The Beginners Guide to Computer Network Basics
And how to connect 2 or more computers together
Realistically it's very easy, but there are a few things you need to know first. With a bit of luck I will find some images to illustrate the concepts better in the near future.
Other network hardware and connecting more than 2 PCs
The first thing is hardware. That is the physical devices you need to connect computers together. To connect 2 computers together for whatever reason, you will need a CAT 5 crossover cable. CAT 5 is specification, it guarantees certain performance and so you should not use less than CAT 5 (ie CAT 4), but anything above is fine (ie Cat 6). Ultimately it doesn't really matter about the specification of the cable but for connecting 2 computers together you need a crossover cable as it is specially designed for connecting 2 machines together. As part of the CAT 5 specification, the maximum length must be no more than 100 metres.
The next thing you need is a network card in each machine. There are a few types of network card, but you are looking at bog standard ethernet cards. Ethernet again is a standard designed for use in local area networks (LANs) and that is what you are building. The other types of network card are for specific network types and are not very common nowadays, so it is safe to just ask for a network card and get an ethernet card.
Ethernet cards come in 3 or 4 basic types, 10Mb, 100Mb and 1,000Mb (aka 1Gb), 10,000Mb (10Gb) is also becoming more common. These refer to the maximum data transfer rate the card can work at per second. 10Mb is obviously the slowest. 100Mb, 1Gb and 10Gb are backwards compatible and can work at the lower speeds provided by the other cards.
A network connection will work at the highest speed that both cards can manage. So if you mix a network with 10Mb, 100Mb and 1Gb cards, whenever any card talks to a 10Mb card, the connection will always be at 10Mb as the 10 Mb card cannot work any faster. If a 100Mb card talks to another 100Mb card, the data transfer rate will be 100Mb as both cards can do 100Mb. 1Gb cards can therefore only transfer data at 1Gb per second when the other card and all intermediate network hardware is 1Gb.
For home use you can discount, 1Gb cards as they are very expensive as are other network components designed to work at the same speed. If you remember that to utilise the 1Gb capability, every other component to which the 1Gb card will communicate with must be 1Gb, it quickly becomes prohibitively expensive. 1Gb cards are only really used in network servers, or machines where fast data transfer is imperitive and these are usually only required by people who can afford it.
So your decision is basically between 10Mb and 100Mb and quite honestly, 10Mb is very outdated and as 100Mb are so cheap there is no real point to buying 10Mb unless you have a PC that only has old style ISA slots inside. Most modern PCs have PCI slots and can easily accomodate cards of either speed, though ISA slots are limited to 10MB cards (I think). So, if you have PCI slots you should get 100Mb cards. You can pick them up for as little as £10, maybe even £8. 10Mb ISA cards can be found for around £3 or 4 for £10 at computer fairs.
So thats that. To connect 2 computers together thats all you need hardware wise. A network card in each machine and crossover cable.
Other network hardware and connecting more than 2 PCs
So what are these other network components I keep mentioning or what if you want to connect more than 2 machines together?
Well basically, to connect more than 2 PCs together you will need a network hub or switch. These are small boxes with a number of network ports on designed to connect more than 2 PCs together. The difference between a hub and a switch is that a switch is designed to detect network traffic on the line and time the transmission of data along the line so as to avoid data collisions which would require each machine to restransmit it's data. This causes a major performance hit so switches are prefererable to hubs.
It is recommended that whether you use 10Mb or 100Mb cards you buy a 100Mb switch as it will run in 10Mb, but also prevent you from having to buy a new switch if you wish to add a 100Mb card to your network and will auto-negotiate the best speed for data transfers between any two given points on your network.
In addition to a switch you will also need different cables. You will need straight-through CAT 5 cable and along with a network card for every machine to connect it to the switch. Again at no more than 100 metres in length.
Note under Windows 2000 and Windows XP you will be need to have administrator privileges to carry out many of the actions described below.
If you have Windows 2000 or Windows XP, this is no more complicated than running the network setup wizard. All you have to remember is to give each machine a different computer name and use the same Workgroup name. This may also be the case with Windows ME but it's been too long since I used it to remember.
In WinXP, go to My Network Places and choose the Network Setup Wizard from the menu on the right. In Win2K, right-click My Computer and choose Network Identification. Choose Change and give your computer a unique name and ensure that the Workgroup option is selected and type in your Workgroup name remembering it must be the same for all machines on the network.
