1 Overview
In mid 1998 I set up a home network. Was starting a consulting business and wanted to learn about building and operating a Small Office Home Office (SOHO) network. My prior networking experience was limited to interactions with corporate Information Technology (IT) department.
LAN and Internet access has undergone significant evolution over the years. Began with Dialup Internet and a few Ethernet drops. Over the years LAN expanded beyond my home office to encompass the entire house utilizing both wired and wireless Ethernet. 3000/768 DSL replaced dialup. Currently using a Netopia (now part of Motorola) 3346N DSL modem/router for Internet sharing.
A recycled desktop serves as a poor man’s server. In addition to file sharing it runs: TreeWalk DNS Resolver, Tardis network time service, Abyss web server Kiwi Syslog log server and Davis weather station. Each computer normally requires its own keyboard, video and mouse (KVM). Rather then use separate I/O devices for server and desktop use a combination of Belkin KVM switchbox and RealVNC remote control software. Having a KVM makes it easy to temporally connect additional systems for setup and testing.
HP OfficeJet K550 document and PhotoSmart D7160 photo printers are networked and accessible from any PC on the LAN. HP 5400 flatbed scanner turns paper into electronic documents.
Traveling with a Laptop can be a challenge: as network configuration differs at each location. NetSwitcher automates this task providing one click switching between locations.
We use Acronis True Image for automatic on line back up and a Maxtor One Touch USB drive for off line.
Report is not intended as a competitive product review. Market is constantly changing; any attempt to do so quickly becomes outdated. Rather, it discusses how specific requirements were addressed. For up to date product reviews interested reader is directed to the many publications and articles on the subject. Products and services described in this paper represent my choice to deliver the features my family and I wanted.
Goals for SOHO network:
- High-speed Internet access
- Share Internet connection
- Wired and Wireless LAN
- Print sharing
- File sharing
- Private web server
- Secure remote access to corporate network
- Access multiple e-mail accounts
- USENET newsgroups
- Fax without a fax machine
- Time synchronization
- Automatic file backup
- Offline backup
- Display home weather station data
- Learn networking
This paper discusses Internet access and connection sharing options. Recommends setting up an always-on server, even a small network benefits from having a server. Structured wiring for telephone and Ethernet is covered in detail. Security and Troubleshooting topic provide information to maintain network and protect it from intruders. Lastly discuss registering a domain name and running a public Internet web server. Every business ought to have an Internet presence. It does not take much effort to set up a simple web site and cost is low.
2 Internet – Much More Than World Wide Web
Internet was created over 40 years ago as a means for government and academics to share expensive mainframe computers. Today it is the preferred method to access all types of digital media: data, voice and images. Internet is a contraction of Inter Network, literally a network of networks. Creation of Word Wide Web (WWW) in the 1990’s vastly expanded Internet popularity by providing a Graphical User Interface (GUI) on what until then had been text based. Some equate World Wide Web with the Internet. The two are not synonymous. The web is simply one, admittedly a very popular, application supported by the Internet.
Internet is a packet network that transports data from one host to another over a network shared by many users. Internet is fundamentally different then public switched telephone network (PSTN). The telephone network establishes a dedicated path for the duration of the call. This reservation exists whether it is needed or not. Internet on the other hand works on chunks of data called packets. Packets are presented to the Internet on an as required basis. At each hop routers examine packet address field and determine how to forward it toward the destination.
2.1 ISP
Internet Service Provider (ISP) connects end user to Internet. Internet popularity is driving demand for high-speed low cost service. High-speed Internet access is becoming widely available. Even though we are in a fairly rural area broadband is available from multiple sources:
1) Comcast Cable DOCSIS
2) FairPoint communication ADSL
3) DSL competition from G4Communication that collocate DSLAMs at Central Offices
4) NH has numerous Wireless ISPs (WISP) but none currently service our area.
Currently have 3000/768 kbps ADSL service provided by local phone company, FairPoint Communication, as the result of Verizon’s sale of VT/NH/ME territory. Previously had 1500/384 DSL. Tried for years to upgrade but were told we were too far away. When FairPoint took over tried again. Was told we were over the limit but representative agreed to enter the upgrade. That was middle of 2008 and have been happy with faster speed ever since.
Connection between ISP and customer is often called the last-mile. I prefer term first-mile because it denotes importance of end user. Internet’s value proposition is its ability to connect end points. Without end points the network is useless.
For a more detailed examination of ISPs interested reader it referred First-Mile Access paper on the writings page.
2.2 Latency vs Speed
Non-technical folks often confuse latency with speed. Latency is how long it takes a packet to get from location A to B. Speed is rate bits are transmitted across the network. A useful analogy is to think of a truck full of DVDs going from Point A to B. From the time truck begins its journey latency is high – while truck travels to destination recipient can do nothing. However once it gets there speed is very high due to the tremendous capacity of the DVDs.
Conversely a dialup connection has low latency since data arrives milliseconds after it is requested. Speed on the other hand is very low – limited by switched telephone network performance. For a more in-depth explanation see “It’s the Latency Stupid.”
2.3 Naming Convention
Uniform Resource Locator (URL) is a person friendly handle rather than machine friendly numeric IP addresses. Translation of URL to IP address is performed by domain name system (DNS). Domain names are hierarchal evaluated right to left. The highest-level of the tree called Root is implied. Next is the top-level domain (TLD) these are the COM, EDU, ORG, MIL and GOV of the world. As the Internet expanded each country was assigned a unique two-letter top-level domain. For example the TLD for the United Kingdom is UK. Within each TLD various agencies are responsible for name registration, called registrars. The role of the registrar is to insure each registered name is unique within a top-level domain. For example in our case schmidt.com domain was already assigned so we picked tschmidt.com.
Often an organization needs to create sub domains such as www.tschmidt.com for web access, mail.tschmidt.com for email or product.tschmidt.com for product info. Since domain name is registered and guaranteed to be unique domain owner is free to add as many sub domains as desired.
2.3.1 Domain Name System (DNS)
When a domain is registered the registrar database contains list of Nameservers that provide authoritive information about the site. Authoritive Nameservers are managed by the site administrator and contain all the information necessary to access the various servers within that domain.
When a URL is entered into the browser, such as http://www.google.com/, browser first checks to see if host is on the LAN. Windows name resolution looks in the Hosts file to see if an address has been entered manually then it uses NetBIOS over IP to search local machines. This is a broadcast mechanism and works well on small LANs but does not scale well. If host name is not found locally translation request is passed to DNS Resolver.
Lets trace what happens when we look up www.google.com. Since Google URLis not local it is passed to the DNS system. The highest level is root. The naming hierarchy includes an implied dot (.) to the right of the TLD this is called the root. The DNS Resolver is preprogrammed with the IP address of several root Nameservers. The request goes to one of the root Nameservers that returns the address of the Nameserver for the .COM top-level domain (TLD) since Google is in the COM TLD. Then the COM Nameserver is queried for the address of Google Nameserver. The server returns the address of the authoritive Nameserver for the Google domain. It is important to note root Nameserver does not know address of any Google servers other then the Google Nameserver. Google Nameserver is then asked for the address of the desired host. Often sites create sub domains for specific servers, the process continues until the address of the desired host is determined. Once browser learns host’s IP address it is able to communicate. This is a very superficial view of how DNS works. For a more in-depth view see DNS Complexity by Paul Vixie.
Obviously going thought this multistep process each time one needs to translate a URL is rather time consuming. To speed up process DNS resolvers cache recently used information. DNS records have a time to live (TTL) parameter indicating how long cached information may be used before it must be refreshed. URL name lookup is normally accomplished in a few milliseconds.
2.3.2 DNS Security Extensions (DNSSE)
As Internet becomes ever more pervasive attention has been drawn to lack of DNS security. Hackers are able to poison cached DNS information. Doing so allows an attacker to redirect browsers to compromised site for nefarious purposes. A high priority initiative is to implement Domain Name System Security Extensions (DNSSEC) to counteract this sort of attack and increase level of confidence in DNS.
