory Novell directory software (currently version 8.6.1) is a Lightweight Directory Access Protocol (LDAP)-enabled, directory-based identity management system that centralizes the management of user identities, access privileges, and other network resources.
EDO (Extended Data Out) RAM A type of DRAM that increases memory performance by eliminating wait states. EEPROM Acronym for Electrically Erasable Programmable Read-Only Memory. A memory chip that maintains its contents without electrical power, and whose contents can be erased and reprogrammed either within the computer or from an external source. EEPROMs are used where the application requires stable storage without power but may have to be reprogrammed. EGA Acronym for Enhanced Graphics Adapter. A video adapter standard that provides medium-resolution text and graphics. EGA can display 16 colors at the same time from a choice of 64, with a horizontal resolution of 640 pixels and a vertical resolution of 350 pixels. EGA has been superseded by VGA and SVGA. EISA Acronym for Extended Industry Standard Architecture. A PC bus standard that extends the traditional AT-bus to 32 bits and allows more than one processor to share the bus. EISA has a 32-bit data path and, at a bus speed of 8MHz, can achieve a maximum throughput of 33 megabytes per second. EISA Configuration Utility (EISA Config) The utility used to configure an EISA bus expansion card. Electrically Erasable Programmable ReadOnly Memory See EEPROM. electricity The flow of free electrons from one molecule of substance to another. This flow of electrons is used to do work.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
electromagnetic drawing tablets Type of drawing tablet that has grids of wires underneath the rubberized surface. The stylus contains a small sensor that is sensitive to electromagnetic fields. At timed intervals, an electromagnetic pulse is sent across the grid. The sensor in the stylus picks up these pulses. electromagnetic interference (EMI) Any electromagnetic radiation released by an electronic device that disrupts the operation or performance of any other device. electron gun The component of a monitor that fires electrons at the back of the phosphorcoated screen. electrostatic discharge (ESD) When two objects of dissimilar charge come in contact with one another, they will exchange electrons in order to standardize the electrostatic charge between the two objects. This exchange, or discharge, can sometimes be seen as a spark or arc of electricity. Even when it cannot be seen it is damaging to electronic components. e-mail Electronic mail is generally sent across the Internet using protocols named SMTP (for sending) and POP3 (for receiving). EMI
See electromagnetic interference (EMI).
EMM386.EXE Reserved memory manager that emulates Expanded Memory in the Extended Memory area (XMS) and provides DOS with the ability to utilize upper memory blocks to load programs and device drivers. encoding Process by which binary information is changed into flux transition patterns on a disk surface.
Enhanced Graphics Adapter
599
See EGA.
enhanced keyboard A 101-key or 102-key keyboard introduced by IBM that has become the accepted standard for PC keyboard layout. Unlike earlier keyboards, it has 12 function keys across the top, rather than 10 function keys in a block on the left side, has extra Ctrl and Alt keys, and has a set of cursor control keys between the main keyboard and the numeric keypad. Enhanced Small Device Interface (ESDI) A popular hard-disk, floppy-disk, and tape-drive interface standard, capable of a data transfer rate of 10 to 20 megabits per second. ESDI is most often used with large hard disks. environment variables These are used to set certain system-wide parameters that can then be used by applications running on the system. For instance, a system’s temporary directory can be set to a specific location using an environment variable. EP drum Device that is coated with a photosensitive material that can hold a static charge when not exposed to light. The drum contains a cleaning blade that continuously scrapes the used toner off the photosensitive drum to keep it clean. EP print process Six-step process an EP laser printer uses to form images on paper. In order, the steps are charging, exposing, developing, transferring, fusing, and cleaning. EP printer (electrophotographic printer) Printer that uses high voltage, a laser, and a black carbon toner to form an image on a page.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
600
Glossary
EPROM Acronym for erasable programmable read-only memory. A memory chip that maintains its contents without electrical power, and whose contents can be erased and reprogrammed by removing a protective cover and exposing the chip to ultraviolet light. ergonomics Standards that define the positioning and use of the body to promote a healthy work environment. error/event log Error/event logs record precise information about server events, such as services starting and stopping, or users logging on and off and accessing resources. This is one of the first places to look for details about a problem. ESD
See electrostatic discharge (ESD).
ESD mat Preventive measure to guard against the effects of ESD. The excess charge is drained away from any item that comes in contact with it. ESD wrist strap An antistatic device that attaches between the wrist of the user and a ground, used to direct static charges away from the user and computer components. Often includes an embedded resistor. Ethernet A network technology based on the IEEE 802.3 CSMA/CD standard. The original Ethernet implementation specified 10Mbps, baseband signaling, coaxial cable, and CSMA/ CD media access. even parity A technique that counts the number of 1’s in a binary number and, if the number of 1’s is not an even number, adds a digit to make it even. (See also parity.)
event ID These numbers match a text description in a message file within Event Viewer. The numbers can be used by product support representatives to understand what occurred in the system. See Event Viewer. Event Viewer A Microsoft utility that maintains logs about application, security, and system events on a computer. You can use Event Viewer to view and manage the event logs, gather information about hardware and software problems, and monitor security events. exit roller Found on laser and page printers, the mechanism that guides the paper out of the printer into the paper-receiving tray. expanded memory page frame frame.
See page
expanded memory specification (EMS) The original version of the Lotus-Intel-Microsoft Expanded Memory Specification (LIM EMS) that lets DOS applications use more than 640KB of memory space. expansion bus An extension of the main computer bus that includes expansion slots for use by compatible adapters, such as memory boards, video adapters, hard disk controllers, and SCSI interface cards. expansion card A device that can be installed into a computer’s expansion bus. expansion slot One of the connectors on the expansion bus that gives an adapter access to the system bus. You can add as many additional adapters as there are expansion slots inside your computer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
extended data output RAM (EDO RAM) A variant of dynamic random access memory that helps improve memory speed and performance by altering the timing and sequence of signals that activate the circuitry for accessing memory locations. extended DOS partition A further optional division of a hard disk, after the primary DOS partition, that functions as one or more additional logical drives. A logical drive is simply an area of a larger disk that acts as though it were a separate disk with its own drive letter. Extended Graphics Array
See XGA.
Extended Industry Standard Architecture See EISA. extended memory manager A device driver that supports the software portion of the extended memory specification in an IBMcompatible computer. Extended Memory System (XMS) Memory above 1,024KB that is used by Windows and Windows-based programs. This type of memory cannot be accessed unless the HIMEM.SYS memory manager is loaded in the DOS CONFIG.SYS with a line like DEVICE=HIMEM.SYS. extended partition If all of the space on a drive is not used in the creation of the drive’s primary partition, a second partition can be created out of the remaining space. Called the extended partition, this second partition can hold one or more logical drives. external bus An external component connected through expansion cards and slots
601
allows the processor to talk to other devices. This component allows the CPU to talk to the other devices in the computer and vice versa. external cache memory Separate expansion board that installs in a special processor-direct bus that contains cache memory. external commands Commands that are not contained within COMMAND.COM. They are represented by a .COM or .EXE extension. external hard disk A hard disk packaged in its own case with cables and an independent power supply rather than a disk drive housed inside and integrated with the computer’s system unit. external modem A stand-alone modem, separate from the computer and connected by a serial cable. LEDs on the front of the chassis indicate the current modem status and can be useful in troubleshooting communications problems. An external modem is a good buy if you want to use a modem with different computers at different times or with different types of computer. failback The process by which workload is transferred back to the now-operational server after a fault resulting in failover. failover The process by which a backup server, network component, or service takes up the workload of a failed member. FAQ Acronym for Frequently Asked Question. A document that lists some of the more commonly asked questions about a product or component. When researching a problem, the FAQ is usually the best place to start.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
602
FAT
Glossary
See file allocation table (FAT).
fault tolerance A method of preparing a network system, or some part of that system, to improve its ability to function despite a hardware, software, or system fault. This includes installation of multiples of the same component to prevent a single point of failure. fax modem An adapter that fits into a PC expansion slot and provides many of the capabilities of a full-sized fax machine, but at a fraction of the cost. FDDI See fiber distributed data interface (FDDI). FDISK.EXE The DOS utility that is used to partition hard disks for use with DOS. feed roller The rubber roller in a laser printer that feeds the paper into the printer. fiber distributed data interface (FDDI) A specification for fiber-optic networks transmitting at a speed of up to 100 megabits per second over a dual, counter-rotating, Token Ring topology. FDDI is suited to systems that require the transfer of very large amounts of information, such as medical imaging, 3D seismic processing, oil reservoir simulation, and full-motion video. fiber optic cable A transmission technology that sends pulses of light along specially manufactured optical fibers. Each fiber consists of a core, thinner than a human hair, surrounded by a sheath with a much lower refractive index. Light signals introduced at one end of the cable are conducted along the cable as the signals are reflected from the sheath.
field replacement unit replacement unit).
See FRU (field
file allocation table (FAT) A table maintained by DOS or OS/2 that lists all the clusters available on a disk. The FAT includes the location of each cluster, as well as whether it is in use, available for use, or damaged in some way and therefore unavailable. FAT also keeps track of which pieces belong to which file. file compression program An application program that shrinks program or data files, so that they occupy less disk space. The file must then be extracted or decompressed before you can use it. Many of the most popular file compression programs are shareware, like WinZIP, PKZIP, LHA, and StuffIt for the Macintosh, although utility packages like PC Tools from Central Point Software also contain file compression programs. file corruption Occasionally an improper shutdown, a virus, or a random problem will cause a file’s information to become unreadable. This unreadable file is referred to as “corrupt” and it must be either repaired or replaced. file locking A feature of many network operating systems that prevents more than one person from updating a file at the same time by “locking” the file. File Manager Early Windows utility that allows the user to accomplish a number of important file-related tasks from a single interface. This is a Windows 3.x feature only; Window 9x uses Explorer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
file server A networked computer used to store files for access by other client computers on the network. On larger networks, the file server may run a special network operating system; on smaller installations, the file server may run a PC operating system supplemented by peer-to-peer networking software. file sharing In networking, the sharing of files via the network file server. Shared files can be read, reviewed, and updated by more than one individual. Access to the file or files is often regulated by password protection, account or security clearance, or file locking, to prevent simultaneous changes from being made by more than one person at a time. File Transfer Protocol (FTP) FTP is used to transfer large files across the Internet or any TCP/IP network. Special servers, called FTP servers, store information and then transfer it back to FTP clients as needed. FTP servers can also be secured with a username and password to prevent unauthorized downloading (retrieval of a file from the server) or uploading (placing of a file on the server). FILER Novell NetWare 3.x utility used to manage files on a network server. firewall A network component (either hardware or software) that provides a secure barrier between networks or network segments. Firewalls use packet filtering, application filtering, or circuit-level filtering to prevent attacks or unauthorized access. FireWire
See IEEE-1394.
firmware Any software stored in a form of read-only memory—ROM, EPROM, or
603
EEPROM—that maintains its contents when power is removed. fixed disk A disk drive that contains several disks (also known as platters) stacked together and mounted through their centers on a small rod. The disks rotate as read/write heads float above the disks that make, modify, or sense changes in the magnetic positions of the coatings on the disk. fixed resistor Type of resistor that is used to reduce the current by a certain amount. Fixed resistors are color coded to identify their resistance values and tolerance bands. flash memory A special form of non-volatile EEPROM that can be erased at signal levels normally found inside the PC, so that you can reprogram the contents with whatever you like without pulling the chips out of your computer. Also, once flash memory has been programmed, you can remove the expansion board it is mounted on and plug it into another computer if you wish. flash utility A small software program created to update the firmware software that runs individual hardware components. flatbed scanner An optical device used to digitize a whole page or a large image. flat-panel display In laptop and notebook computers, a very narrow display that uses one of several technologies, such as electroluminescence, LCD, or thin film transistors. flavor A term used in the Unix world to denote a variation or distribution of the Unix operating system.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
604
Glossary
floating-point calculation A calculation of numbers whose decimal point is not fixed but moves or floats to provide the best degree of accuracy. Floating-point calculations can be implemented in software, or they can be performed much faster by a separate floatingpoint processor. floating-point processor A special-purpose, secondary processor designed to perform floating-point calculations much faster than the main processor. floppy disk A flat, round, magnetically coated plastic disk enclosed in a protective jacket. Data is written onto the floppy disk by the disk drive’s read/write heads as the disk rotates inside the jacket. It can be used to distribute commercial software, to transfer programs from one computer to another, or to back up files from a hard disk. Floppy disks in personal computing are of two physical sizes, 5.25" or 3.5", and a variety of storage capacities. The 5.25" floppy disk has a stiff plastic external cover, while the 3.5" floppy disk is enclosed in a hard plastic case. IBM-compatibles use 5.25" and 3.5" disks, and the Macintosh uses 3.5" disks. floppy disk controller The circuit board that is installed in a computer to translate signals from the CPU into signals that the floppy disk drive can understand. Often it is integrated into the same circuit board that houses the hard disk controller; it can, however, be integrated into the motherboard in the PC. floppy disk drive A device used to read and write data to and from a floppy disk. Floppy disk drives may be full-height drives, but more commonly these days they are half-height drives.
