Home Office Network

SOHO Multi-WAN Routers Configuration : PePLink Balance 30

Many people are looking for the default Password and IP address of PePlink Balance series for accessing the Web administrator interface of configuration:

The default IP is 192.168.1.1 , default user name is admin and password is also admin.

to access the web administrator interface for basic comfiguration, just enter the LAN IP address in the address field of your web browser :

http://192.168.1.1

then type user name and password will led you to the configuration web interface.

Home network Router configuration

Troubleshoot TCP/IP connectivity (check TCP and UDP port status)

Portqry.exe command-line utility:

Portqry.exe is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues.(check the TCP port status) Portqry.exe runs on Windows computers. The utility reports the port status of TCP and UDP ports on a computer that you select.

The port status is as following:

*Listening (open)

A process is listening on the port on the computer that you selected. Portqry.exe received a response from the port.
For example, you have web server is running on target computer, the web server is listing the TCP port 80.

*Not Listening (close)

No process is listening on the target port on the target system. Portqry.exe received an Internet Control Message Protocol (ICMP) “Destination Unreachable - Port Unreachable” message back from the target UDP port. Or if the target port is a TCP port, Portqry received a TCP acknowledgement packet with the Reset flag set.

*Filtered

The port on the computer that you selected is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port.

This utility also has a Windows application with GUI, which you can use easily without typing command line dos command.

The following shows the result to check the yahoo.com ’s web server port 80 status :

TCP/IP Network FAQ

CAT5 and CAT6 Network Cables

CAT5 cable contains four pairs of copper wire. CAT5 supports Fast (100 Mbps) Ethernet and comparable alternatives such as ATM. As with all other types of twisted pair EIA/TIA cabling, CAT5 cable runs are limited to a maximum recommended run rate of 100m (328 feet).

Although CAT5 cable usually contains four pairs of copper wire, Fast Ethernet communications only utilize two pairs. A new specification for CAT5 cable, CAT5 enhanced (CAT5e), supports short-run Gigabit Ethernet (1000 Mbps) networking by utilizing all four wire pairs and is backward-compatible with ordinary CAT5.

CAT6 cable contains four pairs of copper wire and unlike CAT5, utilizes all four pairs. CAT6 supports Gigabit (1000 Mbps) Ethernet and supports communications at more than twice the speed of CAT5e, the other popular standard for Gigabit Ethernet cabling.

Here is a Video on CAT5 and CAT6 : Gigabit Networking: Cat5 or Cat6?

CAT5 nad CAT6 Network Cables

10BASE-T, 100BASE-T and 1000BASE-T

10BASE-T : the IEEE standard that defines the requirement for sending information at 10 Mbps on unshielded twisted-pair cabling, and defines various aspects of running Ethernet on this cabling.

100BASE-T : the IEEE standard that defines the requirement for sending information at 100 Mbps on unshielded twisted-pair cabling, and defines various aspects of running baseband Ethernet on this cabling.

1000BASE-T (also called gigabit Ethernet) : the IEEE standard that defines the requirement for sending information at 1000 Mbps on unshielded twisted-pair cabling, and defines various aspects of running baseband Ethernet on this cabling

10BASE-T, 100BASE-T and 1000BASE-T Network

Computer Networks/IP, ARP, DHCP, NAT, ICMP

Introduction

Network Layer is responsible for transmitting messages hop by hop. The major internet layer protocols exist in this layer. Internet Protocol (IP) plays as a major component among all others, but we will also discuss other protocols, such as Address Resolution Protocol (ARP), Dynamic Host Configuration Protocol (DHCP), Network Address Translation (NAT), and Internet Control Message Protocol (ICMP).

Internet Protocol

Internet Protocol (IP) is the Internet layer protocol that contains address information for routing packets in Network Layer of OSI model.

IP, as an integral part of TCP/IP, is for addressing and routing packets. It provides the mechanism to transport datagram across a large network. In more detail, the main purpose of IP is to handle all the functions related to routing and to provide a network interface to the upper-layer protocols, such as TCP from Transport Layer. Applications use this single protocol in the layer for anything that requires networking access.

