LIS508 Part: networking basics and home networking Thomas Krichel
Literature & status The classic book on Computer Networks is Andrew Tannenbaum's book “computer networks”. I have read a good part of it, but what I am reporting here is basically from memory. It may be wrong, but not so seriously wrong that acting upon the advice here would be problematic.
l T I
l T I
LAN A LAN is a Local Area Network. All LANs are broadcasting networks. Hosts on the LANs broadcast messages (frames) that contain the address on a target host. Joint broadcast messages collaps, so they have to be retransmitted. There is a protocol for LANs, the Ethernet.
LAN interfaces Traffic on any LAN goes through a LAN interface. If your interface uses a cable, it usually runs a protocal broadly known as Ethernet. If your are running wireless, it's some kind of wireless Ethernet.
mac address Each LAN interfaces as an address known as the mac address. Mac stands for media access control. There are 8 byte addresses. Each device has a unique address. These are not addresses as used on the Internet. LAN addresses have to be mapped to Internet addresses.
packets Communication on the Internet is based on packets. Each packet contains data. Each packet travels independently from an identified source computer to an identified destination computer. The way this is done is specified by the IP protocol.
connections Users don't experience IP packets. They experience connections between computers. For example when a user downloads a web page, the web user agent open a connection to the server. The protocol that enables such connections, despite the fact that the packets travel independently, is called TCP. The Internet runs on TCP/IP.
The IP address A computer that is connected to the Internet has an IP address. An IP address is a sequence of 4 decimal numbers, connected by dots. Each number ranges between 0 at 255. An example number is “ ”. A computer that has an IP address is not necessarily directly connected the Internet.
special address Some IP addresses are reserved for special purposes. The most fameous is “ ”. This is the address a computer uses to talk to itself using the IP protocol. Addresses that start with “10.” or with “ ” are local addresses.
local addresses A local address identifies a computer on a local network. Computers on the same local network can used the IP protocol to talk to other machines on the same local network. Computers outside the local network can not talk to the machine inside the local network using the local addresses. There maybe many many networks where computer use the same local IP addresses.
why local addresses A computer reachable on the Internet has to have at least one unique IP address. Some computers have many IP addresses. The number of unique IP addresses is quite small. There is a global address shortage.
home networking Typically in home networking, your provider will give you one single IP address. Usually, this address is a global address. Usually, this address is a dynamic address. That means that the IP address may change over time –when you restart the network –after a network or power outage
router in the home Usually, people will want to connect a bunch of computers in the home. To do this they buy what is known as a router. It's a hardware device that has lines incoming from all computers in the house and and outgoing line a device controlled by the provider.
how do we get a global address Upon start, the local router will send a broadcast message. Basically, the message is “I am here, can anybody give me an IP address.” Then an upstream router that is under the control of the provider will issue the local router with an IP address and forward the local router's traffic to the Internet.
DHCP stands for Dynamic Host Configuration Protocol. This is what the protocol explained on the provious slide does. On a Microsoft windows machine, DHCP is activated with the “get an IP address automatically” option. On Linux, there is a program called dhclient.
dhclient Usually you invoque dhclient with “dhclient eth0” There “eth0” stands for your first Ethernet interfaces. If you have wlan, you would probably say something like “dhclient wlan0”
usual home networking In the typical home, several users will have computers requiring Internet access. But there is only one IP address. Here is where the consumer level home router comes in. The single global IP address is given to the router, rather than to any computer of the home network.
administering the router The router usually has a web interface. You can use that interface with any web browser. Details on how you can access your router's web interface is in the documentation, which you have carefully kept at home.
remote administration Usually, by default, it is only possible to reach the router from a local IP address in the local network. Some routers support remote remote admiminstration. You still have to find the IP address of the router in order to access it.
network access of home users When a home user accesses the Internet, say to download a web page, the packets are sent to the router. The router establishes a connection with the web server. When the response comes back from the server, the response is forwarded to the router.
your local addresses at home When you have a router at home, the router hands out local IP addresses. The protocal that it uses to do is the good old DHCP. The machines inside your network have local IP addresses. They can only communicate with other Internet hosts through the router.
how the router works The router craftly replaces the local source address of the home computer with it's own global address. When the response comes back it forwards it to the local machine. How does it know to which machine to forward the response? {to understand this the concept of ports is required}
ports A modern computer uses the Internet for many purposes. To keep these purposes separate, each machine that uses the IP protocol has ports. A port can't be seen. Just think of its as a source or destination of IP traffic from or to a computer. Think of the computer as a building and each port as an apartment in the building.
ports and router When the router sends IP traffic, say to a web server it tells the server to respond to a certain port. All the traffic that gets to this port is then forwarded to the home user's machine. {We come back to the topic of ports later. This is a useful point for a break}
numbers to names IP addresses are cumbersome: –They are hard to remember. –They on where a computer is located. They are very roughly geographical. An address will change when you move the sever from one location to another. Therefore to establish a lasting presence on the Internet you need a name for your machine. Names are organized by domains.
domain To start with, a domain is a name that you can lease. The act of leasing a domain is commonly knows as domain registration. The word “owns” is commonly used when talking about domains. There are commercial companies where you can “register” (speak: lease) a domain. Such companies are called domain name registrars.
host names Once you own a domain, you can create hosts within the domain. The hosts are created by adding other names to the beginning for the domain. Example: if you own “foo.com”, you can create “ “fool.foo.com” etc. To create a host, you add records to your domain information. Each record has a certains type. {We are now looking at important types}
name server A name server is a running software that knows about domain names. It receives requests for information about names and returns responses for these names. “bind” is a popular, free nameserver software that you can run on your Debian server.
name server and registrar Usually, a registrar will give you a web interface to manage name records. It will also run the name server for you. Actually it will run several name servers for redundancy.
record name types Each name record has a type. Some common types are “A” “CNAME” “NS” “MX” “TXT” “PTR” But we only need to know about a couple.