floppy drive cable A cable that connects the floppy drive(s) to the floppy drive controller. The cable is a 34-wire ribbon cable that usually has three connectors. floppy drive interfaces A connector on a motherboard used to connect floppy drives to the motherboard. floptical disk A removable optical disk with a recording capacity of between 20 and 25 megabytes. flux transition Presence or absence of a magnetic field in a particle of the coating on the disk. As the disk passes over an area the electromagnet is energized to cause the material to be magnetized in a small area. footprint The amount of desktop or floor space occupied by a computer or display terminal. By extension, also refers to the size of software items such as applications or operating systems. form factor There are two primary form factors for server machines—tower or rack mount. The form factor defines the type of case that the server is housed in, and which type you have will make a significant difference as to what steps you take when moving the computer into its place in the server room. FORMAT.COM External DOS command that prepares the partition to store information using the FAT system as required by DOS and Windows 9x. formatter board Type of circuit board that takes the information the printer receives from the computer and turns it into commands for the various components in the printer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
formatting 1. To apply the page-layout commands and font specifications to a document and produce the final printed output. 2. The process of initializing a new, blank floppy disk or hard disk so that it can be used to store information. form factors Physical characteristics and dimensions of drive styles. form feed (FF) A printer command that advances the paper in the printer to the top of the next page by pressing the FF button on the printer. fragmentation A disk storage problem that exists after several smaller files have been deleted from a hard disk. The deletion of files leaves the disk with areas of free disk space scattered throughout the disk. The fact that these areas of disk space are located so far apart on the disk causes slower performance because the disk read/write heads have to move all around the disk’s surface to find the pieces of one file. free memory An area of memory not currently in use. Frequently Asked Question
See FAQ.
friction feed A paper-feed mechanism that uses pinch rollers to move the paper through a printer, one page at a time.
605
between a cable and associated devices. FPT (Force Perfect Termination) is an advanced form of active termination. full AT A type of motherboard form factor where the motherboard is the same size as the original IBM AT computer’s motherboard. full backup Creates a full duplication of all data each time that the backup process is executed. full-duplex communications Communications where both entities can send and receive simultaneously. function keys The set of programmable keys on the keyboard that can perform special tasks assigned by the current application program. fuser Device on an EP Printer that uses two rollers to heat the toner particles and melt them to the paper. The fuser is made up of a halogen heating lamp, a Teflon-coated aluminum fusing roller, and a rubberized pressure roller. The lamp heats the aluminum roller. As the paper passes between the two rollers, the rubber roller presses the paper against the heated roller. This causes the toner to melt and become a permanent image on the paper. fusing assembly
See fuser.
FRU (field replacement unit) The individual parts or whole assemblies that can be replaced to repair a computer.
fusing step The step in the EP process where the toner image on the paper is fused to the paper using heat and pressure. The heat melts the toner and the pressure helps fuse the image permanently to the paper.
FPT (Force Perfect Termination) Uses diode switching and biasing to fill any fluctuations
game port A DB-15 connector used to connect game devices (like joysticks) to a computer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
606
Glossary
gateway In networking, a shared connection between a local area network and a larger system, such as a mainframe computer or a large packet-switching network. Usually slower than a bridge or router, a gateway typically has its own processor and memory and can perform protocol conversions. Protocol conversion allows a gateway to connect two dissimilar networks; data is converted and reformatted before it is forwarded to the new network.
execute in windows, using a consistent set of pull-down menus, dialog boxes, and other graphical elements such as scroll bars and icons.
GDI.EXE Windows core component that is responsible for drawing icons and windows in Windows 3.x.
group icons A type of Windows icon that groups Windows program icons together in the Program Manager.
General Protection Fault (GPF) A Windows error that typically occurs when a Windows program tries to access memory currently in use by another program.
graphics mode A mode of a video card that allows the video card to display graphics.
GUI
GFS (grandfather-father-son) A backup rotation scheme that involves daily backups (called the son), one full weekly backup (called the father), and one full monthly backup (called the grandfather). gigabyte One billion bytes; however, bytes are most often counted in powers of 2, and so a gigabyte becomes 2 to the 30th power, or 1,073,741,824 bytes. GPF
graphics accelerator board A specialized expansion board containing a graphics coprocessor as well as all the other circuitry found on a video adapter.
See General Protection Fault (GPF).
graphical user interface (GUI) A graphicsbased user interface that allows users to select files, programs, or commands by pointing to pictorial representations on the screen rather than by typing long, complex commands from a command prompt. Application programs
See graphical user interface (GUI).
half-duplex communications Communications that occur when only one entity can transmit or receive at any one instant. half-height drive A space-saving drive bay that is half the height of the 3" drive bays used in the original IBM PC. Most of today’s drives are half-height drives. hand-held scanner Type of scanner that is small enough to be held in your hand. Used to digitize a relatively small image or artwork, it consists of the controller, CCD, and light source contained in a small enclosure with wheels on it. hard disk controller An expansion board that contains the necessary circuitry to control and coordinate a hard disk drive. Many hard disk controllers are capable of managing more than one hard disk, as well as floppy disks and even tape drives.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
hard disk drive A storage device that uses a set of rotating, magnetically coated disks called platters to store data or programs. A typical hard disk platter rotates at up to 7200rpm, and the read/write heads float on a cushion of air from 10 to 25 millionths of an inch thick so that the heads never come into contact with the recording surface. The whole unit is hermetically sealed to prevent airborne contaminants from entering and interfering with these close tolerances. Hard disks range in capacity from a few tens of megabytes to several gigabytes of storage space; the bigger the disk, the more important a well thought out backup strategy becomes. hard disk interfaces A connector on a motherboard that makes it possible to connect a hard disk to the motherboard. hard disk system A disk storage system containing the following components: the hard disk controller, hard disk, and host adapter. hard memory error A reproducible memory error that is related to hardware failure. hard reset A system reset made by pressing the computer’s reset button or by turning the power off and then on again. hard shutdown An unplanned shutdown that involves a complete loss of power to the operating system and all open programs. hardware All the physical electronic components of a computer system, including peripherals, printed-circuit boards, displays, and printers. hardware compatibility list (HCL) An HCL is a list (that is maintained and regularly
607
updated by Microsoft for each of its Windows OSs) of all hardware currently known to be compatible with a particular operating system. Windows 98, NT, and 2000 all have their own HCL. hardware failure A computer failure that involves a hardware component that will not function as expected. Hardware failures often require that the device be replaced rather than repaired. hardware interrupt An interrupt or request for service generated by a hardware device such as a keystroke from the keyboard or a tick from the clock. Because the processor may receive several such signals simultaneously, hardware interrupts are usually assigned a priority level and processed according to that priority. hardware ports
See I/O address.
head The electromagnetic device used to read from and write to magnetic media such as hard and floppy disks, tape drives, and compact discs. The head converts the information read into electrical pulses sent to the computer for processing. header Information that is attached to the beginning of a network data frame. Heartbeat A signal generated periodically by hardware or software to indicate that it is still running. heat sink A device that is attached to an electronic component that removes heat from the component by induction. It is often a plate of aluminum or metal with several vertical fingers.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
608
Glossary
hertz Abbreviated Hz. A unit of frequency measurement; 1 hertz equals one cycle per second.
High Voltage Differential (HVD) A SCSI signalling method that supports a throughput of 40MBps at a cable length of 25 meters.
hexadecimal Abbreviated hex. The base-16 numbering system that uses the digits 0 to 9, followed by the letters A to F (equivalent to the decimal numbers 10 through 15). Hex is a very convenient way to represent the binary numbers computers use internally, because it fits neatly into the 8-bit byte. All of the 16 hex digits 0 to F can be represented in 4 bits, and so two hex digits (one digit for each set of 4 bits) can be stored in a single byte. This means that 1 byte can contain any one of 256 different hex numbers, from 0 through FF. Hex numbers are often labeled with a lowercase h (for example, 1234h) to distinguish them from decimal numbers.
high-voltage probe A device used to drain away voltage from a monitor before testing. It is a pencil shaped device with a metal point and a wire lead with a clip.
high-density disk A floppy disk with more recording density and storage capacity than a double-density disk. high-level format The process of preparing a floppy disk or a hard disk partition for use by the operating system. In the case of DOS, a high-level format creates the boot sector, the file allocation table (FAT), and the root directory. high memory area (HMA) In an IBMcompatible computer, the first 64K of extended memory above the 1MB limit of 8086 and 8088 addresses. Programs that conform to the extended memory specification can use this memory as an extension of conventional memory although only one program can use or control HMA at a time.
HIMEM.SYS The DOS and Microsoft Windows device driver that manages the use of extended memory and the high memory area on IBM-compatible computers. HIMEM.SYS not only allows your application programs to access extended memory, it oversees that area to prevent other programs from trying to use the same space at the same time. HIMEM.SYS must be loaded by a DEVICE command in your CONFIG.SYS file; you cannot use DEVICEHIGH. HMA
See high memory area (HMA).
home page On the Internet, an initial starting page. A home page may be related to a single person, a specific subject, or a corporation and is a convenient jumping-off point to other pages or resources. host The central or controlling computer in a networked or distributed processing environment, providing services that other computers or terminals can access via the network. Computers connected to the Internet are also described as hosts, and can be accessed using FTP, Telnet, Gopher, or a browser. host adapter Translates signals from the hard drive and controller to signals the computer’s bus can understand.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
609
host name The name by which a computer is known on a TCP/IP network. This name must be unique within the domain that the machine is in. In Windows 2000 the computer name is always the same as the machine’s host name, while in Windows 9x the two can be different.
iFolder Novell iFolder is an Internet service software that simplifies, accelerates, and secures access to your data across the Internet. Files are kept dynamically updated and accessible wherever the user is (as long as Internet access is available).
hot backup site A hot backup site is an exact copy of the original business located in a different physical space. This includes equipment, software, and data. It is extremely expensive to create and maintain but the easiest to transition to should the need arise.
IMAP (Internet Message Access Protocol) A protocol for retrieving e-mail messages. The newest-release IMAP 4 is similar to POP3 but contains advanced features.
hot plug A technology that allows installation of a hardware component, such as a hard disk, in a computer without first powering down the computer. hub A connectivity device used to link several computers together into a physical star topology. They repeat any signal that comes in on one port and copies it to the other ports. HVPS See high-voltage power supply (HVPS). hybrid topology A mix of more than one topology type used on a network. Hypertext Transfer Protocol (HTTP) HTTP is the protocol of the World Wide Web, and is used to send and receive web pages and other content from an HTTP server (web server). HTTP makes use of linked pages, accessed via hyperlinks, which are words or pictures that, when clicked on, take you to another page. I/O (input/output channels) The transfer of data between a computer and a peripheral device. See I/O address.
incremental backup A backup method that backs up the files that have changed since the last backup (full, differential, or incremental) was performed. Industry Standard Architecture (ISA) bus An expansion bus used in the original AT motherboards. ISA expansion busses transfer at 16 bits and are configured through the use of jumpers on the expansion card. in-place upgrade When reformatting a hard disk on a server and performing a clean install of the OS, you will find that most operating systems provide in-place upgrade functionality. When you perform the upgrade, the configuration settings for the old OS are migrated to the new OS. In many ways, an in-place upgrade is the easiest option when you need to upgrade your OS. integrated Describes a motherboard or other computer component that contains embedded parts normally provided as separate components. IntranetWare Novell released IntranetWare in 1996 and 1997. It is a product family designed for intranet data sharing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
610
Glossary
I/O address Lines on a bus used to allow the CPU to send instructions to the devices installed in the bus slots. Each device is given its own communication line to the CPU. These lines function like one-way (unidirectional) mailboxes. I/O ports
See I/O address.