Network Layer Functionality

Network Layer is responsible for transmitting messages hop by hop, which sends from station to station until the messages reach their destination. Each computer should have an unique IP address assigned as an interface to identify itself from the network. When a message arrives from Transport Layer, IP looks for the message addresses, performs encapsulation and add a header end to become a datagram, and passes to the Data Link Layer. As for the same at the receive side, IP performs decapsulation and remove network layer header, and then sends to the Transport Layer. The network model illustrates below:

Image:Network Layer.jpg

Figure 1 Network Layer in OSI Model

When a datagram sends from the source to the destination, here are simple steps on how IP works with a datagram travels:

1. Upper-layer application sends a packet to the Network Layer.
2. Data calculation by checksum.
3. IP header and datagram constructs.
4. Routing through gateways.
5. Each gateways IP layer performs checksum. If checksum does not match, the datagram will be dropped and an error message will send back to the sending machine. Along the way, if TTL decrements to 0, the same result will occur. And, the destination address routing path will be determined on every stop as the datagram passes along the internetwork.
6. Datagram gets to the Network Layer of destination.
7. Checksum calculation performs.
8. IP header takes out.
9. Message passes to upper-layer application.

Image:IP Characteristic.jpg

Figure 2 IP Characteristic in Network Layer

In Network Layer, there exist other protocols, such as Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMP), but, however, IP holds a big part among all.

Image:IP Network.jpg

Figure3 Internet Protocol in Network Layer

In addition, IP is a connectionless protocol, which means each packet acts as individual and passes through the Internet independently. There is sequence, but no sequence tracking on packets on the traveling, which no guarantee, in result of unreliable transmission.

IP Packet Format

Each IP header contains information relates to data sends from upper layers for identifying the destination, and is shown as follows:

Image:IP Packet.jpg

Figure 4: IP Packet

Image:IP Packet Field.jpg

Here is a snapshot of an IP packet capture on Ethereal:

Image:IP Packet Ethereal.jpg

Figure 5: IP packet captured from Ethereal

Notice in the protocol field that captured above, it indicates TCP. Since the header does not have any protocol information for the next layer, it simply directs IP to pass the segment to TCP at the Transport Layer. All other fields correspond to the description above.

IP Address

IP address is a set of numbers identify any packet sends from sender to receiver on IP network in the Internet. It is a software address associated with interfaces, 32-bit information as a hierarchical address structures to handle a large number of addresses, assigns to each machine as interface that designs to communicate between hosts in different network. Dotted-decimal notation usually use as for easy understanding purpose.

An IP address consists of two parts, Network Address and Host Address. Network Address for identify each network, and Host Address for identify individual machine.

Example:

Image:IP Address.jpg

One would wonder what the IP address information of the current machine that connecting to the network, we could use ipconfig command to find out:

Image:IPconfig.jpg

Figure 6 ipconfig Command for Address Information

The current machine turns out to have the IP address of 192.168.1.4. The next figure will show a physical interface representation corresponds to the IP address, and notice the first 16 bits are representing the network address, which will stay the same within its own network:

Image:IP Connection.jpg

Figure 7 Network Connection

There are different classes of networks, based on the network size, as shown in the following:

Image:IP Address Class.jpg

Figure 8 IP Address Class Identification

Notice that bits in the beginning of each class set are defines by address schemes, which will not be used. So, the network address ranges for each class are as follows:

Image:Network Address Range.jpg

However, because of the address demanding and shortage, there IP addresses exist that reserved for special purposes and sets for private network.

Image:Reserved IP.jpg

Image:Private IP.jpg

Subnetwork

Subnetwork (Subnet) is used to group computers in the same network that has IP address with the same network address. Subnet is one of the solutions for resolving the shortage of addresses and to help utilizing the address assignment in the network. Subnet mask is introduced to have the network breaks into subnetworks in order to provide a hierarchical routing architecture.

Example:

Subnet: 180.28.30.1-128

Subnet mask: 255.255.255.128

Slash notation is introduced to identify the number of bits turn on. When the Internet Service Provider (ISP) allocates addresses to the users, these addresses will be in a slash notation form:

Example:

Image:Subnet.jpg

In addition to the advantage of grouping computer, there are some benefits from subnetwork:

* Reduced network traffic
* Increase network performance
* Simplified management

Classless Interdomain Routing (CIDR), also known as supernetting, is another solution for shortage of addresses. The basic idea is the same as subnet. The only different is that host address is occupying bits from the network address, which help for address wasteful avoidant purpose.

