|
Networking your computers, and then connecting
them to other offices or to the internet, can seem complicated,
but don't panic...
Here
we are assuming you want to connect a few computers
together and connect the whole lot to the internet.
Cables and Hubs...
A
network of computers needs to be connected together
somehow. The common ways of doing this are thin-ethernet
(round connectors) and 10base-T (square connectors).
You may also use 100base-T (square connectors, but
faster data).
All
this means is that certain types of cable are used,
and that the network operates at a certain speed.
10base-T and thin-ethernet can work together using
a hub (which you normally have for 10base-T anyway).
100base-T is a faster type of network.
The
way 10base-T works is that you have a cable connecting
each computer back to a hub. This is often done with
structured cabling (a general purpose cabling usable
for phone, ISDN, or networking). In a small home office,
this can simply mean running cables to each machine,
or even using normal telephone cable if you wish (not
guaranteed). Disconnecting one cable will stop that
one machine communicating with the rest of the network.
Thin-ethernet
uses a thicker coax cable which is connected from
one computer to the next, with a T-piece connection
at each machine. At the ends are special 50ohm terminators
without which it does not work. If you disconnect
or break the cable then the whole network grinds to
a halt.
For
10base-T you need a hub. This is typically a small
box with 5 or 8 sockets and a possibly a round coax
connector. It may allow connection to a thin-ethernet
LAN (local area network) as well as 8 other devices.
Normally you can connect these as an extension from
another hub, but from one computer to any other the
link must not go through more than a total of 4 hubs.
The nice thing about 10base-T is that you get an LED
on the hub and usually on the computer to confirm
the cable is connected.
Another
way to run 10base-T is just between two devices. You
can do this without a hub if you use a cross over
cable. If you ever want more than 2 devices, then
you will need a hub. A crossover cable is wired slightly
differently to a normal cable.
The
computers need network cards, and these can be just
10base-T, or combined 10base-T and 100base-T, and
may have a thin-ethernet connection as well. Generally
network cards and hubs are quite inexpensive.
Internet Protocol
Once
you have computers connected together you can usually
get windows machines to communicate with each other
and share files. However to access other networks, and
particularly the internet at large, you need to make
use of IP (internet protocol). Your network set-up will
allow you to set up TCP/IP networking.
One
of the key features of IP is that each machine has
an address. This is a 32 bit number, but normally
written as 4 decimal numbers with dots between them
- e.g. 192.168.42.1
A
network is a set of these IP addresses. The internet
is a network of such networks, and when you get an
account with an internet service provider you will
be allocated one or more real IP addresses (or one
may be allocated each time you connect - dynamically).
These are addresses which are unique in the world
to you, while you are connected.
If
you have a network account with an ISP you will have
a set of addresses and can use these for your machines.
 Connecting
to the world
If,
as is often the case, you only have one address, then
you with have to give your computers different addresses
and use a gateway between the one address the
rest of the world knows, and the addresses you have
given to your computers.
So,
you will have to number each computer somehow. To
do this you make you own private IP network. This
raises a slight problem - and that is how do you then
communicate with the rest of the world - if they do
not know the numbers you have used ?
Fortunately,
there is software for PCs, and features in routers
which allow for network address translation
or NAT. This allows you to have a private network,
but appear to be only using one IP address to the
outside world. It makes it impossible for the outside
world to connect in to your machines specifically
(a good security feature) as they don't have real
IP addresses, but it does allow them to connect outwards
to the outside world - get email, see web pages, transfer
files, etc.
Normally,
you can make it so that one of you machines can receive
connections, and this is useful for some times of
email transfer.
Pick a number
One
issue is how to number your own machines. If the rest
of the world does not see these numbers when you are
using NAT (you appear to be one IP address to the outside
world), then does it matter ?
The
answer is YES. If you pick an address which
already exists, then you will never be able to connect
to the computers that legitimately have that address
! If you pick an address at random, it may happen
to be in use by some critical part of the internet,
now or in the future, suddenly stopping your systems
from operating correctly (e.g. a name server, or your favourite
web page).
To
overcome this, there are ranges of IP addresses specially
reserved for private networks. These are 10.0.0.0
to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and
192.168.0.0 to 192.168.255.255. It is common to pick
a 192.168 block as a small network of machines.
We will suggest 192.168.42.0 to 192.168.42.255 as
this is the default for the Network
Alchemy routers.
You
can then allocate these to machines as you like. Make
sure each machine has a unique number from the range.
You cannot use all 0's or all 1's as a host address
so you cannot in this case use 192.168.42.0 or 192.168.42.255.
These are reserved as network and broadcast addresses.
You
can make the numbering automatic if you prefer
- telling a router to allocate numbers to your computers
whenever they ask for one. This is a system called
DHCP (Dynamic Host Control Protocol).
Subnets
When
defining a network, you have a range of these IP addresses
allocated to the network. For example 192.168.42.0 to
195.168.42.255. The way this is specified is that there
is a mask (a subnet mask) which says which bits define
the network and which are the host (read up on binary
maths).
For
the network 192.168.42.0 to 192.168.42.255 the mask
is 255.255.255.0. Normally your software will already
have guessed this, as the 192.x.x.x range is normally
divided up in to blocks of 256 like this.