2.4 Routing
Internet is a routed network. This is very different then broadcast discovery scheme used locally by Ethernet or circuit switching used by telephone network. When a computer wants to communicate with a resource not available locally it forwards packet to gateway router. Router forwards packets to proper destination or to next router in the chain. In order to learn network topology routers use a variety of techniques to communicate among themselves such as RIP and OSPF. ISP routers forward incoming packets to customers and customer originated packets to the Internet backbone. Each router in the chain forwards packets closer to the destination until the packet ultimately arrives at its destination. It is not uncommon to have ten to twenty hops between sender and destination.
Network Address Translation (NAT) router allow residential customer to connect an unlimited number of computers to a single ISP account. Forwarding function for residential router is trivial since it typically has only a single WAN connection although there are load balancing routers that support multiple connections.
2.5 Multicast
Most Internet traffic is between one sender and one receiver (unicast). Multicast emulates traditional broadcast one-to-many model. This is a more efficient way to stream identical information to many endpoints. Unfortunately even though specification is mature not many ISPs have implemented multicast. In general if you listen to Internet radio or TV it is being transmitted as unicast.
2.6 TCP vs UDP
There are two principle ways to transmit information over the Internet; Transmission Control Protocol (TCP) and User datagram protocol (UDP). TCP creates a session where receiver acknowledges each packet. This is ideal for file transfer type communication. Recovery from missing or corrupt packets is more important then latency. With UDP transmitter sends data without expecting feedback from receiver. UDP is commonly used with streaming audio and video transmission where latency is more important then accuracy and insufficient time exists to recover from transmission errors. If an errors occur it is up to the receiver to “fake it.”
2.7 Quality of Service (QoS)
Internet is an egalitarian best effort network. This works amazing well for transferring large chunks of data from point A to point B. The network continues to operate in the presence of all sorts of impairments and failures. However: best effort does not work as well with latency critical applications such as telephony and streaming media. For example during a Voice over IP (VoIP) phone call round trip latency should be under 150ms. Excessive delay makes carrying on a conversation difficult and with extreme delay virtually impossible. On the other hand if a print job is delayed a little no one is likely to notice as long as it completes successfully.
Residential LANs result in few QoS problems on wired segments. Wireless LANs are slower and subject to radio interference benefit from QoS. Where QoS is most important is uploading/downloading over the Internet. Most consumer broadband links are relatively slow especially upload capability. This disparity makes it easy to saturated upload path. For example TCP/IP, the protocol used for file transfer, constantly transmits acknowledgements (ACKs) back to sender letting it know data is arriving correctly. If ACKs are delayed sender will stop sending and wait for receiver to “catch up” or in extreme cases resend data assuming it was lost. If file is being uploaded at the same time a VoIP call is in progress voice packets are given priority over file transfer packets.
When switch or router encounters congestion it buffers incoming packets until it is able to forward them. Quality of Service (QoS) metrics allows latency critical packets go to head of the line. This simple strategy works well if latency critical traffic is a small percent of total so bumping its priority has little effect on other traffic. QoS marks packets with a (Diffserv) priority level. If congestion occurs higher value packets are delivered as quickly as possible. Lower value packets are delayed during congestion or discarded during periods of extreme congestion. QoS services allow more graceful congestion degradation by moving high priority packets to the head of the queue. QoS is not a panacea, it does not create more capacity, it simply redefines winners and losers.
2.8 Flow Control - Back Pressure, TCP Slow Start, Receive Window
When a host begins transmission it has no idea how fast intervening links between it and remote host are. Switched Ethernet uses back pressure to prevent overwhelming slower links.
At the IP level transmitter uses a technique called slow-start by sending a few packets then waiting for acknowledge. The faster ACKs arrive the more packets transmitter sends per unit of time. TCP Receive Window (RWIN) parameter determines how many unacknowledged packets can be outstanding before transmitter must stop transmitting and wait.
2.9 Addressing
Each IP device (host) must have an address. Addresses may be assigned, statically, automatically by Dynamic Host Configuration Protocol (DHCP) or automatically by the client itself, AutoIP. Traditionally a system administrator manually configured each host with a static address. This was laborious and error prone. DHCP simplifies the task by automating address allocation. The down side is need for a DHCP server. DHCP has been extended to allow automatic configuration if client cannot find a DHCP server. In that case client assigns itself an address from AutoIP address pool. AutoIP is convenient for small LANs that use IP and do not have access to a DHCP server. This occurs most commonly when two PC’s are directly connected.
Ipv4 assigns each host a 32-bit address, resulting in a maximum Internet population of about 4 billion hosts. Due to IPv4 address scarcity it is common practice for ISPs to charge for additional addresses. Address exhaustion has been a concern for a long time. Classless inter-domain routing (CIDR) and Network Address translation (NAT) are two techniques used to delay the day of reckoning. Next generation IP, version 6, expands address space to 128 bits. This is a truly gigantic number. While IPv6 holds much promise it entails wholesale overhaul of the Internet. Such change is always resisted until one has no choice to go through the pain of conversion.
2.9.1 Dotted-Decimal Notation
Internet addresses are expressed in dotted decimal notation, four decimal numbers separated by periods, nnn.nnn.nnn.nnn. The 32-bit address is divided into four 8-bit fields called octets. Each field has a range of 0-255. The smallest address is 0.0.0.0 and largest 255.255.255.255.
2.9.2 Subnet
IP addresses consist of two parts Network-Prefix and Host address. Subnetting allows IP addresses to be assigned efficiently and simplifies routing. The subnet mask defines boundary between network and host portion of address. Hosts within a subnet communicate directly with one another. Hosts on different subnets use routers to forward packets from one subnet to another.
In our network all computers are on a single subnet: 255.255.255.0 allowing up to 254 hosts (computers) also called a /24 subnet because the first 24-bits of address are fixed. Host addresses are allocated from the last octet (8-bits). The reason for 254 rather than 256 hosts is lowest address is reserved as network address and highest address for multicast.
2.9.3 Class vs Classless Inter-Domain Routing (CIDR)
When Internet was initially developed divide between network prefix and host address was embedded within the address itself, rather then set by a subnet mask. These were called address classes, lettered A – E.
Class A – first octet is in the range 1 – 126 (0XXXXXXXb). 8-bits reserved for network portion leaving 24 for host addresses. 24-bits provides 16,777,213 host addresses. The lowest address is reserved as the network address, highest for broadcast. NOTE: first octet of 127 is reserved for test purposes.
Class B – first octet is in the range 128 – 191 (10XXXXXXb). 16-bits reserved for network portion leaving 16 for host addresses. 16-bits provides 65,533 host addresses.
Class C – first octet is in the range 224 – 249 (110XXXXXb). 24-bits reserved for network portion leaving 8 for host addresses. 8-bits provides 254 host addresses.
Class D - first octet is in the range 224 – 239 (1110XXXXb). Class D networks reserved for multicasting.
Class E - first octet is in the range 240 – 255 (1111XXXXb). Class E networks reserved for experimental use.
It became clear very early that allocating addresses this way was very inefficient. Class C was too small for many organizations and Class A too large. Classless Inter-Domain Routing (CIDR) was developed to allow network prefix be fixed at any bit boundary. CIDR using variable submask is now universal and Class based routing of historic interest, although one still hears reference to Class A, B, and C networks.
2.9.4 Port Number
Internet host is able to carry on multiple simultaneous communications sessions. This raises the question how does the computer know how to respond to incoming packets? While writing this paper my mail program is checking e-mail every few minutes, I’m listening to a web based radio program and from time to time getting information from a multitude of web sites. Each TCP or UDP packet includes a port number. Port numbers are 16-bit unsigned values that range from 0-65,535. The low port numbers 0-1023 are called well-known ports; they are assigned by IANA the Internet Assigned Number Authority when a service is defined. Software uses the well-known port to make initial contact. Once connection is established high numbered ports are used during the transfer. For example: when you enter a URL to access a web site the browser automatically uses port 80. This is the well know port for web servers. Once the connection is established client and server agree on high number ports to use.
