There are a total of one hundred student terminals in the campus network of our school, which are divided into two student data centers. The Student Terminal IP address is provided by the School Server (using Windows
2000 System) Manage allocation dynamically. The school server has a dual Nic. the IP address of the Intranet Nic is 192.168.0.1, And the IP address of the Internet Nic is specified by China Telecom. The Student Terminal gateway is set to point to the Intranet NIC address of the school server. The school server's routing function is used to surf the Internet to implement network teaching.
The following describes a convenient and flexible method for controlling students' internet access.
Add and configure DNS services for campus servers
DNS is short for Domain Name System. When you install Windows by default
After 2000, the DNS service is not added. Open "Control Panel> Add/delete Programs> Add/delete Windows components", double-click "Network Service" in the component list, and select "DNS server" under it, click [OK] to add and install the DNS service.
After the DNS server is installed, the system adds the DNS console to the "Administrative Tools" group, as shown in 1. Open the DNS console, select "Operation> configure Server", open the configure DNS wizard dialog box, and click the [next] button three times in a row, enter the region name in the "region name" dialog box (you can enter the region name based on your server settings), and then click the [next] button four times, enter the network ID (2) in the "type network ID" dialog box that appears ). In the subsequent dialog box, we use the default system selection input to complete the DNS server configuration.
Configure DNS Service
Enter the network ID
After configuring the campus DNS server, we do not need it to actually provide any domain name resolution service to the student machine in the campus network. In fact, the school server has been unable to complete any domain name resolution translation service so far. The Internet domain name resolution server must be provided by China Telecom.
Add a forwarder to the DNS server
To control students' access to the Internet for a certain period of time, we mainly use the "forwarder" function in the DNS server. Go to the DNS service console shown in 1, and click
DNS
Server. On the "operations" menu, click "properties ". In the Properties dialog box, click the forwarder tab. Add "√" in the box before the "enable forwarder" check box and add other
DNS service address (provided by China Telecom): 202.107.245.11 and 202.101.172.37.
Click [OK] to set the campus server to a DNS steering gear.
Settings of the Windows 98 student Machine Client
Enter TCP/IP
Advanced properties: add the gateway as 192.168.0.1. Select the DNS Configuration tab, select "Enable DNS", enter the host name and domain name, add the DNS server IP address 192.168.0.1, and click [OK]. Then, restart the computer to complete Windows
98.
Operations
When a student starts IE browser on the client and receives the IP address request from the DNS client, the student tries to find the required data in the region in which the student is located. Because no such data exists in the DNS steering database, the DNS is directed to other DNS servers (202.107.245.11 and 202.101.172.37) for query. Because the 202.107.245.11 and 202.101.172.37 servers are both valid DNS servers, the student machine can successfully browse the Internet.
In teaching, when the instructor needs to control the student's machine to access the Internet, open the campus DNS steering console, stop the DNS service on the server or remove "√" before the "enable forwarder" check box on the "forwarder" tab. The student machine cannot direct to a valid DNS server and cannot access the Internet. This method is extremely concealed, and students will not suspect that the TCP/IP is modified without authorization due to the DNS settings of the student's machine.
Advanced attributes.
When multiple student data centers on a campus need to independently control the Internet access period, we can consider building a DNS on the instructor machine in each data center to switch to the server, it is used to control the Internet access of the student's machine in the student's machine room. This method is flexible and convenient. During the course of lectures, instructors can control students' access to the Internet at any time and no longer need to run between the data center and the server.