Example:

Image:Supernet.jpg

Additional IP Related Information

There are four steps defined for troubleshooting IP addressing:

1. Ping 127.0.0.1

2. Ping localhost IP address

3. Ping default gateway

4. Ping the remote server

Each of these could give information about the network status. Step 1 is generally a loopback test, which means the IP stack is initialized if successful. Then if Step 2 is successful, it means that the Network Interface Card (NIC) is functioning properly. Step 3 allows the user to find that the machine can communicate within the local network. Lastly, Step 4 gives the administrator the information of a host that successfully communicates with the remote server, where the remote physical server is working.

Address Resolution Protocol

Address Resolution Protocol (ARP) is a mechanism used by IP to find the hardware address of a host from an IP address.

When IP is trying to send a datagram to the Data Link Layer (layer 2), Ethernet will be informed to look for the hardware address, also known as MAC Address, of the destination in the local network. Since Ethernet is using hardware addresses to identify source and destination, ARP will be used to obtain the hardware address by broadcast the specified IP address. Then, the machine that matched the specified IP address will reply with the requested hardware address.

Image:ARP Broadcast.jpg

Figure 9: ARP broadcast

ARP Packet Format

Similar to IP Packet, Each ARP packet field is explain as follows:

Image:ARP Packet.jpg

Figure 10: ARP packet

Image:ARP Packet Field.jpg

The image below is a snapshot of an ARP packet capture on Ethereal:

Image:ARP Packet Ethereal.jpg

Figure 11: ARP packet captured from Ethereal

Notice the destination from Ethernet header is all 1s (ff:ff:ff:ff:ff:ff). ARP is performing a broadcast in the above trace.

Here is another example for ARP to locate hardware address. “arp –a” command allows to displays current ARP cache tables for all interfaces:

Image:ARP-a.jpg

Figure 12: ARP Command for Hardware Address

IP allows datagram to transport across a large network, the Internet. However, if two nodes are going to communication across the same Local Area Network (LAN), IP in layer 3 will not be needed because ARP with the Ethernet address is enough for the data transfer. Unless many different layer 2 communications establish across the internet, then IP and router will be forced to use. Layer 3 IP usually only use when a communication goes beyond layer 2 and is required to.

Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol (DHCP) allows for manual and automatic assignment of IP addresses (see IETF rfc 2131 & 2132). DHCP is enacted when a new machine joins a network or an existing machine attempts to renew its IP address. DHCP is an extension of an older protocol known as the “bootstrap protocol” (BOOTP) and is backwards compatible with BOOTP. There are three methods of IP address allocation:

Manual: An administrator manually assigns the IP address; tedious but most secure method.

Automatic: DHCP server assigns permanent IP address to requesting client.

Dynamic: DHCP server “leases” IP address to requesting client. The IP address is only valid for a limited period of time;
after which the client must request a renewal or ask for a new IP address.

By far the most common (and most detailed) method is the dynamic method, which we’ll focus our attention on. A typical sequence for a new client requesting an IP address is shown in the diagrams.below. Please note that this depiction shows the DHCP server located on a different network segment than the new client. But it’s not required to be that way.

Example

Figure 1

In figure 1, a new client that just joined the network, needs an IP address. Since it does not know the DHCP server’s location, the client broadcasts (step 1) a DHCPDISCOVER message on the local network. The message packet contains a hardware identifier (usually the MAC address), the source port (68), the destination IP (255.255.255.255), destination port (67), and a randomly generated transaction id. Optionally the client can specify the IP address it wants and the lease duration in the message. Once the DHCP relay receives the broadcasted message, it fills in the “giaddr” field of the packet with the gateway IP address of 10.1.2.9 . This piece of information is critical because the DHCP Server needs it to determine which subnet the client is on and thus which IP address to allocate to the client. Afterwards the DHCPDISCOVER message is relayed to the DHCP Server via unicast (step 2). A unicast, instead of a broadcast, is sufficient because the DHCP relay knows the exact location of the DHCP server. For this same reason, the DHCP relay does not allow the other network segment, 10.1.1.X, to receive the message.

Once the DHCP server receives the DHCPDISCOVER request, it allocates an IP address, marks it as taken, and then broadcasts a DHCPOFFER message back to the requesting client. This message packet contains the DHCP server’s IP address, the client’s hardware identifier, the same transaction id, and the IP address allocated for the client. Optionally, the message may also contain the lease time, subnet mask, default TTL, default router(s), and numerous other parameters.

