Fixing Windows XP Annoyances

With the fundamentals of Windows XP's networking features out of the way, we can now concentrate on the actual procedures used to accomplish several different tasks.

As explained earlier in this chapter, Windows is really only concerned with the connections directly attached to the computer, so building a network or connecting a computer to the Internet essentially involves hooking things up and then configuring the connections in the Network Connections window for each computer involved.

The Network Setup Wizard

The first page of the Network Setup Wizard explains that the wizard will set up a network for you, help you set up Internet connection sharing, install a firewall, and share files and printers. In fact, it will do none of these things; rather, it will simply ensure that some of the necessary protocols are installed and properly configured for the type of network to which you are attaching your computer.

In most cases, the Network Setup Wizard is not needed. However, if you're running into trouble configuring your network, it can't hurt to try it and see if it catches something you may've forgotten. Just answer the questions the best you can, and don't be afraid to choose Other on the "Select a connection method" page if the first two don't apply to your setup.

Note that if the Network Setup Wizard prompts you to create a setup disk for use on other computers, choose Just finish the wizard, as it will be of no use.

7.2.1 Building a Peer-to-Peer Workgroup

A peer-to-peer workgroup is comprised of two or more computers and the necessary networking hardware to connect them. Or, in broader terms:

Once you have all of the components, you can begin with the following procedure. Naturally, different types of hardware will require a modified procedure, but the methodology is the same.

  1. Plan your network by drawing a quick diagram similar to the ones shown in figures in this chapter.

  2. Install a network adapter in each computer, according to the instructions that accompany your hardware.

    A connection icon labeled Local Area Connection should appear in your Network Connections window for each installed adapter. See Section 7.1.3, earlier in this chapter, for details on working with these connections, checking their status, and so-on. If the icons don't show up, make sure Windows recognizes your network cards in Device Manager, as explained in Chapter 6, and doesn't report any problems with the devices.

  3. Next, hook up your cables. Nearly all network adapters, hubs, and switches have lights next to their RJ45 ports. When a cable is properly plugged in to both ends, the lights goes on. If the lights don't go on, you're either using the wrong type of cable, you've plugged the cable into the wrong port, or the cable is defective. Until the lights are lit, don't go any further. Hint: Use a different color cable for each computer to make troubleshooting easier. See the discussion of cabling, earlier in this chapter, for more information on the types of cables you'll need.

  4. Go to Control Panel System, choose the Computer Name tab, and click Network ID to run the Network Identification Wizard.

  5. Click Next on the first page, choose This computer is for home use and not part of a business network and click Next, and then click Finish.

  6. Next, click Change to open the Computer Name Changes window, as shown in Figure 7-8, and enter something for both the Computer name and Workgroup. The name you give to your workgroup should be the same for all computers on your local network, but the computer name must be different for each computer.

Figure 7-8. You'll need to open the Computer Name Changes dialog to identify your computer on your network.

  1. Click OK when you're done; if Windows informs you that you need to restart your computer, do so now. Repeat steps 4-6 for the other computers on your network.

  2. Your connection should now be active. Double-click the LAN or High-speed icon corresponding to the connection to your workgroup to display that connection's Status window, from where you can determine the IP address of your computer. See Section 7.1.3, earlier this chapter, for an explanation of IP addresses, as well as how and when to set them manually.

  3. The quickest way to test your connection is to use the Ping utility, which essentially sends small packets of information to another computer on your network, and reports on its success (if any).

    Go to Start Run, and type ping address, where address is the IP address of the other computer the one in which you're trying to connect. For example, from the computer at 192.168.0.2, you would type:

    ping 192.168.0.1

    If the network is working, the Ping transaction will be successful, and you'll get a result that looks like this:

    Pinging 192.168.0.1 with 32 bytes of data: Reply from 192.168.0.1: bytes=32 time=24ms TTL=53 Reply from 192.168.0.1: bytes=32 time=16ms TTL=53

    If you have more than two computers, you'll want to ping them all since the test only covers the specific machines involved. On the other hand, if you get this result:

    Pinging 192.168.0.1 with 32 bytes of data: Request timed out. Request timed out.

    it means that Ping never got a response from the other computer. A failed ping can mean that the connection to the computer you're using it's not working, the connection to the computer you're pinging is not working, or there's some other problem with the network.

  4. If your network is functioning, you can proceed to set up the various services you need, such as file and printer sharing (described in Chapter 8) and Internet Connection Sharing (described later in this chapter). Otherwise, look through the checklist in the following section for possible solutions to the problem you're having.

7.2.1.1 Troubleshooting a workgroup connection

The following tips should help you get around most of the common hurdles you'll encounter when setting up a LAN:

7.2.2 Connecting to the Internet

Although connecting to the Internet is really not any different than connecting to a workgroup, at least as far as Windows is concerned, you'll typically encounter different types of problems. The procedure to initiate an Internet connection varies with the type of connection you wish to establish:

If your connection doesn't fit neatly into one of the above categories, your setup may still be similar to one of the following sections anyway. Otherwise, you'll need to contact your service provider for specific instructions and software for Windows XP. Details on each of these connection types are as follows:

7.2.2.1 DSL, cable, or other high-speed connection with a static IP address

High-speed connections with static IP addresses are probably the easiest of the aforementioned connections to set up in Windows XP.

A static IP address means you have the same IP address every time you start your computer. If you're not sure if you have such a connection, check to see if your connection requires a username and password to log on; if so, you most likely have a PPPoE connection, described in the next section. Otherwise, proceed with these steps:

  1. Connect your network adapter directly to the device that supplies your Internet connection, whether it's a DSL adapter, a cable modem, or an Ethernet outlet in your wall.

  2. Open the Network Connections window, locate the connection icon corresponding to the network adapter plugged into your Internet connection, and rename it "Internet Connection." Then, right-click the newly named Internet Connection icon and select Properties.

  3. Under the General tab, make sure only the following entries are enabled (checked):

    • Client for Microsoft Networks

    • Internet Protocol (TCP/IP)

    If there are any other entries here, clear their checkmarks.