2.9.5 Private Address Block
During work on impending IPv4 address shortage RFC 1918 reserved three blocks of private addresses. Private addresses are ideal for our purposes because they are not used on public Internet. This allows them to be used and reused without risk of colliding with Internet hosts. This eliminates need and expense to obtain a block of routable addresses from the ISP. Internal hosts are assigned an address from RFC 1918 private address pool.
Excerpt from IETF RFC 1918 Address Allocation for Private Internets:
Internet Assigned Numbers
Authority (IANA) reserved the following
three blocks of the IP address space for private Internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 -
192.168.255.255 (192.168/16 prefix)
We will refer to the first
block as "24-bit block", the second as
"20-bit block", and
to the third as "16-bit" block. Note that (in pre-CIDR notation) the
first block is nothing but a single class A network number, while the second
block is a set of 16 contiguous class B network numbers, and third block is a
set of 256 contiguous class C network numbers.
An enterprise that decides to use IP addresses out of the address space defined in this document can do so without any coordination with IANA or an Internet registry. The address space can thus be used by many enterprises. Addresses within this private address space will only be unique within the enterprise, or the set of enterprises which choose to cooperate over this space so they may communicate with each other in their own private Internet.
2.9.6 AutoIP Address Block
A fourth block of private IP addresses is reserved for AutoIP also called zero configuration. If a host is configured to obtain a dynamic address and DHCP server cannot be found host assigns an address to itself from this pool of reserved addresses. Host picks an address from AutoIP address pool, and tests to see if it is already in use by trying to contact that IP address. If the address is not in use it assigns itself the address. If the address is in use it picks another at random and tries again.
AutoIP address block:
169.254.0.0 - 169.254.255.255
(169.254/16 prefix)
AutoIP is
useful for tiny networks that do not include a DHCP server. Before AutoIP user
had to manually configure address and subnet mask to set up a simple IP
network.
2.9.7 Localhost Address
127.0.0.1 is the Loopback localhost address. This is useful for testing to makes sure the network interface is working. Sending data to the Loopback address causes it to be received without actually going out over the physical network.
2.9.8 Multicast Address Block
IP sessions are typically one to one, host A communicates with host B. It is also possible for a host to broadcast to multiple hosts. IANA reserved several address blocks for multicast.
Multicast address block
224.000.000.000 – 239.255.255.255 (224/8 – 239/8 prefix)
2.9.9 Address Resolution Protocol (ARP)
IP addresses represent Internet global numbering scheme. Addresses used by local network are different. For example Ethernet uses a 48-bit MAC address. ARP provides a mechanism to learn MAC address associated with a particular IP address. Reverse ARP (RARP) determines if an IP address exists for a particular MAC address.
2.9.10 Network Address and Port Translation
Residential ISP accounts are typically assigned a single IP address. This limits customer to connecting a single computer to the Internet. Network Address Translation (NAT) is used to convert private LAN IP addresses to/from single address assigned by the ISP. To enable multiple sessions of the same type to operate simultaneously Port numbers also need to be changed. NAT allows an unlimited number of devices, assigned private IP addresses, to share an ISP account even if ISP only provides a one IP address.
3 Broadband Router – One Connection So Many Computers
When we first set up our SOHO network back in 1998 used Wingate connections sharing software to share dialup. That was replaced with a MultiTech RF500S router used with Vitts Net-to-Net SDSL modem then later with a Westell B90 modem when we switched to Verizon, now FairPoint, ADSL. Main reason for choosing particular router was ability to fallback to dialup if DSL failed. At the time it was one of the few broadband routers that included automatic dialup fallback. This came in handy when our first broadband SDSL ISP went bankrupt. ADSL service has been very stable so several years ago we dropped dialup account.
Currently using a Netopia 3346N that combines ADSL2 modem, NAT router, Firewall, and 4-port Ethernet switch in a single device. This makes access to modem stats more convenient. Before we had to temporally connect DSL modem directly to PC, bypassing router, to access stats. Now stats are a web page accessible from any PC on the LAN.
The other reason was to experiment with newer modem that supports ADSL2 and ADSL2+. ITU created enhanced versions of ADSL that deliver higher speed and longer range. Verizon, now FairPoint Communication, does not advertise ADSL2. However as new generation DSLAM cards are placed into service they support ADSL2 and ADSL2+. If both DSLAM and customer modem support enhanced feature they will be activated, if not connection falls back to original ADSL functionality. Had nothing to loose by getting a newer modem, as it is backward compatible with previous generation ADSL.
Using a router creates a clear distinction between LAN and WAN simplifying troubleshooting. The router market is extremely competitive. New routers can be had for less then $50 US and used high end devices for similar price on eBay, where we purchased used Netopia router.
3.1 ADSL modem
Netopia 3346N router has a built in ADSL and ADSL2+ compatible modem. Turns out our DSLAM only supports ADSL. Given low cost of the unit it was worth a try. Plus we are ready for ADSL2 if FairPoint ever swaps out DSLAM line card.
There are three ways ADSL modem connects to ISP: Statically, DHCP, and PPPoE. Most business accounts are static to facilitate running servers. With static customer manually enters IP settings into the router. Residential accounts typically use DHCP or PPPoE. DHCP works much the same as having a PC connected to LAN. When modem powers up it searches for a DHCP server. The server automatically loads IP settings into router. FairPoint uses Point-to-Point Protocol over Ethernet in our area. PPPoE works much the same as with dialup only much faster. PPPoE requires customer enter a user name and password.
Behind the scenes most Telco’s use Asynchronous Transfer Mode (ATM) to transport IP packets. ATM normally requires configuring virtual circuit parameters. Verizon and FairPoint use VPI/VCI of 0/35 The Netopia modem automatically discovers these setting so all user needs to do is enter user name and password.
Router maintains WAN connection even if it is unused for a long time making the connection instantaneously available. If connection is lost for any reason router automatically reestablishes it.
We have 3000/768 ADSL residential package at about 13,000 feet from the Central Office. Exact distance is different each time we call. One of the benefits of transition from Verizon to FairPoint we were finally able to upgrade from 1500/384 to 3000/768. We are slightly too far to qualify for 3000 speed. Verizon strictly enforced distance limit. FairPoint acknowledged distance but was willing to increase speed. As expected margins were reduced due to faster speed but connection has been reliable.
3.2 PPPoE and MTU
Point-to-Point Protocol over Ethernet (PPPoE) is an encapsulation protocol. PPPoE works much like dialup PPP to connect a computer over a point-to-point link to ISP. PPPoE uses high-speed Ethernet rather then low speed RS232 Serial.
Normally Ethernet packets are limited to 1500 bytes. This is also the typical maximum size transmitted over the Internet. PPPoE adds 8 bytes of overhead to each packet reducing maximum payload size to 1492. Internet packets can be fragmented and reassembled. However: many residential routers do not implement fragmentation. Even when properly implemented fragmentation incurs a significant performance penalty since an over large packet is split into two smaller ones with attendant IP overhead.
A better solution is to limit packet size so fragmentation/reassembly is not required. Windows TCP/IP stack implements path discovery mechanism to automatically limit packet size so fragmentation is not required. Typical maximum transmission unit (MTU) is 1452 bytes: 1452 bytes data + 40 bytes TCP/IP overhead + 8 bytes PPPoE = 1500 bytes. A good indication of overly large packet problem is if sending a little data <1500 bytes works but larger files do not.
3.3 Network Address Translation (NAT)
Most residential broadband ISPs restrict customer to a single IP address. Limited size of IPv4 address (32-bits) space means addresses are in short supply. ISPs often charge extra if more then one address is needed. This creates a quandary; how to cost effectively connect multiple hosts to the Internet? The most common solution is Network Address Translation (NAT) using private IP addresses. IETF RFC 1918 reserved three blocks of IP addresses guaranteed not used on the Internet. Because these addresses are not used on the public Internet they can be reused multiple times.
Combining NAT, more properly Network Address Port Translation since both address and port number are modified, and RFC 1918 private addresses allow an unlimited number of computers to share an Internet connection even though ISP only provides a single IP address. Private addresses are prohibited on the Internet allowing them to be used and reused indiscriminately. NAT provides translation between private addresses on one side and single public address issued by the ISP. NAT offers the advantage of a proxy server while being transparent to most applications. Proxy services were used extensively prior to deployment of NAT.