Figure 2

n figure 2, the DHCP server allocates new IP address 10.1.2.3 for the client and broadcasts a DHCPOFFER message to its network (step 3). When the DHCP relay sees the DHCPOFFER broadcast, it relays the broadcast to the 10.1.2.X network and only that network (step 4). Once the new client sees the DHCPOFFER message, it accepts the IP address (step 5) and prepares a confirmation message to the DHCP server with a DHCPREQUEST packet. Please note that the client does not have to accept this IP address, in which case it will not send a DHCPREQUEST message. If multiple DHCP servers sends out a DHCPOFFER, the client can choose which one to accept. If for some reason, the DHCPOFFER message fails to ever arrive, the client will rebroadcast the DHCPDISCOVER message.

Figure 3

If the client included optional information in the initial DHCPDISCOVER message, it must include that same information in the subsequent DHCPREQUEST message. In step 6 of figure 3, the new client confirms it wants the IP address 10.1.2.3 by broadcasting a DHCPREQUEST to the DHCP server. Once the DHCP Server receives this message (with help again from the DHCP Relay), it first ensures that it is the intended target - because the client could be responding to another DHCP Server. If this DHCP server is not the intended target, then it knows some other DHCP server is handling this client. So this DHCP server can discard any previously allocated IP address for that client. If this DHCP Server is the intended recipient, then it has to verify the optional parameters that it specified in the previous DHCPOFFER message to this client, are still valid. Assuming everything is fine up to this point, the DHCP Server sends a DHCPACK broadcast (step to tell the client that its new IP address can now officially be used. However, if something is wrong, then a DHCPNACK is broadcasted instead. Either way, a DHCPACK or DHCPNACK will be the final message sent by the DHCP server in the dynamic IP address allocation sequence..

Assuming it receives the DHCPACK relayed by the router (step 9), the client is encouraged to verify no other hosts has the same IP address. This is usually accomplished through a simple ARP probe. Any response to the probe means that another client is already using the IP address. In such a situation, the client must send a DHCPDECLINE message to the DHCP server. Afterwards the client will then need to restart this whole process beginning with DHCPDISCOVER phase. In most cases, there’s no response to the client’s ARP probe. This means the client can go ahead and use the allocated IP address along with any other optional information stored in the message packet.

If the the client got a DHCPNAK instead of DHCPACK, then it has no choice but to restart everything from the very beginning i.e. the DHCPDISCOVER stage. Finally, if the client doesn’t receive any DHCPACK or DHCPNAK message after a certain period of time, then it rebroadcasts the DHCPREQUEST message.

Other DHCP Messages

IP Renewal: If the client wishes to renew its existing IP address (usually because of expiring lease), it unicasts a special
DHCPREQUEST message that indicates it’s renewing (and not asking for new) IP address. The DHCP server can choose
to extend the lease or reject it. Either way, it must inform the client via a DHCPACK message.

Release IP: The client can request its current IP address be relinquished by issuing a DHCPRELEASE message (via unicast) to
the DHCP server. The message packet must contain the IP address and the hardware identifier of the client. Upon
receipt, the DHCP server marks the client’s IP address as unallocated.

Inform: The client already has an IP address but needs additional configuration parameters, such as default TTL, subnet
mask, etc. So it sends a DHCPINFORM message to the DHCP server. In response, the DHCP server unicasts a DHCPACK

Security Concerns

DHCP is inherently insecure because there’s no authentication mechanism built in. Here are a few examples of security weaknesses.

Problem: The DHCP server does not know if requests are from a legitimate new client or a rogue host pretending to be one.
Impact: This could lead to IP addresses allocated to spoofed MAC addresses that don’t exist, and eventually exhaust the pool
of legitimate IP addresses. Thus new hosts cannot added to the network.
Solution: Manually assign IP addresses or manually verify every new client requesting IP address. Can also audit the DHCP
database. But these are all fairly time-consuming. No simple way to address this issue.

