Chapter 1 - Internet Information Server Architecture

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Microsoft Internet Information Server is a network file and application server included with the Microsoft Windows NT Server operating system.

This chapter explains design principles and the architecture behind Internet Information Server. Internet Information Server supports three information protocols: HTTP, FTP, and Gopher. This chapter explains how these protocols work with Internet Information Server and how to configure their operation.

On This Page

Internet Information Server Design Priorities
Architecture Overview
WWW Service
FTP Service
Gopher Service

Internet Information Server Design Priorities

The design goal for Internet Information Server was to build a set of integrated server services to support File Transfer Protocol (FTP), Gopher, and Hypertext Transport Protocol (HTTP) services.

Internet Information Server is designed for maximum performance, integration, and extensibility.

  • Performance. Internet Information Server maximizes speed while using the minimum amount of memory (RAM). Internet Information Server uses approximately 400K of RAM when running all three services (HTTP, FTP, Gopher).

  • Integration. Internet Information Server is integrated with Microsoft Windows NT Server. Internet Information Server uses the same directory database (user accounts) as Windows NT Server. Using the same directory database eliminates the need for additional user account administration. Internet Information Server administration also uses existing Windows NT Server tools such as Performance Monitor, Event Viewer, and Simple Network Management Protocol (SNMP) support to maintain similar administrative procedures.

  • Extensibility. Internet Information Server is extensible. Internet Information Server supports the Internet Server Application Programming Interface (ISAPI). By using ISAPI you can extend the functionality of the HTTP service: You create programs that can preprocess and postprocess data sent to and from Internet Information Server. ISAPI is also used in Internet Information Server to create connectors, such as the Internet Database Connector. Internet Information Server uses connectors to use the services of other servers, such as ODBC databases.

Architecture Overview

All of the standard Internet services (FTP, Gopher, and HTTP) reside in a process called Inetinfo. This process is about 400K in size. In addition to the Internet services, this process contains the shared thread pool, cache, logging, and SNMP services of Internet Information Server.

Internet Information Server Connectors

Extensions are built into Internet Information Server in the form of connectors. A connector is an ISAPI dynamic-link library (DLL) that acts as a communication pipe between Internet Information Server and a service. The following connectors are supported.

  • Microsoft BackOffice™ connectors

    • Microsoft Exchange Server/Web connector supports public folder integration with Internet Information Server.

    • Internet Database Connector (IDC) connector allows communication with any ODBC-compliant database engine.

  • Common Gateway Interface (CGI) was developed for UNIX-based systems to extend Web server software. Internet Information Server supports CGI applications for backward compatibility.

  • ISAPI filters preprocessing packets before they enter or leave the Internet Information Server process. These filters give added flexibility to the Internet Information Server architecture. Secure Sockets Layer (SSL) is one example of an ISAPI filter.

Internet Service Manager

Internet Service Manager enables administrators to manage many Internet Information Server sites from a single location anywhere on the Internet. Internet Service Manager communicates by using remote procedure calls (RPCs). Internet Information Server can be used locally or remotely because of its support for RPCs.

Logging

Internet Information Server logging enables you to track which users access your site and when they access your site. Tracking users helps to identify security and performance issues. Logging can be directed either to a log file that can be processed offline and offers faster performance, or to an ODBC Data Source Name (DSN) for dynamic evaluation.

WWW Service

The World Wide Web (WWW) service uses the Hypertext Transport Protocol. HTTP is implemented through an interface to Windows Sockets. Internet Information Server version 2.0 (included with Windows NT Server version 4.0) supports HTTP version 1.0.

The Hypertext Transport Protocol is an application-level protocol. HTTP is a distributed, collaborative, hypermedia information system that has been in use since 1990. HTTP technology has enabled what most commonly refer to as the World Wide Web.

HTTP grew out of a need for a universal protocol to simplify the way users access Internet information. HTTP is generic, stateless, and object oriented. It can be used for many tasks, such as name servers and distributed object management systems, through extension of its request methods (commands). Because HTTP types and negotiates data representation, systems based on it can be built independently of the data being transferred.

The current specification reflects common usage of the protocol referred to as HTTP/1.0, and is the basis for the information in this section.

Discussion and improvement of the HTTP standard is ongoing. You can find extensive information about HTTP at the Internet address https://www.w3.org/Protocols/.

HTTP Communication Process

Hypertext Transport Protocol is a client/server protocol. This means that the client and server interact to perform a specified task. For example, when a user clicks a link on a Hypertext Markup Language (HTML) page, it apparently causes that page to be replaced with the new page. What actually happens is more complex.

  1. The client browser uses HTTP commands to communicate with the HTTP server.

  2. A connection is established from the client to the server by means of TCP port 80 (the default).

  3. The request message is sent to the server. The requests are typically for a file consisting of images, audio clips, animation clips, video clips, or another hypertext document.

  4. The server sends a response message with the requested data to the client.

    For example, when the user clicks a link on an HTML page, the data in the response message comprises the code used to build the page on the client computer.

  5. The server (in most cases) closes the connection.

Table 1.1 defines some of the terms used to refer to the roles played by participants in, and objects of, the HTTP communication process.