  4. Highlight Internet Protocol (TCP/IP) and click Properties. Click the Use the following IP address option and enter the IP address, subnet mask, default gateway, and preferred (primary) DNS server and alternate (secondary) DNS server addresses provided by your Internet service provider.

  5. Click OK, and then click OK again; the change should take effect immediately. Test your connection by loading a web page or using Ping (as described in the previous section).

If, after completing these steps, Windows ever prompts you to connect to the Internet, go to Control Panel Internet Options Connections tab, and select the Never dial a connection option.

7.2.2.2 DSL, cable, or other high-speed connection via PPPoE

PPPoE is used to establish temporary, dynamic-IP connections over high-speed Internet connections. If your Internet connection has a dynamic IP address, it means your Internet service provider assigns you a different IP address every time you connect to the Internet. The PPPoE (Point-to-Point Protocol over Ethernet) protocol facilitates this connection by sending your username and password to your provider.

If your ISP provides special software that connects to the Internet (such as Efficient Networks' truly awful Enternet 300 software or RASPPPoE), you can abandon it in favor of Windows XP's built-in support for PPPoE, explained here.

One of the differences between this type of connection and the static IP connection discussed in the previous section is that PPPoE connections must be initiated every time you start Windows or every time you wish to use the Internet, which is somewhat like using old-fashioned Dial-up connections (discussed in a subsequent section). Such connections are automatically disconnected when you shut down Windows.

If you have a PPPoE connection and you're using a router to share your Internet connection (explained later in this section), don't use this procedure. Instead, you'll need to enter your username and password into your router's configuration screen, as described in your router's documentation.

Here's how to set up a PPPoE connection in Windows XP:

  1. If you have PPPoE software (such as Enternet 300) installed, remove it from your system now. This is typically accomplished by going to Control Panel Add or Remove Programs. Refer to the documentation that came with said software for details.

  2. Open the Network Connection Wizard, as explained in Section 7.1.3, earlier in this chapter.

  3. Click Next to skip the introductory page, choose the Connect to the Internet option, and then click Next again.

  4. Choose the Set up my connection manually option, and click Next.

  5. Choose the Connect using a broadband connection that requires a user name and password option, and click Next.

  6. Type a name for this connection and click Next. A good choice is the name of your ISP, or just "DSL" or "cable."

  7. Enter your username and password, choose the desired options underneath (if you're not sure, turn them all on), and click Next.

  8. Click Finish to complete the wizard.

  9. To start the connection, double-click the icon you just created in the Network Connections folder. If you elected to create a desktop shortcut in the wizard, double-click the desktop icon.

  10. By default, a Connect dialog will appear at this point. Click Connect to initiate the connection.

Here are some tips for working with PPPoE connections.

7.2.2.3 Connection provided by a router or another computer via Internet Connection Sharing

If you're using Internet Connection Sharing, described later in this chapter, the setup for the clients (all the computers on your network, other than the one with the physical Internet connection) is a snap. This procedure is also appropriate if you're using a router to share an Internet connection.

This procedure assumes you've already set up the aforementioned shared Internet connection, as well as a properly-functioning peer-to-peer workgroup, as described in Section 7.2.1, earlier in this chapter.

Follow these steps to connect a computer to an existing shared Internet connection:

  1. Open the Network Connections window, right-click the connection icon corresponding to the network adapter plugged into your workgroup, and select Properties.

  2. Under the General tab, make sure at least the following entries are enabled (checked):

    • Client for Microsoft Networks

    • Internet Protocol (TCP/IP)

    Any other protocols and services enabled here should be left alone, as they may be needed for other purposes.

  3. Highlight Internet Protocol (TCP/IP) and click Properties.

  4. If you're not using fixed IP addresses on your LAN (which will be the most common case), select both the Obtain an IP address automatically and Obtain DNS server address automatically options, and click OK. Skip the next two steps, and proceed directly to step 7.

  5. Otherwise, if you've set up your network with fixed IP addresses such as 192.168.0.1, 192.168.0.1, and so on (explained in Section 7.1.2, earlier in this chapter), select the Use the following IP address option and enter the IP address you wish to assign the machine.

  6. Type 255.255.255.0 for the subnet mask.

  7. For the gateway, type the IP address of the computer hosting the shared Internet connection. If you're using a router to share your Internet connection, type the IP address of the router (refer to the instructions that came with the router for possible exceptions).

  8. Lastly, type the Preferred (primary) DNS server and Alternate (secondary) DNS server addresses provided by your Internet service provider. Click OK when you're done.

  9. Click OK, and then click OK again; the change should take effect immediately. Test your connection by loading a web page or using Ping (as described at the beginning of this chapter).

  10. If the connection doesn't work at this point, open the Network Setup Wizard, as described earlier in this chapter. Click Next on the first two pages, and choose the This computer connects to the Internet through another computer and click Next on the third page. Depending on your network configuration, the remaining pages will vary here; answer the questions the best you can and complete the wizard.

  11. If you're able to view some web sites but not others, and you're connecting to a shared Internet connection facilitated by PPPoE (described in the previous section), you may have to change the MTU setting. See Section 7.2.4, later in this chapter.

7.2.2.4 Dial-up connection, including analog modems over standard phone lines

Of the connection types listed here, Dial-up is the least expensive and probably still the most common. All you need is an ordinary analog modem, a standard telephone line, and a Dial-up account with an Internet service provider. You can have as many Dial-up connections configured at one time as you like, especially useful if you travel; just repeat these steps for each subsequent connection.

  1. Open the Network Connection Wizard, as explained in Section 7.1.3, earlier in this chapter.

  2. Click Next to skip the introductory page, choose the Connect to the Internet option, and then click Next again.

  3. Choose the Set up my connection manually option, and click Next.

  4. Choose the Connect using a dial-up modem option, and click Next.

  5. Type a name for this connection and click Next. A good choice is the name of your ISP, or just "Analog." If you're setting up multiple Dial-up connections, choose descriptive names, such as "On the road" and "At home."

  6. Enter the phone number for the connection, obtained by your service provider, and click Next.

    If your ISP provides two or more phone numbers, you have the option of creating multiple connections (one for each phone number), or creating a single connection that cycles through a list of phone numbers until a connection is established. If you choose the latter, you'll have the opportunity to enter additional phone numbers for the connection at the end of the procedure.