Problem: A new client doesn’t know if responses are coming from real DHCP server or rogue host pretending to be a DHCP server.
Impact: If the client accepts all the information given to it by the rogue DHCP server, then false information (e.g. bad
subnet mask) could render the client useless.
Solution: Can identify fake DHCP servers by using security tools that send out DHCPDISCOVER & DHCPREQUEST messages and flag any
suspicious information returned.
Network Address Translation

When IP addresses were introduced, only a portion of the theoretical four billion or so IP addresses were available for assignment. Early on, this was not a problem because the Internet was only used among groups of academic researchers, a few high tech companies, and the U.S. Government. But after the Internet exploded in popularity during the mid-1990s, it soon became clear that there won’t be enough IP addresses to keep up with demand. In response, IPv6 was proposed as a long term solution. But IPv6 was quite different from IPv4 and had complexities that slowed down its adoption. So a practical short term solution was needed, and thereby Network Address Translation (NAT) was introduced.

Example

The basic idea behind NAT is to assign a single IP address to a NAT device. We’ll call this the public IP address. Within the local network behind the NAT device, every computing device gets assigned a private IP address as illustrated below:

Figure 1 Image:NAT1.jpg

In figure 1, the NAT device’s public IP address is 145.12.131.7 while the private IP addresses are in the range 192.168.X.X. This range of private IP addresses is one of three common ranges:

Class A: 10.0.0.0 - 10.255.255.255/8
Class B: 172.16.0.0 - 172.31.255.255/12
Class C: 192.168.0.0 - 192.168.255.255/16

Keep in mind that private IP addresses are valid only within that local area network. It is not recognized on the public Internet. For packets that originate from a private IP address and port, it must be converted to a unique public IP address and port before it can be sent to the Internet. The mapping from private IP address & port to a public IP address & port is typically done through a translation table inside the NAT device. An example is shown in figure 2:

Figure 2 Image:NAT2.jpg

In step 1, the host at private IP address 192.168.100.3 is requesting the homepage of www.yahoo.com via an HTTP request through port 3855. When the HTTP packet arrives at the NAT device (step 2), it looks up the translation table for an existing public (IP addr, port) entry for this private (IP addr, port) combination. If no existing entry exists, then the NAT device will create a new public (IP addr, port) entry. If there is an existing entry, then the translation process will use the existing entry. Please remember that each entry in the translation table must always remain unique! After the table lookup is complete, the IP packet is then altered so that the new IP address and port replaces the old one. Finally in step 3, the altered packet is routed to www.yahoo.com . This entire network address translation process is completely transparent to the end hosts. In other words, neither the host at 192.168.100.3 nor the Yahoo web server realizes the packet has been changed.

The packet from Yahoo’s web server now goes through the reverse translation process to reach the requesting host.

Figure 3

The reverse process is similar to the original translation process. It will look up the translation table for the corresponding private (IP addr, port) pair when given the public (IP addr, port) pair. The only difference it that a missing entry will result in the packet getting thrown away. Once the lookup and alteration is completed (step 5), the packet (now contains the original private (IP addr, port) information) is sent to the requesting host at 192.168.100.3 port 3855.

NAT vs. Proxy

NATs are sometimes confused with proxies, but they are actually quite different in one aspect: transparency. NAT is completely transparent to the end hosts i.e. only the NAT device knows that an IP conversion is taking place. But for proxies, the source application/host is well aware of the change because it has to deliberately be configured to use the proxy.

Problems with NAT

Applications that holds their [private] IP address information inside data packets will find that it doesn’t match with their actual IP address once the IP translation is done and the packet is on the Internet. Example: FTP

Among the chief complaints is that the widespread use of NAT has resulted in delayed deployment of IPv6, which is the more ideal long-term solution. Despite all the issues associated with NAT, it is still “good enough” for most home users. Therefore, adoption of IPv6 among DSL and cable Internet customers in the U.S. will continue to be slow. For Internet purists, the whole NAT solution is considered to be a quick “hack” rather than a long term solution. The original Internet was designed for end-to-end communication, where every host has a public IP address.

Overcoming NAT Restrictions

Simple Traversal of UDP through NAT (STUN) : Suppose Host A and Host B are both behind asymmetric NATs and both have a UDP session with server S who is directly connected to the Internet. Then host A can use the same source IP & port as the existing connection with S to initiate session with host B. Meanwhile, S knows the public IP and port of A’s session with B since it’s the same as A’s session with S. S then passes this info to B, and B initiates UDP session with A.