Internal LAN traffic proceeds normally; NAT is not required for local traffic. When a request cannot be serviced locally it is passed to NAT router, called a gateway. Router modifies packet by replacing private address with public address issued by the ISP and if needed modifies port number to support multiple sessions and calculates new checksum. Router sends modified packet to remote host as-if-it-originated-from-the-router. When reply is received router converts address and port number back to that of the originating device and forwards it to the LAN. NAT router tracks individual sessions so multiple hosts are able to share a single address. As far as Internet hosts are concerned the entire LAN looks like a single computer.
3.3.1 Performance
NAT requires a lot of bookkeeping, changing IP and port addresses, then computing new packet checksum. Routers have no trouble keeping up with WAN connections of a few megabits per second. If you are blessed with really fast broadband connection say 5 or 10 or even 100 Mbps make sure router is up to the task.
Internal NAT translation tables limit the number of simultaneous sessions router is able to maintain. This limit does not affect normal Internet usage. However when Peer-to-Peer (P2P) is used the very large number of sessions may overwhelm a low-end router.
3.3.2 Security
NAT blocks remotely originated traffic. It functions as a de facto incoming firewall because router does not know where to forward packets that originate outside the LAN unless specifically programmed to do so.
3.3.3 Limitations of NAT
As useful as NAT is it is also controversial. It breaks the end-to-end Internet addressing paradigm. NAT maintains state information. If it fails session recovery is not possible. It interferes with server functionality and IPsec VPNs.
When NAT was first developed it was assumed private address pool was truly private and no one but the local administrator cared about local address usage. Today in the age of VPNs these internal addresses ARE being exposed to other networks. If a telecommuter’s residential LAN and office network both use private addresses they may overlap. In a simple case this is not major problem, the user simply moves the LAN to a different address block. But what happens if home LAN must support multiple telecommuters? This requires coordination of multiple corporate LANs and SOHO LAN. In this case it may be impossible to resolve address collisions if multiple networks use identical address blocks.
This is not to discourage use of NAT it is very powerful technique. But NAT should be seen for what it is, a short-term workaround to minimize effects of IPv4 address shortage, not a permanent extension to Internet technology. For more information see RFC 2993 Architectural Implications of NAT.
3.4 LAN IP Address Assignment
Each device on the network requires a unique IP address. These addresses are not used on the Internet therefore they are not coordinated by IANA. However they must be coordinated within the LAN. The router has the flexibility to use static, dynamic address allocation.
3.4.1 Static
When static allocation is used IP parameters: address, subnet mask, gateway address, and DNS address need be manually assigned to the computer. The router’s DHCP server issues addresses in 192.168.2.2 - 192.168.2.100 range with a subnet mask of 255.255.255.0. Static addresses can be assigned in the range 192.168.2.101 – 192.168.2.254. This keeps all addresses in the same subnet without interfering with DHCP operation.
3.4.2 Dynamic
This is the default Windows IP configuration, at power up PC searches for a DHCP server. The DHCP server in the router assigns each machine’s IP parameters. Once PC is configured it is able to communicate. The address is “leased” to the client. Prior to lease expiration client attempts to renew it. Under normal conditions the lease never expires and client IP address remains the same. If client is off network for extended period of time lease will expire. Next time computer is attached will likely receive different IP address.
3.4.3 MAC Reservation
For some devices, such as servers, dynamic addresses are inconvenient. For example binding to HP printer internal server is by IP address, as it does not have a name. If server’s address changes each client has to be reconfigured. A solution is to create a pseudo static address. The address issued by DHCP server is bound to the client’s Ethernet MAC address. As long as MAC address does not change device is always assigned the same IP address. This is more convenient than setting static addresses manually on each device.
All machines, except guests, are issued reserved addresses. This makes it much easier to interpret Syslog entries that record events based on IP address.
3.5 10/100 Ethernet Switch
LAN wiring upgrade allowed moving router near 16-Port Ethernet Switch. One port of the Router is connected to Switch leaving 15 Switch ports available plus three unused on the router.
Most modern Ethernet switches implement Auto-MDIX. Switch checks link configuration and automatically selects the correct port type depending if switch is connected to a PC or another switch. This eliminates hassle of using crossover cable or up-link ports to interconnect multiple switches.
3.6 DNS
Host name resolution for local devices is performed by NetBIOS over IP. If Windows cannot resolve a host name it assumes it is a remote host and forwards request to router. Router forwards request to FairPoint DNS Nameserver. To devices on the LAN router looks like a DNS server.
We run a local DNS Nameserver that requires overriding settings provided by FairPoint. Unfortunately router does not include a mechanism to point to an internal Nameserver. Workaround was to manually configure DNS Nameserver address in each client’s TCP/IP configuration. The primary DNS address is the internal DNS server, secondary points to ISP DNS server in case local server is down.
3.7 Gateway
Each PC forwards packets that cannot be delivered locally to the gateway. The gateway router decides how to deliver packets that travel outside the LAN. Only a single connection exists between our network and the ISP so routing is trivial. The router simply forwards all packets to the gateway address assigned by the ISP.
3.8 Firewall
The router includes a stateful inspection firewall. This provides another layer of security by observing inbound and outbound traffic and dropping nonconforming packets.
3.9 QoS
Router implements multiple QoS functions to make optimum use of limited WAN bandwidth.
3.10 Syslog Event Logging
Router logs significant events and forwards them to Syslog server. This overcomes one of the main limitations using a dedicated appliance for Internet sharing – limited data storage. Router emits Syslog data to the PC server. One of the services running on the server is Kiwi Syslog. Syslog server stores data from both Router and Tardis Time server for later review.
3.11 Public Server Behind NAT
Running a public server behind NAT requires router forward incoming connection requests to the appropriate server. By default incoming connection requests are discarded because router does not know which host on the LAN to forward them. The router acts as an inbound firewall. Port forwarding configures the router to accept an inbound connection request, to say port 80, and forward to the web server. To the remote host the server looks like it is using the public IP address, when in fact it is on a private address block.
Operational tip - Most Residential NAT routers do not perform WAN Loopback. This prevents access to local public server by its URL or public IP address from within the LAN. Server must be accessed by its LAN machine name or LAN IP address. When server is accessed by public IP address from within the LAN router forwards request to the Internet. It does not realize host is local. End result is packet never reaches the server.
If local access by DNS name or public address is important add the name/address information to Windows Host file. The Host file performs static name translation service invoked prior to DNS. If the requested host name is found in Hosts file Windows will use that address and not query DNS.
3.11.1 Active vs Passive FTP
The way File Transfer Protocol (FTP) allocates ports causes problems with NAT. To NAT connection appears to originate from the server, rather then user. This causes NAT to prevent transfer. This can be a problem if you change FTP ports from default 20/21 to some other value. NAT routers only know how to handle FTP on the default port.
To learn more read: Active FTP vs. Passive FTP, a Definitive Explanation.
3.11.2 Multiple Identical Servers
Most residential broadband ISPs only allocate a single IP address per account. This causes problems running multiple servers of the same type. For example when running a web server, all incoming requests are to port 80, this makes it impossible to run two web servers on a single IP address using well-known port. Work around is to use a different port for one of the web servers. This can cause problems since the remote user has no way to know server is using a non standard port. Many DynamicDNS sites have provisions to redirect request to the alternate port.
3.11.3 Dynamic DNS
Remote hosts use DNS to translate URL to server’s IP address. DNS assumes server configuration is static and changes only rarely. This poses a problem for residential customers with dynamic address allocation since server address may change suddenly without notice. Several services have sprung up to address this issue. Dynamic DNS services either run a small application on the router or on server to detect IP address change. When that happens Dynamic DNS service database is notified of new address. This is not a perfect solution since there can be significant delay between address changes and when new address is available. However for most casual residential users it works well enough.