  7. Enter your username and password, choose the desired options underneath (if you're not sure, turn them all on), and click Next.

  8. Click Finish to complete the wizard.

  9. To start the connection, double-click the icon you just created in the Network Connections folder. If you elected to create a desktop shortcut in the wizard, double-click the desktop icon.

  10. By default, a Connect dialog will appear at this point. Click Dial to initiate the connection.

Here are some tips for working with Dial-up connections.

7.2.3 Sharing an Internet Connection

Naturally, it doesn't make much sense to invest in a separate Internet connection for each computer in your home or office. Instead, you can use one of several different methods to share a single Internet connection among any number of separate computers.

The first solution utilizes the Internet Connection Sharing feature built into Windows XP. If you used the ICS feature found in Windows 98 Second Edition or Windows Me, you'll find that the system in XP makes a lot more sense and is much easier to set up. The advantage to ICS is that it is free; no addition software or hardware is required, but it does have its limitations. Alternatives to ICS are discussed subsequently.

7.2.3.1 Setting up Internet Connection Sharing

ICS is a system by which a single computer with an Internet connection acts as a gateway, allowing all other computers in the workgroup to use its connection to access the Internet. The computer that is connected directly to the Internet is called the host; all the other computers are called clients.

In order to get ICS to work, you'll need the following:

If your Internet connection is accessed through a router or you've allocated multiple IP addreses, you don't need Internet Connection Sharing; see Section 7.2.3.3, later in this chapter, for details.

The first step in setting up ICS is to configure the host, the computer with the Internet connection that will be shared.

  1. Open the Network Connections window. If you haven't already done so, select Details from the View menu.

  2. Here, you should have at least two connections listed: one for your Internet Connection, and one for the Ethernet adapter connected to your LAN. If they're not there, your network is not ready. See the tips above for what you need, and try again.

    For clarity, I recommend renaming the two connections to "Internet Connection" and "Local Area Connection," respectively, as illustrated by Figure 7-5.

  3. Right-click the connection icon corresponding to your Internet connection, and select Properties. In most cases, it will be the Ethernet adapter connected to your Internet connection device.

    However, if you're using a DSL or cable connection that requires a login with a username or password, the icon to use is the Broadband connection icon corresponding to your PPPoE connection. See Section 7.2.2, earlier in this chapter, for further instructions.

  4. Choose the Advanced tab, and turn on the Allow other network users to connect through this computer's Internet connection option, as shown in Figure 7-9.

    (For more information on the Firewall option shown here, see Section 7.3.2, later in this chapter.)

  5. Click OK when you're done. Verify that Internet Connection Sharing is enabled; it should say "Enabled, Shared" in in the Type column of the Network Connections window, as shown in the example in Figure 7-5.

  6. That's it! The change will take effect immediately. Verify that the Internet connection still works on the host by attempting to open a web page. If the Internet connection doesn't work on the host, it definitely won't work on any of the clients.

Figure 7-9. Any Internet connection can be shared with other computers in your workgroup.

The next step is to configure each of the client computers to use the shared connection. The only requirements of the client machines are that they are running an operating system that supports networking and that their network connections are properly set up. The clients can be running Windows 2000, Windows Me, Windows 9x, Windows NT, Windows 3.x for Workgroups, or even MacOS, Unix, Linux, or FreeBSD.

See Section 7.2.2, earlier in this chapter, and follow the instructions in Section 7.2.2.3. Do this for each "client" machine on your network. While the instructions are specific to Windows XP, the settings explained therein can be adapted to any OS; refer to your operating system's documentation for more information.

7.2.3.2 Troubleshooting Internet Connection Sharing

Here are some tips that should help you fix the problems you might encounter with ICS:

7.2.3.3 Alternatives to Internet Connection Sharing

The Internet Connection Sharing feature built-into Windows XP has it's limitations. For example, the host computer must be on and connected to the Internet for the other computers to have Internet access. If this "host" computer crashes or is shut down, Internet access will be cut off for the whole workgroup. This may be a small price to pay, considering that ICS is free, simple, and pretty convenient, but if you don't want your network's Internet connection to rely on any single computer, you may wish to consider the following alternatives to see if they make sense for you.

Figure 7-10. Instead of connecting a single computer to the Internet and then sharing the connection, a router allows you to plug an Internet connection directly into your LAN.

Use a router

A router works similarly to a hub or switch, both discussed at the beginning of this chapter, except that it will also be capable of sharing a single Internet connection with all members of your workgroup. Figure 7-10 illustrates a workgroup connected to the Internet with a router.

The advantage of a router over ICS is that no single computer must be on for the other computers to have Internet access. But the disadvantages include the added cost, a more complicated setup, and support for only certain types of high-speed Internet connections.

If you're looking for a router, make sure to get one that supports both DSL and cable connections, as well as PPPoE connections (if that's what your service provider uses). Some routers connect between to your hub and DSL or cable modem, while others integrate one or both of these functions; Figure 7-10 shows a combination router and hub. Some routers even have built-in support for wireless connections and even print servers. Although such mega-combo devices can be inticing, you're asking for trouble by trying to stuff too much functionality in a single package.

Refer to the documentation that comes with the router for basic setup instructions, and see the Section 7.2.2.3 section, earlier in this chapter, for instructions on connecting a Windows XP system to a router.

Use multiple IP addresses

Some ISPs may provide, at extra cost, multiple IP addresses, with the specific intent that Internet access be provided for more than one computer. Since each computer has its own true IP address, there's no need for any "sharing" software or hardware. Instead, your hub or switch is plugged directly into your Internet device (DSL, cable, T1, or whatever), and each computer will effectively have its own Internet connection.

Refer to the instructions in the Section 7.2.2.1 section, earlier in this chapter, to set up each of your computers to access the Internet.

The advantages of multiple IP addresses over ICS or using a router, as described earlier, is that the setup is very easy, and no additional hardware or software is required. The downside is that Internet connections with multiple IP addresses are often much more expensive than standard Internet connections. In fact, the added monthly cost will most likely quickly exceed the one-time cost of a router.