Traversal Using Relay NAT (TURN): this setup requires an intermediary server S, who is directly connected to Internet. Both hosts A and B would have to initiate session with S, and then S will relay their messages to each other.

Port Address Translation

A related but somewhat different concept to NAT is port address translation (PAT). PAT allows incoming sessions, that are initiated from an external host, to map to a specific internal host and port. For example, in figure 4

Figure 4

all incoming requests to port 80 of the router are forwarded to internal host 192.168.100.2 port 7575. Likewise, all incoming connections to port 22 or the router are redirected to host 192.168.100.1 port 22. This type of setup is common for users to wish to run a server behind a NAT device. The only down side to PAT is that it’s restricted to one entry per router port.

nternet Control Message Protocol

Internet Control Message Protocol (ICMP) is a protocol used to pass information related to network operation between hosts, routers and gateways in network level.

There are four major functions as follows:
* Announce network errors when the network being unreachable.
* Announce network congestion when a router over-buffer due to too many packets transmitting.
* Assist Troubleshooting when packets send over a network to compute the loss percentages and round-trip times.
* Announce Timeouts when TTL of an IP packet drops to zero, where a packet being discards.

Please note that ICMP packets are crafted at the IP layer and thus does not guarantee delivery.

Network Connectivity Check

Two of the most practical connectivity test commands are ping and traceroute. These two commands are good mechanisms for network troubleshooting, and both of these use ICMP.

Ping

Ping is a computer program that determines if a host is up or not. Ping basically consists of a source sending an ICMP “echo request” to a target, followed by the target replying with an ICMP “echo response” - assuming the target is up. A typical output of Ping is shown in figure 1 and an Ethereal capture in figure 2:

Figure 1: Output of Ping command

Traceroute

Traceroute is a computer program that sends ICMP packets to show the route a packet takes across an IP network from source to destination. It does this by incrementing the time-to-live (TTL) field by 1 for every successive host until it reaches its destination. A traceroute output and Ethereal capture are shown in figures 1 & 2, respectively.

Figure 3: Output of Traceroute command

Summary

Internet Protocol (IP) is responsible for addressing and routing packets in the Network Layer (layer 3) of the 7 layer OSI model. Messages are transmitted hop by hop in this layer, and each node’s interface has a unique IP address for identification in the network. It allows datagram to transport across a large network.

Address Resolution Protocol (ARP) is a mechanism used by IP that finds the hardware address of a host from an IP address within the local area network.

Dynamic Host Configuration Protocol (DHCP) is a convenient, though insecure, technique to assign an IP address to a host newly added to a network. It can also be used to extend the lease period of an existing IP address, drop the IP address of a host, or provide initial configuration parameters to a requesting host.

Network Address Translation (NAT) is a widely-used solution to the shortage of IP addresses. NAT introduces the concept of a “private” IP address that is valid only within a Local Area Network (LAN) and must be translated to the “public” IP address that’s used on the Internet. With NAT, we can have multiple private IP addresses share a single public IP address, thus delaying the need to deploy long-term solutions to the shortage of IP addresses.

Internet Control Message Protocol (ICMP) is a way to send error messages or perform network diagnostics across a network. Two of the most common tools utilizing ICMP are Traceroute and Ping.

Network Questions :

1. What is the Class C private IP address space?
2. What is the subnetwork number of a host with an IP address of 172.16.170.0/22?
3. What is the subnetwork number of a host with an IP address of 192.168.111.88/26?
4. The network address of 192.16.0.0/19 provides how many subnets and hosts?
5. You have a Class B network ID and need about 450 IP addresses per subnet. What is the best mask for this network?
6. You router has the following IP address on Ethernet: 172.16.112.1/20. How many hosts can be accommodated on the Ethernet segment?
7. If a company calls for technical support regarding to its malfunction network, what are the four basic steps to perform a IP addressing troubleshooting?
8. If an Ethernet port on a router were assigned an IP address of 172.16.112.1/25, what would be the valid subnet address of this host?
9. (T/F) ICMP messages are encapsulated in IP datagrams.
10. (T/F) Ping program uses “TTL” field to detect if a destination host is alive.
11. Using the example illustrated in the DHCP section, explain how the interaction between the new client and the DHCP Server would change if the DHCP Server is located on the same network segment as the new client.
12. (T/F) Once a new client receives the IP address after the DHCPOFFER, the client should verify no other hosts are using that IP address.
13. STUN and TURN were presented as 2 ways to bypass NATs. Can you describe 2 additional methods for bypassing NAT?
14. (T/F) Both STUN and TURN can only be used for UDP and never for TCP.