In a mixed WinNT/9x environment (there were 2 Windows product lines, Windows NT, 2000 and XP known as the NT line and 95, 98, 98SE and ME known as the 9X line), you can generate a network setup disk under Windows XP's Network Setup Wizard to set up networks for Win9x clients.
However, if you're running pure 9x clients you will have to set everything up the hard way, though admittedly it's not that hard, just a bit fiddly and you will need a copy of the Windows disk as you will be asked it. I usually copy the Win98 (or whatever version) directory from the CD to my C:\ drive for an easy life first.
What you want to do is head for the Control Panel. Thats Start | Settings | Control Panel. Now you want Network Settings.
You will have a little window with 3 tabs across the top and list in the middle of the window on the first tab. The list shows what network software and hardware you have installed.
Basically, you need a network card (which you should have by now) and several protocols. Protocols are like network languages and allow your machine to talk to other machines on the network.
If you don't see entries for TCP/IP, IPX/SPX and NetBEUI you're going to have to add them. So click Add, then choose Protocol, then Microsoft and then which ever protocol it is that you need and click add. Repeat the process for any others.
If you're only using Win9x machines you can use Windows Logon as the primary network logon method, which means you won't have to worry about using a username and password. If it's not in the list you can add it using the same method as above, though this time choose Service rather than Protocol and choose Windows Logon. You can now set Windows Logon as your preferred network logon method in the drop down box below the list and press apply.
If you're in a mixed NT/9x network you'll need Client for Microsoft Networks, which if it isn't in the list you'll need to install as before, with Add | Service | Client for Microsoft Networks and then set it as the primary logon method in the drop down box.
This is enough to allow you view files and use printers shared by other machines on a network of Windows machines, but not to share your own. For this you need to enable File and Printer Sharing. This is as before, Add | Service | File and Printer Sharing for Microsoft Networks. Then click the File and Printer Sharing button under the list and check each box for the kind of resource you wish to share. Click OK.
Next you need to click the middle tab to set your Network name settings. In the Computer Name box put your unique computer name put the name of your network's Workgroup. Then click Apply, then click OK again. Window will then attempt to install all of the software and drivers required for your settings during which time you will be asked for your Windows CD, or you can point the wizard at your copy of the Windows CD on your hard disk. When it has finished it will ask you to reboot. When you do so Windows will come back up with your new settings in place. If you selected Windows Logon as your primary network logon method, Windows will just boot straight into your desktop. If you chose Client for Microsoft Networks (such as for a machine that co-exists on a network with NT machines (including 2000 and XP)) you will be asked to provide a username and password which you should enter every time.
You can now browse the shares on your network via My Network Places or Network Neighbourhood, whichever appears on your desktop.
You can share directories with others by right-clicking them and choosing Sharing and Security. Here you can choose the name that network users will see the share under. If you add a $ sign on to the end of the name, users will not see the share under Network Neighbourhood or My Network Places, they will instead have to know the exact network address of the share and type it into Windows Explorer's address bar. As with any normal network share this is done in the format:
\\machinename\sharename
where machinename is the name of the machine that hosts the share and sharename is the path to the share (including the $ sign if you added one to create a hidden share).
To share a printer you need to enter the Printers section of the Control Panel and right-click your printer(s) and choose Properties. Choose the tab named Sharing and click the Shared As option button, either change the Printer share name to something suitable or keep it as it is and click OK. Other people will now be able to print to your printer.
The last part of this network basics round up is not something you need to know to configure basic Windows networking, but forms the basis or every kind of networking and is therefore somehting you should know.
Quite simply this thing about giving your computer a name is not strictly accurate. It is a easily human readable form of real computer addresses. Windows network names are slightly different to network names in the real world like internet addresses, or URLs like www.yahoo.com. These human readable names are translated by an internet service known as DNS (Domain Name Service) into computer readable address names called IP addresses or Internet Protocol addresses. Remember that thing about adding Protocols to get Windows Networking to work? Well one of them was called TCP/IP, which stands for Transmission Control Protocol/Internet Protocol. IP is the main part of a whole suite of protocols, and is concerned with the way the data is formatted for transmission and TCP is concerned with ensuring the data reaches the destination, by finding its way around network outages or retransmitting if the data gets lost.
Ok so you didn't need to know that last bit, but we're on a roll here. The important bit is about addressing. When you want to go to yahoo.com, your web browser already knows the IP address of your ISP's (Internet Service Provider - the people with whom you have your internet connection) DNS server from when you connected to the net and asks it for the IP address of yahoo.com. If your ISP's DNS server doesn't know it will ask another upstream DNS server until it either finds out or accepts that no DNS server knows. In the case of yahoo, the only time it shouldn't be able to find out is when you're not online.