IP spoofing A hacking method that involves a hacker tricking a private network into believing that his machine’s IP address belongs within the private network. ipconfig A command-line utility that locates and displays the current TCP/IP configuration. IBM-compatible computer Originally, any personal computer compatible with the IBM line of personal computers. With the launch of IBM’s proprietary micro channel architecture in the PS/2 line of computers, which replaced the AT bus, two incompatible standards emerged, and so the term became misleading. Now, it is becoming more common to use the term “industry-standard computer” when referring to a computer that uses the AT or ISA bus, and the term “DOS computer” to describe any PC that runs DOS and is based on one of the Intel family of chips. IBM PC A series of personal computers based on the Intel 8088 processor, introduced by IBM in mid-1981. The PC was released containing 16K of memory, expandable to 64K on the motherboard, and a monochrome video adapter incapable of displaying bit-mapped graphics. The floppy disk drive held 160K of data and programs. There was no hard disk on the original IBM PC; that came later with the release of the IBM PC/XT.
IBM PS/2 A series of personal computers using several different Intel processors, introduced by IBM in 1987. The main difference between the PS/2 line and earlier IBM personal computers was a major change to the internal bus. Previous computers used the AT bus, also known as industry-standard architecture, but IBM used the proprietary micro channel architecture in the PS/2 line instead. Micro channel architecture expansion boards will not work in a computer using ISA. See IBM-compatible computer. IC
See integrated circuit (IC).
icons On-screen graphics that act as doors through which programs are started and therefore used to spawn windows. They are shortcuts that allow a user to open a program or a utility without knowing where that program is or how it needs to be configured. IDE Acronym for integrated (or intelligent) drive electronics. A hard disk technology that can connect multiple drives together. These drives integrate the controller and drive into one assembly. This makes them very inexpensive. Because of this, IDE drives are the most commonly used disk technology installed in computers today. IEEE-1394 A high-speed digital interface most commonly used to transfer data between computers and digital video cameras. It has a maximum data transfer rate of over 400Mbps (the original Apple Macintosh implementation is called FireWire). impact printer Any printer that forms an image on paper by forcing a character image against an inked ribbon. Dot-matrix,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
611
daisy-wheel, and line printers are all impact printers, whereas laser printers are not.
an OverDrive processor can increase application performance by an estimated 40 to 70 percent.
incremental backup A backup of a hard disk that consists of only those files created or modified since the last backup was performed.
intelligent hub A class of hub that can be remotely managed on the network.
Industry Standard Architecture
See ISA.
ini file Text file that is created by an installation program when a new Windows application is installed. INI files contain settings for individual Windows applications as well as for Windows itself. initialization commands A set of commands sent to a modem to prepare it to function. inoculating The process of protecting a computer system against virus attacks by installing antivirus software. input/output address
See I/O address.
integrated circuit (IC) Also known as a chip. A small semiconductor circuit that contains many electronic components. integrated drive electronics
See IDE.
Integrated Services Digital Network ISDN.
See
integrated system boards A system board that has most of the computer’s circuitry attached, as opposed to having been installed as expansion cards. Intel OverDrive OverDrive chips boost system performance by using the same clock multiplying technology found in the Intel 80486DX-2 and DX4 chips. Once installed,
interface Any port or opening that is specifically designed to facilitate communication between two entities. interface software The software for a particular interface that translates software commands into commands that the printer can understand. interlacing A display technique that uses two passes over the monitor screen, painting every other line on the screen the first time and then filling in the rest of the lines on the second pass. It relies on the physiological phenomenon known as persistence of vision to produce the effect of a continuous image. interleaving Interleaving involves skipping sectors to write the data, instead of writing sequentially to every sector. This evens out the data flow and allows the drive to keep pace with the rest of the system. Interleaving is given in ratios. If the interleave is 2:1, the disk skips 2 minus 1, or 1 sector, between each sector it writes (it writes to one sector, skips one sector, then writes to the next sector following). Most drives today use a 1:1 interleave, because today’s drives are very efficient at transferring information. International Organization for Standardization (ISO) An international standards-making body, based in Geneva, that establishes global standards for communications and information
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
612
Glossary
exchange. (Note that ISO is not an acronym, but rather a Greek word meaning equal.) Internet The Internet (Net) is the global TCP/ IP network that now extends into nearly every office and school. The World Wide Web is the most visible part of the Internet, but e-mail, newsgroups, and FTP (to name just a few) are also important parts of the Internet. Internet address An IP or domain address which identifies a specific node on the Internet. Internet Protocol
See IP.
Internet Service Provider (ISP) An ISP is a company that provides Internet access for users. Generally ISPs are local or regional companies that provide Internet access and e-mail addresses to users. internetwork Any TCP/IP network that spans router interfaces is considered to be an internetwork. This means that anything from a small office with two subnets to the Internet itself can be described as an internetwork. interrupt A signal to the processor generated by a device under its control (such as the system clock) that interrupts normal processing. An interrupt indicates that an event requiring the processor’s attention has occurred, causing the processor to suspend and save its current activity and then branch to an interrupt service routine. This service routine processes the interrupt (whether it was generated by the system clock, a keystroke, or a mouse click) and when it’s complete, returns control to the suspended process. In the PC, interrupts are often divided into three classes: internal hardware, external hardware, and software interrupts. The Intel
80x86 family of processors supports 256 prioritized interrupts, of which the first 64 are reserved for use by the system hardware or by DOS. interrupt request (IRQ) A hardware interrupt signals that an event has taken place that requires the processor’s attention, and may come from the keyboard, the input/output ports, or the system’s disk drives. In the PC, the main processor does not accept interrupts from hardware devices directly; instead interrupts are routed to an Intel 8259A Programmable Interrupt Controller. This chip responds to each hardware interrupt, assigns a priority, and forwards it to the main processor. interrupt request (IRQ) lines Hardware lines that carry a signal from a device to the processor. IP Abbreviation for Internet Protocol. The underlying communications protocol on which the Internet is based. IP allows a data packet to travel across many networks before reaching its final destination. IP address In order to communicate on a TCP/IP network, each machine must have a unique IP address. This address is in the form x.x.x.x where x is a number from 0 to 255. IPCONFIG Used on Windows 2000 to view current IP configuration information and to manually request updated information from a DHCP server. IPP (Internet Printing Protocol) An Internet printing protocol designed by Novell and Xerox, and supported by IETF. IPP allows for printing over the Internet with four main function
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
areas: finding a printer’s capabilities, allowing users to submit print jobs to a printer, allowing users to find printer status, and cancelling a previously submitted job. IRQ
See interrupt request (IRQ).
ISA (Industry Standard Architecture) bus The 16-bit bus design was first used in IBM’s PC/AT computer in 1984. ISA has a bus speed of 8MHz and a maximum throughput of 8MBps. EISA is a 32-bit extension to this standard bus. ISDN Abbreviation for Integrated Services Digital Network. A worldwide digital communications network emerging from existing telephone services, intended to replace all current systems with a completely digital transmission system. Computers and other devices connect to ISDN via simple, standardized interfaces, and when complete, ISDN systems will be capable of transmitting voice, video, music, and data. Jaz A backup device created by Iomega that uses removable cartridges to store data. Jaz cartridges are available in 1 or 2 gigabyte sizes. joystick port
See game port.
jumper A small plastic and metal connector that completes a circuit, usually to select one option from a set of several user-definable options. Jumpers are often used to select one particular hardware configuration rather than another. kernel file Windows core component that is responsible for managing Windows resources and running applications. kilobit Abbreviated Kb or Kbit. 1024 bits (binary digits).
613
kilobits per second Abbreviated Kbps. The number of bits, or binary digits, transmitted every second, measured in multiples of 1024 bits per second. Used as an indicator of communications transmission rate. kilobyte bytes.
Abbreviated K, KB, or Kbyte. 1024
knowledge base A collection of regularly updated information pertaining to a specific topic. KVM (keyboard/video/mouse) A box that allows more than one computer to be controlled through a single keyboard, monitor, and mouse. The KVM box contains a switch that allows you to select which computer to control. L1 cache Any cache memory that is integrated into the CPU. L2 cache Any cache memory that is external to the CPU. LAN
See local area network (LAN).
landing zone A safe location on a hard drive where the actuator arm and read/write heads can safely come to a rest and not contact the areas of the hard drive platters that contain data. Iaser printer A generic name for a printer that uses the electrophotographic (EP) print process. laser scanner The assembly in an EP process printer that contains the laser. This component is responsible for writing the image to the EP drum.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
614
Glossary
latency The time that elapses between issuing a request for data and actually starting the data transfer. In a hard disk, this translates into the time it takes to position the disk’s read/write head and rotate the disk so that the required sector or cluster is under the head. Latency is just one of many factors that influence disk access speeds. LCD
See liquid crystal display (LCD).
LCD monitor A monitor that uses liquid crystal display technology. Many laptop and notebook computers use LCD displays because of their low power requirements. least significant bit (LSB) In a binary number, the lowest-order bit. That is, the rightmost bit. So, in the binary number 0001, the 1 is the least significant bit.
uses electric current to align crystals in a special liquid. The rod-shaped crystals are contained between two parallel transparent electrodes, and when current is applied, they change their orientation, creating a darker area. Many LCD screens are also backlit or side-lit to increase visibility and reduce the possibility of eyestrain. line conditioner A device placed between a computer and the electrical source. Line conditioners protect electronic equipment from power surges, spikes, and brownouts. Linux A freely available operating system based on Unix. Linux’s open architecture lends it especially well to custom engineering to meet individual needs.
LED panels Small light panels located either on the front panel, or within a computer case, designed to provide visual information as to the status of the computer’s hardware operations.
Load Balancing A strategy in which requests are distributed across all available channels. The idea behind Load Balancing is to equalize the traffic stress across multiple devices rather than place a major burden on one. Similar to clustering, in that two or more servers team up to do a single job: What distinguishes Load Balancing, though, is that each server retains its own identity and often keeps its own copy of needed resources.
legacy An application in which a company has already invested heavily, and which must remain operational. Legacy applications can limit upgrades.
local area network (LAN) A group of computers and associated peripherals connected by a communications channel capable of sharing files and other resources between several users.
letter quality (LQ) A category of dot-matrix printer that can print characters that look very close to the quality a laser printer might produce.
local bus A PC bus specification that allows peripherals to exchange data at a rate faster than the 8 megabytes per second allowed by the ISA (Industry Standard Architecture) and the 32 megabytes per second allowed by the EISA (Extended Industry Standard Architecture)
LED page printer A type of EP process printer that uses a row of LEDs instead of a laser to expose the EP drum.
liquid crystal display (LCD) A display technology common in portable computers that
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
definitions. Local bus can achieve a maximum data rate of 133 megabytes per second with a 33MHz bus speed, 148 megabytes per second with a 40MHz bus, or 267 megabytes per second with a 50MHz bus. local resources Files or folders that are physically located on the machine the user is sitting at are referred to as local to that user. Windows 2000 has the ability to enforce local security, while Windows 9x does not. log file A file that details errors and warnings generated, when they occurred, an event ID, and sometimes an event description. Normally log files are saved in a text format on a local hard drive. logic board The sturdy sheet or board to which all other components on the computer are attached. These components consist of the CPU, underlying circuitry, expansion slots, video components, and RAM slots, just to name a few. Also known as a motherboard or planar board. logical drive Created within an extended partition, a logical drive is used to organize space within the partition, which can be accessed through the use of a drive letter. logical memory The way memory is organized so it can be accessed by an operating system. logical topology Topology that defines how the data flows in a network. logon The process of logging on submits your username and password to the network and gives you the network credentials you will
615
use for the rest of that session. Users can either log on to a workgroup or to a network security entity (such as the Active Directory). low-level format The process that creates the tracks and sectors on a blank hard disk or floppy disk; sometimes called the physical format. Most hard disks are already low-level formatted; however, floppy disks receive both a low- and a high-level format (or logical format) when you use the DOS or OS/2 command FORMAT. Low Voltage Differential (LVD) A signaling method used in SCSI communication. A lownoise, low-power, low-amplitude method for high-speed data transmission. LPTx ports In DOS, the device name used to denote a parallel communications port, often used with a printer. DOS supports three parallel ports: LPT1, LPT2, and LPT3, and OS/2 adds support for network ports LPT4 through LPT9. LUN (logical unit number) A unique identifier on a SCSI bus that enables it to differentiate between up to eight separate devices on a single SCSI ID. magneto-optical (MO) drives An erasable, high-capacity, removable storage device similar to a CD-ROM drive. Magneto-optical drives use both magnetic and laser technology to write data to the disk and use the laser to read that data back again. Writing data takes two passes over the disk, an erase pass followed by the write pass, but reading can be done in just one pass and, as a result, is much faster.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
616
Glossary
main motor A printer stepper motor that is used to advance the paper. MAN (metropolitan area network) A network that is larger than a local area network but smaller than a wide area network. MANs often contain multiple redundant links between physical locations to ensure connectivity. ManageWise Network management software from Novell that manages NetWare and Windows servers, as well as all supported clients. mapped path A logical disk drive created as a path to another physical computer over a network. master drive The primary drive in an IDE master/slave configuration. master/slave relationship A connective relationship between two devices located on an IDE ribbon cable. One device must be set to be the master and one to be the slave. This process is done through jumpers located on the devices. math coprocessor A processor that speeds up the floating decimal point calculations that are needed in algebra and statistical calculations. MCA MCA is incompatible with expansion boards that follow the earlier 16-bit AT bus standard, physically because the boards are about 50 percent smaller and electronically as the bus depends on more proprietary integrated circuits. MCA was designed for multiprocessing, and it also allows expansion boards to identify themselves, thus eliminating many of the conflicts that arose through the use of manual settings in the original bus.