Table 1.1 Terms Used in HTTP Communication

Term

Meaning

connection

A virtual circuit (in the transport layer) established between two application programs for the purpose of communication.

message

The basic unit of HTTP communication. It consists of a structured sequence of octets and is transmitted through the connection.

request

An HTTP request message.

response

An HTTP response message.

resource

A network data object or service that can be identified by a URL.

entity

The information transferred as the payload of a request or response. An entity consists of metainformation in the form of entity-header fields and content in the form of an entity-body.

HTTP Requests

The Simple-Request message to the server is sent in the form of a request method, Uniform Resource Locator (URL), and protocol version. The following is an example of an HTTP request.

get https://www.w3.org/hypertext/WWW/TheProject.html HTTP/1.0

This request uses the elements described in Table 1.2.

Table 1.2 Elements of an HTTP Request

Element

Purpose

get

Specifies the request type.

http:

Specifies the request protocol.

//www.w3.org/hypertext/WWW/TheProject.html

States URL for the object requested.

HTTP/1.0

Indicates that version 1.0 of HTTP will be used.

In a Full Request message, the additional information is followed by a Multipurpose Internet Mail Extensions (MIME) message containing request modifiers, client information, and sometimes body content.

HTTP Server Response Messages

When an HTTP server receives a request, it responds with a status message that includes the message's protocol version and a success or error code, followed by a MIME message containing server information, entity metainformation, and sometimes body content.

Table 1.3 lists examples of server status messages and their meanings. For more information, see Chapter 8, "Troubleshooting an Internet Information Server Installation."

Table 1.3 Explanations for Server Status Messages

Message

Type

Explanation

1xx

Informational

This series of responses is not currently used. They are reserved for future use.

2xx

Success

The action was successfully received, understood, and accepted.

3xx:

Redirection

Further action must be taken in order to complete the request.

4xx

Client Error

The request contains incorrect syntax or cannot be fulfilled.

5xx

Server Error

The server failed to fulfill an apparently valid request.

URLs

In all Internet protocols, including HTTP, a client must locate Internet resources by using a Uniform Resource Locator. The URL for an HTTP address can be broken into three parts.

  • How (scheme). Defines how the request is made. When the HTTP scheme is used, network resources are located by means of the Hypertext Transport Protocol.

  • Where. Defines the host.

  • What. Specifies the complete path to the object and the object's name that is being requested by the client.

For example, this is the syntax for a URL that uses the HTTP scheme:

http: // host[**:**port]abs_path

where

host A legal Internet host domain name or IP address (in dotted-decimal form), as defined by Section 2.1 of RFC 1123.
:port Port 80 is used if no port is specified. However, by using this optional parameter, you can specify any port.
abs_path The full path and filename.
The type of scheme used depends upon the object being requested. The following schemes are currently supported by Internet Explorer.

File

Mailto

Telnet

FTP

News

WAIS

Gopher

NNTP

 

HTTP

Prospero

 

For more information about these and other schemes, see the Internet address https://www.w3.org/pub/WWW/Addressing/schemes.html.

HTTP Browser

On the client side, the browser issues a command when the user either clicks an object or types a URL in the location field.

Included with Microsoft Internet Information Server is a browser (Microsoft Internet Explorer) you can use to access Internet sites. After you connect to the Internet, you can use Internet Explorer to view information on the Internet. You can incorporate this information into your documents, or save it to a file on your computer.

To begin exploring the Internet, click an item in the Internet Explorer main window.

Monitoring HTTP Sessions

You can monitor HTTP sessions by using the netstat TCP/IP utility and the Performance Monitor.

The netstat utility shows static information at a given point in time. Netstat is best used to determine the status of connections. Table 1.4 provides examples of netstat syntax and the results of each.

Table 1.4 Netstat Command Examples

Example syntax

Result

netstat

Displays protocol (TCP or User Datagram Protocol) being used, local and foreign (remote) addresses by their friendly names, the port number used on the local computer, and the state of the connection.

netstat -n

Displays protocol (TCP or UDP) being used, local and foreign socket addresses, and the state of the connection.

netstat -s -p tcp

Displays active opens, passive opens, failed connection attempts, reset connections, current connections, segments received, segments sent, and segments retransmitted.

For more information on the netstat utility, see the online Command Reference in Windows NT Help.

Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users. Table 1.5 shows real-time statistics that Performance Monitor displays for HTTP as well as FTP and Gopher.