3.11.4 Security
Great care should be taken when running public servers. If an attacker is able to exploit a weakness in the server they gain access to the entire LAN. Once in control of a compromised server they are free to attack other machines on the LAN. We use a hosting service to minimize security risk rather then run public server locally.
3.12 Measuring Internet Speed
In a SOHO network LAN performance is rarely a speed determinate. Speed is typically limited by first-mile WAN connection. It can be a challenge teasing out various components of end-to-end performance to see if ISP link is working as advertised.
IP transmission splits data into 1500 byte chunks called packets (1-byte = 8-bits). Some of the 1500 bytes are used for network control so are not available for user data. TCP/IP uses 40 of the 1500 bytes for control. NOTE: this analysis assumes use of maximum size packets. Since overhead is fixed using smaller packet incurs higher overhead. With 40-bytes reserved for control out of every 1500-bytes sent only 1460 are available for data. This represents 2.6% overhead.
Some ISPs, typically phone companies, use an additional protocol called Peer to Peer Protocol over Ethernet (PPPoE) to transport DSL data. This is an adaptation of PPP used by dialup ISPs. Telco’s like PPPoE because it facilitates support of third party ISPs as mandated by FCC. PPPoE appends an additional 8-bytes to each packet increasing overhead to 48-bytes reducing payload to 1452. Where PPPoE is used overhead is increased to 3.2%.
Many phone companies use IP over Asynchronous Transfer Mode (ATM) (AAL5) to carry DSL traffic. ATM was designed for low latency voice telephony. When used for data it adds significant overhead. ATM transports data in 53-byte Cells of which only 48 are data the other 5 used for ATM control. Each 1500-byte packet is split into multiple ATM cells. A 1500-byte packet requires 32 cells (32 x 48 = 1,536 bytes). The extra 36=bytes are padded, further reducing ATM efficiency. 32 ATM cells require modem transmit 1,696 bytes of which only 1452 carry payload. Where ATM/PPPoE is used overhead is increased to 14.4%.
TCP/IP overhead 2.6% efficiency 97.4%
TCP/IP/PPPoE overhead 3.2% efficiency 96.8%
TCP/IP/PPPoE over ATM overhead 14.4%, efficiency 85.6%
It is easy to determine best-case file transfer rate if modem data rate is known. Broadband marketing rate may not the same as modem transfer rate. This may be done to simplify marketing by presenting a nice round number. Some Telco’s set transfer rate higher then marketing speed. When customer performs speed test they receive value close to marketed speed. Most broadband modems have status page allowing user to observe true transfer rate. Keep in mind this is rate modem connects to ISP not speed computer connects to modem or router with is typically 10 or 100 Mbps.
As an example our FairPoint 3000/768 ADSL service has a sync rate of 3360/864, 3360 kbps toward customer, 864 kbps toward Internet. FairPoint uses PPPoE and ATM yielding an overhead of 14.4%. Best-case transfer rate is 85.6% of sync rate, resulting in 2,876 kbps down 740 kbps up. Typical file transfer speed reported by Broadband Reports or Speedtest.net is shown below.
NOTE: This is best-case speed. Errors, transmission delays, etc will reduce speed from this value. The higher the speed the more impact even modest impairments will have on thru put.
4 Local Area Network – Networking for Everyone
Local Area Network (LAN) allows computers to access shared resources such as printer, files, and the Internet. Ethernet, both wired and wireless, dominates SOHO network market.
4.1 Ethernet
Wired Ethernet IEEE 802.3 is the most common local network technology in use today. It was initially based on Collision Detection Multiple Access Collision Avoidance (CDMA/CA). Think of original Ethernet as a telephone party line. Before speaking listen to see if anyone else is talking. If no one is talking it is OK to start. It is possible more then one person may start talking at the same time. That is a collision; no one is able to understand what is being said. When this occurs everyone stops talking for a while. When line is idle they try again. Each party waits a different length of time to minimize odds of colliding again. CDMA/CD imposes a number of constraints to network design. Minimum packet size must be longer then network end-to-end propagation delay. This insures transmitter is still transmitting when collision occurs allowing retries to be done at the data link layer. Power level and end-to-end loss budget must be set to allow reliable collision detection.
When Ethernet was originally developed it operated at 10 Mbps and used fat coax cable with clamp on taps, called vampire taps. Early development focused on improving physical interconnection rather then speed. Specification evolved from Fat coax, to thin coax to twisted pair. Today most common type of Ethernet is unshielded twisted pair (UTP) copper cable consisting of 8 conductors organized as 4 pairs terminated with 8 conductor modular jacks similar to those used for telephone wiring. Since its inception speed has dramatically increased from 10 Mbps (1980) to 100 (1995) to 1G (1,000 Mbps) (1998), 10G (2002) work is under way on 40G and 100G Ethernet.
Switching has replaced Hubs, dramatically improving performance, and enabling full duplex operation by eliminating Collision domain.
As speed or distance increases fiber becomes attractive compared to copper cable. The difficulty with fiber is not so much fiber cost but high cost of opto-electrical converters needed to connect NICs to fiber cable.
4.1.1 Media Access Controller (MAC) Address
Each Ethernet interface (wired or wireless) has a unique 48-bit MAC address. This allows each interface to be uniquely addressed. This is not the same as the IP address. IEEE assigns MAC vendor ID.
Excerpt from Assigned Ethernet numbers:
Ethernet hardware addresses are 48 bits, expressed as 12 hexadecimal digits (0-9, plus A-F, capitalized). These 12 hex digits consist of the first/left 6 digits (which should match the vendor of the Ethernet interface within the station) and the last/right 6 digits which specify the interface serial number for that interface vendor.
These high-order 3 octets (6 hex digits) are also known as the
Organizationally Unique Identifier or OUI.
These addresses are physical station addresses, not multicast nor
broadcast, so the second hex digit (reading from the left) will be even, not odd.
4.1.2 Virtual LAN (VLAN)
Virtual LAN technology allows the same physical LAN to connect multiple computers while isolating one group from another. Typical use is to create VLAN based on community of interest for example payroll, marketing and engineering. A router is used to interconnect separate groups providing a great deal of control over how data flows across VLAN boundaries.
VLANs are not yet common for home LANs but may become so if Internet services are delivered by multiple service providers, perhaps one for data, another for IP based TV (IPTV), and yet another offering Voice over IP (VoIP).
4.1.3 Universal Plug and Play
UPNP is an outgrowth of PC plug and play experience designed to automatically configure local network devices. As this paper should make clear configuring a LAN can be a daunting task requiring user to be conversant with network terminology and concepts. UPNP provides automatic discovered and when needed request firewall/router to adjust configuration to allow the particular service Internet access.
Unfortunately UPNP makes no provision for security so one has no knowledge or control of malicious devices attempting to gain unauthorized access to the Internet. If you are unfamiliar with network configuration and confident PCs have not be compromised then UPNP is very convenient. On the other hand if you are comfortable configuring network devices doing so manually improves security.
4.2 Wired Ethernet
Modern digital networks are packet based. Ethernet “packets” are called frames. Data is divided into chunks called frames. Ethernet frame can be up to 1518 bytes long of which 1500 bytes are available for payload. 18 bytes are used for Ethernet addressing and frame management. When Gig Ethernet was developed specification was modified to allow larger frames, called Jumbo Frames, but that need not concern us here. Each packet includes network specific information providing necessary information to deliver the packet. This consists of sender and destination address, packet length, and error detection to verify errors did not corrupt the packet in transit.
4.2.1 10 – 100 – 1,000 – 10,000 – 100,000 Mbps
Initially UTP Ethernet operated at 10 million bits per second (10 Mbps) over Category 3 UTP wiring. Ethernet development has been in 10X increments. Fast Ethernet increased speed to 100 Mbps over Category 5 wiring. Gigabit Ethernet increased speed another 10 times to 1,000 Mbps. During Gigabit Ethernet development the Cat 5 specification was tightened resulting in Cat5e. The fastest version of Ethernet, 10 Gigabit (10,000 Mbps), has recently been modified to work over Cat 6a. Prior to that 10G required fiber. Work is under way on 100G. Given the high speed it is unlikely to operate over UTP, most likely some form of short distance coax.