megabit (Mbit) Usually 1,048,576 binary digits or bits of data. Often used as equivalent to 1 million bits. megabits per second (Mbps) A measurement of the amount of information moving across a network or communications link in 1 second, measured in multiples of 1,048,576 bits. megabyte (MB) Usually 1,048,576 bytes. Megabytes are a common way of representing computer memory or hard-disk capacity. megahertz (MHz) One million cycles per second. A processor’s clock speed is often expressed in MHz. The original IBM PC operated an 8088 running at 4.77MHz, while the more modern Pentium processor runs at speeds of up to 1000MHz and higher. memory The primary random access memory (RAM) installed in the computer. The operating system copies application programs from disk into memory, where all program execution and data processing takes place; results are written back out to disk again. The amount of memory installed in the computer can determine the size and number of programs that it can run, as well as the size of the largest data file. memory address The exact location in memory that stores a particular data item or program instruction. memory map The organization and allocation of memory in a computer. A memory map will give an indication of the amount of memory used by the operating system and the amount remaining for use by applications.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
memory optimization The process of making the most possible conventional memory available to run DOS programs. memory refresh An electrical signal that keeps the data stored in memory from degrading. mesh topology Type of logical topology where each device on a network is connected to every other device on the network. This topology uses routers to search multiple paths and determine the best path. Messaging Application Programming Interface (MAPI) The MAPI interface is used to control how Windows interacts with messaging applications such as e-mail programs. MAPI makes most of the functions of e-mail transparent and allows programmers to just write the application, not the whole messaging system. MFM encoding See modified frequency modulation (MFM) encoding. Microsoft Diagnostics Diagnostics).
See MSD (Microsoft
Microsoft Disk Operating System MS-DOS.
See
modem Contraction of modulator/ demodulator, a device that allows a computer to transmit information over a telephone line. The modem translates between the digital signals that the computer uses and analog signals suitable for transmission over telephone lines. When transmitting, the modem modulates the digital data onto a carrier signal on the telephone line. When receiving, the modem
617
performs the reverse process and demodulates the data from the carrier signal. modified frequency modulation (MFM) encoding The most widely used method of storing data on a hard disk. Based on an earlier technique known as frequency modulation (FM) encoding, MFM achieves a two-fold increase in data storage density over standard FM recording, but it is not as efficient a space saver as run-length limited encoding. Molex connector power connector.
See standard peripheral
monitor A video output device capable of displaying text and graphics, often in color. Monitor A Novell NetWare loadable module for monitoring the status and performance of the NetWare server and network activity. Monitor also observes memory and processor use. monitoring The process of watching a computer’s performance through specifically designed software and tools. The intention of monitoring is to gather data and predict potential problems before they occur. monitoring agents Software programs that assist the process of performance monitoring by collecting and reporting data. monochrome monitor A monitor that can display text and graphics in one color only. For example, white text on a green background or black text on a white background. monthly rotation A backup rotation cycle in which, for example, each Friday’s tape is kept for a month. Data errors discovered within the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
618
Glossary
week could be corrected by restoring the appropriate daily backup. Errors discovered within the month could be corrected by restoring from a weekly backup, limiting data loss to changes made subsequent to that backup. most significant bit (MSB) In a binary number, the highest-order bit. That is, the leftmost bit. In the binary number 10000000, the 1 is the most significant bit. motherboard The main printed circuit board in a computer that contains the central processing unit, appropriate coprocessor and support chips, device controllers, memory, and also expansion slots to give access to the computer’s internal bus. Also known as a logic board or system board. mouse A small input device with one or more buttons used for pointing or drawing. As you move the mouse in any direction, an on-screen mouse cursor follows the mouse movements; all movements are relative. Once the mouse pointer is in the correct position on the screen, you can press one of the mouse buttons to initiate an action or operation; different user interfaces and file programs interpret mouse clicks in different ways. MSBACKUP A DOS program that allows the user to make backup copies of all the programs and data stored on the hard disk. This program is menu-driven and allows the user to set up options that can be used each time you back up the hard drive. MSD (Microsoft System Diagnostics) Program that allows the user to examine many different aspects of a system’s hardware and software setup.
MS-DOS Acronym for Microsoft Disk Operating System. MS-DOS, like other operating systems, allocates system resources (such as hard and floppy disks, the monitor, and the printer) to the applications programs that need them. MS-DOS is a single-user, single-tasking operating system, with either a command-line interface or a shell interface. MTBF (mean time between failures) A calculation of the average time between computer failures. This can include hardware, software, or a combination of the two. multimedia A computer technology that displays information by using a combination of full-motion video, animation, sound, graphics, and text with a high degree of user interaction. multimeter Electronic device used to measure and test ohms, amperes, and volts. multimode A fiber optic transmission method that uses light emitting diodes as the optical transmission method. multiplexer A network device that combines multiple data streams into a single stream for transmission. Multiplexers can also break out the original data streams from a single, multiplexed stream. multipurpose server A server that has more than one use. For example, a multipurpose server can be both a file server and a print server. multistation access unit (MAU) The central device in a Token Ring network that provides both the physical and logical connections to the stations.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
multisync monitor A monitor designed to detect and adjust to a variety of different input signals. By contrast, a fixed-frequency monitor must receive a signal at one specific frequency. multitasking A feature of an operating system that allows more than one program to run simultaneously. multithreading The ability of a program to send multiple tasks to the processor at the same time. This allows an application to execute more quickly, but it requires the support of a multithreaded operating system. natural disaster In the context of server maintenance, a natural disaster is loss of data caused by flood, tornado, earthquake, and so on. Nbtstat Displays protocol statistics and current TCP/IP connections using NetBIOS over TCP/IP. near letter quality (NLQ) A category of dot-matrix printer that can come close to the quality of a laser printer, but still is lacking somewhat in print quality. NetBEUI Abbreviation for NetBIOS Extended User Interface. A network device driver for the transport layer supplied with Microsoft’s LAN Manager. NetBIOS Acronym for Network Basic Input/ Output System. In networking, a layer of software, originally developed in 1984 by IBM and Sytek, that links a network operating system with specific network hardware. NetBIOS provides an application program interface (API) with a consistent set of commands for
619
requesting lower-level network services to transmit information from node to node. NetBIOS Extended User Interface See NetBEUI. NetFinity by IBM.
Server product line created
Netstat A software utility that displays protocol statistics and current TCP/IP network connections. network A group of computers and associated peripherals connected by a communications channel capable of sharing files and other resources between several users. A network can range from a peer-to-peer network (that connects a small number of users in an office or department) to a local area network (that connects many users over permanently installed cables and dial-up lines) or to a wide area network (that connects users on several different networks spread over a wide geographic area). network adapter In order to access network resources, a physical connection to the network must be made. This is generally done through the network adapter, which is expansion hardware designed to interface with the network. (Also referred to as network card.) Network Basic Input/Output System NetBIOS.
See
network client software The software that enables a computer to communicate on the network. network interface card (NIC) In networking, the PC expansion board that plugs
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
620
Glossary
into a personal computer or server and works with the network operating system to control the flow of information over the network. The network interface card is connected to the network cabling (twisted-pair, coaxial or fiberoptic cable), which in turn connects all the network interface cards in the network. Network layer The third of seven layers of the International Organization for Standardization’s Open Systems Interconnection (ISO/ OSI) model for computer-to-computer communications. The Network layer defines protocols for data routing to ensure that the information arrives at the correct destination node. network security provider In a network environment, it is often easier to manage the network by having centralized user ID and password storage. Examples of this type of centralized system are Windows 2000’s Active Directory or NetWare’s NDS. Newsgroup An online discussion group which shares information on a specific topic of interest. Messages can be posted and replied to on a newsgroup. NIC
See network interface card (NIC).
NLMs (NetWare Loadable Modules) Software that enhances or provides additional functions in a NetWare 3.x or higher server. node In communications, any device attached to the network. nonconductor Any material that does not conduct electricity. nondedicated server A computer that can be both a server and a workstation. In practice,
by performing the functions of both server and workstation, this type of server does neither function very well. Nondedicated servers are typically used in peer-to-peer networks. nonintegrated system boards A type of motherboard where the various subsystems (video, disk access, etc.) are not integrated into the motherboard, but rather placed on expansion cards that can be removed and upgraded. non-interlaced Describes a monitor in which the display is updated (refreshed) in a single pass, painting every line on the screen. Interlacing takes two passes to paint the screen, painting every other line on the first pass, and then sequentially filling in the other lines on the second pass. Non-interlaced scanning, while more expensive to implement, reduces unwanted flicker and eyestrain. non-natural disasters Disastrous data loss originating from human sources such as electrical fires, theft, and vandalism. NOS (Network Operating System) Software that runs on the server and controls and manages the network. The NOS controls the communication with resources and the flow of data across the network. notebook computer A small portable computer, about the size of a computer book, with a flat screen and a keyboard that fold together. A notebook computer is lighter and smaller than a laptop computer. Some models use flash memory rather than conventional hard disks for program and data storage, while other models offer a range of business applications in ROM. Many offer PCMCIA expansion slots
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
for additional peripherals such as modems, fax modems, or network connections. Novell NetWare A server operating system created by Novell. The most recent version of NetWare is version 6. NTDS (NT Directory Services) Previous versions of Windows Server used NTDS (NT Directory Services) to control user accounts and groups security. Windows 2000 switched to Active Directory. NTFS The NT File System was created to provide enhanced security and performance for the Windows NT operating system, and it has been adopted and improved upon by Windows 2000. NTFS provides Windows 2000 with local file security, file auditing, compression, and encryption options. It is not compatible with Windows 9x or DOS. null modem A short RS-232-C cable that connects two personal computers so that they can communicate without the use of modems. The cable connects the two computers’ serial ports, and certain lines in the cable are crossed over so that the wires used for sending data by one computer are used for receiving data by the other computer and vice versa. numeric keypad A set of keys to the right of the main part of the keyboard, used for numeric data entry. odd parity A technique that counts the number of 1s in a binary number and, if the number of 1s total is not an odd number, adds a digit to make it odd. See also parity. ohm
Unit of electrical resistance.
621
Open Systems Interconnection (OSI) model See OSI (Open Systems Interconnection) model. OpenServer OpenServer is a family of client and server operating systems for the Intel platform based on the Unix operating system. operating system (OS) The software responsible for allocating system resources, including memory, processor time, disk space, and peripheral devices such as printers, modems, and the monitor. All application programs use the operating system to gain access to these system resources as they are needed. The operating system is the first program loaded into the computer as it boots, and it remains in memory at all times thereafter. optical disk A disk that can be read from and written to, like a fixed disk but, like a CD, is read with a laser. optical drive A type of storage drive that uses a laser to read from and write to the storage medium. optical mouse A mouse that uses a special mouse pad and a beam of laser light. The beam of light shines onto the mouse pad and reflects back to a sensor in the mouse. Special small lines crossing the mouse pad reflect the light into the sensor in different ways to signal the position of the mouse. optical scanner
See scanner.
optical touch screen A type of touch screen that uses light beams on the top and left side and optical sensors on the bottom and right side to detect the position of your finger when you touch the screen.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
622
Glossary
option disk A disk that contains the devicespecific configuration files for the device being installed into a MCA bus computer. optomechanical mouse Type of mouse that contains a round ball that makes contact with two rollers. Each roller is connected to a wheel that has small holes in it. The wheel rotates between the arms of a U-shaped mechanism that holds a light on one arm and an optical sensor on the other. As the wheels rotate, the light flashes coming through the holes indicate the speed and direction of the mouse, and these values are transmitted to the computer and the mouse control software. OS/2 An early 32-bit operating system originally designed by Microsoft and IBM in partnership, and then sold by IBM exclusively. OSI (Open Systems Interconnection) Model A protocol model, developed by the International Organization for Standardization (ISO), that was intended to provide a common way of describing network protocols. This model describes a seven-layered relationship between the stages of communication. Not every protocol maps perfectly to the OSI model, as there is some overlap within some the layers of some protocols. Overclocking A method of physically forcing a computer to perform at a faster speed then originally designed. Overclocking often involves increasing voltages and clock speeds for processor. packet filtering A method of controlling traffic to a network through analyzing incoming and outgoing data packets.