Table 1.5 Statistics Displayed by Performance Monitor

Counter

HTTP service

Objects for FTP service

Gopher service

Aborted Connections

NA

NA

 

accon03

Bytes Received/sec

 

accon03

 

accon03

 

accon03

Bytes Sent/sec

 

accon03

 

accon03

 

accon03

Bytes Total/sec

 

accon03

 

accon03

 

accon03

CGI Requests

 

accon03

NA

NA

Connection Attempts

 

accon03

 

accon03

 

accon03

Connection/sec

 

accon03

NA

NA

Connections in Error

NA

NA

 

accon03

Current Anonymous Users

 

accon03

 

accon03

 

accon03

Current CGI Requests

 

accon03

NA

NA

Current Connections

 

accon03

 

accon03

 

accon03

Current ISAPI Extension Requests

 

accon03

NA

NA

Current NonAnonymous Users

 

accon03

 

accon03

 

accon03

Directory Listings Sent

NA

NA

 

accon03

Files Received

 

accon03

 

accon03

NA

Files Sent

 

accon03

 

accon03

 

accon03

Files Total

 

accon03

 

accon03

NA

Get Requests

 

accon03

NA

NA

Gopher Plus Requests

NA

NA

 

accon03

Head Requests

 

accon03

NA

NA

ISAPI Extension Requests

 

accon03

NA

NA

Logon Attempts

 

accon03

 

accon03

 

accon03

Maximum Anonymous Users

 

accon03

 

accon03

 

accon03

Maximum CGI Requests

 

accon03

NA

NA

Maximum Connections

 

accon03

 

accon03

 

accon03

Maximum ISAPI Extension Requests

 

accon03

NA

NA

Maximum NonAnonymous Users

 

accon03

 

accon03

 

accon03

Not Found Errors

 

accon03

NA

NA

Other Request Methods

 

accon03

NA

NA

Post Requests

 

accon03

NA

NA

Searches Sent

NA

NA

 

accon03

Total Anonymous Users

 

accon03

 

accon03

 

accon03

Total NonAnonymous Users

 

accon03

 

accon03

 

accon03

Modifying HTTP Ports

For most installations of Internet Information Server, you keep the HTTP server port number set at the default 80 to allow HTTP clients access to your site. However, it is simple to modify the well-known (standard) port numbers for HTTP.

Warning: Using Registry Editor incorrectly can cause serious, systemwide problems that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any problems resulting from the use of Registry Editor can be solved. Use this tool at your own risk.

When possible, change configuration through Control Panel settings. However, as in the procedure that follows, there are settings that can be changed only by using Registry Editor.

To change the port used by the HTTP service

  1. Start the Registry Editor, Regedt32.exe.

  2. Click the HKEY_LOCAL_MACHINE window and locate the following key:

    \System

    \CurrentControlSet

    \Control

    \ServiceProvider

    \ServiceTypes

    \W3SVC

  3. Click W3SVC, then double-click the TcpPort entry on the right side of the screen.

    The DWORD Editor dialog box appears.

  4. Click Decimal, then enter the port number in the Data box.

  5. Click OK and close Registry Editor.

  6. Stop and restart the WWW service.

Your HTTP server now monitors the specified port for all HTTP client requests.

Note: This situation affects the default port on the HTTP server only.

Troubleshooting HTTP with Network Monitor

By using the Microsoft network monitor utility, you can reveal the contents of a specific frame. By examining the HTTP messages, you can determine whether the correct messages were sent.

Network monitor captures the full frame before it reaches the network components and the browser client. Thus, you can isolate the symptoms of events that occur before the frames reach the host computer.

For more information about network monitor, see the Windows NT Server Concepts and Planning Guide.

FTP Service

FTP is the protocol used to transfer files between two computers on a network that uses Transmission Control Protocol/Internet Protocol (TCP/IP). FTP was one of the earliest protocols used on TCP/IP–based networks and the Internet. Although the World Wide Web has replaced most functions of FTP, FTP is still the only way to copy files from a client computer to a server over the Internet.

To use FTP to transfer files between two computers, both computers must support their respective FTP roles. In other words, one needs to be an FTP client and the other an FTP server. The FTP client can issue commands to the server, such as commands to download files, upload files, create directories on the server, and change directories on the server.

FTP uses TCP as its transport protocol for all communication and data exchanges between the client and the server. However, Internet Information Server communicates with Windows Sockets, then Windows Sockets communicates with TCP.

TCP is a connection-oriented protocol. "Connection-oriented" means that the communications session is established between the client and the server before data is transmitted. The connection remains active during the entire FTP session. Connection-oriented sessions are known for their reliability and error-recovery features. This means that FTP file transfers are very reliable.

TCP has the features described in Table 1.6.

Table 1.6 TCP Connection Features

Feature

Description

Flow control

Both client and server computers participate in the transmission of the packets, which virtually eliminates potential problems with packet overflows and lost packets.

Acknowledgment

The computer sending data packets expects an acknowledgment message (ACK) from the destination computer. This acknowledgment verifies that the packet was successfully received at the destination.

Retransmission

If the sending computer does not receive an ACK in a specified period of time, it assumes the packet became lost or corrupted and retransmits the packet.

Sequencing

All packets are numbered and sent in order so that the receiving computer reorganizes the data correctly.

Checksum

All packets contain a checksum to ensure integrity of the data. If the data is corrupted somewhere during the transmission, the checksum is used to indicate that the data is not the same data that was sent.

Note: Do not confuse FTP with Trivial File Transfer Protocol (TFTP). TFTP is a fast, simple file transfer protocol that uses the User Datagram Protocol (UDP) transport. UDP, unlike TCP, is a connectionless protocol and cannot retransmit packets. This means that UDP is not as reliable as TCP.

TCP Ports and Sockets

Three identification numbers are commonly used when referring to TCP sockets.

  • The IP address identifies the computer on the network.

  • The TCP port number identifies a process or application inside the computer.