The “A” domain record type The “A” record type assigns an IP address to a hosts. Example: “wotan.liu.edu. IN A The “IN” is in all records.
the CNAME record type The CNAME record says that one domain is an alias for another domain Example: “ IN CNAME foo.com”. When a users want to contact “ the name server looks up foo.com, and sends out it's IP address.
hosting at home If you want to host at home, you have usually two issues –With a dynamic IP address, you need to adjust the “A” record of the domain that you are hosting to reflect your current IP address. “name problem” –If you have a router, you must make sure that the incoming traffic is gets to the server “routing problem”. –Third there is a problem with assymetric speeds.
assymetric speed Residential providers usually give you good download speed, but lousy upload. Worse: uploads kill download speed. This poses contraints on you hosting a lot of contents at home. When Google comes for a visit, your network will slow.
the name problem To look at the name problem, let us forget about the router for a moment. Assume you have machine at home. It is the only machine, and it hosts the server. Let us further assume that this machine has only one network interface. The name problem can then easily be solved using a protocol called dynamic DNS.
dynamic DNS When a machine renews it's IP address, it gets access to the Internet. Once it has access to the Internet, it can contact a special server via http. It logs in, reports its IP address, say to the service. Then the Dynamics DNS sets a A record “foo.shacknet.nu. IN A ”
Dynamic DNS providers There are number of providers. The one I use is DynDNS.org. You register to create an account. You can create say up to five hosts, in domains owned by the provider. You can not set the IP adress to your own domain name. You don't have to.
own name and DynDNS If you own foo.com, and want to host on the machine with the IP address that has registered itself as foo.shacknet.nu, all you need is a DNS CNAME “foo.com. IN CNAME foo.shacknet.nu”
ddclient install ddclient is the dynamics DNS client software. You can install it with “apt-get install ddclient”. When you do so, have your dynamic DNS provider data ready, the install interface will ask you for it.
ddclient configuration This can be done by editing the file /etc/ddclient.conf. Then restart the ddclient daemon with “/etc/init.d/ddclient restart”.
router and dynamic DNS If you have a router, the name problem has an interseting twist. The IP address that you need to report is not the IP address of the server (because it is has a local address), but the IP address of the router. This is the name + router problem.
dynDNS in the router Modern consumer level routers have support for dynamic DNS. You can enter the information of your dynamic DNS account. In that case you should not run ddclient on the server. It will send erroneous information.
ddclient with router support It is possible that ddclient can enter your routers web interface, read the IP addresso of the router then report that IP address to the dynamic DNS provider. I had a configuration of ddcilent like that. Google is your friend here to look for a suitable configuration.
example ddclient with router # /etc/ddclient.conf pid=/var/run/ddclient.pid protocol=dyndns2 use=if, if=eth0 syslog=yes use=linksys # I have a linksys router fw-login=router_login fw-password=my_router_password fw= /Status.htm fw-skip=WAN.*?IP Address server=members.dyndns.org login=krichel password=aoeuid ibbart.dyndns.info
the routing problem If you have solved the naming problem, traffic for your name foo.com appears at your router. But the router does not provide the services. Incoming traffic has to be forwarded to the server. The easiest way to do that is to use a setting called the DMZ host.
DeMilitarized Zone The DMZ host is a host to which the router forward all incoming traffic to that it does not know already how to deal with. This is the most primitive way of running a firewall.
summary: the router When a client behind the router want to open a connection to the server outside the local network, it is the router that opens the connection. The response goes to a port on the router that the router sets out with the request. The response is forwarded to the client.
ports The router uses different ports to keep track of which local machine to send traffic to. But ports also have a role as destination points of service.
well-known ports When we are open a http connection to to which port does the connection go? Answer: port 80. Why? Because 80 is the well-know port for http.
can it go somewhere else? Yes. But in this case you have to give the URL as where port is the number of the non standard port is often used:
other well known ports smtp: 25 ssh: 22 dns: 53 See /etc/services for more examples.
port filtering Sometimes Internet providers kill all packets with the source or destination address at a certain port. This ghastly, despicable and evil ipractice is known as port filtering. Because services use well-know ports, port filtering can make it hard for server owners to run services the Internet service provider does not want them to.
example problem You have a machine “bar” that has port 80 blocked. You want to run a web server on “bar” without using a port in the web address. You have a machine “foo” that has no ports blocked.
example solution You run a web server on port 80 at foo. You run a web server on port 8080 at bar. You forward all queries to port 80 at foo to port 8080 at bar. When the answer from bar comes to foo, the This is standard technology with modern web servers.
bandwidth issues Most consumer level Internet connections use assymetric speeds. –They have fast downloads –They have very slow dowloads If you don't run a big site, you won't see much of a problem. But backups are difficult unless you use physical media that you ship outside the house (yuck).
problem with commercial hosting Do not rely on their backup. You need a backup. One way to get a backup to set up a backup server at home...
Please shutdown the computers when you are done. Thank you for your attention!