When your browser knows the IP address of yahoo.com it goes directly to www.yahoo.com by using it's IP address which is the most accurate and direct form of addressing.
So what are these IP addresses? Well admittedly you may have seen them before and not known what they were and they look a bit weird to start off with but thats because they were designed to be read by machines and not humans. They are made up of 4 numbers of up to 3 digits totalling no more than 255 per number each seperated by 3 dots. So starting with 0.0.0.0 you can go as high as 255.255.255.255. The form IP addresses take is known as dotted quads and they do not have a final dot, those presented here with a final dot are presnted as so for accurate punctuation of the English language, meaning that they appear as the last thing in a sentence and therefore must end with a dot. When writing IP address do not terminate them with a fourth dot.
In Windows if you bring up a DOS window or Command Prompt, for Win9x type winipcfg or in WinNT type ipconfig and it will bring up details of your own network configuration.
Now from a DOS prompt type ping www.yahoo.com. Ping is a network diagnostic tool that allows you to test network connectivity. It will tell you the exact DNS address of the machine that is hosting the www.yahoo.com domain name and it's IP address which at the time I did it was www.yahoo.akadns.net and 216.109.118.73. I can now sidestep the DNS lookup for www.yahoo.com and simply type in the IP address which is 216.109.118.73 and I still get the same page as if I typed www.yahoo.com into my browser. Now, note this is all just for fun and practice, you don't need to do this in real life, you can just stick to normal DNS address like www.yahoo.com.
If you enjoyed that geeky stuff go on and play with traceroute which traces all of the machines your data packet takes from your machine to it's destination such as yahoo with tracert www.yahoo.com note the windows command is tracert not traceroute, but it is known traceroute. Also try nslookup www.yahoo.com nslookup reports DNS information for the specified DNS or IP address.
Well after all that you may be wondering whats the point? Well it was just to play with IP addresses and get you used to them. To do anything interesting with networks you will need to become familiar with them. You know how to look up your own IP address so next we'll take that a bit further.
When Windows boots up it automatically checks out what other machines are on the network and what their IP addresses are so it doesn't take one that is already in use. It then assigns itself an IP address that is not in use and lets every other machine in the network know its IP address.
When you browse your Windows network, you either go through Network Neighbourhood or My Network Places, or you type the address into Windows Explorer such as \\davespc\davesfiles. Windows doesn't really care what davespc is called as far as it's human readable form is concerned, all it cares about is the IP address of davespc and internally just substitutes the name davespc with the IP address such as 192.168.1.2 and then uses that IP address to refer to davespc.
In cases where this kind of ad-hoc network setup is in use, this kind of IP addressing is fine, but where things need to be a bit more accurate, you need a bit more of a handle on things. For example if you have an internet connection with a firewall such as Smoothwall and want to share your internet connection you need to manage things a bit more closely.
There are 2 ways to have more control over what goes on with your IP addresses.
One is to use DHCP (Dynamic Hosts Control Protocol) and the other is to use static IP addresses. Smoothwall and many other dedicated firewalls have a built in DHCP server which automatically assigns IP addresses to machines as they request them on boot up. This may sound like the same as before, except this time, they are from a predefined range of addresses. This also means that new machines may join your network and automatically work within your network setup (well they will get a network connection at least, whether they can browse network shares depends on whether their Windows Workgroup name is the same as yours). This is the most flexible method as it means that it all just work and you know the range of IP addresses being used.
The alternative is to use static addresses. This is where each machine on the network is set up to use a specific IP address every time. This has it's uses but also has it's problems. You have to manually set up each machine and again if you need to change anything for any reason. You have to remember all of the used addresses to avoid clashes in future. This gets complicated. DHCP is easier though it takes some setting up to start with.
This is where we apply some knowledge of IP addressing schemes. There are millions of computers in the world and not enough addresses for every single one to be uniquely addressed. So for internal networks like ours (ie not every machine is directly connected to the Internet) our machines can have their own internal addresses and the Internet will see them all as being from the same address which is the external IP address of our firewall as provided by our ISP. Our firewall will do the hard work of translating destination addresses of the incoming data from the Internet into the addresses of our internal machines. This is call NAT or Network Address Translation. The translation of data sent from an internal machine through the firewall to the destination machine and then back to the firewall via it's external or Internet viewable IP address and translated back into an internal network IP address to which the data is delivered. As the data passes through the firewall, the firewall rewrites the sending IP address to it's own external IP address, when the data comes back from the Internet server it sends it back to our firewall address and knows nothing more about where it came from, the firewall rewrites the address back to that of the internal machine and sends it on.