IP addresses are used to assess data packets and then compared to a static list to grant or deny access. Packet filtering is a method used by firewalls. page description language Describes the whole page being printed. The controller in the printer interprets these commands and turns them into laser pulses or firing print wires. page frame The special area reserved in upper memory that is used to swap pages of memory into and out of expanded memory. page printers Type of printer that handles print jobs one page at a time instead of one line at a time. pages 16K chunks of memory used in expanded memory. paging The process of swapping memory to an alternate location, such as to and from a page frame in expanded memory or to and from a swap file. PAN (personal area network) A small network normally focused on an individual and devices associated with him or her. Devices can include laptops, desktops, and PDAs. paper pickup roller A D-shaped roller that rotates against the paper and pushes one sheet into the printer. paper registration roller A roller in an EP process printer that keeps paper movement in sync with the EP image formation process. paper transport assembly The set of devices that moves the paper through the
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
printer. It consists of a motor and several rubberized rollers that each perform a different function. parallel port An input/output port that manages information 8 bits at a time, often used to connect a parallel printer. parallel processing A processor architecture where a processor essentially contains two processors in one. The processor can then execute more than one instruction per clock cycle. parity Parity is a simple form of error checking used in computers and telecommunications. Parity works by adding an additional bit to a binary number and using it to indicate any changes in that number during transmission. parity RAM An error-assessing method used to analyze RAM based on adding an extra data bit. Parity is used to ensure the validity of the data. partition A portion of a hard disk that the operating system treats as a separate drive. partition table In DOS, an area of the hard disk containing information on how the disk is organized. The partition table also contains information that tells the computer which operating system to load; most disks will contain DOS, but some users may divide their hard disk into different partitions, or areas, each containing a different operating system. The partition table indicates which of these partitions is the active partition, the partition that should be used to start the computer. passive hub Type of hub that electrically connects all network ports together. This type of hub is not powered.
623
passive-matrix screen An LCD display mechanism that uses a transistor to control every row of pixels on the screen. This is in sharp contrast to active-matrix screens, where each individual pixel is controlled by its own transistor. password In order to identify themselves on the network, each user must provide two credentials—a username and a password. The username says, “This is who I am,” and the password says, “And here’s proof!” Passwords are case sensitive and should be kept secret from other users on the network. Patch A small file created to repair or add a feature to an existing program. Patches are installed and normally replace existing files within a program or operating system. path When referring to a file on a computer’s hard drive, the path is used to describe where it exists within the directory structure. If a file is on the D drive in a folder named TEST, its path is d:\test\. PC Card A PC Card, also known as a PCMCIA card or a “credit card adapter” is a peripheral device that uses the PCMCIA specification. These have the advantage of being small, easy to use and fully plug-and-play compliant. PC Card slot An opening in the case of a portable computer intended to receive a PC Card; also known as a PCMCIA slot. PC Card Socket Services services. PCB
See socket
See printed-circuit board (PCB).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
624
Glossary
PCONSOLE Novell NetWare version 3 used PCONSOLE to setup and manage printers on a NetWare server.
dual pipelining that allow the Pentium to execute more than one instruction per clock cycle.
PC-DOS 1 Microsoft’s Disk Operating System is generally referred to as MS-DOS. When it was packaged with IBM’s personal computers, though, DOS was modified slightly and was called PC-DOS.
Pentium Pro The 32-bit Pentium Pro (also known as the P6) has a 64-bit data path between the processor and cache and is capable of running at clock speeds up to 200MHz. Unlike the Pentium, the Pentium Pro has its secondary cache built into the CPU itself, rather than on the motherboard, meaning that it accesses cache at internal speed, not bus speed.
PCI Abbreviation for Peripheral Component Interconnect. A specification introduced by Intel that defines a local bus that allows up to 10 PCI-compliant expansion cards to be plugged into the computer. One of these 10 cards must be the PCI controller card, but the others can include a video card, network interface card, SCSI interface, or any other basic input/output function. The PCI controller exchanges information with the computer’s processor as 32- or 64-bits and allows intelligent PCI adapters to perform certain tasks concurrently with the main processor by using bus mastering techniques. PCMCIA Abbreviation for PC Memory Card International Association. Expansion cards developed for this standard are now called PC Cards. peer-to-peer network Network where the computers act as both workstations and servers and where there is no centralized administration or control. Pentium The Pentium represents the evolution of the 80486 family of microprocessors and adds several notable features, including 8K instruction code and data caches, built-in floating-point processor and memory management unit, as well as a superscalar design and
peripheral Any hardware device attached to and controlled by a computer, such as a monitor, keyboard, hard disk, floppy disk, CD-ROM drives, printer, mouse, tape drive, and joystick. Peripheral Component Interconnect See PCI. permanent swap file A permanent swap file allows Microsoft Windows to write information to a known place on the hard disk, which enhances performance over using conventional methods with a temporary swap file. The Windows permanent swap file consists of a large number of consecutive contiguous clusters; it is often the largest single file on the hard disk, and of course this disk space cannot be used by any other application. PFA (Predictive Failure Analysis) The use of software and hardware tools to create an objective opinion and prediction as to the life cycle of a computer component. PGA (Pin Grid Array) A type of IC package that consists of a grid of pins connected to a square, flat package.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
photosensitive drum
See EP drum.
physical disk A disk that exists within or attached to a computer; hardware. Physical layer The first and lowest of the seven layers in the International Organization for Standardization’s Open Systems Interconnection (ISO/OSI) model for computer-to-computer communications. The Physical layer defines the physical, electrical, mechanical, and functional procedures used to connect the equipment. physical topology How the cables on a network are physically arranged. Possible configurations include star, ring, mesh, and hybrid topologies. pickup roller Pin Grid Array
See paper pickup roller. See PGA (Pin Grid Array).
PING Packet Internet Groper utility, a command-line utility used to see if another host on the network is reachable and responsive. It works by sending out packets to another host on the network and waits for a reply. PING of death A DoS attack in which a large ICMP packet is sent to overflow a remote host’s buffer, which causes the remote host to reboot or hang. plan maintenance The process of revisiting a created plan to add updates, repair known problem areas, or adjust the listed procedures as seen fit. planar board
See motherboard.
platform An operating system (OS) is the basic software that runs on a computer, and it
625
is the base on which all other software sits. As such the OS is the “platform” that applications and utilities run on. Plug and Play (PnP) A standard that defines automatic techniques designed to make PC configuration simple and straightforward. Point-to-Point Protocol (PPP) The protocol used with dial-up connections to the Internet. Its functions include error control, security, dynamic IP addressing, and support for multiple protocols. POP POST
See Post Office Protocol. See power on self-test (POST).
Post Office Protocol v 3 (POP3) POP3 is used to accept and store e-mail and to allow users to connect to their mailbox and access their mail. SMTP is used to send mail to the POP3 server. PostScript A page-description language used when printing high-quality text and graphics. Desktop publishing or illustration programs that create PostScript output can print on any PostScript printer or imagesetter, because PostScript is hardware-independent. An interpreter in the printer translates the PostScript commands into commands that the printer can understand. potentiometer
See variable resistor.
power on self-test (POST) A set of diagnostic programs, loaded automatically from ROM BIOS during startup, designed to ensure that the major system components are present and operating. If a problem is found, the POST
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
626
Glossary
software writes an error message in the screen, sometimes with a diagnostic code number indicating the type of fault located. These POST tests execute before any attempt is made to load the operating system.
Standardization’s Open Systems Interconnection (ISO/OSI) model for computer-to-computer communications. The Presentation layer defines the way that data is formatted, presented, converted, and encoded.
power spike A sudden and brief surge in electrical current.
preventative maintenance The process of performing various procedures on a computer to prevent future data loss or system downtime.
power supply A part of the computer that converts the power from a wall outlet into the lower voltages, typically 5 to 12 volts DC, required internally in the computer. power surge A brief but sudden increase in line voltage, often destructive, usually caused by a nearby electrical appliance (such as a photocopier or elevator) or when power is reapplied after an outage. power users A power user is someone who either does administrative-level tasks on their machine or needs to have additional access to the system to do their work. The Power Users group on a Windows 2000 Professional station has abilities somewhere between normal users and administrators. preemptive multitasking A form of multitasking where the operating system executes an application for a specific period of time, according to its assigned priority and need. At that time, it is preempted and another task is given access to the CPU for its allocated time. Although an application can give up control before its time is up, such as during input/ output waits, no task is ever allowed to execute for longer than its allotted time period. Presentation layer The sixth of seven layers of the International Organization for
primary DOS partition In DOS, a division of the hard disk that contains important operating system files. A DOS hard disk can be divided into two partitions, or areas: the primary DOS partition and the extended DOS partition. If you want to start your computer from the hard disk, the disk must contain an active primary DOS partition that includes the three DOS system files: MSDOS.SYS, IO.SYS, and COMMAND.COM. The primary DOS partition on the first hard disk in the system is referred to as drive C. Disk partitions are displayed, created, and changed using the FDISK command. print consumables Products that a printer uses in the print process that must be replaced occasionally. Examples include toner, ink, ribbons, and paper. printed-circuit board (PCB) Any flat board made of plastic or fiberglass that contains chips and other electronic components. Many PCBs are multilayer boards with several different sets of copper traces connecting components together. printer control assembly Large circuit board in the printer that converts signals from the computer into signals for the various parts in the laser printer.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
printer ribbon A fabric strip that is impregnated with ink and wrapped around two spools encased in a cartridge. This cartridge is used in dot-matrix printers to provide the ink for the print process. printhead That part of a printer that creates the printed image. In a dot-matrix printer, the printhead contains the small pins that strike the ribbon to create the image, and in an ink-jet printer, the printhead contains the jets used to create the ink droplets as well as the ink reservoirs. A laser printer creates images using an electrophotographic method similar to that found in photocopiers and does not have a printhead. print media Another name for the mediums being printed on. Examples include paper, transparencies, and labels. product key Software piracy is a serious problem in the industry, so many programs include a product key that must be typed in for the software to install properly. This key is then submitted if the user registers for technical support. productivity tools Any of a number of applications users depend on to do job-related tasks. Word processors and spreadsheets are common examples, but most companies have additional productivity tools as well. Program Groups
See group icons.
Program Manager Group (GRP) Files Files in the Windows 3.x directories that store information about which application icons are contained in which group icons.
627
Program Manager The primary interface to Windows that allows you to organize and execute numerous programs by double-clicking an icon in a single graphical window. programmable read-only memory (PROM) A memory chip to which data can be written only once. Data is written to a PROM chip with a device called a PROM programmer or PROM burner. proprietary design A motherboard design that is unique to a particular manufacturer and is not licensed to other manufacturers. protected mode A processor operating mode where every program’s memory is protected from every other program so that if one program crashes, it doesn’t bring down the other programs. protocol In networking and communications, the specification that defines the procedures to follow when transmitting and receiving data. Protocols define the format, timing, sequence, and error-checking systems used. protocol stack In networking and communications, the several layers of software that define the computer-to-computer or computerto-network protocol. The protocol stack on a Novell NetWare system will be different from that used on a Banyan VINES network or on a Microsoft LAN Manager system. protocol switching A firewall method by which the communication protocol used in the private network is switched to another protocol in a dead zone and then switched to TCP/ IP protocol on its way to the public network.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
628
Glossary
proxy servers A server that performs tasks on behalf of the private network. In using a proxy server, you are protecting the private IP addresses of the internal network. Only the address of the proxy server is given out onto the public network.
RAID Redundant Array of Inexpensive (or Independent) Disks. RAID refers to a system setup that uses multiple drives and writes data across all disks in a predefined order. RAID is based on levels and data being mirrored or striped.
PS/2 mouse interface A type of mouse interface that uses a round, DIN-6 connector that gets its name from the first computer it was introduced on, the IBM PS/2.
RAM Acronym for random access memory. The main system memory in a computer, used for the operating system, application programs, and data.
puck The proper name for the mouse-like device used with drawing tablets.
RAM disk An area of memory managed by a special device driver and used as a simulated disk. Anything stored on a RAM disk will be erased when the computer is turned off, so the contents must be saved onto a real disk.
QSOP (Quad Small Outline Package) A type of IC package that has all leads soldered directly to the circuit board. Also called a “surface mount” chip.
