LAN101 - The TCP/IP Network
Posted on October 29, 2007
Filed Under Networking, Unix, Windows
A LAN is a Local Area Network — it’s a fancy way of saying “the two or three computers in this room, give or take the dozen down the hall.” It implies a fast connection — dozens, hundreds, even thousands of times faster than a dial-up modem. It used to be pretty challenging to hook computers together this way, but the parts got cheaper and the software got smarter.
TCP/IP is one of the reasons it’s easier. TCP/IP is actually two things: TCP, or Transmission Control Protocol; and IP, or Internet Protocol. (A protocol is just “a clearly defined way of doing something.”) TCP/IP (the combination of TCP with IP) defines one way that computers on a network can communicate by exchanging packets. One definition of “The Internet” with a capital “I” is simply “All the computers that can talk to each other right now by using TCP/IP.” If your computer can run TCP/IP and can talk to any other computer that is already on the Internet, then by our definition your computer is part of the Internet too.
Before TCP/IP won out over its rivals, you might have had to fight with any number of salespeople, all pointing fingers at each other and none of them willing to take responsibility for making your network… work! The triumph of TCP/IP changed all of that, forever. In the simplest terms, when you go to the Windows Control Panel and select the Networks icon, you can ignore everything that isn’t directly related to TCP/IP.
Let’s assume you’re reading this on a machine that has a modem. It’s a standalone PC (for values of “PC” that include Macs, or any other computer you can pick up without a forklift). “Standalone” means it isn’t part of a LAN (yet). But maybe you have another PC, in the same room or just down the hall. So far, so good.
First, the hardware
A modem is a device that lets your machine send information over a voice quality “analog” telephone line. They became very popular in the 1980s because telephone service is almost universally available. Even though a voice line does not have a lot of carrying capacity by modern standards, a slow connection that you can get anywhere is better than no connection at all.
LAN networking does not use modems; it uses digital signals that make better use of the same copper wires in order to carry much more data. It requires Network Interface Cards, or NICs. There is a socket, called an RJ-45 jack, on the NIC. The wire that snaps into this jack has a plastic plug, which looks very much like the one used with modern US telephones.
The business end of a dual-port Ethernet card.
These two RJ-45 ports have independent circuitry, so this card appears as two cards
to the operating system. The stamped icon on the right screams
“This is NOT a telephone!”
Network cable has evolved over time; it used to be heavily shielded (see the comments on “thinwire” below); but as technology has improved, it was discovered that the simpler — and less expensive — twisted pair cable gives better performance at a much lower price. “Category 5 UTP” — Unshielded Twisted Pair — is quality tested for use with a “100-Base-TX” network, which runs up to 100 megabits per second. It’s very versatile; you can use it for telephones, intercoms, and entertainment devices as well as for networking. If you’re refurbishing a house or doing new construction, it’s a good idea to run lots of spare “Cat-5″ cable through the unfinished walls.Just to compare, “Category 3″ referred to a type of UTP which was only guaranteed for 10-Base-T, or 10 megabits per second, and was also adequate for telephony. “Category 6″ was recently standardized for use with “gigabit” networks. Before “10-Base T” and “100-Base-TX,” there was “10-Base-2″ which used coaxial cable. It’s only of historical interest now.
Unshielded Twisted Pair (UTP) cable is made up of multiple pairs of solid copper wire. If you were to strip off the plastic coating, you would find that, yes indeed! each pair of wires is (slightly) twisted along the length of the cable. Pairing and twisting the wires in this way keeps them from acting as an antenna and thus avoids picking up spurious outside signals and noise. Amazingly, this trick works as well as the much heavier and more expensive shielding used by the “coaxial cable” that carries your (analog) television signal.
Installing a NIC is like installing any other bit of PC hardware; you turn off your computer, install the card into an appropriate slot, and find out whether your operating system (Windows, Linux, whatever) recognizes it. If you’ve gotten this far, you’re the sort of person who reads directions, and that means you are very likely to be successful in this effort. To connect two computers together in a minimal LAN, each of them needs to have a NIC… and you’ll need a cable.
When dealing with network devices such as routers, switches, and hubs, it’s sometimes necessary to use two different cables; a crossover cable allows router-type devices to talk to each other as peers, while a straight-through cable is used by switches to talk to endpoint devices such as your PC. Recently, network cards that automatically sense the device at the other end of the wire have become available, and they will work with either type of cable. Or, your hub might have a button to flip its “uplink” port between crossover and straight mode. If you don’t have an autosensing card or an uplink mode button, you’ll still need a crossover cable in your kit. It’s a quick solution to the otherwise baffling problem: “I plugged in this cable, and the little ‘link light’ didn’t go on.” No matter which kind of cable you used, try the other kind.