  • The socket identifies both the computer and the process simultaneously. A socket is used as an endpoint.

Note: TCP ports are known by a variety of names. These names include TCP port number, TCP port address, TCP port, port number, port address, port, and data port.

Any application or process that uses TCP for its transport is assigned a unique identification number called a TCP port. TCP ports specify the path of communication between client and server applications. These ports are numbered beginning with zero. Port numbers for client applications are dynamically assigned by the operating system when there is a request for service. Port numbers for server applications are preassigned by the Internet Assigned Numbers Authority (IANA) and do not change.

IANA is the group that assigns processes to port numbers 0 through 1023. This range of numbers is reserved for services. A client application or process that uses TCP as a transport is assigned a port number greater than 1023 by the operating system.

A server application or process that uses TCP as a transport has at least one preassigned port number. For example, the preassigned port numbers for FTP server services are 20 (data) and 21 (control). These port assignments are called the "Well Known Port Numbers" and are documented in RFC 1700 (see https://ds.internic.net/std/std2.txt). Table 1.7 is a short list of some Well Known Port Numbers. (For more port numbers, see Appendix B, "Port Reference for Microsoft TCP/IP," in the Windows NT Server Networking Guide.)

Table 1.7 Some Well Known Port Numbers

Port number

Process name

Description

1

TCPMUX

TCP Port Service Multiplexer

5

RJE

Remote Job Entry

20

FTP-DATA

File Transfer Protocol - Data

21

FTP

File Transfer Protocol - Control

23

TELNET

Telnet

25

SMTP

Simple Mail Transfer Protocol

42

NAMESERV

Host Name Server

49

LOGIN

Login Host Protocol

53

DOMAIN

Domain Name System

69

TFTP

Trivial File Transfer Protocol

70

GOPHER

Gopher

80

HTTP

HTTP

103

X400

X.400

110

POP3

Post Office Protocol version 3

137

NETBIOS-NS

NetBIOS Name Service

139

NETBIOS-DG

NetBIOS Datagram Service

150

NETBIOS-SS

NetBIOS Session Service

156

SQLSRV

SQL Server

179

BGP

Border Gateway Protocol

Port numbers are used in conjunction with an IP address to form a socket. Sockets always have a number (or address) associated with them and designate an endpoint. Examples of socket numbers are shown in Table 1.8.

Table 1.8 Socket Examples

IP address

Port number

Socket number

10.155.22.99

1028

#10.155.22.99(1028)

172.16.16.10

21

#172.16.16.10(21)

FTP and Ports

When FTP is running on a server, it constantly monitors port 21, the FTP control port, for a request for service from the FTP server. To connect to the FTP server, the FTP client computer sends a request to TCP port number 21 on the server computer.

For example, assume that computer A is the FTP client, computer B is the FTP server, and that they have the following IP addresses.

Computer A (FTP client)

Computer B (FTP server)

IP address: 172.16.16.10

IP address: 10.155.22.99

The communication between the FTP client and FTP server follows this process.

  1. At the command prompt on computer A, the user types the following information:

    FTP 10.155.22.99

  2. The operating system assigns a TCP port number greater than 1023 (for example, 1028) to the FTP client application.

  3. TCP creates a packet that includes the following information:

    Source IP Address

    172.16.16.10

    Source TCP Port Number

    1028

    Destination IP Address

    10.155.22.99

    Destination TCP Port Number

    21

  4. The packet is sent across the network to IP address 10.155.22.99.

  5. Computer B receives the packet and TCP forwards the packet to port 21 (FTP control).

  6. The FTP service on computer B sends an acknowledgment (ACK) back to computer A by using both the IP address (172.16.16.10) and the port number (1028).

The packet cannot be accidentally delivered to a wrong port address on the server because the packet contains the correct port number before it leaves the client computer.

FTP Control and Data Connections

FTP uses two TCP connections to communicate between the client and the server. These connections are called the control connection and the data transfer connection. Connections can be ready in one of two states: passive open (waiting for a transmission) or active open (initiating the transmission).

The control connection starts the communication between the FTP client and the FTP server. The control connection is maintained for the duration of the FTP session. The control connection uses port 21 on the server and an open port that is greater than 1023 on the client.

The control connection is managed by a set of programs called the server Protocol Interpreter (server-PI) and the user Protocol Interpreter (user-PI).

The server-PI maintains a passive open state at port 21 waiting for the arrival of an FTP connection request from a client. When a request arrives, the server-PI establishes a control communication connection, receives standard FTP commands from the user-PI, sends replies, and governs the server Data Transfer Process (server-DTP).

The user-PI initiates the control connection (active open) from its TCP port to the server-PI, initiates FTP commands, and governs the user Data Transfer Process (user-DTP).

The data transfer connection exists only when there is data to be transferred between the client and the server. The data transfer connection closes each time a data transfer is completed. The control connection remains open.

Because of this, a new client data port must be opened each time a new data transfer begins. The server data port is always 20.

The data transfer connection is managed by a set of programs called the server Data Transfer Process (server-DTP) and the user Data Transfer Process (user-DTP). The server-DTP establishes the data connection (active open) with the user-DTP, sets up the parameters for transfer and storage, and transfers data on command from the server-PI. The user-DTP waits at its FTP port (passive open) for a connection from the server-DTP.