Rambus Inline Memory Modules (RIMMs) A type of memory module that uses Rambus memory. See Direct Rambus.
Queue A temporary holding structure in which values can be stored until needed. Queues are organized in such a way that the first item received is also the first item addressed. Queues are used in printers.
random access memory
Quick-and-Dirty Disk Operating System (QDOS) Created by Tim Patterson of Seattle Computer Products, QDOS was the basis of MS-DOS. QDOS was purchased by Microsoft and renamed MS-DOS. Rack A storage structure to which components can be bolted for security. Typical racks are 19" wide. radio frequency interference (RFI) Many electronic devices, including computers and peripherals, can interfere with other signals in the radio-frequency range by producing electromagnetic radiation; this is normally regulated by government agencies in each country.
See RAM.
rasterizing The process of converting signals from the computer into signals for the various assemblies in the laser printer. readme file a basic text document created by a product manufacturer, which contains information on a specific product. Readme files often contain last minute changes and important information regarding the operation of the product. read-only memory memory).
See ROM (read-only
read/write head That part of a floppy- or hard-disk system that reads and writes data to and from a magnetic disk.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
629
real mode A processor operating mode whereby a processor emulates an 8086 processor.
have an individual password and user account for authentication.
recordable DVD An optical device that records to Digital Video Discs.
remote notification If network performance or environmental conditions exceed preset limits, alerts can be sent by e-mail, beeper, or directly to the administrator’s screen.
Red Hat Linux A flavor of the Linux operating system. Redundancy Using more than one device within a computer. Should one device fail then the redundant device will take over until the primary device is repaired or replaced. reference disk A special disk that is bootable and contains a program that is able to send special commands to MCA bus devices to configure their parameters. refresh rate In a monitor, the rate at which the phosphors that create the image on the screen are recharged. registration roller roller.
See paper registration
Registry The Registry is used in Windows 9x, NT, and 2000 to store configuration information about the machine. This includes information about both individual user settings and global system settings. REM statement A command placed in the beginning of a line in a DOS batch file to prevent that line from executing. remote access Network connections from offsite locations, through either dial-in or dedicated high-speed lines. Remote access poses special security threats. Depending on your operating system, you can set specific limits on access. Each user logging in remotely should
removable mass storage Any high-capacity storage device inserted into a drive for reading and writing, then removed for storage and safekeeping. removable media Any storage media that can be removed from the system. repeater In networking, a simple hardware device that moves all packets from one local area network segment to another. reserved memory In DOS, a term used to describe that area of memory between 640K and 1MB, also known as upper memory. Reserved memory is used by DOS to store system and video information. resistor An electronic device used to resist the flow of current in an electrical circuit. See also fixed resistor and variable resistor. resistor pack A combination of multiple resistors in a single package. Often used for terminating SCSI buses. resource Anything on a network that clients might want to access or use. restore The process of getting data from a backup restored to the computer it originally came from. RFI
See radio frequency interference (RFI).
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
630
Glossary
rheostat
See variable resistor.
ribbon cartridge The container that holds the printer ribbon. ring topology Type of physical topology in which each computer connects to two other computers, joining them in a circle and creating a unidirectional path where messages move from workstation to workstation. Each entity participating in the ring reads a message, regenerates it, and then hands it to its neighbor. RJ-11/RJ-45 A commonly used modular telephone connector. RJ-11 is a four- or six-pin connector used in most connections destined for voice use; it is the connector used on phone cords. RJ-45 is the eight-pin connector used for data transmission over twisted-pair wiring and can be used for networking; RJ-45 is the connector used on 10Base-T Ethernet cables. RLL encoding encoding.
See run-length limited (RLL)
ROM (read-only memory) A type of computer memory that retains its data permanently, even when power is removed. Once the data is written to this type of memory, it cannot be changed. root directory In a hierarchical directory structure, the directory from which all other directories must branch. The root directory is created by the FORMAT command and can contain files as well as other directories. This directory cannot be deleted. router In networking, an intelligent connecting device that can send packets to the correct local area network segment to take them to
their destination. Routers link local area network segments at the network layer of the International Organization for Standardization’s Open Systems Interconnect (ISO/OSI) model for computer-to-computer communications. Routing Information Protocol (RIP) for IPX A distance-vectoring route-discovery protocol used by IPX. It uses hops and tics to determine the cost for a particular route. The path with the fewest hops (each router involved in a path is one hop) is used when sending data. RS-232-C In asynchronous transmissions, a recommended standard interface established by the Electrical Industries Association. The standard defines the specific lines, timing, and signal characteristics used between the computer and the peripheral device and uses a 25pin or 9-pin DB connector. RS-232-C is used for serial communications between a computer and a peripheral such as a printer, modem, digitizing tablet, or mouse. RS-232 cables
See serial cables.
RS-422/423/449 In asynchronous transmissions, a recommended standard interface established by the Electrical Industries Association for distances greater than 50 feet but less than 1000 feet. The standard defines the specific lines, timing, and signal characteristics used between the computer and the peripheral device. RTS Abbreviation for request to send. A hardware signal defined by the RS-232-C standard to request permission to transmit. run-length limited (RLL) encoding An efficient method of storing information on a hard
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
disk that effectively doubles the storage capacity of a disk when compared to older, less efficient methods such as modified frequency modulation encoding (MFM). SAN (storage area network) Provides a link for multiple users to a mass storage location. Large corporations that prefer to centralize their data commonly use SANs. This assists in data safety and backups because all the file servers can be housed in a secure building with limited access. SANs normally use high-speed links such as fiber optics to communicate with their storage facilities. Safe Mode A Windows 9x operating mode that only loads a basic set of drivers and a basic screen resolution. It can be activated using the F8 key at boot time. Sbackup A backup utility provided in Novell NetWare versions 3 and 4. scanner An optical device used to digitize images such as line art or photographs, so that they can be merged with text by a page-layout or desktop publishing program or incorporated into a CAD drawing. screen saver Program originally designed to prevent damage to a computer monitor from being left on too long. These programs usually include moving graphics so that no one pixel is left on all the time. Screen savers detect computer inactivity and activate after a certain period. SCSI Acronym for small computer system interface. A high-speed, system-level parallel interface defined by the ANSI X3T9.2
631
committee. SCSI is used to connect a personal computer to several peripheral devices using just one port. Devices connected in this way are said to be “daisy-chained” together, and each device must have a unique identifier or priority number. SCSI adapter Device that is used to manage all the devices on the SCSI bus as well as to send and retrieve data from the devices. SCSI address SCSI device.
A unique address given to each
SCSI bus Another name for the SCSI interface and communications protocol. SCSI chain All the devices connected to a single SCSI adapter. SCSI ID A unique number that identifies a SCSI device on a SCSI chain. Every device on a SCSI chain must have a unique SCSI ID. SCSI ID can be configured through jumpers on the device or through a software utility. SCSI terminator The SCSI interface must be correctly terminated to prevent signals echoing on the bus. Many SCSI devices have built-in terminators that engage when they are needed. With some older SCSI devices, you have to add an external SCSI terminator that plugs into the device’s SCSI connector. SCSI-1 High-speed parallel interface standard that supports up to eight devices both internal and external, and provides a generic interface for devices such as scanners, CDROMs, and other disks. SCSI-1 had a transfer speed of 5MBps.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
632
Glossary
SCSI-2 A SCSI interface that supports transfer rates of up to 10MBps. Supports drives of 3GB or more. sector The smallest unit of storage on a disk, usually 512 bytes. Sectors are grouped together into clusters. seek time Time it takes the actuator arm to move from rest position to active position for the read/write head to access the information. Often used as a performance gauge of an individual drive. The major part of a hard disk’s access time is actually seek time. semiconductors Any material that, depending on some condition, is either a conductor or nonconductor. serial cables Cables used for serial communications. See serial communications. serial communications The transmission of information from computer to computer or from computer to a peripheral, one bit at a time. Serial communications can be synchronous and controlled by a clock or asynchronous and coordinated by start and stop bits embedded in the data stream. serial mouse A mouse that attaches directly to one of the computer’s serial ports. serial port A computer input/output port that supports serial communications in which information is processed one bit at a time. RS-232-C is a common serial protocol used by computers when communicating with modems, printers, mice, and other peripherals. serial printer A printer that attaches to one of the computer’s serial ports.
server In networking, any computer that makes access to files, printing, communications, or other services available to users of the network. In large networks, a server may run a special network operating system; in smaller installations, a server may run a personal computer operating system. service pack A Microsoft term for an operating system update distributed to repair known issues as well as to update features. Novell uses the term consolidated support pack for its collection of patches and fixes. Sun Microsystems provides Patch Clusters for its operating system. server uptime A measure of the time that a server has been successfully operating since its last shutdown. service A service is any program that runs in the background on a computer and performs some sort of task for that computer or other machines on the network. Session layer The fifth of seven layers of the International Organization for Standardization’s Open Systems Interconnection (ISO/OSI) model for computer-to-computer communications. The Session layer coordinates communications and maintains the session for as long as it is needed, performing security, logging, and administrative functions. share name The share name is used to identify a network access point. Share names can be the same as the directory they are sharing or they can be different. shell Every operating system needs to have some sort of interface that allows users to
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
navigate the system. The shell is the program that controls how this interface works. For MSDOS, the Windows Program Manager was its most popular shell. For Windows 9x and 2000, Explorer (explorer.exe) is the standard shell program. shielded twisted-pair twisted-pair).
See STP (shield
single-ended (SE) A communication method used by SCSI devices. Most SCSI devices use normal SE signaling, which limits the maximum length of a SCSI bus to 1.5m (4.9'). This includes most 50-pin (narrow) SCSI devices such as scanners and Zip drives. Single Inline Memory Module (SIMM) Individual RAM chips are soldered or surface mounted onto small narrow circuit boards called carrier modules, which can be plugged into sockets on the motherboard. These carrier modules are simple to install and occupy less space than conventional memory modules. Single Inline Package (SIP) A type of semiconductor package where the package has a single row of connector pins on one side only. single mode A fiber optic transmission method that used a laser as the light source. single-purpose server A server that is dedicated to one purpose (e.g., a file server or a printer server). site license A software license that is valid for all installations at a single site. Slackware Slackware is a free version of Linux created by Patrick Volkerding.
633
slave drive The secondary drive in a IDE master/slave disk configuration. slot A motherboard receptacle into which compatible expansion cards or processors can be inserted. small computer system interface
See SCSI.
SMART (Self-Monitoring Analysis and Reporting Technology) A drive technology that monitors its own performance and warns the operating system (and user) of possible future failure. Smart card A plastic card (similar in size to a credit card) that has memory for storing information and possibly an embedded microprocessor. These cards are preprogrammed and can provide access to a secure location and also can electronically monitor access. SMTP (Simple Mail Transfer Protocol) An Application level protocol used to send e-mail messages from one mail server to another. When you configure your e-mail application, you have to specify the SMTP server that your e-mail application will be sending mail to. SNMP (Simple Network Management Protocol) A set of protocols used for collecting information about a network. SNMP agents are network devices such as computers, routers, and bridges that gather information about themselves and return the information to a system running an SNMP management program.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
634
Glossary
socket services Part of the software support needed for PCMCIA hardware devices in a portable computer, controlling the interface to the hardware. Socket services is the lowest layer in the software that manages PCMCIA cards. It provides a BIOS-level software interface to the hardware, effectively hiding the specific details from higher levels of software. Socket services also detect when you insert or remove a PCMCIA card and identify the type of card it is. socket A motherboard receptacle into which a compatible processor can be inserted. Some motherboard designs use slots instead, and you need to match the chip to the motherboard. (A second meaning of socket is a Unix term for a software object that connects an application to a network protocol.) software An application program or an operating system that a computer can execute. Software is a broad term that can imply one or many programs, and it can also refer to applications that may actually consist of more than one program. software driver Software that acts as the liaison between a piece of hardware and the operating system and allows the use of a component.
source All computer programs—operating system or application—are nothing but a collection of program code. This is the source code or “source” that defines what a program is and how it works. The open source movement is involved with allowing you to see and even modify this code. spin speed An indication of how fast the platters on a fixed disk are spinning. spindle The rod that platters are mounted on to in a hard disk drive. spool file A file used to temporarily store data for later processing (usually for printing). Also called a queue. spooling Writing data to a queue (spool file) for later processing. This allows the computer to continue its normal operations. SPS (standby power supply) A power backup device that will provide battery power to a computer in the event of a power failure. SPS software provides additional features. A server should be protected by an SPS to prevent hard shutdowns. SRAM
software patch A small program created to repair or update a program. Software patches are normally installed through an executable file but can also be installed manually or copied over existing files. solenoid An electromechanical device that, when activated, produces an instant push or pull force.