Crossover cables are also interesting because there is another kind of peer-to-peer connection; if you have two PCs, and you only care about connecting them to each other, you can do so by using a crossover cable. So here is your first network administration decision: Do you use a crossover cable, or do you buy a hub or switch?
The answer is a question: Will you ever add another device to your network? If so, then get a hub or switch. You have to have one to add any other networked device (including a “cable modem,” not just other PCs). Get one with as many ports as you can afford, because networks tend to grow. If you will not be adding anything to your network for months and months, then a crossover cable is fine. Just make sure your crossover cable is a distinctive color and/or has a label of some kind. Not knowing whether a cable is a crossover or not will increase your stress level when you start dealing with hubs and switches.
That’s the hardware we’ll be dealing with. Before we start pounding commands into the software that controls it, though, we need to understand a little more about how network devices find each other on a TCP/IP network.
The Brass Cannon Ten-Minute Course in Computer Science
The Numbers Game
Computer science was born when the late Claude Shannon discovered (or invented?) a new law of nature. Information can be measured in units that can be counted, just as we measure flour in cups or diamonds in karats. The natural unit of information is the bit, or binary digit. Any kind of information can be represented in units of binary storage. One bit is the amount of information needed to decide between two equally probable things — the result of a coin toss (heads or tails?) is one example. A light switch (on or off?) is an example of a “binary device.” To a mathematician, the obvious choice to represent a bit is a one or a zero.
When you add nine plus one, you get ten. The number ten is too big to fit in a single digit, so you “carry the one.” In binary arithmetic, you have to “carry the one” much more often, so binary numbers quickly become longer than ordinary decimal numbers. The number 255 takes eight binary digits: 11111111. To add one to that, you need a ninth bit: 256 in decimal is 10000000 in binary.
A “byte” is a chunk of bits used to represent a character. Eight bits is a convenient chunk to work with, and has become the standard size for a byte.
And the significance of that is…?
Fascinating as this is, I’m sure you’re wondering why I brought it up. Fair question. It’s important because every piece of Internet-aware equipment — every NIC that speaks TCP/IP — uses a four-byte IP address. That address is usually expressed as four three-digit numbers, separated by dots. The numbers must each be in the range from zero to 255, because they are 8-bit numbers.
A recent episode of the TV show CSI: Miami needed a fake IP address, for much the same reason that Hollywood telephone numbers always begins with the fake prefix “555″ — you don’t want bored teenagers annoying someone who happens to have that number in real life. Their solution was simple; they made the first number “329″, which is larger than 255 and hence can never be a real IP address.
So: 0.0.0.0 would be a valid Internet address (although a very special one). 255.255.255.255 would also be valid (and very special). 255.255.255.256 would not be, because the decimal number 256 will not fit in eight bits. Never has, never will.
What makes those addresses “special?”
Some addresses have special meanings, and will never be assigned to an individual device. The address 0.0.0.0 means “All machines, everywhere.” When you want to tell your NIC to look for “The Internet,” you tell it to look for address 0.0.0.0. The address 255.255.255.255 has a similar use, but in a different context. That still leaves a lot of addresses, of course… but we’re not done reserving some for special uses.
Several blocks of addresses have been set aside for “private” use. These addresses can be used to set up a private LAN, secure in the knowledge that even if you accidentally hook it up to the Internet, your traffic won’t (well, should not) flow out to other sites. The set of addresses that most home users are familiar with is the private range 192.168.0.0 through 192.168.255.255, which is 256 blocks of 256 addresses. Each block of 256 addresses (count them!) is what used to be called a “Class C” block. Note that your private network can be on any of 256 Class C blocks, from 192.168.0.0 through 192.168.255.0. If you want to be “different,” you can pick any valid number for that third byte, not just zero.
Addresses are assigned to users by the Internet Assigned Numbers Authority, or IANA. They “own” all the addresses, from 0.0.0.0 through 255.255.255.255. It is their responsibility to allocate blocks of addresses to major organizations such as ARIN, the American Registry of Internet Numbers. ARIN in turn allocates blocks to other organizations in their region (such as major backbone providers), who eventually assign blocks to end-users.