Soooooooo... When setting up a firewall with DHCP and NAT we need some addresses to play with. The first thing we need is an external IP address that the internet will see. The good news is that you shouldn't have to worry about this, whatever your method of connecting to the wider world, this will be assigned to you by your ISP when you connect to them. The next thing you need is an internal network address for the network card in your firewall. This is the one the machines on your internal network will speak to when they need to send data outside of your network and this is where you learn how to address machines.
There are different addressing schemes designed to take into account different scenarios, but ours is a fairly safe bet. Basically depending on the number of machines that are to be networked, you use a different scheme. We will be using a Class C networking scheme, if we wished to use more network machines we could use Class B or even A.
Basically our IP addresses are within the 192.168.x.x network range reserved for Class C networks, but the outside world will only ever see our external firewall address and our firewall will handle the rest. So we will call our safe internal network 192.168.1.x. We could have other networks like 192.168.0.x and 192.168.2.x for other purposes, but our safe network is 192.168.1.x. This allows us to work out a few more addresses.
Basically the x.x.x.0 address and x.x.x.255 address are reserved for network management and so should not be assigned for use by machines. In our case this is 192.168.1.0 and 192.168.1.255. The x.x.x.0 address is called the network address and x.x.x.255 is called the broadcast address, they are used for talking or referring to the network as a whole.
It is therefore logical that our firewall's internal interface will be asigned192.168.1.1. This is because is will be the default gateway on the network, that is to say, that whenever a machine needs to send data over the network and it doesn't know the exact route to take itself, it will send it to the default gateway which is our internal interface on the firewall. This is the case with Internet traffic or perhaps if we had another network 192.168.0.0 attached to the firewall on another interface to which we needed to send data.
Firewalling speak uses the Traffic Lights concept for referring to the security of interfaces. For example, our Internet facing external interface on the firewall is called the Red Interface. Our safe firewalled internal interface on the firewall is calledthe green interface. It is common to have an Amber or Orange interface on the firewall to indicate an interface behind the firewall, where insecure services are run, separate from our green interface so as not to pose a security risk to our safe internal network. Machines behind the Orange interface run in a guarded zone where web, email and other vulnerable services are unable to communicate with the Green zone.
So lets review before we go on. Our addresses so far are:
| External Firewall Interface (Red) | Unknown, assigned by ISP |
| Network Address | 192.168.1.0 |
| Broadcast Address | 192.168.1.255 |
| Secure Internal Firewall Interface aka Default Gateway for 192.168.1.0 network (Green) | 192.168.1.1 |
Next we need to choose out DHCP range. It is good practice to restrict this to the maximum size of your network and also to leave some static addresses to spare. Unless you have 254 machines this is easy enough and if you do, you should really be reading something a little more comprehensive than this!
Simply work out how many addresse you need. If you have 8 machines, thats 8. If you have 24 thats 24. If you have 8 but are looking at expanding, add enough to fulfill your future requirements, you can always change it later anyway. Pick a starting point for your range from the IPs available. so thats 192.168.1.2 as far as 192.168.1.254. Obviously the higher you go the fewer there are.
A good starting point 192.168.1.100 as its a round figure and leaves you nearly 100 static addresses below it and add on how ever many addresses you need for your upper range limit. There you go, theres your DHCP range. Mine is 192.168.1.100 to 192.168.1.200 because it gives nice figures and it's easy to remember though I will narrow this down because I'll never need that many addresses.
The only other thing you might need to add is a couple of DNS server addresses. Don't worry about this. If you had one you would know about it. You almost certainly don't. Just put your firewall's green interface address in here and your firewall will just pass any DNS requests on to your ISP's DNS servers. You won't need to put asecondary DNS server address.
Congratulations. If you managed to follow all of that, what you've just done is configure a fully-fledged network network with DHCP and a firewall and that's no mean feat if you knew nothing about networks to start with. More to the point, you just set up Smoothwall which is a dedicated firewall for home use and is free to download and install. It requires a redundant PC with a minimum of a 486 or early Pentium processor, 32 to 64MB RAM and 500MB or 1GB hard disk. It will wipe your hard disk so don't use it on anything you expect to keep.
Click here to go home, or here to return to Computing.
Home | About Me | Computing | Debauchery | Links | Filthy Downloads | Help | Interviews | Legal | Prague | Stuff