IPv4 Configuration
At the very bare minimum, a device requires an IP address and a subnet mask. This is the smallest amount of configuration you can do; this will give the device access to the local subnet only. Generally, you would only configure a device like this for security reasons. For example, if you had a CCTV camera that should only be communicating with the digital video recording unit. You may configure the CCTV camera with the bare minimum configuration so it can’t communicate past the subnet it is connected to. This also means you won’t be able to access it from other parts of the network; this also includes monitoring tools to test if the camera is working. However, if security is the top priority, you may consider it. This does not happen very often since there are other ways to secure devices that most administrators will choose instead.
The next configuration is the gateway, often called the default gateway. This will configure a default route for the device. If there are no other valid routes for the traffic, the traffic will be sent to this IP address. Usually, this address will be a router on the subnet that provides access to other networks. For example, on a home network, it will be the router that provides access to the internet. Generally speaking, most devices don’t have routes configured on them other than the default gateway. Essentially, this means any traffic not for the local subnet goes to the default gateway.
Lastly, Domain Name System or DNS is configured. DNS is essentially a database that contains a list of hostnames and their associated IP addresses. It is often compared with a phonebook. DNS also helps devices find services on the network. For example, in the case of systems like Active Directory, DNS allows devices to find services in domain controllers.
Thus, this configuration allows for local subnet access, access to other networks, and the ability to locate and find resources. On modern networks, these are the three fundamental configuration settings that you will be configuring unless they are configured automatically for you. Although you could configure the absolute bare minimum of an IP address and subnet mask, you will find that unless there is a really good reason not to, you will always be configuring these three options. Let’s have a look at how to configure these options on Windows 11.
Demonstration
There are a number of different ways to configure networking on Windows 11. The most recently added method is to right-click on the start menu and select the option “Network Connections.” Once in the networking settings, this will allow you to select which network settings you want to configure.
There are many different options that can be configured, including advanced configurations like VPN and proxy settings. At the top are the Ethernet settings. Ethernet is a pretty common protocol for networking, and thus you will find wired network cards, wireless networks, and many other types of network adapters using this protocol, and thus their basic settings will appear under Ethernet. Since I want to configure the basic network settings, I will select the top option “Ethernet.”
This will show me all the basic settings for the network card in this computer. If you have more than one network card, the next network card would appear below this one. You will notice the section in the middle, “IP assignment.” To the right of this is how the network adapter is currently getting its configuration. In this case, the network adapter is getting its configuration automatically from a DHCP server.
In most cases, your devices will obtain an IP address automatically from a DHCP server. Thus, all you need to do is make sure the network adapter is set to automatic, which is generally the default for most devices. However, there are some cases where you may want to set it manually. When the IP address is set manually, it is referred to as a static IP address.
Often, when configuring an IP address on a server, you will configure a static IP address. Sometimes you may configure a static IP address for a device, for example, when a device does not have access to a DHCP server.
When the network adapter is configured to “Automatic”, the network configuration settings it obtained, plus some other information, will be at the bottom.
To configure a static IP address, I will select the option on the right-hand side “Edit.” To configure a static IP address, I will need to select the option “Manual.” This will give me the option to configure IPv4 and IPv6. In this demonstration, I will be configuring IPv4 only, so I will select this option.
This screen will show all the basic network settings that I can configure. I will start by entering an IP address. Once this is done, I will enter a subnet mask. If both these are entered correctly, you should be able to communicate with other devices on the same subnet.
I will next enter the gateway address. This generally will be the address of your router. On company networks, sometimes it may be the address of another device like a firewall or VPN device.
If you find that your networking is not working, a lot of the time it will be an incorrect IP address or subnet mask. In the Network+ exam, expect to get a question with an incorrect subnet mask or IP address. In the A+ exam, if you get a networking question, it will most likely be more broad, asking you what you would need to check rather than asking you to correct the networking. If you see a question saying the device can ping the local network but not a remote network, it is most likely an incorrect gateway setting.
You can’t do it on this screen, but in Windows, there are ways to configure multiple gateway addresses. The way this works is that if the gateway were to fail, the next gateway would be used. The problem with this approach is that if the first gateway comes back online after a failure, the devices on the network will continue to use the second gateway and won’t switch back to the first gateway.
Nowadays, companies rather than deploying two independent routers will often use two routers where one is in use and the other is a standby. If the main router fails, the second router takes over using the same IP address. Thus, the devices on the network don’t need to change any configuration if a router fails. Given this feature is generally not used that much nowadays is probably why you can’t configure it here.