Using FTP

This section describes a typical FTP session.

To start an FTP session and connect to an FTP server

  1. Start a command prompt and type the following information:

    ftp IPaddress

    where IPaddress is a valid IP address. Then press ENTER.

    Note: To test TCP/IP on your computer, you can always use the IP address 127.0.0.1. This address is known as the loopback address for your computer. The loopback address uses loopback drivers to reroute outgoing packets back to the source computer. By going through the loopback drivers, the packets can bypass the network adapter card completely and be returned directly to the computer that is performing the test.

  2. When you are prompted to log on with a user name, log on as Anonymous.

  3. When prompted for a password, press enter. An ftp> prompt appears.

At the ftp> prompt, you can enter FTP commands. Some of the common FTP commands are described in Table 1.9. (For a complete list of FTP client commands, see Appendix A, "TCP/IP Utilities Reference," of the Windows NT Server Resource Kit Networking Guide.)

Table 1.9 Common FTP Commands

Command

Purpose

bye

Ends the FTP session with the remote computer and exits FTP.

delete

Deletes files on the remote computer; requires appropriate permissions.

dir

Lists the remote directory's files and subdirectories.

get

Copies a remote file to your computer.

help

Displays descriptions for FTP commands.

open

Connects to the specified FTP server.

put

Copies a file from your computer to the remote computer; requires appropriate permissions.

mkdir

Creates a directory on the remote computer, requires appropriate permissions.

!

Returns you to the Microsoft MS-DOS® shell. FTP is still active; type exit to return to the >ftp prompt.

! command

Executes an MS-DOS command on the local computer from the FTP session.

For example, to copy a file from the server computer, type the following command at the >ftp prompt.

get filename

This command copies the specified file from the server to the client.

After you enter a command, you receive a series of return codes from the FTP server on a number of lines. The return codes let you know the status of each command. Table 1.10 shows some of the common return codes listed in RFC 640. Information in italics is supplied by the server. (A complete list of return codes in RFC 640 can be found at **https://andrew2.andrew.cmu.edu/rfc/rfc640.html**.)

Table 1.10 FTP Server Return Codes

Code

Meaning

119

Terminal not available, will try mailbox.

120

Service ready in nnn minutes.

125

Data connection already open; transfer starting.

225

Data connection open; no transfer in progress.

150

File status okay; about to open data connection.

151

User not local; will forward to user@host.

152

User unknown; mail will be forwarded by the operator.

250

Requested file action okay, completed.

200

Command okay.

211

System status, or system help reply.

212

Directory status.

213

File status.

214

Help message.

220

Service ready for new user.

221

Service closing Telnet connection.

226

Closing data connection; requested file action successful (for example, file transfer or file abort).

227

Entering passive mode.

230

User logged in; proceed.

331

User name okay; need password.

332

Need account for login.

350

Requested file action pending further information.

450

Requested file action not taken: file unavailable (for example, file busy).

421

Service not available, closing Telnet connection. This can be a reply to any command if the service must shut down.

425

Cannot open data connection.

426

Connection closed; transfer aborted.

530

Not logged in.

532

Need account for storing files.

550

Requested action not taken.

Modifying FTP Ports

It is easy to modify the Well Known Port Number for FTP. However, to allow FTP clients access to your site, keep the FTP server port number set at 21 for most installations of Internet Information Server.

If you want to limit access to your FTP server, you can change the control connection (port 21) to a TCP port number greater than 1023 to "hide" your site.

You can change FTP server TCP port numbers by modifying the Systemroot\System32\Drivers\Etc\Services file or by changing their values in the Registry. The setting in the Services file takes precedence over the Registry setting in all cases. That is, by changing the Services file, you affect both the FTP client and the FTP server. By changing the Registry, you affect only the FTP server.

To change the TCP port in the Services file

  1. At a command prompt, change directories to Systemroot\System32\Drivers\Etc.

  2. Use a text editor to search the Services file for the following two entries:

ftp-data 20/tcp ftp 21/tcp

  1. Modify port 21 to a number greater than 1023. See the following example.

ftp-data 20/tcp # The # sign designates a comment. ftp 1234/tcp # FTP port changed to 1234, was 21.

  1. Save and close the file. To implement the change, stop, then restart the FTP service.

    Note: This affects the default TCP ports on both the FTP client and the FTP server.

Your FTP server now waits at port 1234 for all FTP client requests and your FTP client connects only to an FTP server at port 1234.

To verify the new FTP port settings

  1. At a command prompt, type the command ftp.

    The ftp> prompt appears.

  2. Type the command open 127.0.0.1 21 and then press ENTER.

    The IP address 127.0.0.1 is the loopback address for your computer. You are specifying 21 as the destination port address. The following message appears:

-> ftp: connect:Connection refused

  1. Type the command open 127.0.0.1 and then press ENTER.

    The port now reverts to the default number specified in the Services file: 1234. You are prompted with the following logon message:

User <127.0.0.1:<none>>:

This verifies that both the FTP client and FTP server are using port 1234.