See static RAM (SRAM).
star topology A network design with a central connectivity device (hub, switch, or MAU) to which all other devices connect. start/stop cycle Every time power is applied to a hard disk, the platters spin up to their set RPM. This process creates a cushion of air that then lifts up the read/write heads off of the surface of the platter. When the power is shut down, the air cushion is lost and the heads fall back down to rest on the platters. Every time
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
635
this start/stop cycle occurs, some wear is applied to the platters. Normally a hard disk will have a minimum of 30,000 to 50,000 start/ stop cycles in its lifetime.
from the paper after the toner has been transferred to the paper.
ST506 interface A popular hard-disk interface standard developed by Seagate Technologies, first used in IBM’s PC/XT computer and still popular today, with disk capacities smaller than about 40MB. ST506 has a relatively slow data transfer rate of 5 megabits per second.
stepper motor A very precise motor that can move in very small increments. Often used in printers.
stack Another name for the memory map, or the way memory is laid out. standard peripheral power connector Type of connector used to power various internal drives. Also called a Molex connector. star network A network topology in the form of a star. At the center of the star is a wiring hub or concentrator, and the nodes or workstations are arranged around the central point representing the points of the star. start bit In asynchronous transmissions, a start bit is transmitted to indicate the beginning of a new data word. Start menu As the main focus of the Windows 9x/NT/2000 user interface, the Start menu allows program shortcuts to be placed for easy and organized access. static RAM (SRAM) A type of computer memory that retains its contents as long as power is supplied. It does not need constant refreshment like dynamic RAM chips. static-charge eliminator strip The device in EP process printers that drains the static charge
static strap
See ESD wrist strap.
stepping Stepping is similar to version numbers: as updates are made to chips, the version numbers change. You’ll want to consider processor stepping particularly when upgrading a single processor system to a multiprocessor one. Mixing processor steppings does not always work well. One stepping (revision) between CPUs is acceptable. stop bit(s) In asynchronous transmissions, stop bits are transmitted to indicate the end of the current data word. Depending on the convention in use, one or two stop bits are used. STP (shield twisted-pair) Cabling that has a braided foil shield around the twisted pairs of wire to decrease electrical interference. stylus A pen-like pointing device used in penbased systems and personal digital assistants. subnet mask The subnet mask is a required part of any TCP/IP configuration, and it is used to define which addresses are local and which are on remote networks. Sun Solaris A Unix-based operating environment created by Sun Microsystems. superscalar
See parallel processing.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
636
Glossary
SuperVGA (SVGA) An enhancement to the Video Graphics Array (VGA) video standard defined by the Video Electronics Standards Association (VESA). surface mount See Quad Small Outline Package (QSOP). surge protector A device that protects sensitive equipment from electrical surges or spikes through the use of a breaker. surge suppressor Also known as a surge protector. A regulating device placed between the computer and the AC line connection that protects the computer system from power surges. SVGA
See SuperVGA (SVGA).
swap file On a hard disk, a file used to store parts of running programs that have been swapped out of memory temporarily to make room for other running programs. A swap file may be permanent, always occupying the same amount of hard disk space even though the application that created it may not be running, or is temporary, only created as and when needed. swipe card Digitally-encoded card used to control access to a restricted area. Access can be granted or denied, as well as monitored. switch Often referred to as an intelligent hub. The benefit of a switch over a hub is that a switch will read the information coming inbound and, based on the address located in the data header, the switch will send the information out on the receiving addressed port. This eliminates the network wide propagation that occurs with a hub.
switchbox A device that allows the user to manually or automatically switch between two or more devices. An economical alternative to a KVM, switchboxes work well for monitors. SYN flood A denial of service attack in which the hacker sends a barrage of SYN packets. The receiving station tries to respond to each SYN request for a connection, exhausting all the server resources. All incoming connections are rejected until all current connections can be established. synchronization The timing of separate elements or events to occur simultaneously. 1. In a multimedia presentation, synchronization ensures that the audio and video components are timed correctly, so they actually make sense. 2. In computer-to-computer communications, the hardware and must be synchronized so that file transfers can take place. 3. The process of updating files on both a portable computer and a desktop system so that they both have the latest versions is also known as synchronization. synchronous DRAM A type of DRAM memory module that uses memory chips synchronized to the speed of the processor. synchronous transmission In communications, a transmission method that uses a clock signal to regulate data flow. Synchronous transmissions do not use start and stop bits. syntax Syntax is a term used to describe the proper way of forming a text command for entry into the computer. Many commands have a number of different options, each of which requires a particular format.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
Syscon A command line utility used to control a NetWare 3.x server, especially for user administration of the Bindery (configuration, trust, login, and account information). system attribute Attribute of DOS that is used to tell the OS that this file is needed by the OS and should not be deleted. Marks a file as part of the operating system and will also protect the file from deletion. system board The sturdy sheet or board to which all other components on the computer are attached. These components consist of the CPU, underlying circuitry, expansion slots, video components, and RAM slots, just to name a few. Also known as a logic board, motherboard, or planar board. system disk A disk that contains all the files necessary to boot and start the operating system. In most computers, the hard disk is the system disk; indeed, many modern operating systems are too large to run from floppy disk.
637
utility programs, as distinct from an application program. Systems Management Server (SMS) Microsoft server software used to manage network resources; includes wake-on-LAN capability. tabs On many windows you will find that, to save space, a single window will have many tabs, each of which can be selected to display particular information. tape cartridge A self-contained tape storage module, containing tape much like that in a video cassette. Tape cartridges are primarily used to back up hard disk systems. tape drive Removable media drive that uses a tape cartridge that has a long polyester ribbon coated with magnetic oxide and wrapped around two spools with a read/ write head in between. Tar A Unix backup utility included in the operating system. (Short for Tape ARchive.)
SYSTEM.INI In Microsoft Windows, an initialization file that contains information on your hardware and the internal Windows operating environment.
target Another name for the backup media, it is the destination for the data being backed up. It is usually a tape drive or other backup device.
System Monitor A Windows 2000 utility that monitors current system performance through the use of counters.
taskbar The area of the Windows 9x/NT/ 2000 interface which includes the Start button and the System Tray, as well as icons for any open programs.
system resources On a Windows 3.x or 95/98 machine, the system resources represent those components of the PC that are being used (memory, CPU, etc.). system software The programs that make up the operating system, along with the associated
TCP/IP Acronym for Transmission Control Protocol/Internet Protocol. A set of computerto-computer communications protocols that encompass media access, packet transport, session communications, file transfer, e-mail,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
638
Glossary
and terminal emulation. TCP/IP is supported by a very large number of hardware and software vendors and is available on many different computers from PCs to mainframes. technical support CD A compact disc provided by a product manufacturer, which contains product support, updates, and/or product patches/fixes. Telnet A protocol that functions at the Application layer of the OSI Model providing terminal emulation capabilities. temporary swap file A swap file that is created every time it is needed. A temporary swap file will not consist of a single large area of contiguous hard disk space, but may consist of several discontinuous pieces of space. By its very nature, a temporary swap file does not occupy valuable hard disk space if the application that created it is not running. In a permanent swap file the hard disk space is always reserved and is therefore unavailable to any other application program. terminal A monitor and keyboard attached to a computer (usually a mainframe), used for data entry and display. Unlike a personal computer, a terminal does not have its own central processing unit or hard disk. Terminate and Stay Resident (TSR) A DOS program that stays loaded in memory, even when it is not actually running, so that you can invoke it very quickly to perform a specific task. Termination The use of a resistor at the end of a cable to prevent signals from bouncing back on the wire. Terminators are used in SCSI chains as well as coaxial cable networks.
terminator A device attached to the last peripheral in a series or the last node on a network. A resistor is placed at both ends of a coax Ethernet cable to prevent signals from reflecting and interfering with the transmission. text mode A video display mode for a video card that allows it to only display text. When running DOS programs, a video card is in text mode. thermal printer A nonimpact printer that uses a thermal printhead and specially treated paper to create an image. thick Ethernet Connecting coaxial cable used on an Ethernet network. The cable is 1 cm (approximately 0.4") thick and can be used to connect network nodes up to a distance of approximately 3300 feet. Thick Ethernet is primarily used for facility-wide installations. Also known as 10Base5. thin Ethernet Connecting coaxial cable used on an Ethernet network. The cable is 5 mm (approximately 0.2") thick, and can be used to connect network nodes up to a distance of approximately 1000 feet. Thin Ethernet is primarily used for office installations. Also known as 10Base2. thrashing A slang term for the condition that occurs when Windows must constantly swap data between memory and hard disk. The hard disk spins continuously during this and makes a lot of noise. threshold An attribute level that is set as a cut-off point between significant (critical) and nonsignificant events or conditions. These might include temperature, electrical current, CPU load, RAM use, and free hard disk space.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
token passing A media access method that gives every NIC equal access to the cable. The token is a special packet of data that is passed from computer to computer. Any computer that wants to transmit has to wait until it has the token, at which point it can add its own data to the token and send it on. Token Ring network A local area network with a ring structure that uses token-passing to regulate traffic on the network and avoid collisions. On a Token Ring network, the controlling computer generates a “token” that controls the right to transmit. This token is continuously passed from one node to the next around the network. When a node has information to transmit, it captures the token, sets its status to busy, and adds the message and the destination address. All other nodes continuously read the token to determine if they are the recipient of a message; if they are, they collect the token, extract the message, and return the token to the sender. The sender then removes the message and sets the token status to free, indicating that it can be used by the next node in sequence. tolerance band Found on a fixed resistor, this colored band indicates how well the resistor holds to its rated value. toner Black carbon substance mixed with polyester resins and iron oxide particles. During the EP printing process, toner is first attracted to areas that have been exposed to the laser in laser printers and is later deposited and melted onto the print medium. toner cartridge The replaceable cartridge in a laser printer or photocopier that contains the
639
electrically charged ink to be fused to the paper during printing. topology A way of laying out a network. Can describe either the logical or physical layout. touch screen A special monitor that lets the user make choices by touching icons or graphical buttons on the screen. Tower A vertical computer case design. Tower style computers are the most common in use today. Tower of Hanoi A complex tape backup rotation used within a carefully planned and deployed strategy. To maintain the required history of file versions, a minimum of five media sets should be used in the weekly rotation schedule, or eight for a daily rotation scheme. Trace Log Windows Trace Logs Monitor continuously traces server changes and actions. This information is useful in locating the source of potential problems. If a program action is responsible for server stress, then the Trace Log will help you track the program’s utilization of server resources. Tracert Used to trace the path of a packet across a TCP/IP network. trackball An input device used for pointing, designed as an alternative to the mouse. tracks The concentric circle unit of hard disk division. A disk platter is divided into these concentric circles. transfer corona assembly The part of an EP process printer that is responsible for transferring
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
640
Glossary
the developed image from the EP drum to the paper. transfer step The step in the EP print process where the developed toner image on the EP drum is transferred to the print media using the transfer corona.
that combines the transmitting and receiving circuitry needed for asynchronous transmission over a serial line. Asynchronous transmissions use start and stop bits encoded in the data stream to coordinate communications rather than the clock pulse found in synchronous transmissions.
transistor Abbreviation for transfer resistor. A semiconductor component that acts like a switch, controlling the flow of an electric current. A small voltage applied at one pole controls a larger voltage on the other poles. Transistors are incorporated into modern microprocessors by the million.
UDP (user datagram protocol)
Transmission Control Protocol/Internet Protocol See TCP/IP.
Ultra DMA IDE Also known as ATA version 4 (ATA-4), it can transfer data at 33Mbps, so it is also commonly seen in motherboard specifications as Ultra DMA/33, Ultra 66, or UDMA.
Transport layer The fourth of seven layers of the International Organization for Standardization’s Open Systems Interconnection (ISO/ OSI) model for computer-to-computer communications. The Transport layer defines protocols for message structure and supervises the validity of the transmission by performing some error checking. Troubleshooting The methodical and systematic process of locating and repairing problems that occur. TSR
See Terminate and Stay Resident (TSR).
twisted-pair cable Cable that comprises two insulated wires twisted together at six twists per inch. In twisted-pair cable, one wire carries the signal and the other is grounded. Telephone wire installed in modern buildings is often twisted-pair wiring. UART Acronym for Universal Asynchronous Receiver/Transmitter. An electronic module
User Datagram Protocol UDP (User Datagram Protocol) is a Transport level transmission protocol that is similar to TCP but it does not provide reliable delivery of data between hosts.