4.2.2 Hubs vs Switches
Electrically UTP Ethernet is a point-to-point topology. Each Ethernet Interface must be connected to one and only one other Ethernet Interface. Hubs and Switches are used to regenerate Ethernet signals allowing devices to communicate with one another.
CDMA/CA scheme originally used by Ethernet places a limit on the number of wire segments and how many hubs can be used in a single collision domain. At 10 Mbps the 5-4-3 rule limits maximum to 5 wire segments with 4 hubs between devices, however only 3 of those hubs can have devices attached. For Fast Ethernet the rule is more stringent. A maximum of two Class II hubs, and the distance between hubs must be less than 5 meters. Class I hubs cannot connect directly to another hub. For all intents and purposes Fast Ethernet (100 Mbps) is limited to a single hub.
Ethernet switches work very differently then hubs. Switch examines each arriving packet, reads destination MAC address and passes it directly to the proper output port. Switch eliminates collision domain allowing multiple conversations to occur simultaneously as opposed to single party-line hub. This dramatically increases network performance. A 100 Mbps hub shares 100 Mbps among all devices. With a switch traffic flows betweens port pairs. A non-blocking 16-port 100 Mbps Ethernet switch has a maximum throughput of 1600 Mbps. This assumes 8 connections evenly divided between the 16 ports each one operating at full 100 Mbps. Port A is able to talk to port D at the same time Port F is talking to Port B. Switches enables full duplex communication. This means individual computers can be transmitting at the same time they are receiving. In actual use the speed improvement will be less but switches offer a tremendous performance advantage compared to hubs.
When a switch does not know which port to use it floods incoming packet to all ports, much like a hub. When device responds switch learns MAC address associated with particular port. The switch also floods all ports with broadcast frames. Switches are transparent. Ethernet applications have no knowledge switches are being used instead of hubs. Switches used to be much more expensive then hubs. In recent years prices have come down dramatically making hubs obsolete while dramatically improving LAN performance.
Gig Ethernet NICs and Switches are almost at price parity with Fast Ethernet. Gig Ethernet LANs are an interesting inflection point. Historically computer performance was limited by network communication. When connected to Gig Ethernet typical PCs are only able to utilize a fraction of rated speed due to internal bottlenecks. Typical PC file transfer speed when used with Gig Ethernet is limited to 300-400 Mbps due to disk speed, O/S overhead, and PCI throughput. Bottleneck is no longer communication has shifted to computing elements.
4.2.3 Managed vs Unmanaged Switches
Ethernet hubs and switches come in managed or unmanaged versions. Managed devices allow the administrator control of various parameters and observe traffic. Managed switches are overkill in a typical SOHO network. Unmanaged devices are considerably less expensive.
4.2.4 Automatic Link Configuration
To make Ethernet easier to use higher speeds are backward compatible. Transceivers Auto negotiate link characteristics to determine speed and whether connection is half or full duplex. Hubs are limited to half duplex as only one device can be transmitting at a time. Switches are full duplex capable of transmitting and receiving at the same time.
NIC (computer interface) is configured as uplink port (MDI), Hub or switch as MDI-X. 10 and 100 Mbps Ethernet use one pair for transmit and one for receive, Gig and 10 Gig use all four pair in each direction. Default configuration assumes MDI port is connected to MDI-X port. Having NICs wired as MDI and hub/switch as MDI-X means that in most cases interconnect is a simple 1:1 cable.
Problems occur when like devices are connected, say NIC to NIC or hub/switch to another hub/switch. To make this easier hubs/switches typically have an uplink switch or port. The uplink port reverses normal TX/RX configuration so another like device can be connected. The same effect can be obtained by using a crossover cable. Cross over cable swap TX and RX pair at one connector. Recently vendors have adopted Auto-MDIX to automatically determining remote port type and configure ports automatically. With Auto negotiation (Speed) and Auto-MDIX (gender) Ethernet has become more user friendly. All user need do is connect the cable everything else is automatic.
4.2.5 Topology
For maximum performance a single wide Ethernet switch should be used to serve the entire LAN. Cascading switches is transparent to traffic but limits inter switch speed to that of the link. With a single wide switch throughput is dictated by internal switch backbone performance.
4.2.6 Spanning Tree
Ethernet is designed such that one and only one path exist between any two endpoints. If multiple paths exist switches are unable to determine how to forward frames. Spanning Tree protocol was developed to address problem of multiple paths in complex networks. The protocol detects duplicate paths and turns off redundant paths. Spanning Tree requires managed Switches – low cost unmanaged switches do not implement the protocol. Spanning Tree is typically not an issue in simple SOHO LANs.
4.2.7 Power over Ethernet (PoE)
Until recently wired Ethernet delivered data but not power. Each device needed to provide its own power. For traditional “large” networked devices such as computers this was not an issue. However as more and more low power Internet appliances such as WiFi Access Points and Voice over IP (VoIP) telephones are deployed benefit of delivering both data and power over Ethernet cable became obvious.
IEEE took on the challenge and in 2005 released PoE specification. PoE provides 13 watts of power per device. For 10 and 100 Mbps Ethernet PoE uses the two unused pair. Gig uses all four pair so power has to be injected into the active pairs. IEEE 802.3at is currently working on a higher power version of PoE to increase power to about 30 Watts.
PoE has been a boom for low powered devices. It also facilitates backup power, as UPS only needs to feed PoE Switch (or power injector) rather then every device.
4.3 Wireless Ethernet (WiFi)
Great strides have been made creating high performance low cost wireless LANs. RF technology is at its best where mobility is of paramount importance with bandwidth less so. WiFi radios operate in the unlicensed Industrial Scientific Medical (ISM) band. WiFi popularity has a down side. As more devices attempt to use limited frequency allocation interference problems increase. Government regulators are addressing interference by designating more bandwidth for unlicensed use. Standards bodies are working to facilitate graceful coexistence between various devices.
IEEE 802.11 radios operate in two modes ad hoc peer-to-peer and managed. Managed mode requires one or more Access Points to bridge wireless network to wired network. Depending on size and type of construction a site may require multiple Access Points. Ah-hoc mode allows two or more WiFi devices to communicate directly without needing an Access Point. Most WiFi communication make use of Access Points.
The success of various IEEE 802.11 Wireless standards has encouraged many vendors to enter the market. The WiFi Alliance works to insure interoperability between different vendors and promote use of Wireless LANs.
4.3.1 2 – 11 – 54 - 250 Mbps
Initial version of IEEE 802.11 delivered 2 Mbps in 2.4 GHz ISM band. 802.11b increased speed to 11 Mbps, 802.11g increased speed to 54 Mbps. 802.11a operates at 54 Mbps in the 5 GHz band. The much hyped 802.11n operates at 250 Mbps. Due to the way over-the-air transmission operates real world transfer speed is limited to about half raw transmission speed and often significantly lower.
4.3.2 Security
Wireless LANs are inherently less secure then wired. An intruder does not require a physical connection, but can eavesdrop while some distance away. The original 802.11 designers were aware of this risk and incorporated Wireless Equivalent Privacy (WEP) into the specification. Unfortunately almost immediately security researchers found critical weakness with WEP and shortly thereafter hacking tools became readily available making WEP virtually worthless. IEEE developed a comprehensive security standard and several enhanced implementations are available. WiFi Protected Access (WPA2) is current state of the art for wireless security. There are different versions optimized for residential and commercial customers. Netstumbler is a useful tool to help secure WiFi LANS.
4.3.3 Interference
WiFi radios operate in unlicensed bands so interference is a problem, especially in congested urban areas. Interference is the result of other WiFi radios, non-WiFi radios operating in the same band such as Bluetooth and wireless phones and unintentional radiators such a microwave ovens.
WiFi alliance has published numerous whitepapers on the subject. They are working with various standards bodies to make devices more aware of their RF environment by probing for other radios operating in the vicinity. Device use that knowledge to set operating channel and power to minimize mutual interference. Given the tremendous popularity of this technology governments are working to increase frequency allocation for unlicensed radio use. As radios get smarter and frequency allocation increase interference should become less of a problem.