To change the Registry entry for FTP

  1. Start the Registry Editor, Regedt32.exe.

  2. Click the HKEY_LOCAL_MACHINE window and locate the following key:

    \System

    \CurrentControlSet

    \Control

    \ServiceProvider

    \ServiceTypes

    \MSFTPSVC

  3. Click MSFTPSVC and then double-click the TcpPort value.

    The DWORD Editor dialog box appears.

  4. Click Decimal and enter 5678 in the Data box.

  5. Click OK and close the Registry Editor.

  6. At the command prompt, type the following information:

    cd %systemroot%\system32\drivers\etc

    ren services services.ok

    This prevents the FTP server from using the port address in the Services file after it has been restarted.

  7. To implement the change, stop and restart the FTP service.

    Note: This situation affects the default port only on the FTP server.

If you have completed the preceding steps, your FTP server now monitors port 5678 for all FTP client requests and your FTP client connects to an FTP server at port 1234 only.

To verify the new FTP port settings

  1. At a command prompt, type ftp, then press ENTER.

    The ftp> prompt appears.

  2. Type the following commands:

    open 127.0.0.1

    open 127.0.0.1 21

    open 127.0.0.1 1234

    The following message appears:

-> ftp: connect: Connection refused

  1. Type the command open 127.0.0.1 5678 and then press ENTER.

    The port defaults to the number specified in the Registry: 5678. You are prompted with the following logon message:

User <127.0.0.1:<none>>:

This procedure verifies that both the FTP client and FTP server are using port 5678.

Customizing FTP Server

When a client connects to an FTP server, the user often lacks site information. Without site information, the user does not know if this is the correct FTP server, or what the files at the site contain. By adding a welcome message, exit message, and directory contents message, you can supply such information to visitors to your FTP site.

You can use two methods to add information about your FTP site. Both methods can enhance its usability.

You can use the Internet Service Manager to add default Welcome or Exit messages to the FTP server. Double-click the FTP service, then click Messages to add or change FTP service messages.

You can also add an FTP directory description file. For examples of this process, see Chapter 5, "Enterprise Scenarios."

To enable the FTP directory description file

  1. Click the Start button, then point to Run. In the Open box, type regedt32.exe and then click OK.

    The Registry Editor appears.

  2. Click the HKEY_LOCAL_MACHINE window and locate the following key:

    \System

    \CurrentControlSet

    \Services

    \MSFTPSVC

    \Parameters

  3. On the Edit menu, click Add Value.

    The Add Value dialog box appears.

  4. In the Value Name text box, type Annotate Directories.

  5. In the Data Type box, select REG_DWORD and then click OK.

    The DWORD Editor dialog box appears.

  6. In the Data text box type 1 and click OK.

    The Registry Editor adds the new value to the Parameters key.

  7. Close the Registry Editor.

  8. To implement these changes, stop and restart the FTP service.

To add an FTP directory description file

  1. Using a text editor, create the file ~ftpsvc~.ckm

  2. In the file, type the following lines:

    Directory for the Terra Flora FTP Server

    ------------------------------------------------------

  3. Save the file in the root directory of the FTP server and close the editor.

  4. At the command prompt in the root directory of the FTP server, type the following information and then press Enter.

    attrib +h ~ftpsvc~.ckm

    This step hides the file.

To verify the customized FTP server

  1. At the command prompt, type the following information.

    ftp 127.0.0.1

    This step uses the IP loopback address to start an FTP session on your local computer.

    The FTP client prompts you to log on.

  2. Log on as Anonymous.

    The introductory message and the annotated directory listing appear.

  3. At the ftp> command prompt, type the following information.

    BYE

    The exit message appears.

Monitoring FTP Sessions

You can monitor FTP, just like HTTP sessions, by using the netstat TCP/IP utility and the Performance Monitor.

The netstat utility shows static information at a given point in time. Netstat is best used to determine the status of connections. You can run netstat from a command prompt or inside an FTP session by using the ! command. For examples of netstat command syntax, see Table 1.4, earlier in this chapter.

Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users, file transfers, and byte transfers. For a listing of real-time statistics displayed by Performance Monitor for the FTP service, see Table 1.5, earlier in this chapter.

Gopher Service

Gopher is client/server–oriented software that uses a simple protocol to search for and retrieve files from Gopher servers on the Internet. The Gopher service was developed by the University of Minnesota in 1991 to overcome some limitations of the FTP service. Gopher has an easier-to-use interface and also allows administrators to create links to other computers or services, to annotate files and directories, and to create custom menus.

Gopher is not just an Internet tool. Many organizations use Gopher on their local area network to help people within the organization find the information they need quickly and efficiently.

The user of the Gopher client can download files, switch directories, or link to other Gopher servers by using a series of menus. The Gopher server generates menus, links, and annotations by using a series of tag files.

Gopher presents information in a hierarchical structure. Depending on which client software is used and what selections are available on the Gopher server, the user can choose how to view information—for example, as a text file, as a Microsoft Word for Windows document, or in a particular language.

A Gopher client presents the individual user with directory lists. If the user chooses a subdirectory from the displayed list, the listing for that subdirectory is displayed. If the user chooses a file, it is downloaded. Each directory and file can be on a different Gopher server.

