Remote Authentication Dial In User Service (RADIUS)

Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service.

1) On Windows 2008 R2 Server Network Policy Server (NPS) can be used as a Remote Authentication Dial-In User Service (RADIUS) server to perform authentication, authorization, and accounting for RADIUS clients. A RADIUS client can be an access server, such as a dial-up server or wireless access point, or a RADIUS proxy.  Different editions of Windows Server 2008 R2 offer different RADIUS server capabilities.

• Windows Web Server 2008 R2 does not include NPS.
• Windows Server 2008 R2 Standard supports NPS with a maximum of 50 RADIUS clients and 2 remote RADIUS server groups. Windows Server 2008 R2 Standard also does not support defining groups of RADIUS clients by specifying an IP address range.
• Windows Server 2008 R2 Enterprise and Windows Server 2008 R2 Datacenter support NPS without restrictions.

When NPS is used as a RADIUS server, it provides the following:

• A central authentication and authorization service for all access requests that are sent by RADIUS clients.
• A central accounting recording service for all accounting requests that are sent by RADIUS clients.
• Accounting requests are stored in a local log file or a Microsoft® SQL Server™ database for analysis.

2) RADIUS AAA Services.

• Authentication is the process of identifying an individual, usually based on a username and password. Authentication is based on the idea that each individual user will have unique information that sets him or her apart from other users.
• Authorization is the process of granting or denying a user access to network resources once the user has been authenticated through the username and password. The amount of information and the amount of services the user has access to depend on the user's authorization level.
• Accounting is the process of keeping track of a user's activity while accessing the network resources, including the amount of time spent in the network, the services accessed while there and the amount of data transferred during the session. Accounting data is used for trend analysis, capacity planning, billing, auditing and cost allocation.

WPA-PSK/WPA2-EAP with Windows Server 2008 R2

See this helpful video
WI-FI

The IP routing table

Every computer that runs TCP/IP makes routing decisions. These decisions are controlled by the IP routing table. To display the IP routing table on computers running Windows Server 2008R2 operating systems, you can type route print at a command prompt.

The following table shows an example of an IP routing table for a network adapter with the following configuration:

• IP address: 10.0.0.169
  
• Subnet mask: 255.0.0.0
  
• Default gateway: 10.0.0.1

The routing table is built automatically, based on the current TCP/IP configuration of your computer. Each route occupies a single line in the displayed table. Your computer searches the routing table for an entry that most closely matches the destination IP address.

The following sections describe each of the columns displayed in the IP routing table: network destination, netmask, gateway, interface, and metric.

• Network destination: The network destination is used with the netmask to match the destination IP address. The network destination can range from 0.0.0.0 for the default route through 255.255.255.255 for the limited broadcast, which is a special broadcast address to all hosts on the same network segment. 
• Netmask: The netmask is the subnet mask that is applied to the destination IP address when matching it to the value in the network destination.
• Gateway: The gateway address is the IP address that the local host uses to forward IP datagrams to other IP networks. This is either the IP address of a local network adapter or the IP address of an IP router (such as a default gateway router) on the local network segment. 
• Interface: The interface is the IP address that is configured on the local computer for the local network adapter that is used when an IP datagram is forwarded on the network. 
• Metric: A metric indicates the cost of using a route, which is typically the number of hops to the IP destination. Anything on the local subnet is one hop, and each router crossed after that is an additional hop. If there are multiple routes to the same destination with different metrics, the route with the lowest metric is selected.

Link

DHCP Lease Process

The first time that a  client (with DHCP enabled) attempts to join a network, it automatically follows an initialization process to obtain a lease from a DHCP server.

1. The DHCP client requests an IP address by broadcasting a message (known as a DHCPDiscover message) to the local subnet.
2. The client is offered an address when a DHCP server responds with a DHCPOffer message containing an IP address, and associated configuration information, available for lease to the client.
3. The client selects the offered address and replies to the server with a DHCPRequest message. Alternatively, the DHCP client might request the IP address that was previously assigned.
4. The client is assigned the address, and the DHCP server sends an acknowledgment message (DHCPAck) approving the lease. Other DHCP option information, such as default gateway and DNS server addresses, might be included in the message.

After the client receives acknowledgment, it configures its TCP/IP properties using any DHCP option information in the DHCPAck message and completes the initialization of TCP/IP.

If no DHCP server responds to the client request, the client can proceed in one of two ways:

1. If APIPA is enabled, the client self-configures a unique IP address in the range 169.254.0.1 through 169.254.255.254.
2. If APIPA has been disabled, the client network initialization fails. The client continues to re-send DHCPDiscover messages in the background until it receives a valid lease from a DHCP server. The client makes four attempts to obtain a lease, one every five minutes.

Configuring Clients for Stateful or Stateless IPv6 Addressing

By default, IPv6 hosts perform stateless address auto configuration automatically.

•    In the DHCPv6 stateless mode clients use DHCPv6 to obtain only configuration options and not an IPv6 address. Stateless clients configure an IPv6 address through a non–DHCPv6-based mechanism, such as by exchanging Router Solicitation and Router Advertisement messages with neighboring routers.

•    In the DHCPv6 stateful mode, clients acquire both the IPv6 address as well as other network configuration parameters through DHCPv6.

Windows 8 Developer Preview downloads

You can get it from the following link:

http://dev.windows.com/

It will be available in x86 (32 or 64 bit) and there will be no activation required.

How DNS works

GlobalName Zones

The GlobalNames Zone is a new feature in Windows 2008 and R2 that provides single-label name resolution for large enterprise networks that do not deploy WINS and where using DNS name suffixes to provide single-label name resolution is not practical.
Today, numerous Microsoft customers deploy WINS technology and servers in their environment. WINS is an alternative name resolution protocol to DNS. It is an older service that uses NetBIOS over TCP/IP (NetBT). WINS and NetBT do not support IPv6 protocols. To help customers migrate to DNS for all name resolution the DNS Server role in Windows Server 2008 supports a special GlobalNames Zone (GNZ) feature.

Link