For reasons we will soon discuss, there is a limit to how few addresses can be assigned to a user (an individual, a company, or an organization). You can’t really use a single address, for example. It takes two machines to make a network! You can be assigned one address out of a larger block, but fitting that block to the needs of your organization is often tricky. Why? First, because addresses need to be contiguous — that is, they need to run in numeric order; and second, it’s not enough to give someone (say) sixty addresses that run in order; you have to assign them a multiple of some power of two (four, eight, sixteen, thirty-two, and so forth). If someone needs twelve addresses, they have to take sixteen or make do with eight — they can’t get just twelve. We’ll cover that in some detail in just a moment.
It used to be that the smallest block a company could get was a “Class C,” or 256 addresses. It is much more efficient to assign smaller blocks than this, though, so the IANA is requiring Internet Service Providers (ISPs) to handle the larger blocks and divide them up into smaller blocks for distribution to individual customers. The term “Class C” has fallen
out of favor, but is still used by old timers.
Why do I care about these “blocks?”
Your netblock is also known as your network, and a device can only talk to other devices that are in the same network. “Wait a minute,” I hear you cry. “That’s ridiculous. I’m here at wombats.au, you’re over there at brasscannon.org, and I’m reading your web page just fine!” Ah, but the trick is that some devices — routers, for one — can belong to two networks at once, and there are lots of routers between you and me. That doesn’t help you, though, with your two PCs and a crossover cable. Those two machines have to belong to the same network, or else you have no network at all.
What defines a “network” in this new sense of the word? We spoke about a Class C network, a block of 256 addresses that begins at an address such as 192.168.16.0 and ends with 192.168.16.255. That’s a pretty natural grouping, because we are simply using all the possible values in the last 8-bit byte.
Three of these 256 addresses are reserved for networking purposes. The zero address is called the network address, and so this Class C would be the 192.168.16.0 network. A router outside your LAN would use that address to send a packet to your LAN, similar to the way that the Post Office forwards out-of-state mail to your city as the first step in getting it to you.
The address that ends with .255 is the broadcast address, and is used to send messages to all the machines in the network. The router would use this address to “poll” all the local machines to see what addresses are in use.
Finally, the address that ends with .1 is usually the gateway address. (At least, that’s how we do it at the day job. Most Internet Service Providers will have some sort of internal standard for this.) This is where machines on the LAN would send their outgoing packets to be routed to another LAN, or to the Internet (remember address “0.0.0.0″?). There is a bit more flexibility with this address than with the other two — you don’t HAVE to use the second address in your netblock, but it’s a good idea.
Actually, at the day job we use five reserved addresses: The network address, broadcast address, gateway, and the last two addresses above the broadcast for VRRP, the Virtual Router Redundancy Protocol. VRRP allows us to provide a second path to the Internet for all our clients. I mention this as an object lesson: When allocating addresses for a webfarm, don’t cut things too close or you may come up short. Obviously, we can’t allocate a netblock smaller than eight addresses, of which only three are usable for servers!
If you’ve tried to set up a network before this and it didn’t work, there are three common problems to check. One likely reason is that you tried to use the 192.168.0.0 address for an actual machine rather than for its reserved purpose. All the other values from .1 to .254 should work just fine. The second possible problem is giving two machines the
same number — but even Windows is smart enough to detect that situation and put up a meaningful error message. The third possible problem has to do with your netmask, which we’ll explain in just a moment.
Let’s try a more modern example using a smaller netblock. If you understand this one, you’re in good shape. Let’s say you need to set up a network with 16 addresses. That’s a power of two, so it’s a legitimate size for a “netblock.” For a challenge, let’s start it somewhere other than the zero address this time. (Yes, you can do that!)