7.2.4 Fix Your Shared Internet Connection with a New MTU

There are some circumstances when a shared Internet connection doesn't quite work as its supposed to. The problem, where some web pages load and some do not, affects client computers that access a shared Internet connection facilitated by PPPoE.

Although all web sites will be accessible on the host computer, certain web sites will never load successfully from any of the client machines. If you don't know what "hosts" or "clients" are with regard to Internet Connection Sharing, you'll want to review the previous section before you proceed. Also, see Section 7.2.2.2, earlier in this chapter for more information on PPPoE connections. Note that this applies to Windows XP's built-in PPPoE support, as well as PPPoE provided by third-party software and even some routers.

The following solution is intended to fix this specific problem.

  1. Sit down in front of one of your client machines, and type the following:

    PING -f -l 1500 192.168.0.1

  2. This assumes that 192.168.0.1 is the IP address of the host computer (or router); substitute the correct address if it's different. If you don't know the IP address of the host computer, open a Command Prompt window (cmd.exe) on the host, and type ipconfig at the prompt. (If a router is providing your Internet connection, consult the router documentation for details on obtaining its IP address.)

  3. You'll probably get an error message indicating that it must be fragmented. (If not, then this solution doesn't apply to you.) Next, type the following:

    ping -f -l 1492 192.168.0.1

    If that results in the same error message, try this instead:

    ping -f -l 1480 192.168.0.1

    If you still get an error, try:

    ping -f -l 1454 xxx.xxx.xxx.xxx

    The numbers in each of these examples (1500, 1492, 1480, and 1454) are values for the MTU (Maximum Transmission Unit). Continue issuing this command with lower and lower MTU numbers until you get normal ping responses instead of an error message. The highest MTU value that does not result in an error is the correct one for your network. It's not unheard of for an MTU as low as 576 to be required, although Microsoft recommends no value smaller than 1400 for Windows XP.

  4. Once you've found an MTU that works for you, open the Registry Editor (see Chapter 3) on the client machine.

  5. Expand the branches to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces.

    There should be several subkeys under the Interfaces key; most likely, you'll find three. View each key's contents, and find the one that corresponds to your primary network adapter; it will be the one with more values than the other two, and will have an IP address value set to the IP address of the machine.

  6. Once you've found the correct subkey, create a new DWORD value in it by selecting New and then DWORD Value from the Edit menu. Name the value MTU.

  7. Double-click the new value, choose the Decimal option, type the MTU value you earlier in this procedure, and click OK.

  8. Close the Registry Editor when you're done; you'll need to restart Windows for this change take effect.

  9. Repeat steps 3-7 for each client machine on your network (but not the host).

In most cases, this should solve the problem. However, on some systems, you may need to set the MTU in another registry location as well. If you've found that a lower MTU value is what you need, but the above procedure didn't work, try this as well:

  1. Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Ndiswan\Parameters\Protocols\0. If any keys in this Registry path aren't there, just create them by going to Edit New Key.

  2. Once you're in the key, create a new DWORD value called ProtocolType and give it a Decimal value of 2048.

  3. Then, create a new DWORD value called PPPProtocolType and give it a Decimal value of 33.

  4. Finally, create a new DWORD value called ProtocolMTU and give it a Decimal value of the MTU you determined above.

  5. Close the Registry Editor and restart your system when you're done.

7.2.5 Test Your Throughput

Throughput is the practical measurement of bandwidth: the quantity of data you can transmit over a connection in a given period of time.

Now, most types of connections are classified for their bandwidth (discussed at the beginning of this chapter); a 33.6 Kbps modem is so-named, because at its best, it can transmit and receive 33,600 bits per second. Because there are eight bits to the byte, this connection would give us a theoretical throughput of 4.2 kilobytes per second.

In reality, however, you're not likely to see a throughput any faster than about 3.6 Kbps with the connection in this example. That's a difference of about 14%; a file that you would expect to take a minute to download will actually take about 70 seconds. The reason for this discrepancy is that there are other things that get transfered along with your data; error correction and lost packets because of noise on the line can make the actual throughput lower as well. Unfortunately, most of the factors that contribute to the actual throughput are beyond our control.

Faster connections, such as DSL, cable, and T1 connections, are also rated similarly and suffer the same throttling effect, but generally, these connections are fast enough that the discrepancy is not noticeable.

Among the factors within our control are the hardware and software we use and various settings and conditions in which we work (line quality, distance from your ISP, etc.). So it is often advantageous to test the throughput under different conditions and with different equipment so that you can achieve the best performance.

The simplest way to measure the throughput is to transfer a binary file (such as a .jpg or .zip file) from your computer to another location and then back again, recording the time it takes to complete the transfer each way. Just divide the file size by the transfer time to get the throughput, typically in kilobytes per second.

Note that we test the "upload" as well as the "download" speed. Many types of connections are asynchronous; 56 K modems, for example, download at around 53.2 Kbps, but upload at only 33.6 Kbps. Likewise, a midrange DSL connection might be rated at 384 Kbps download and 128 Kbps upload. Note also that you wouldn't want to use ASCII files (such as plain-text files and web pages) to test the throughput, because compression will yield uncharacteristic results.

Average throughputs for common connection speeds are shown in Table 7-1.

Table 7-1. Typical download and upload throughputs for various connection speeds

Connection Method

Ideal Throughput (Kbps)

14.4 Kbps modem

1.6 down, 1.6 up

28.8 Kbps modem

3.2 down, 3.2 up

33.6 Kbps modem

3.6 down, 3.6 up

56 Kbps modem

5.4 down, 3.6 up

ISDN (dual channel, 128 Kbps)

14 down, 14 up

Cable Modem (~800 Kbps synchronous)

84 down, 84 up

DSL (asynchronous 1.2 Mbps/384 Kbps)

128 down, 42 up

T1, fast DSL (1.5 Mbps)

160 down, 160 up

Note that you shouldn't fret if your throughput doesn't exactly match the values in the table they're only examples. If you find that you're getting substantially slower performance, however, you should test your equipment and cabling and see if there's any software that could be interfering with the connection. For example, a noisy phone line is the most common cause of poor performance of a Dial-up connection. For DSL or cable, try turning off your modem for a minute or two, and then turning it back on.