You can also configure a Gopher server to search local Wide Area Information Server (WAIS) databases.

Gopher uses TCP as its transport protocol for all communication and data exchanges between the client and the server. Internet Information Server communicates with Windows Sockets, then Windows Sockets communicates with TCP.

TCP is a connection-oriented protocol (that is, the communications session is established between the client and the server before data is transmitted). However, unlike FTP, Gopher does not maintain the connection between requests; this is also known as a stateless connection.

For a description of TCP connection features, see Table 1.6, earlier in this chapter.

Gopher Ports and Connections

The Gopher protocol consists of a client and a server communicating through a TCP connection. The server waits at port 70 for a client request. The client, after initiating the connection, sends a selector to the server. A selector is a line of text that can consist of a series of characters or a null string. The server responds with a block of text terminated with a period on a line by itself. After receiving an acknowledgment from the client, the server closes the connection.

Similar to FTP, the Gopher client always communicates on a port whose number is greater than 1023. This port number changes each time a new transaction begins between the client and the server.

Designing a Gopher Site

Because most computer users are familiar with a hierarchical file system, you should design a Gopher site to resemble a directory tree structure. That is, the root directory contains names of subdirectories, links to other sites, and an explanation (Readme) file. The actual content is stored in subdirectories on the server.

When using Microsoft Internet Information Server, the default root directory is Systemroot\System32\Inetsrv\Gophroot.

Gopher Types

Gopher servers contain Gopher objects and each object has an associated Gopher type. The Gopher type signals the client what to do when that object is selected from the menu. Table 1.11 explains the Gopher types.

Table 1.11 Gopher Types and Client Behavior

Type

Description

Client action

0

Text file, typically an ASCII document

Usually displayed on the screen.

1

Directory listing

Expect another Gopher menu.

2

CSO phone book server

Expect to be queried for a person's name.

3

Error

 

4

Macintosh® BinHex file

Expect the file to be transferred.

5

MS-DOS .zip or other archive file

Expect the file to be transferred.

6

UNIX UUENCODE file

Expect the file to be transferred.

7

Search item

Expect to be queried for a relevant search string.

8

Telnet session

Expect the Telnet program installed on your computer to start.

9

Binary file

Expect the file to be transferred.

T

3270 session

Expect the tn3270 program installed on your computer to start.

S

Sound file

Expect the file to be transferred and then played by a sound application on your computer.

g

Graphics file

Expect the file to be transferred and then displayed by a graphics application on your computer.

M

MIME file

Expect the file to be transferred and then displayed by an application on your computer.

h

HTML file

Expect the file to be transferred and then displayed by an application on your computer.

I

Image file

Expect the file to be transferred and then displayed by an application on your computer.

i

In-line text type

Used to suppress item numbers in text-only clients.

Gopher Tag Files

You use Gopher tag files to set up links to other Gopher servers and resources, and to give descriptive names to files and directories on Gopher servers. Gopher tag files are configured by using the gdsset utility. This utility creates hidden tag files (*.gtg) in the \Inetsrv\Gophroot directory. The examples in the following three sections demonstrate how to use tag files to customize the Gopher site.

Changing Filename Display

In this example, you have two Readme files and a subdirectory in the \Inetsrv\Gophroot directory on your server. When a Gopher client accesses your computer, the following menu displays.

1 README1.TXT 
2 README2.TXT 
3 SUBDIR 

Readme1.txt describes the mission of this Gopher site. Readme2.txt describes how to contact the site administrator. And Subdir is a subdirectory that contains the content of this Gopher site.

To change these filenames to a descriptive name format, type the following gdsset commands at a command prompt.

gdsset -c -g0 -f "The Mission of this Gopher Site" README1.TXT
gdsset -c -g0 -f "Contact the Site Administrator" README2.TXT
gdsset -c -g0 -f "Contents of this Gopher Site" SUBDIR

These commands create three hidden tag files in the \Inetsrv\Gophroot directory: Readme1.txt.gtg, Readme2.txt.gtg, and Subdir.gtg. The tag files set up an association between the descriptive name and the filename. The next time a Gopher client accesses your computer, the following menu displays.

1 The Mission of this Gopher Site 
2 Contact the Site Administrator 
3 Contents of this Gopher Site 

When a user clicks The Mission of this Gopher Site, the Gopher client displays the contents of Readme1.txt. Clicking Contact the Site Administrator displays the contents of Readme2.txt, and clicking Contents of this Gopher Site displays the contents of the directory Subdir. The original filenames and directory names are hidden from the Gopher client.

Creating Links to Directories

In this example, you have five subdirectories under the root Gopher directory (\Inetsrv\Gophroot) on your server.

\Inetsrv\Gophroot\Subdir1\Subdir2\Subdir3\Subdir4\Subdir5

When a Gopher client accesses your machine, the user sees the following menu display.

SUBDIR1 

If a user wants to access files in Subdir5, the user must access four additional subdirectories to access Subdir5.