To use a block of addresses smaller than a whole byte’s worth, we use a netmask. It’s another four-byte number that acts like a stencil or a paper mask. Where all the bits are “1″, that part of the matching IP address always stays the same. Where the bits of the mask are “0″, the bits in your IP addresses can vary. Here’s a picture:
| Example One - a “Class C”, 256 addresses: | |
| In binary: | |
| Your network address: | 11000000.10101000.00011000.00000000 |
| Your netmask: | 11111111.11111111.11111111.00000000 |
| Your addresses can be: | 11000000.10101000.00011000.00000000 |
| through: | 11000000.10101000.00011000.11111111 |
| In decimal: | |
| Your network address: | 192.168.24.0 |
| Your netmask: | 255.255.255.0 |
| Your addresses can be: | 192.168.24.0 |
| through: | 192.168.24.255 |
| Example Two - one half of a “Class C,” or 128 addresses: | |
| In binary: | |
| Your network address: | 11000000.10101000.00011000.10000000 |
| Your netmask: | 11111111.11111111.11111111.10000000 |
| Your addresses can be: | 11000000.10101000.00011000.10000000 |
| through: | 11000000.10101000.00011000.11111111 |
| In decimal: | |
| Your network address: | 192.168.24.128 |
| Your netmask: | 255.255.255.128 |
| Your addresses can be: | 192.168.24.128 |
| through: | 192.168.24.255 |
| Example Three - one sixteenth of a “Class C,” or 16 addresses: | |
| In binary: | |
| Your network address: | 11000000.10101000.00011000.00010000 |
| Your netmask: | 11111111.11111111.11111111.11110000 |
| Your addresses can be: | 11000000.10101000.00011000.00010000 |
| through: | 11000000.10101000.00011000.00011111 |
| In decimal: | |
| Your network address: | 192.168.24.16 |
| Your netmask: | 255.255.255.240 |
| Your addresses can be: | 192.168.24.16 |
| through: | 192.168.24.31 |
| Example Four - ditto: | |
| In binary: | |
| Your network address: | 11000000.10101000.00011000.00000000 |
| Your netmask: | 11111111.11111111.11111111.11110000 |
| Your addresses can be: | 11000000.10101000.00011000.00000000 |
| through: | 11000000.10101000.00011000.00001111 |
| In decimal: | |
| Your network address: | 192.168.24.0 |
| Your netmask: | 255.255.255.240 |
| Your addresses can be: | 192.168.24.0 |
| through: | 192.168.24.15 |
It’s easier to type in decimal, but it makes more sense in binary. The parts of the netmask that are “1″ are the parts that cannot change. Where the netmask has zeros, you are free to use either zeros or ones in your address. All of the zeros in the netmask must come at the end. The more “ones” you have, the fewer the number of zeros, and so the smaller the size of the block (the fewer choices you have).
Another way of writing the netmask is to count the number of “ones” and put it after the network address — saying “192.168.0.16/28″ is the same as saying “192.168.0.16 with netmask 255.255.255.240″ (Count the red ones in the binary version of Example Three and Four above. There should be 28 of them.) Note that both of those examples use the same netmask — the only difference is the starting address.
A customer recently tried to set up two blocks, a /27 and a /28, that just happenned to share the same broadcast address. That can work, sort of… sometimes two machines in that situation can even ping each other. But that just makes it harder to diagnose the problems that arise. Check your netmask against your allocation, early and often.
Let’s pretend I’m the IANA, and you and your two next-door neighbors are small Internet Service Providers. I’m going to give your first neighbor the block of sixteen addresses starting at 192.168.32.0. His netmask is /28, or 255.255.255.240. That means the next available block would be the network starting at 192.168.32.16. Now, just to be
different, I’d like to give you 32 addresses — but I can’t do that if I’m going to give you the next available address. Why not? Try setting up the netmask, and you’ll see that a 32-address netmask is /27, or 255.255.255.224. If you apply that mask to the address 192.168.32.16, you will see that it covers the range beginning at .0 and ending at .31
– and that includes your neighbor’s sixteen addresses. Remember, where the netmask has zeros, that means that all the values are allowed. You can’t tell your neighbor “It’s okay, I just won’t use those numbers.” Starting at .16 and applying the /27 netmask says that “You are in the middle of a block that includes everything from .0 to .31″ — and your network card is going to assume that it can talk to any other NICs that it finds in that range. So when we divide up a block of addresses, we have to think in terms of chunks that do not overlap.
| Example Five: | |||
| Your network address: |
11000000.10101000.00100000.00010000 | or | 192.168.32.16 |
| Your netmask: | 11111111.11111111.11111111.11100000 | or | 255.255.255.224 |
| Your addresses can be: | 11000000.10101000.00100000.00000000 | or | 192.168.32.0 (oops!) |
| through: | 11000000.10101000.00100000.00011111 | or | 192.168.32.31 |
The problem is that .16 is not the first address in the netblock specified by the netmask. It’s natural to think “Start at .16 and add to it,” but the netmask says that the bit in “the sixteens place” can be zero as well as one. A chunk of thirty-two addresses has to start on a multiple of 32. A chunk of sixty-four addresses has to start on a multiple of 64, and so forth.