Another way to test the actual bandwidth of your connection is to visit one of the many bandwidth-testing web sites:

In addition to calculating your bandwidth and reporting the results, these services typically ask for your zip code and connection type to compile statistics on typical connection speeds in your area.

See Chapter 5 for solutions on improving overall system performance, some of which will also have a noticeable impact on your connection speed as well.

Throttling Quality of Service

The Quality of Service (QoS) Packet Scheduler is a service included with Windows XP Professional that, when connected to a QoS-enabled network, reserves about 20% of your bandwidth for certain applications. Since this could mean that a rather large amount of your precious bandwidth is being wasted, you may wish to throttle or disable it. Note that this does not apply to Windows XP Home Edition or any computer connected to a network that does not use the QOS service.

  1. You must be logged into the Administrator account (see Chapter 8).

  2. Open the Group Policy Editor (gpedit.msc)

  3. Expand the branches to Computer Configuration\Administrative Templates\Network\QOS Packet Scheduler.

  4. Double-click the Limit reservable bandwidth entry in the right pane, and choose the Setting tab.

  5. Select Enabled, and change the Bandwidth limit (%) value to 0 (or whatever value you prefer).

  6. Click OK and close the Group Policy Editor when you're done. You'll need to restart Windows for the change to take effect.

Note that disabling the QOS Packet Scheduler (by unchecking the QoS Packet Scheduler option in General tab of the Properties sheet for your network connection) won't accomplish this.

7.2.6 Virtual Private Networking

Virtual Private Networking (VPN) is a system whereby a workgroup of two or more computers can be connected by an Internet connection rather than a physical cable. In theory, VPN provides the security and privacy of a closed environment, without the astronomical cost of a private wide-area network.

The technology used in Virtual Private Networking either the Point-to-Point Tunneling Protocol (PPTP) or the Layer Two Tunneling Protocol (L2TP) allows you to create a private "tunnel" across the Internet connection. With a VPN, you can accomplish tasks previously available only over a LAN, such as file and printer sharing, user authentication, and even networked games. Figure 7-11 illustrates a typical scenario with a tunnel connecting a single computer to a remote workgroup.

Figure 7-11. Form a virtual private workgroup through a tunnel across the Internet.

The significant hurdle involved in setting up the VPN feature included in Windows XP is that a tunnel server is required to complete the virtual workgroup. Although VPN has been marketed as a feature of Windows XP, Windows XP cannot be configured as a tunnel server; therefore, a VPN cannot be achieved with Windows XP systems alone. This means that at least one of the computers involved must be running the Server or Advanced Server editions of Windows 2000, Windows NT 4.0, or a subseqent server edition of Windows (such as .NET Server).

The following process briefly shows how to set up a simple VPN workgroup. Select the procedure following depending on the operating system you're using for the tunnel server: Part 1a for Windows 2000 or Part 1b for Windows NT. In many cases, a network administrator will be responsible for setting up the tunnel server. Then, Part 2 shows how to then configure a Windows XP machine as a VPN client.

7.2.6.1 Part 1a: set up the tunnel server (Windows 2000 Server/Advanced Server only)

Here are instructions on setting up a tunnel server in Windows 2000, required before you can initiate a VPN connection with a Windows XP client. See part 1b, which follows, for similar instructions for Windows NT 4.0.

  1. Log in as the Administrator.

  2. Double-click the Network and Dial-Up Connections icon in Control Panel, and then double-click the Make New Connection icon. Note that all of the settings in this cumbersome wizard can be adjusted later by double-clicking on the Incoming Connections icon you're creating.

  3. Click Next, select Accept incoming connections, and click Next again.

  4. Place a check mark next to the network adapter that you use to accept incoming VPN connections, and click Next.

  5. Select Allow virtual private connections, and click Next.

  6. You'll then be presented with a list of configured users place a check mark next to each username to whom you wish to grant VPN access, and click Next.

  7. The next step allows you to choose which services, clients, and protocols are allowed with incoming VPN connections. These are the same components you'd use when building a workgroup (see Section 7.2.1, earlier in this chapter, for details).

  8. Click Next and then Finish when you're done.

7.2.6.2 Part 1b: set up the tunnel server (Windows NT 4.0 Server/Advanced Server only)

Here are instructions on setting up a tunnel server in Windows NT 4.0, required before you can initiate a VPN connection with a Windows XP client. See part 1a, above, for similar instructions for Windows 2000.

  1. Log in as the Administrator.

  2. Double-click the Network icon in Control Panel, and choose the Protocols tab.

  3. Click Add, select Point To Point Tunneling Protocol from the list, and click OK. When asked how many simultaneous VPNs you want the server to support, choose a nice, big, healthy number, and click OK.

  4. Next, you'll need to add one or more the VPN devices to Remote Access Service (RAS): choose the Services tab and select Remote Access Service.

  5. Click Properties, and then click Add.

  6. From the RAS Capable Devices list, select a VPN device, and click OK. Once all the VPN devices have been added, select a VPN port, and click Configure. Check the Receive calls only option, and click OK.

    Repeat this step for each VPN device you've selected. You'll have to restart Windows NT when you're done.

7.2.6.3 Part 2: set up the VPN client (Windows XP)

Although there only needs to be one VPN tunnel server, you can have as many clients as you like (that is, until you reach the limit specified in the tunnel server's configuration). Here's how to set up a Windows XP machine as a VPN client:

  1. Open the New Connection Wizard, as described in Section 7.1.3, earlier in this chapter.

  2. Click Next on the first page. Select Connect to the network at my workplace on the second page, and then click Next.

  3. Choose Virtual Private Network connection, and click Next.

  4. Next, choose a name for the new connection (it can be anything you want), type it into the Company Name field, and click Next.

  5. Since VPN relies on an existing Internet connection, you have the option at this point of automatically connecting to the Internet before initiating this VPN connection. If you're using a high-speed Internet connection that is always on, choose Do not dial the initial connection here. If, however, you're using a PPPoE connection or analog Dial-up connection that must be dialed to connect (as described in Section 7.2.2, earlier in this chapter), choose Automatically dial this initial connection and then select the desired connection from the list. Click Next when you're done.