To establish a link to Subdir5 from the root directory and provide a descriptive name format for Subdir5, use the following gdsset commands at a command prompt.

gdsset -c -l -g1 -f "Microsoft Windows Printer Drivers Location" -s \Subdir1\Subdir2\Subdir3\Subdir4\Subdir5 link.subdir5

This command creates a hidden tag file, called Link.Subdir5.gtg, in the \Inetsrv\Gophroot directory.

Note: All link files must start with the prefix "link"; however, do not use the prefix "link" for any other tag files.

The next time a Gopher client accesses your computer, the following menu is displayed.

SUBDIR1 
Microsoft Windows Printer Drivers Location 

Clicking Microsoft Windows Printer Drivers Location brings the user directly to Subdir5.

Creating Links to Other Gopher Sites

To link to another Gopher site, add the host name or IP address to the gdsset command. For example, to link to the Greater London, England Gopher Server, you issue the following command from an >ftp command prompt.

gdsset -c -l -g1 -f "Link to the Greater London, England Gopher Server"
-s -hgopher.london.com link.london

The links, files, friendly names, and directories that appear on the server are in alphabetical order.

Using Gopher

Internet Explorer works as a Gopher client. To connect to a Gopher server, start Internet Explorer and enter a Gopher address in the address box. For example, you can enter

gopher://gopher.college.edu/

If the name or IP address of the Gopher server is known, but the server is not using the standard TCP port address (70), you can alter the address on the client to match the server. For example, if the Gopher server is monitoring port 1938, use the following command.

gopher://gopher.college.edu:1938

Modifying Gopher Ports

For most installations of Internet Information Server, you keep the Gopher server port number set to the default 70 to allow other Gopher clients access to your site. However, if you want to limit access to your Gopher server, you can change the control connection (port 70) to a port number greater than 1023 to "hide" your site.

You can change Gopher server port numbers by modifying the Systemroot\System32\Drivers\Etc\Services file or by modifying their values in the Registry. The setting in the Services file takes precedence over the Registry setting in all cases. By changing the Services file or the Registry, you affect only the Gopher server.

Note: By changing the port number, you can break some or all of your tags and links. You must rebuild these by using the -p option of the gdsset command to change the port number. For example, if you change the port number to 2345, you rebuild the new tag by typing the following line:

gdsset -c -g0 -f "The Mission of this Gopher Site" Readme1.Txt -p2345

To change the Gopher port in the Services file

  1. At a command prompt, change directories to Systemroot\System32\Drivers\Etc.

  2. Use a text editor to search the Services file for the following entry.

gopher 70/tcp

  1. Modify port 70 to a number greater than 1023 and add a comment (#) to show the default. For example, if you change to port 2345, add the following line.

gopher 2345/tcp # gopher 70/tcp

  1. Save and close the file.

  2. To implement the change, stop then restart the Gopher service.

    Note: This affects the default ports on the Gopher server.

Your Gopher server now waits at port 2345 for all Gopher client requests.

To verify the new Gopher port settings

  1. Start Internet Explorer. In the address box, type gopher://127.0.0.1 and then press ENTER.

    The following message appears.

The attempt to load 'gopher:127.0.0.1' failed.

  1. Click OK to dismiss the message.

  2. In the address box, type gopher://127.0.0.1:2345 and then press ENTER.

    The Gopher menu appears on your screen.

To change the Registry entry for Gopher

  1. Start the Registry Editor, Regedt32.exe.

  2. Click the HKEY_LOCAL_MACHINE window and locate the following key.

    \System

    \CurrentControlSet

    \Control

    \ServiceProvider

    \ServiceTypes

    \GOPHERSVC

  3. Click GOPHERSVC and then double-click the TcpPort value.

    The DWORD Editor dialog box appears.

  4. Click Decimal and enter 6789 in the Data box.

  5. Click OK and close the Registry Editor.

  6. At the command prompt, type the following information:

    cd %systemroot%\system32\drivers\etc

    ren services services.ok

    This step prevents the Gopher server from using the port address in the Services file after it has been restarted.

  7. To implement the change, stop and restart the Gopher server.

    Note: This affects the default port only on the Gopher server.

Your Gopher server now monitors port 6789 for all Gopher client requests and your Gopher client connects to a Gopher server at port 6789 only.

To verify the new Gopher port settings

  1. Start Internet Explorer. In the address box, type gopher://127.0.0.1 and then press ENTER.

    The following message appears.

The attempt to load 'gopher:127.0.0.1' failed.

  1. Click OK to dismiss the message.

  2. In the address box, type gopher://127.0.0.1:6789 and then press ENTER.

    The Gopher menu appears.

Monitoring Gopher Sessions

You can monitor Gopher sessions by using the Performance Monitor and, to a lesser extent, netstat.

The netstat utility can be difficult to use with Gopher because Gopher sessions are very short and you cannot always activate netstat in time to receive any meaningful data. Netstat shows static information at a given point in time. Netstat is best used to determine the status of connections.

You can run netstat from a command prompt. For an explanation of netstat command syntax, see Table 1.4, earlier in this chapter.

Performance Monitor shows events happening in real time. Performance Monitor is best used to check the status of users, file transfers, and byte transfers. For a listing of real-time statistics displayed by Performance Monitor for Gopher, see Table 1.5, earlier in this chapter.