As the make-believe IANA, I have to give the next sixteen addresses to someone else before I can give you a 32-address chunk. Giving away two chunks of 16 addreses is the same as giving away one chunk of 32 addresses, so now I’m ready to give away a 32-address block. So I skip over you, give your other neighbor 16 addresses, and come back to you.
What addresses do you get, and what are your reserved addresses?
Your (second) neighbor’s broadcast address is the last address in her block: 192.168.32.31. Your network address is the first one after that, 192.168.32.32. You get 32 addresses, so your last address is 192.168.32.63 — that will be your broadcast address. To tell your computers that they are only to use 32 addresses and not the entire Class C, you must specify a netmask, which in this case would be 255.255.255.224.
Note that two computers on a LAN use the broadcast address to find each other, and the netmask determines the broadcast address. If your two computers don’t use the same netmask, they won’t find each other. That is the third of the “three common problems” mentioned above.
Now you can open the Windows Control Panel, Networks applet, and assign an address to your computer. Let’s say 192.168.32.34, netmask 255.255.255.224.
Woo-hoo! What did I just do?
This process is called “setting up a static IP address.” You do this in Windows by opening the “Network” icon in the Windows Control Panel. In Linux, you can do it from the command line by running the command “ifconfig” (which is short for “interface configuration” — just to be perverse, Windows calls the same command “ipconfig”):
linux$> ifconfig eth0 192.168.32.34 netmask 255.255.255.224 linux$> route add -net 192.168.32.32
Having a static address is important for a server, so that people can find it. In our example of connecting two PCs directly to each other, you would want to configure them with different IP addresses in the same netblock. If you’re not running a server, though, there is another choice: “setting up a dynamic IP address.” Instead of having a permanent static address entered into a configuration file, an address is temporarily assigned or “leased” to your machine by a DHCP server. DHCP stands for Dynamic Host Configuration Protocol (remember, a protocol is just a scheme or agreed method for doing something). Many providers of cable service use DHCP to give you your address.
If you decide to use a cable router to share your connection it may also act as a DHCP server. There will be a web-based interface where you can specify a “pool” of available numbers. There reserved address values (such as 192.168.1.1) can be used freely on everyone’s internal network; because they are not used on the global Internet they should never cause a conflict. The cable router has an “outside” or WAN connection (Wide-Area Network) and a private “inside” connection for your LAN.
You use the WAN port to connect to your Internet service provider. Your ISP uses DHCP to give your connection its Internet address; your router accepts that assignment and keeps it for itself. You connect one or more PCs to the private LAN side; the router uses DHCP again to hand out a different private address to each of those devices. This form of connection sharing is known as “Network Address Translation,” or NAT, because the router translates between internal addresses and the address assigned by your ISP.
If you are using Microsoft Windows, you can see your current address by running the command ipconfig from the Run option of the Start menu. In Linux, there are a couple of DHCP utilities; one is called dhcpd, and another is called pump. Running one of them should persuade any DHCP server within reach to assign an address to your Linux system. If you are hooked up to a cable router, it will give you a private address; if you hook up directly to your ISP, their DHCP server will give you an Internet address. (In that case, you should be running some sort of firewall to avoid exposing services that you do not want to be compromised.)
In a current RedHat or Mandrake setup, you save your static address (including netmask!) by updating the file /etc/sysconfig/network-scripts/ifcfg-eth0. The gateway address is set in the file /etc/sysconfig/networks. In Debian or Ubuntu, the file is called /etc/network/interfaces
Wrapping Up - Other Resources
If you’ve read this far without having your eyes glaze over, you’re doing well. Congratulations! I’d like to encourage you to continue, whether by picking up a real networking book, or at least reading the Linux Documentation Project (LDP) Networking HOW-TO. For less handwaving, check the online course at www.freesoft.org; it’s part of
Connected: An Internet Encyclopedia.
If you have questions about your physical network connection, go on to our next thrilling chapter, Hubs, Switches, and Routers.
Comments
One Response to “LAN101 - The TCP/IP Network”
Leave a Reply
You must be logged in to post a comment.
[…] - if you would like to use apache as a local area network server, you should set your router to assign the computer you are installing Apache onto have a static LAN ip (if it doesn’t already have one. for more information on static LAN ip’s check out this link - LAN101 - The TCP/IP Network : Hands-on How-To) […]