  6. The next page is where you specify the network name or IP address of the tunnel server to which you want to connect. If you didn't set up the tunnel server yourself, you'll have to obtain the address from your network administrator.

  7. Click Next and then Finish when you're done.

  8. To initiate a VPN connection, double-click the new VPN connection icon, enter your user name and password, and click Connect. As soon as you're connected, you should have access to the additional resources shared on the remote network; see Chapter 8 for details on accessing remote resources.

Note that in previous versions of Windows, it was necessary to "join" a domain (by going to Control Panel System Computer Name tab Change) before you could connect to it with VPN. In most cases in Windows XP, this is no longer necessary; check with your system administrator for details.

For additional tips for working with VPN connections, such as how to bypass the Connect dialog, see Section 7.2.2.2 in the Section 7.2.2 section, earlier in this chapter.

7.2.7 Accessing an FTP Site in Explorer

For years, FTP has been the quickest and most efficient way to move files from one machine to another across the Internet. Whether you're downloading drivers from a manufacturer's FTP site or uploading HTML files to a web server, FTP is often the preferred transfer method.

To access an FTP server, either to upload or download, you need an FTP application. Windows XP actually comes with three such applications:

Understanding Anonymous FTP

If you have a personal account on the server to which you're connecting, you'll need to specify your username and password in order to gain access to your personal files.

However, many FTP servers also provide "anonymous" access to a special, public folder; to login to this public folder, you just type anonymous for the username and an email address (or nothing) for the password. When you use a web browser to download from an FTP server, as described earlier, it's usually done through an anonymous account.

Note that not all hosts are FTP servers, and not all FTP servers allow anonymous access.

Here are three different ways to hooking up to an FTP site in Explorer:

7.2.7.1 Solution 1: open a temporary FTP folder

This procedure is the quick-and-dirty way to open an FTP folder in Explorer:

  1. Open Windows Explorer (explorer.exe).

  2. If the Address Bar is not currently visible, go to View Toolbars Address Bar.

  3. Type an address into the Address Bar, like this:

    ftp://host.com

    where host.com is the name of the FTP server. Note the syntax, similar to web page addresses. Press Enter to log in.

    Since we're not specifying a username or password here, Explorer assumes we want anonymous access. If the specified server does not provide anonymous access, you'll see an error like this:

    Windows cannot access this folder . . . User anonymous unknown.
  4. If you do indeed have an account on the server, select Logon As from the File menu, type your username and password, and then click Log On.

    See the next solution for a way to specify the username and (optionally) the password right in the address so that you don't have to deal with the Log On As dialog.

  5. As soon as you're logged in, you'll see a standard folder and file listing. You can rename, drag-drop, or even delete files and folders, just as though they were on your own hard disk.

    The connection will remain active as long as you use it, but will likely become disconnected if left idle for more than a few minutes. It will also be disconnected when you shut down Windows, but it won't be automatically connected when Windows starts.

  6. When you're done, you can make an Internet Shortcut to this location, using the same method as you would for a web page. However, if Internet Explorer is not your default FTP client (see Section 4.3 in Chapter 4), it won't work is expected. See the next solution for a more robust and permanent way to hookup an FTP site to Explorer.

7.2.7.2 Solution 2: create a more permanent "place" in My Network Places

If you'd like to set up a more permanent FTP connection to use again and again, follow these steps:

  1. Open My Network Places by double-clicking the icon on your desktop or by navigating to it in Explorer.

  2. If you have the common tasks pane enabled (Tools Folder Options General tab), click Add a network place in the Network Tasks box.

    Otherwise, simply double-click the Add Network Place icon.

  3. When the Add Network Place Wizard appears, click Next to skip the intro page.

  4. On the second page, you'll be given a choice of service providers. Make sure you select Choose another network location here, and click Next.

  5. Next, you'll be prompted for the Internet or network address of the FTP server. If you're connecting to an anonymous FTP site, type:

    ftp://host.com

    where host.com is the address (or IP address) of the FTP server (see Solution 1, earlier). Or, if you want to log into a personal FTP account, type:

    ftp://username@host.com

    Finally, if you want to log into a personal FTP account, but do not wish to be prompted for a password, you can specify it here, like this:

    ftp://username:password@host.com

    Click Next when you're done.

  6. If you didn't specify a username in the address you typed in the previous step, you'll be prompted for one now. Turn off the Log on anonymously option if you wish to specify a username now; otherwise, leave it enabled and click Next.

  7. On the last page, you'll be asked to type a name for this connection, which will also be name of the folder as it appears in Explorer. The name can be anything you want, but it has to conform to Windows' file naming rules (e.g., no slashes, double-quotation marks, etc.).

  8. Click Next and then Finish to create the connection.

  9. If successful, you'll see the new entry in your My Network Places folder. Just open it to connect to the FTP site.

    Note that Windows provides no simple mechanism of changing the location or other properties of an FTP folder, which means that you'll have to delete and recreate an FTP folder in order to modify it. See Solution 3, below, for a workaround.

  10. The connection created in this solution is simply a folder or, more precisely, a Folder Shortcut (discussed later), located in your \Documents and Settings\{username}\NetHood folder. If you'd prefer that the FTP folder be located elsewhere, open Explorer, and move the folder to another location on your hard disk.

7.2.7.3 Solution 3: another way to create an FTP folder

The functionality that allows you to link up a folder to an FTP site, as explained in Solution 2, earlier, is essentially that of Folder Shortcuts, as seen in Section 4.4.2. This next solution has essentially the same result, but shows how to create such a folder manually. This can be useful, for example, when the Add Network Place wizard (which can be unreliable) doesn't work. It also lets you modify the location of an FTP folder without having to delete and recreate it. Finally, it can be used in conjunction with a WSH script to automate the creation of FTP folders.

  1. Start by following the instructions for making a Folder Shortcut in Section 4.4.2. (You can also use the example WSH script in Section 9.16.6, although it will have to be altered slightly to accommodate FTP shortcuts.)