4.4 Alternatives
Ethernet, wired and wireless, is the dominant LAN technology. The cost of installing network wiring is modest if done when structure is being built. The situation is more difficult for existing structures. The cost and disruption to retrofit a LAN is a significant deterrent. Various “no new wire” initiatives minimize impediments to home networking. These initiatives typically operate at lower speed than wired Ethernet but have the advantage of not requiring additional wiring.
It is a testament to Ethernet’s popularity these alternatives all use modified Ethernet frames, adapted to the physical medium, making it easy to bridge to standard Ethernet.
4.4.1 Phone Line Networking
Home Phoneline Network (HomePNA) uses existing phone wiring to create bridged Ethernet LAN operating at a maximum speed of 320 Mbps. This allows computers to connect wherever a phone jack exists. The specification allows analog telephone, DSL, and LAN to coexist on a single pair of ordinary telephone wire.
Phone Line LAN uses slightly modified Ethernet packets. This makes HomePNA look like ordinary Ethernet to software. HomePNA equipped computers cannot connect to UTP Ethernet directly, a bridge is needed to rate match between the two networks and deal with minor signaling differences. This allows HomePNA and Ethernet devices to act as if they were connected to the same LAN.
4.4.2 Power line Networking
HomePlug initiative provides high-speed network device that plug into ordinary AC receptacles at speeds up to 200 Mbps. The HomePlug Powerline Alliance is the clearinghouse for power line networking products.
4.4.3 Ethernet over TV Coax
Multimedia over Coax Alliance (MoCA) is popularizing an interesting technology that utilizes TV coax wiring to deliver Ethernet at up to 175 Mbps. Many homes built in the last few decades have RJ6 coaxial cable feeding multiple TV outlets but are not equipped with Category rated cable suitable for conventional Ethernet. Verizon is using the technology to eliminate need to run both coax and UTP Ethernet when installing FIOS.
4.4.4 Ultra Wideband Radio
A number of emerging wireless technologies are targeting so-called last-foot problem. One only has to look at the rear of typical residential TV/stereo/home theater installation to understand problem. The mass of cabling needed to interconnect individual components and the inability of components to talk to one another hinders adoption and is at odds with ease of use. This limitation has dogged consumer electronics industry for years. The goal of Ultra Wideband and WirelessHD technology is to deliver incredibly fast data rates over a few meters eliminating need for A/V cabling.
5 Local Server – Just Like The Big Kids
Local server provides several network services: file sharing, DNS Nameserver, NIST clock synchronization, Syslog server, private web server and personal weather station. At first we used a laptop server. This was convenient because it was self-contained but had limited disk storage capacity. It was replaced with a 200Mz Pentium desktop with a 45GB hard drive. Most recently server has been replaced with a recycled 1 GHz Pentium desktop with 320 Gig drive running XP.
5.1 KVM Switch
We
did not want to add another set of user I/O when we setup server. The solution
was to use a KVM (keyboard, video, mouse) switch. KVM’s have been used in
server farms for years to allow single point of control for multiple computers.
We purchased a 4-port Belkin Omni View SE
KVM. Port 1 is the workstation port 2 the server leaving 2 ports for future
use.
Switching between computers is done via a button on the KVM or a keyboard hot-key sequence. KVM creates virtual devices for each computer. When switching computers the KVM reconnects keyboard, mouse and monitor to the active computer and programs real devices to match stored virtual device configuration.
Video Performance Tip -- Workstations use higher video resolution and faster refresh rate than servers resulting in very high video data rate. This is typically not a problem for KVM itself but requires coaxial cable. Coax preserves high frequency and minimizes crosstalk between signals.
Mouse Compatibility Tip -- Each computer thinks it is directly connected to a keyboard, mouse and monitor. KVM memorizes commands sent to each device and restores device configuration each time a user selects a different computer. Mice cause problems because so many proprietary enhancements exist. PS/2 mice power up in compatibility mode this allows basic mouse functionally even if proprietary mouse driver is not installed. At power up mouse device driver performs a “knock” sequence to determine if a known mouse is attached. If mouse answers correctly driver switches on enhanced mode. This causes problems for KVMs. Unless KVM has a priori knowledge of specific mouse it is unable to configure it properly. Depending on specifics this results in either loss of mouse control or mouse reverting to default mode. This is only a problem when switching between machines. KVM transparently passes commands from active machine to mouse.
This problem only affects PS/2 style mice since they do not support hot plug. USB KVM resets mouse whenever a different computer is selected.
Monitor Plug and Play – modern CRT and LCD monitors communicate with PC using VESA Display Data Channel (DDC). This allows PC to read monitor characteristics and automatically configure video subsystem. If KVM does not emulate this feature a PC powered up on an inactive KVM port thinks it is connected to a non Plug and Play monitor reverting to low resolution low refresh mode. A workaround for this is to disable monitor plug and play and set resolution and refresh manually. Or always make sure PC is selected by KVM before booting.
5.2 Remote Server Management
KVM is a brute force method of server management by simply switching physical I/O devices. Its advantage is it provides access even before O/S is in control. A more elegant method is remote access software. Windows XP Pro has built in remote management capabilities and there are numerous third-party applications. A popular remote access program is Real VNC. Real VNC provides encrypted access to prevent eavesdropping and can be used from anywhere with an Internet connection. Once server side is up and running remote user logs in to gain access to virtual desktop.
5.3 File Sharing
One of the advantages of having a LAN is to facilitate file sharing between machines. Files can be shared directly between PCs or by using a dedicated file server. My Network Places (Called Network Neighborhood in some version of Windows) are organized by workgroup. In a small LAN all machines typically belong to a single workgroup, such as HomeLAN. Once configured users are able to browse network shares, as easily as if they were on the local machine.
Getting My Network Places to work reliably in a SOHO peer-to-peer network can be a challenge as there is no Domain controller to coordinate access and provide network browse services. As each PC is turned on it looks to see if there is already a master browser on the LAN. Note this has nothing to do with web browsing. The Master browser collects information about shared network resources, directories, files and printers and makes this information available to other computers on the LAN.
Ad hoc election process can cause problems if PC running master browser gets shutdown. It takes a while for other PCs to notice there is no longer a master browser. Until new election is held it is impossible to browse the network. Depending on power up sequences it is possible to have more then one master browser, in a workgroup at a time. Masters do not exchange information. Having multiple masters will segment the workgroup resulting in non-communicating chunks. Pchucks’n Network site has a great article about peer-to-peer browsing.
#1
File and Print Sharing Service
Make
sure Microsoft “File and Print sharing
service” is installed on each machine (Win98/ME). Nothing need be shared but
the service must be running for the machine to show up in the Neighborhood. In
XP Simple File sharing is defaulted on except when XP pro is joined to a
domain.
#2
Bindings (Win98/ME)
File and print sharing must be bound to a communication protocol typically
TCP/IP. Before the popularity of the Internet NetBEUI or IPX were commonly used
on the LAN. They are considered obsolete protocols and no longer build into
Windows. NetBIOS/SMB is the programming API used by Microsoft to exchange
information over the network.
#3
Workgroup name
My
Network Places are organized by workgroup. You can have as many workgroups as
desired. In a small LAN it makes sense to use a single name, such as HomeLAN,
because each workgroup requires its own Browse Master. The Browse Master is elected at boot time.
If PC running Browse Master is shut down it may take a while for event to be
detected and a new Master elected.
Windows Configuration Tip – There is a compatibility problem between
Win2000/XP/Vista and older versions of Windows and Win98/ME. We had trouble
getting a Win 98 laptop to show up in a corporate network of Win 2000/XP
machines. Our workaround was to place laptop in its own workgroup.
#4
Browse Master
Ideally Browse Master should run from an
always-on computer. This is the reason to use the same workgroup name, so only
a single Browse Master is required. In older versions of Windows is was
possible to force a machine to always be the browse master. That is no longer
an option with XP/Vista. Browsing performance is much improved in newer
versions Windows.