I will next configure the DNS server. In this case, I will use the IP address of Google’s DNS server. In this screen, there is an option for DNS over HTTPS. This option is not available in some of the older network configuration tools. Thus, sometimes in Windows, you may need to use a combination of the new and old tools to configure certain options.
DNS over HTTPS uses the same technology as secure web traffic. That is, the communication between the device and the server is encrypted. The advantage of this is that anyone between you and the DNS server won’t be able to eavesdrop on your DNS communication. That is, they won’t be able to see what DNS hostnames you are attempting to resolve. This gives you some additional privacy, but a person eavesdropping will still be able to see what traffic you are sending and receiving from which IP addresses. So, the setting increases your privacy but does not give you complete privacy.
If you enable DNS over HTTPS, you have two different options you can select to switch it on. I will first select the manual option to show you how it works, although you will most likely use the other option.
You will see that you will be required to enter in a location to get a template from. The administrator of the DNS server will need to tell you what this address is. The other choice is to select the automatic option. You will notice that an address automatically gets added. Windows will attempt to contact this address to obtain automatic configuration from it. Thus, I would try this option first and see if DNS can configure itself automatically.
When I scroll down, notice that there is an option for “Fall-back to plaintext.” When this option is ticked, if DNS over HTTPS were to fail for any reason, then Windows will fall back to plain text DNS queries. If this occurs, anyone eavesdropping on the DNS communication will be able to read your DNS requests. If you leave this option unticked, this means that if DNS over HTTPS is not available, the DNS queries will fail even if plain DNS is an option.
This brings us to the next setting “Alternative DNS.” When a second DNS server is entered, this will be used if the primary DNS server were to fail or could not be contacted. In this case, I have used the second Google DNS server.
In a lot of cases, your home router will forward DNS requests to a DNS server. Thus, you will configure the primary DNS server to the home router. You may decide to configure a second DNS server to a public DNS server, but it is arguable if this is necessary since your home router DNS server should be available. If your home router is not available, you probably won’t have access to the internet and thus a second DNS server will not be helpful.
For the second DNS server, I will configure the same options: that is, use DNS over HTTPS and fall back to plain text DNS queries if that fails.
Most devices will have a minimum of two DNS servers. It is possible to configure more. For example, in Windows, you could configure 10 DNS servers if you wanted to. Although it sounds like it may be helpful to have so much redundancy, the problem is that when you attempt to resolve a hostname that does not exist, Windows will contact each DNS server in order, attempting to resolve the hostname. This means there will be a delay before Windows tells you it can’t resolve the address. Having two DNS servers is generally considered a nice balance between redundancy and performance; any more than that is generally not used by many devices.
I will now press the save button, and the network settings will be saved. That is all you need to do to configure an IP address.
The network configuration is now complete. A good last step is to test that it is working. You don’t want to walk away from a customer’s computer and leave it in an unworkable state since you made a typo when entering the configuration. To do this, I will open a command prompt. I will then attempt to ping google.com. There are a number of different ways of doing this step; for example, you could open a web browser and attempt to open a web page or use another network function. Just make sure to test all the settings by resolving a hostname and sending traffic to another network.
If the hostname is not in the DNS cache, this will resolve to Google’s address, thus testing if the DNS server is working. Also, since it is sending traffic to another network, it is also testing if the gateway address is correct.
If the hostname does not resolve, I would next see if the network is working. To do this, I would ping an IP address on another network. In this case, I will ping the Google DNS IP address. If this fails, there may be a problem with getting traffic out of the network.
The next step I would take is to ping the gateway address. This will test if the IP address and subnet mask are working correctly. Often, network problems are just a matter of breaking it down to what works and what does not. Once you work out where a problem is, it will often lead you to the source. For example, if you can’t ping the gateway, I would check the IP address and subnet mask. I would also check the network cable. Basically, everything between you and the gateway to see what the problem is. A lot of time in IT is spent eliminating what you know is working and then troubleshooting what is not, to work out what the source of the problem may be.
End Screen
That concludes this video on how to configure IPv4 on Windows 11. I hope you have found this video useful. Until the next video from us, I would like to thank you for watching.
References
“The Official CompTIA A+ Core Study Guide (Exam 220-1101)” pages 175 to 176
Credits
Trainer: Austin Mason http://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Quality Assurance: Brett Batson http://www.pbb-proofreading.uk