  2. When it comes time to make the shortcut to a folder, though, make an Internet Shortcut to an FTP site instead. Open your favorite web browser any web browser capable of making Internet Shortcuts will do and type the URL address of any valid FTP server, as explained in either of the previous solutions in this topic.

  3. Once the page loads successfully, create an Internet Shortcut, and name it target.

    Because Internet Shortcuts use the extension .url (which is not shown) and we need the extension to be .lnk (also not shown), we must rename the file. And because Windows will not let you change the filename extension when the extension isn't visible, you'll need to do it from the Command Prompt.

  4. Open a Command Prompt window (cmd.exe), and type the following:

    cd foldername

    where foldername is the full path of the folder containing the target shortcut.

    Hint: to save typing, type only cd, followed by a space, and then drag-drop the folder icon (or even the shortcut itself) right onto the Command Prompt window, and the full path will be typed for you. (If you dragged the shortcut, you'll have to remove the shortcut filename, target.url, before you press Enter.)

  5. Then, use the ren command to rename the file, like this:

    ren target.url target.lnk

  6. Leave the prompt window open, if needed, for the rest of the solution in Section 4.4.2.

7.2.7.4 Notes

Table 7-2. Any of these programs can be used instead of Windows' built-in support for FTP

Product name

Notes

Creative Element Power Tools

http://www.creativelement.com

Comes with a context-menu add-on that allows you to right-click any number of files, select FTP To, and quickly transfer them to a custom FTP location.

WS_FTP

http://www.ipswitch.com

Although it's a rather old-school implementation of FTP, it's side-by-side layout can be extremely convenient for those who use FTP frequently.

SSH Secure Shell

http://www.ssh.com

A secure terminal (replacement for Telnet), which also comes with an SCP (secure copy) client.

WinSCP

http://winscp.vse.cz

An implementation of SCP, it uses a convenient side-by-side layout similar to WS_FTP.

7.2.8 Controlling Another Computer Remotely(Just Like in the Movies)

A network is good for much more than simply transferring data. Although Windows does let you transfer files to and from other computers in Explorer (see Chapter 8), it's a far cry from actually sitting in front of the remote computer.

One of the severe limitations of the Windows platform is that only one simultaneous user is allowed to operate the computer at any given time. Unix, on the other hand, allows many simultaneous remote users (even in addition to a user sitting right at the workstation), each with their own graphical X-Windows terminal connection.

Enter the new Remote Desktop feature in Windows XP. Although it still does not allow more than one simultaneous user per machine, it does allow you to view the desktop of another Windows XP computer on your network or over the Internet, just as though you were sitting in front of it.

There are almost limitless uses to this technology; a few examples include:

Well, now that I've essentially given you a commercial for Remote Desktop, I'll tell you some of the disadvantages. First of all, while both Windows XP Home and Professional editions can be Remote Desktop "servers," only XP Professional can be used as a "client" to access remote computers. And although you can use Remote Desktop with some previous versions of Windows, you'll need a different program (like VNC, discussed below) to remotely access Mac and Unix machines.

You'll also need a relatively fast connection to use remote control software like Remote Desktop, since a lot of data is transferred to update the screen image. For example, a direct Ethernet (LAN) connection will provide nearly instantaneous responsiveness, while a DSL or cable connection will be a little more sluggish. Don't even bother on an analog (Dial-up) connection, though.

Overall, the technology included with Windows XP is pretty good. It's not entirely new, however: the same feature, called Terminal Services, is included in Windows 2000. It's also not your only choice; see the discussion of alternatives at the end of this section for more information.

Here's how to use the Remote Desktop feature built-into Windows XP.

7.2.8.1 Part 1: enable the Remote Desktop server

Allowing others to connect to a computer with Remote Desktop is easy. The following steps can be used to set up your own computer for being accessed remotely or can be read over the phone to the owner of a computer you wish to access remotely.

  1. Go to Control Panel System Remote tab.

  2. Turn on the Allow users to connect remotely to this computer option.

  3. By default, all users currently configured on the machine can connect to it remotely. If you wish to restrict access to only certain users, click Select Remote Users. See Chapter 8 for more information on user accounts.

  4. Also available in this window is the Remote Assistance option; see the Remote Assistance sidebar for details.

  5. Click OK when you're done.

Using Remote Assistance

The Remote Assistance feature is optional, but can make it easier for less experienced users to transmit the required information to the person who will be accessing their computer remotely, including the IP address and user account.

Turn on the Allow Remote Assistance invitations to be sent from this computer option, and then click the Remote Assistance link in this window to open the Remote Assistance dialog (or launch rcimlby -launchra). Here, you have the option of using Windows Messenger (MSN or .NET passport account required) or your default email program (set in Control Panel Internet Options Programs tab) to send the invitation. In most cases, email will be the best choice. When asked to type a personal message, just leave it blank. The final option is to choose a special password for the person connecting to your computer, useful if you don't want to give them your normal password.

Since these "invitations" can be a security hazard, there are two safeguards in place to automatically disable the feature after a specified amount of time. In the Remote tab of the System Properties dialog, click Advanced to disable the feature completely after a few days. Plus, when sending an invitation, you can configure it only to expire an hour or two after being sent.

7.2.8.2 Part 2: connect to a remote computer

Once you've set up a machine to accept remote connections, follow these steps to connect to that computer remotely:

  1. Start Remote Destkop Connection (mstsc.exe).

  2. The default Remote Desktop Connection dialog is very simple, with only a single field. This typically will not be adequate, however, so click Options to display the full dialog, shown in Figure 7-12.

Figure 7-12. Use Remote Desktop Connection to initiate a connection to another computer and view and interact with its desktop as though you were sitting in front of it.

  1. If you're connecting to another computer in your workgroup, type the name of the computer in the Computer field, or, if you're connecting to another computer on the Internet, type it's IP address here.

  2. Next, type the User name and Password of a valid user account on the remote computer. The Domain field is only used if you're connecting to a computer in a Windows NT/2000 domain; leave it blank otherwise.

  3. If you're connecting to someone else's computer, you'll have to get their IP address, plus the username and password of an account on their computer (see Chapter 8).