Ultra 160 A SCSI 3 release, it is a parallel interface that uses a 16-bit wide bus, LVD signaling and termination, and has a maximum transfer speed of 160MBps. Ultra-3 SCSI This is the latest SCSI standard. Ultra-3, also called Ultra SCSI, supports data throughput of 20–40MBps. Ultra 320 SCSI Ultra 320 is the next generation of parallel SCSI interface. At one point it was called SCSI Ultra-4. It is a 16-bit wide bus that uses LVD signaling, LVD termination, a Centronics 68-pin connector, and has a transfer speed of 320MBps. uninstall To remove a program from a computer. This generally involves removing its configuration information from the Registry, its icons from the Start menu, and its program code from the file system.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
Universal Serial Bus
See USB.
Unix/Linux A 32-bit, multiuser, multitasking, portable operating system, Unix/Linux is by far the least expensive NOS. In many circles it is free for distribution or a nominal fee is charged. Due to its open architecture, it can then be reengineered to best meet your business needs. UnixWare An implementation of Unix System 5 released by Novell. UnixWare was obtained by SCO Linux from Novell in 1997. UnixWare provides interoperability with Novell based networks as well as being easy to administer and install. upgrading An updating process in which old programs, operating systems, and equipment are replaced by new. upper memory area See reserved memory area. upper memory block (UMB) Free areas of memory that can be used for loading drivers and programs into the upper memory area. Uptime A measure of time that a system is running without failure. Both hardware and software are evaluated by uptime. USB Acronym for Universal Serial Bus. A technology used to connect peripheral devices to a computer. Each USB channel will support 127 devices and has a total transfer rate of up to 12Mbps. USER.EXE Windows core component that allows a user to interact with Windows. It is the component responsible for interpreting keystrokes and mouse movements and sending
641
the appropriate commands to the other core components. user forum A website on the Internet, similar to a chat room, where people can share infomation on a particular topic. People can also post and reply to messages and surveys. Also see knowledge base. username In order to identify themselves on the network, each user must provide two credentials—a username and a password. The username says, “This is who I am,” and the password says, “And here’s proof!” Each username must be unique on the network and is generally used by only one person. user profiles In order to allow each user to customize their Windows experience, user profiles save a particular user’s desktop appearance and preferences so that when they log on, they will always have there own desktop, even if they share the machine with others. utility program A small program or set of small programs that support the operating system by providing additional services that the operating system does not provide. UTP Acronym for unshielded twisted-pair. A type of unshielded network cable that contains multiple conductors in pairs that are twisted around each other. vaccine An application program that removes and destroys a computer virus. The people who unleash computer viruses are often very accomplished programmers, and they are constantly creating new and novel ways of causing damage to a system. The antivirus and
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
642
Glossary
vaccine programmers do the best they can to catch up, but they must always lag behind to some extent. vacuum tube Electronic component that is a glorified switch. A small voltage at one pole switches a larger voltage at the other poles on or off. variable resistor A resistor that does not have a fixed value. Typically the value is changed using a knob or slider.
colors. In contrast, a digital display can only resolve a finite range of shades or colors. video adapter An expansion board that plugs into the expansion bus in a DOS computer and provides for text and graphics output to the monitor. The adapter converts the text and graphic signals into several instructions for the display that tell it how to draw the graphic. Video Graphics Array
verification In the context of backup security, verification compares the original data and the data copy on the media to ensure that they are the same. This feature is built into comprehensive backup software. version Each time that computer software is modified, new features are added and old problems are, hopefully, fixed. To tell these modified programs apart, computer programmers use versions. These are incremented by one digit (for example, from 1.0 to 2.0) for major revisions, or by a tenth of a digit (for example, from 2.0 to 2.1) for minor modifications. Higher version numbers mean newer versions. VGA Acronym for Video Graphics Array. A video adapter. VGA supports previous graphics standards, and provides several different graphics resolutions, including 640 pixels horizontally by 480 pixels vertically. A maximum of 256 colors can be displayed simultaneously, chosen from a palette of 262,114 colors. Because the VGA standard requires an analog display, it is capable of resolving a continuous range of gray shades or
See VGA.
video RAM (VRAM) Special-purpose RAM with two data paths for access, rather than just one as in conventional RAM. These two paths let a VRAM board manage two functions at once—refreshing the display and communicating with the processor. VRAM doesn’t require the system to complete one function before starting the other, so it allows faster operation for the whole video system. virtual memory A memory-management technique that allows information in physical memory to be swapped out to a hard disk. This technique provides application programs with more memory space than is actually available in the computer. True virtual-memory management requires specialized hardware in the processor for the operating system to use; it is not just a question of writing information out to a swap file on the hard disk at the application level. virus A program intended to damage your computer system without your knowledge or permission. A virus may attach itself to another program or to the partition table or the boot track on your hard disk. When a certain event occurs, a date passes, or a specific program
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
executes, the virus is triggered into action. Not all viruses are harmful; some are just annoying. virus protection suite Offers centralized protection and updates. The real benefit of a virus protection suite occurs when the time to update the virus definition comes. Virus protection suites are updated on the server, which then monitors the rest of the network. VL bus Also known as VL local bus. Abbreviation for the VESA local bus, a bus architecture introduced by the Video Electronics Standards Association (VESA), in which up to three adapter slots are built into the motherboard. The VL bus allows for bus mastering. VLAN (virtual local area network) A logical grouping of hosts on one or more LANs that allows communication to occur between hosts as if they were on the same physical LAN or segment. VLSI (Very Large Scale Integration) Technology used by chip manufacturers to integrate the functions of several small chips into one chip. volts
Unit of electrical potential.
VPN (virtual private network) A virtual private network (VPN) is similar to a dial-in connection in that it allows users to access their network remotely. The VPN connection is encrypted, and because all communication is encapsulated within the VPN protocol, users can access network resources through the VPN that they would otherwise be unable to see using standard TCP/IP connectivity. VRAM
See video RAM (VRAM).
643
VRM (voltage regulator module) A small card that is used in a multiprocessor motherboard in the empty processor slots until needed by additional processors. wait state A clock cycle during which no instructions are executed because the processor is waiting for data from a device or from memory. wake-on-LAN (WOL) Technology that allows an administrator to boot a machine at a remote location. After the machine is working, the administrator can perform maintenance tasks, such as backups and virus scans, during off hours. The network adapter maintains a very low power state even when the computer is powered off. The NIC then looks for special packets on the network indicating it should wake up the machine. WAN (wide area network) Network that expands LANs to include networks outside of the local environment and also to distribute resources across distances. warm boot Refers to pressing Control+Alt+ Delete to reboot the computer. This type of booting doesn’t require the computer to perform all of the hardware and memory checks that a cold boot does. weekly rotation A backup rotation schedule that involves using a dedicated backup media for each day of the week. wide area network network).
See WAN (wide area
Wide Ultra-2 SCSI This release provided LVD or HVD signaling, a 16-bit wide bus,
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
644
Glossary
transfer speeds of 80MBps, and LVD or HVD termination; it used a Centronics 68-pin connector. window In a graphical user interface, a rectangular portion of the screen that acts as a viewing area for application programs. Windows can be tiled or cascaded and can be individually moved and sized on the screen. Some programs can open multiple document windows inside their application window to display several word processing or spreadsheet data files at the same time. Windows 95 Windows 95 is a 32-bit, multitasking, multithreaded operating system capable of running DOS, Windows 3.1, and Windows 95 applications; supports Plug and Play (on the appropriate hardware); and adds an enhanced FAT file system in the Virtual FAT, which allows long filenames of up to 255 characters while also supporting the DOS 8.3 file-naming conventions. Windows 98 The home PC operating system released by Microsoft, as the successor to their popular Windows 95 operating system. Basically the same as Windows 95, it offers a few improvements. For example, Windows 98 improves upon the basic “look and feel” of Windows 95 with a “browser-like” interface. It also contains bug-fixes and can support two monitors simultaneously. In addition to new interface features, it includes support for new hardware, including Universal Serial Bus devices. Windows 2000 Windows operating system that incorporates the “look and feel” of Windows 9x with the power of Windows NT. Windows Desktop
See Desktop.
Windows Installer A new method Microsoft is using to allow users to customize their application installations more easily. The Windows Installer also makes it easier for users to install approved software on secured workstations and can automatically repair damaged installs. Windows Internet Name Service (WINS) WINS provides a database for the storage and retrieval of NetBIOS computer names. Each client must register with the WINS server to be able to be added to and query the database. Windows NT A 32-bit multitasking portable operating system developed by Microsoft. Windows NT is designed as a portable operating system, and initial versions ran on Intel 80386 (or later) processors and RISC processors, such as the MIPS R4000 and the DEC Alpha. Windows Program Manager Windows 3.x file that contains all of the program icons, group icons, and menus used for organizing, starting, and running programs. WIN.INI File that contains Windows environmental settings that control the environment’s general function and appearance. WINIPCFG In Windows 9x, this is the utility that allows you to view your current TCP/IP configuration. It also allows a user to request a new IP configuration from a DHCP server. WinNuke An attack that is effective because of the way the Windows TCP/IP stack handles bad data in the TCP header. Instead of returning an error code, or rejecting the bad data, it sends the operating system to the blue screen of death. A security patch is available from Microsoft to fix this.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
Glossary
wizard Wizards are preprogrammed utilities that walk the user through a particular task. Each wizard generally includes a number of different pages, each of which allows you to enter information or choose particular options. At the finish of the wizard, the computer will then perform the requested task based on the information it has gathered. WLAN (wireless local area network) A local area network based on wireless technology. A base station sends and receives signals from each client station, each of which has a supported wireless transmission card. word The size of a word varies from one computer to another, depending on the CPU. For computers with a 16-bit CPU, a word is 16 bits (2 bytes). On large mainframes, a word can be as long as 64 bits (8 bytes). workgroup A group of individuals who work together and share the same files and databases over a local area network. Special groupware such as Lotus Notes coordinates the workgroup and allows users to edit drawings or documents and update the database as a group. working directory Programs that need to save temporary files or configuration data while they are running do so within their working directory. Users can also have a working directory to save their temporary files. workstation 1. In networking, any personal computer (other than the file server) attached to the network. 2. A high-performance computer optimized for applications such as computeraided design, computer-aided engineering, or scientific applications.
645
World Wide Web (WWW) This is the graphical extension of the Internet that features millions of pages of information accessed though the use of the Hypertext Transfer Protocol (HTTP). write-protect To prevent the addition or deletion of files on a disk or tape. Floppy disks have write-protect notches or small writeprotect tabs that allow files to be read from the disk, but prevent any modifications or deletions. Certain attributes can make individual files write-protected so they can be read but not altered or erased. write-protect tab The small notch or tab in a floppy disk that is used to write-protect it. writing step The step in the EP print process where the items being printed are written to the EP drum. In this step, the laser is flashed on and off as it scans across the surface of the drum. The area that the laser shines on is discharged to almost ground (−100 volts). x86 series The general name given to the Intel line of IBM-compatible CPUs. XGA Acronym for Extended Graphics Array. XGA is only available as a micro channel architecture expansion board; it is not available in ISA or EISA form. XGA supports resolution of 1024 horizontal pixels by 768 vertical pixels with 256 colors, as well as a VGA mode of 640 pixels by 480 pixels with 65,536 colors, and like the 8514/A, XGA is interlaced. XGA is optimized for use with graphical user interfaces, and instead of being very good at drawing lines, it is a bit-block transfer device designed to move blocks of bits like windows or dialog boxes.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com
646
Glossary
yearly rotation The yearly rotation builds on the monthly rotation. Along with having daily tapes for each weekday and weekly tapes for each Friday, you also keep the last tape from each month for a year. This allows you to go back daily for a week, weekly for a month, or monthly for a year. Z.E.N.works A family of directory-enabled system management products from Novell. Z.E.N.works supports Windows and NetWare clients. zero insertion force (ZIF) A type of processor socket where you don’t have to “snap” the chip into the socket. Rather, you simply set the chip into the ZIF socket and push a bar down to secure it.
zero wait state Describes a computer that can process information without wait states. A wait state is a clock cycle during which no instructions are executed because the processor is waiting for data from a device or from memory. ZIF socket Abbreviation for Zero Insertion Force socket. A specially designed chip socket which makes replacing a chip easier and safer. Zip A portable magnetic backup device created by the Iomega company. Zip drives hold large amounts of data (tens of gigabytes on one cartridge), the replacement cost of the media is reasonable, and in general the media are reliable.
Copyright ©2002 SYBEX, Inc., Alameda, CA
www.sybex.com