Analog5:002 Article 001

Basic Networking

By: gameman73
Published: March 20th, 2007

As per a request on the analog.5 wiki, and an idea I had planned anyway, I present for your reading pleasure my network setup/general networking.

First off, Ill start with general networking. This is going to sound basic to most readers, but I need to start somewhere :). First off, you have the actual link type. In most cases, this is Ethernet, or can be other things like fiber optics. This is the actual medium through which data moves about. The next level up is the protocol. These are typically TCP/IP, NetBIOS, and ipx/spx for windows (although windows XP comes with TCP/IP setup out of the box) and AppleTalk, TCP/IP, and I think apples also have NetBIOS and IPX support, but I'm not too sure. Over all, TCP/IP has pretty much replaced most of these protocols, although the support was left over for legacy reasons.

Alright, time for some poor ASCII art. For these examples, there is a computer A and a computer B. When computer A wants to contact computer B, computer A sends a packet to computer B, which gets routed through a router (obvious name). When computer B receives the packet, it looks at the packet to see which program it was sent to. Since computer A is trying to connect to computer B, computer B must have some sort of port listening to accept the connection on. The old example used to describe ports and firewalls is a brick wall. Imagine a brick wall with 65535 bricks (there are 65535 ports). Since there are bricks in between the service you want to connect to, you cant get data to that service.

  _______                       ________
  |      |                      |       |
  |  A   |      ------          |  22   |   xxxxxxxx     |   B   |
  --------                      ---------

In this example, "XX" represents a broken connection, "--" represents a good connection, and "| 22 |" represents the firewall (the appropriate rules for port 22). If that firewall wasn’t there, there would be a connection. You can also set the firewall to allow connections.

NAT (network address translation) acts as a firewall when its being used in its default mode. Essentially, NAT is what makes most home broadband routers work. It allows multiple computers use 1 internet connection. Lets see what happens when computer B is behind a NAT.

  _______	              ________
  |      |            	      |       |
  |  A   |      ------        |  NAT  |   xxxxxxxx    |   B   |
  --------                    ---------

The problem with Nat’s is that when it receives an incoming connection on the public network, it has no idea what to do with it. Thus the need for port forwarding.

Port forwarding tells the NAT that any incoming connections on such and such port get redirected to some computer. Let’s see the previous example with ports forwarded.

Ahh, I have a rule for this. Send to B

  _______                     ________
  |      |                    |       |
  |  A   |      ------        |  NAT  |   ----------  |   B   |
  --------                    ---------

And thus, the connection is established and both computers are happy.

Those are the basics of TCP/IP networking. Now I will brag a little bit (it’s really not that impressive) about my network setup. *WARNING* bad diagram time.

  --------------       ------------       --------------
  |   DSL      |  ->   | IPCOP    |  ->   | NETWORK    |
  --------------       ------------       --------------

Alright, that’s the overall gist of how this works. The interesting part (to me anyway) is how I have ipcop running with 2 routers, 1 not directly connected to it, and all under the same networking scheme (ie, ipcop controls dhcp leases, port forwarding, etc for all computers).

  ------------
  | DLINK    |
  ------------
 Internet: Empty
  1  : comp (family computer)
  2  : NR041 (router, see below, make note of where this is connected)
  3  : IPCOP
  4  : Empty
Wireless: any and all wireless clients, including my laptop

Pretty standard setup here. I have DHCP turned off, and the ip address set to be connectable from an IPCOP dhcp lease. Ill explain why/how in a bit.

  ------------
  |   NR041   |
  -------------
  Internet: Empty
  1  : Desktop
  2  : laptop-server (yeah yeah laugh, it doesn’t get much use)
  3  : DLINK (make a note of where this is connected)
  4  : temporary network hookup for computers being serviced/laptop for 
       speed

No wireless. Again, no dhcp and an ip address change.

So why detail how this works. So that you can learn something ;). So lets walk through this step by step, assuming we are connection from the NR041.

1. Plug a computer in. Windows sees the link and sends a DHCP request on broadcast (Broadcast is an ip address that basically tells the routers to send this packet of data everywhere).
2. The NR041 sees the broadcast packet and forwards it to every port, which ends up eventually in the hands of the dlink router.
3. The dlink router sees the broadcast request and resends it to all ports.
4. The DHCP request eventually ends up in the hands of ipcop, which does have a dhcp server running. It responds and it makes its way through the routers.

As you can see, there is nothing special about both of these routers (basic broadband routers). However, due to bugs in their programming (the dlink requires a firmware update that makes it unstable, but includes the features I want. The NR041 has the features I want, but has bugs (the most noted one is http servers must be at the top of the dhcp clients list.. and network everywhere doesnt want to fix it). Even with these limitations, these routers serve as perfectly find switches and wireless access points.

-gameman73