    The easiest way to get someone else's IP address is to ask them to visit http://www.annoyances.org/ip, and then have them read or email the numbers on the page. This is usually easier than the other methods, such as using the Network Connections window or typing ipconfig at the Command Prompt.

    Finally, you can have the remote user send you an invitation using Remote Assistance, described in the Using Remote Assistance sidebar. When you receive your invitation via email, it will come with a file attachment, rcBuddy.MsRcIncident, which can be double-clicked to initiate a connection to the sender's computer.

  4. The rest of the options in this dialog are optional. The settings in the Display and Experience tabs deal with performance issues, and the Programs tab lets you start programs on the remote computer automatically. The Local Resources tab has similar options, plus a Local devices section, which lets you share remote drives, printers, and even serial ports.

  5. If you plan on reconnecting to the remote computer at a later time, click Save As to create an .rdp file with all the information in this dialog. You can subsequently double-click the file to initiate a connection, or right-click and select Edit to modify its properties.

    Keep in mind that many user's Internet connections use dynamic-IP addresses, explained earlier in this chapter, which would mean that saving someone's IP address would be pointless.

  6. Click Connect to initiate a connection to the remote computer. If all is well, a window will appear with an image of the desktop of the remote computer. You can interact with this desktop by pointing, clicking, and dragging, just like you were sitting in front of it.

  7. Simply close the window or go to Start Disconnect (in the Remote Desktop window, not in your own Start Menu) to close the connection.

7.2.8.3 Notes

7.2.8.4 Alternates to Remote Desktop Connection

Remote Desktop Connection is not you're only choice when it comes to controlling a computer remotely. Since it's built into Windows XP, though, it's obviously a very convenient and cost-effective solution; if you want more flexibility or if you want to control (or be controlled by) a system running a different operating system, you may wish to use a different program.

Although there are several commercial alternatives available, my favorite is a free program called VNC. Made by AT&T Laboratories, Cambridge, it can be downloaded from http://www.uk.research.att.com/vnc/. Among other things, VNC has the advantage of a very small "viewer" executable. That is, the client software, used on the remote system to access the host, is only a single file, small enough to fit on a floppy this makes it easy to carry it around with you, running it on any machine you find with an Internet connection.

VNC also works on any version of Windows, Macintosh, UNIX, Linux, or FreeBSD, in addition to good ol' Windows XP. Someone has even made a Palm-based client (http://www.btinternet.com/~harakan/PalmVNC/), allowing you to control a remote computer from an Internet-enabled handheld device!

Otherwise, the system requirements are the same as Remote Desktop, described earlier in this section. You'll still need the remote computer's IP address, and some way of logging into the remote computer. VNC has it's own user-authentication system, while others such as pcAnywhere (http://www.symantec.com) use Windows' user accounts.

Windows XP's Remote Desktop feature, when enabled, will remain enabled even if the computer is restarted. But third-party programs must be specially-configured to start automatically with Windows, in case the computer crashes or the power goes out. If the software you're using has an option to be started as a "service" (accessible in services.msc), that will be much better option than adding it to your Start Menu's Startup folder. (VNC has such an option.)

Note that the Telnet service (enabled through services.msc) allows multiple users to log on to a single Windows XP machine simultaneously. But this is essentially only a Command Prompt window, accessed from remote system using Telnet (telnet.exe).

7.2.9 Managing the Nameserver Cache

As mentioned a few times elsewhere in this chapter, a nameserver is a machine that translates IP addresses to domain names and back again. For example, when you type http://www.oreilly.com into your web browser's address bar, Windows sends a request to your service provider's nameserver, and the nameserver responds with something like 209.204.146.22, and your browser can contact the web server and download the requested page.

Each time such a DNS (Domain Naming System) lookup is performed, the information is stored in the DNS cache so Windows doesn't have to query the nameserver every time you access a page on that site. The DNS cache is emptied when you shut down Windows.

The following solutions allow you to change the way Windows interacts with its DNS cache, and will affect all applications that access the Internet (not just your web browser).

7.2.9.1 Part 1: increase the size of the DNS cache

A larger DNS cache will mean fewer trips to the nameserver, and faster overal performance:

  1. Open the Registry Editor (see Chapter 3).

  2. Expand the branches to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters.

  3. Add the following four DWORD values by going to Edit New DWORD Value. Then, enter the numeric values specified by double-clicking and selecting the Decimal option:

    • CacheHashTableBucketSize, set to 1

    • CacheHashTableSize, set tot 384

    • MaxCacheEntryTtlLimit, set to 64000

    • MaxSOACacheEntryTtlLimit, set to 301

    Remember, these are Decimal values (not Hexadecimal values).

  4. Close the Registry Editor when you're done. You'll have to restart Windows for this change to take effect.

7.2.9.2 Part 2: add a permanent entry to the DNS cache

When you add a permanent entry to the DNS cache, it will always override the information provided by the nameserver. Here are a few reasons why you might want to do this:

Warning: providing incorrect information here can prevent you from accessing certain remote servers. Use care when modifying the permanent DNS entry table.

Here's how to create and modify the list of permanent DNS entries:

  1. Open Explorer, and navigate to the \windows\system32\drivers\etc folder.

  2. Look for a file called hosts (no filename extension). If it's not there, create it by going to File New Text Document, and typing hosts for the filename.

  3. The hosts file is just a plain-text file; open it in your favorite text editor (or Notepad).

  4. A standard entry looks like this:

    207.46.230.218 www.microsoft.com

    The first part is the IP address, and the second part (separated by a tab or several spaces) is the domain name.

    Keep in mind that variations, such as www.microsoft.com and microsoft.com, aren't necessarily the same server, and represent different DNS entries. You'll need to add a separate hosts entry for each variation if you want to access them all, like this:

    207.46.230.218 www.microsoft.com 207.46.230.218 microsoft.com

    Using this syntax, add an entry for each domain you wish to hard-code into Windows' DNS table. Note that these addresses affect your machine only; other machines, such as those in your workgroup or others on the Internet, will not be affected.

  5. You may also see some lines that begin with the # character. These are comments, and are ignored by Windows.

  6. Save the hosts file when you're done. The change should take effect immediately.

Категории