Finding your way out
If
you are connected to the internet, or even to another
office, you need to have some piece of equipment that
makes that connection out of your network. That will
have to be allocated one of your internal IP addresses
(e.g. 192.168.42.1).
Once
you have done this, you can tell each machine that
it is the default route or gateway.
Again, this can be done automatically with
DHCP.
This
simply means that if the computer cannot work out
where to send some data, then it sends it to your
connection to the rest of the world. It can work out
where all the machines in your network are, because
it has a subnet mask and can tell they are connected
to the same LAN. When you go for a web page in the
outside world, these packets have to be sent out of
your network, and hence to the default route / gateway
being used.
Finding your way in
Sometimes
it is necessary for the outside world to connect in
to your network. Normally only while you are one line,
but you may have a web server or FTP, or even simply
need to receive email by SMTP (Simple Mail Transfer
Protocol).
You
will need to ensure that the router knows which machine
in your private network is the Server. This
is normally an option you can set in the router set
up.
If
you use a PC as a router, then it will normally have
to be that machine that accepts such incoming connections.
Getting through to somewhere else
Sometime
you have more than one office, or someone working at
home, or somewhere you need to connect to specifically.
You may want full access between all of the machines
in two offices - accessing the private IP addresses
allocated, so you can't use the internet.
This
can be done between routers. You ensure each office
has a different subnet - e.g. one having 192.168.25.X
and another being 192.168.57.X, and so on. You can
the program your routers to know which phone number
to call for each subnet. Then, when packets of data
are to be sent to one of the other offices, instead
of using the internet, they call directly to the router
in the other office, and have to do no translation
of addresses.
The
router config will normally allow passwords and account
names to be set up, and with an ISDN router you can
usually set specific calling line identity checking.
PC or router
You
can set up a PC, even using a modem, as a router using
programs like WInGate, or by using real operating systems
like Linux (<-:).
You
will need to configure it to perform NAT for your
private network to translate to your internet dial
up account.
If
you have a router, you can configure it in the same
way. Routers are usually simpler to set up as
that is what they are designed for.
Whats in a name ?
One
problem you may have spotted... These IP addresses are
all very well, but you use email addresses and web pages,
and they have names.
The
names have to be turned in to IP addresses so that
you can communicate with computers elsewhere on the
internet. This is done by the Domain Name Service
(DNS). When you set up your computer you need to tell
it the IP addresses of some DNS servers. These are
usually provided by your ISP, and they remember frequently
accessed names, and look up any that you need (the
DNS database is distributed throughout the internet).
Again, this settings can be done automatically
by DHCP.
A
word of warning though, Windows machines do strange
things with DNS, including looking up their workgroup
on the DNS servers every 15 minutes. This means that
you may have to set up a firewall on your router
to stop calls being made to the internet all day and
night,
Firewalls
You
might want to control what types of information can
be sent or received through your internet or inter-office
connections. This means setting up filters or
firewalls to control what is allows. Typical
examples are to stop IRC (Internet Relay Chat), or stop
incoming connections trying to log on to your computers.
The most common one is to stop Windows machines sending
NETBIOS DNS requests to the internet name servers and
running up a big phone bill.
The
exact firewall settings you have available depend
on the router your are using and you should check
the manuals to make sure you are setting up teh restrictions
you want.
DHCP
Some
routers can be set to allocate IP addresses on the fly
- using DHCP (Dynamic Host Control Protocol). You can
tell the router to allocate IP addresses from a range
of numbers and then tell each machine that it is to
use DHCP to get its address.
DHCP
can also allocate gateway and DNS server addresses
to you machines. This is how simple modem dial up
systems often work, which is why you may have been
able to ignore DNS in the past.
This
saves allocating each machine a real address and can
make setting up a network extremely quick and simple.
Suggestions
Configure
you network as 192.168.42.X, using subnet mask 255.255.255.0.
Set machines as having addresses from 192.168.42.100
to 200. Set the machine that is the router to 192.168.42.1
and use this as the default route for all other machines.
The Network Alchemy routers have an address of 192.168.42.1
by default (but this can be changed). You may want to
set the router to allocate DHCP from 192.168.42.2 to
99 allowing a mix of fixed IP and dynamic IP addresses
(DHCP is ideal for laptops).
Be careful of costs
If
you are setting up routers to access the internet or
other offices, you have to be careful that they are
only connecting when you want them to and disconnecting
when they have finished. If you get it wrong, you can
run up an unexpectedly large bill. This is particularly
true if linking to overseas offices.
Some
routers allow a total call time quota, which may be
worth setting initially to avoid unexpected costs.
You should certainly monitor the usage of the router
(on its status menu/screen/log) for a few days after
setting it up or making any changes.
-
Change your billing to monthly so that problems
do not run up a 3 month bill
-
Check router call logs to ensure sensible behaviour
-
Set up firewalls for NETBIOS traffic to stop unwanted
DNS lookups
-
Set up time profiles if your router supports this
- ensuring dialup only at sensible times
-
Set up quota limits if your routers supports this
to trap problems more quickly
More
If
you want lots more detail, a good detailed book on TCP/IP
is published by Addison-Wesley. |