To
force, which machine will be the master browser shutdown all PCs on the LAN.
Turn on PC chosen as master browser first. As there are no other computers on
the LAN it will win browser election. As other computers are turned on they
will detect an active master browser and use it.
#5 Login
If
network logon (in network properties) is set to Client for Microsoft Networks a
password must be entered at boot time for the Neighborhood to be accessible. If
the password is bypassed most communication functions operate normally but the
neighborhood becomes inaccessible. To eliminate need to enter a password select
Windows Logon. It may be necessary to delete any existing passwords. Search for
*.pwd files and delete them.
#6
Enabling Shares
To
enable file sharing pick the desired subdirectory to share and check sharing.
That directory and all subdirectories will be shared.
Security Tip – Files can be
shared as read only or read/write. Unless it is necessary to allow others on the
LAN to modify file and/or create directories it is better to limit access to
read only.
#7
User Account
Some versions of Windows need user or guest account to share files, this limits shares to authorized users.
#8
Firewall
If
system uses a software firewall be sure it does not block NetBIOS and SMB ports
used to discover local host names and share files. XP SP2 built in firewall does not interfere with file sharing.
Some third party firewalls have to be configured to allow the following ports.
TCP/UDP Port 137 NETBIOS Name Service
TCP/UDP Port 138 NETBIOS Datagram Service
TCP/UDP Port 139 NETBIOS Session Service
TCP/UDP Port 445 SMB (Server Message Block)
5.4 Printer Sharing
We have two printers. Main document printer has a built in print server and is directly connected to LAN. Photo printer has a USB connection and is connected to file server.
5.5 Time Service
US National Institute Standards and Test (NIST) and other organizations maintain public timeservers. This eliminates problem of drifting and inaccurate computer real time clocks. For personal use NIST recommends using NTP Pool Time Servers. Timeservers are extremely accurate; however accessing them via the Internet adds potentially several hundred milliseconds of round trip delay. This error is not significant for our purpose and is ignored.
We use Tardis 2000 running on server and K9 on each client for clock synchronization. Tardis includes a Network Time Protocol (NTP) timeserver that periodically broadcasts time info over the LAN. A companion program, K9, running on each client updates local Real Time Clock (RTC) to synchronize it to the server. This insures all computers are slaved to local server and local server in turn is synchronized to Stratum 2 timeservers.
Tardis support Syslog. This allows Syslog server to capture Tardis2000 events.
Configuration Tip -- XP/Visa includes a timeserver that must be disabled when using K9 client.
Configuration Tip -- The load on public timeservers is very high and getting higher, be a good net citizen set Tardis to only update every few hours and use NTP pool rather then specific server. We set this parameter to once every 2 hours. For convenience LAN broadcast occurs every 64 seconds so client clock is updated as soon as the machine boots.
Configuration Tip --Tardis 2000 defaults NTP time broadcasts to all available interfaces. If Tardis is running on a computer with direct Internet access configuration should be changed to limit broadcast to LAN. IP broadcast uses the highest subnet address. Assuming a network prefix of 192.168.2/24 the broadcast address becomes 192.168.2.255. If this is not done time broadcast is sent out over all ports, including the one connected to the Internet. This may prevent dialup connection from timing out and may annoy your ISP.
Configuration Tip -- Tardis monitors dialup status. This is convenient if PC running Tardis is directly attached to the Internet. Tardis will update Internet time only if the connection is active; this prevents Tardis from activating an auto dialer.
5.6 Local DNS Resolver
Normally ISP provides DNS. However, any DNS server can be used to translate URLs to IP addresses. ADSL services has been very reliable, but have had numerous DNS problems. At first I used DNS server from my dialup ISP but decided to run my own DNS server. TreeWalk was installed on the server. Running my own DNS server has solved chronic DNS problems. For typical home LAN running local DNS is not very demanding and does not interfere with other programs running on the server.
Running TreeWalk DNS is straightforward. Install the software, and then modify TCP/IP settings. On the PC running TreeWalk set DNS IP address to Loopback address 127.0.0.1. On other PCs primary DNS address is set to TreeWalk server. ISP DNS is set as secondary in case local server goes down.
Running your own DNS Resolver is also a convenient way to block ads, more info about ad blocking here.
5.7 Private Web Server
The browser home page of each PC points to web server running on local server. This allows relevant information be posted on local site. Pages consist of both static information and dynamic weather data. XP pro includes built in IIS server but not XP home. The server is running XP home so we needed to use a third party web server. We chose Abyss as it is free for personal use. Abyss replaced Xitami server running on the previous server under Win 98.
5.8 Weather Station
Davis Instruments weather station data is posted on internal web server. Davis software is configured to update historical data file and create real time and historic GIF images. GIFs are posted automatically to local web server allowing anyone on the LAN to retrieve weather data.
5.9 Syslog Server
BSD Syslog protocol provides a standardized method for network devices to output status information to a log server. This creates a central repository for event storage overcoming storage limitation of most network appliances. Currently the only devices originating Syslog entries are broadband router and Tardis Time service.
We use Kiwi shareware program for both Syslog server and Log file viewer.
6 Widgets & Services – Making Life Worth Living
This section describes the various services and devices running on the LAN.
6.1 Computers
We have a menagerie of Windows XP home, XP Pro, Vista and even one ancient Win98 box as a spare. For demanding application opted to purchase new PCs for others bought used boxes.
A local computer dealer had a bunch of HP/Compaq Evo 530 towers come off lease. Bought a couple to replace Dell XPS T500 and Toshiba V3100 for my wife and myself. We also purchased a used Dell Latitude C600 laptop locally from another dealer. These are nice solid boxes at very attractive prices. Unless one needs latest and greatest PC hardware buying used PCs off lease is worth looking into.
We acquired new HP M8000e tower. This replaced my daughter’s HP Pavilion 6735. This is the first AMD PC I’ve owned. AMD represents a lot of bang for the buck.
My son had a Dell Dimension 4100 1 Gigahertz PC deemed inadequate for gaming. Replaced it with an eMachine W3502. Dell is now acting as home server replacing an aging IBM 300GL P200 by installing a 320 Gig hard drive for file sharing.
6.2 World Wide Web
All PCs use Microsoft Internet Explorer and some use FireFox. It seem seems browser wars are raging once again. Having multiple browsers is a useful troubleshooting tool. Internet Explorer version 7 seems to break compatibility with some web sites so after trying it for a while reverted back to version 6.
Key to effective use of the Internet is being able to find what one is looking for. Our preferred search engine is Google. They have a nifty IE and FireFox search toolbar add-on. The toolbar allows Google queries be made directly from browser toolbar.
6.3 FTP
File Transfer Protocol (FTP) is a very effective way to transfer large files over the Internet. FTP predates HTTP.
6.4 Instant Messaging
Instant messaging (IM) is becoming extremely popular both full blown messaging service using a PC and short message service (SMS) via cell phone. IM requires client side software. Unfortunately there is an interoperability battle being waged among the various IM services that see proprietary and incompatible IM formats in their corporate interest. This makes it a challenge to interconnect with users on different systems.
6.5 E-Mail
E-mail accounts fall into three broad categories: ISP accounts, free third party services and business email. ISPs typically provide email service as part of the total package. This is convenient but ties your e-mail address to current ISP. Change ISP and your e-mail address changes. We are in the process of going though ISP transition due to sale of Verizon’s New England territory to FairPoint. Free mail services like Yahoo are advertising supported. Google Gmail has become a very popular free email service. I use it as an alternative to business email. Third party email decouples e-mail address from ISP. Free accounts make sense for personal use and as throwaways if they attract too much spam. For business purposes or to insure long lasting email identity nothing beats registering your own domain name. Once registered e-mail is addressed to you@yourdomain.TLD. If you change hosting service you simply transfer domain registration to new provider, e-mail is unaffected.
6.5.1 Email Access
Traditionally access to mail has been with an email client, such as Microsoft Outlook. Most free mail services use a browser interface eliminating need for dedicated email client. Web mail is convenient because email is accessible from any browser equipped PC. Web based email user interface is somewhat clun