Answer:

1. 192.168.0.0 – 192.168.255.255
2. 172.16.168.0
3. 192.168.111.64
4. 8 subnets, 8190 hosts each
5. 255.255.254.0
6. 4094
7. (a) Ping 127.0.0.1. (b) Ping local host IP address. (c) Ping default gateway. (d) Ping the remote server.
8. 172.16.112.0
9. True
10. False - Ping waits for an “echo response” packet from the target.
11. The only difference would be the DHCP Relay not getting involved. Thus the DHCP Server receives broadcasts instead of unicasts, and the “igaddr” field of the message packet wil be empty.
12. False - the client must wait until DHCPACK (not DHCPOFFER) because the IP address is not officially assigned to the new client until DHCPACK is received.
13. Universal Plug and Play (mkiUPnP), assuming the router or NAT device is configured to accept it. Another method is to tunnel out to a server. Yet a third method is to use Application Layer Gateways, assuming the router or NAT device has it built in.
14. False - STUN is only for UDP, but TURN applies to both UDP and TCP.

    Home Office Computer Network FAQ,tutorial and Command

WikiBooks

Wireless Home Network Basics

Wireless Home Network Basics attempts to be a guide to setting up a basic Wireless LAN at home plus some security to keep it in place…

This guide is meant for the intermediate computer user who may not understand may of the terms associated with the field, but has a solid, basic understanding of computer use and terms.

Introduction

A wireless network (Also wireless LAN or WLAN) is a computer network operating by certain frequencies of radio waves. When installed correctly, no difference from a normal wired network should be obvious (Other then the obvious lack of cables).

These are generally used in a home environment for two main reasons: To share printers between them and to share an Internet connection. Normally, networks are created by hooking computers together with network cables. Wireless networks use various frequency radio waves to do this.

  Common reasons for using a wireless network (in preference to a wired one)

* The most obvious and commonly advertized difference in a wireless network is the lack of network cabling.
o This is especially usefull if the network is a new one being planned and/or where the lengths of cabling would be ridiculously long.
* If the devices on the network are moveable or move frequently, the lack of a network cable may be useful.

  Downsides

* Current standards of wireless networks have bandwidths (Speeds) lower then wired networks. This may be improved in future standards. Note, however, that common home network usage (Viewing webpages, Emailing, printing, etc) will rarely use the maximum bandwidth of any network.
* If improperly or poorly set up, anyone within receiving range can do anything on your network without you knowing.
* Since radio waves are an electromagnetic emission, they decrease in strength over distance. If you have a widely scattered network, those on at the very edge of the signal’s range may experience very poor speed and reliability. This can be remedied.

  Standards

Far more noteworthily then for nonwired networks, the type or standard of wireless networks is vitally important. If two different standards are used, the network’s speed will be adversely impacted at best.

Different network standards

Currently there are two dominant standards for wireless connectivity:

* 802.11b (Frequently referred to as “b”) was the original standard of wireless networking. It supports speeds of up to 11mbps.
* 802.11g (Frequently referred to as “g”) is the newer and current standard for wireless networking. It supports speeds of up to 54mbps up to 108mbps.

Note that the letters are never capitalized, even when alone (EG. “I bought a g network card, but only have a b router”, not “I bought a G network card, but only have a B router”).

Non-standard “extentions” exist which will give speeds in the 108 to 125 mbps. These will usually only work with other devices from the same brand, that is if you buy an enhanced performance router from manufacturer X, it will not work at 108mbps high speeds with enhanced performance Y or Z cards. However, a device marked as being compatible with 802.11b or g will be able to work with all others similarly marked: any proprietary extensions shouldn’t effect basic functionality (That is, the aforementioned “enhanced” devices should all communicate with each other with either b or g).

Because of both the speed difference, its more recent appearance, and other technical reasons, 802.11g is recommended for any new installations.

If, however, you have both b and g equipment, 802.11g is “backwards compatible”. This means that an 802.11g device can see and connect to an 802.11b device or network. The downside is that it does so by acting like a “b” device, including the 11mbps speed.

This can lead to trouble if a small minority of devices are B type in a G network. Take the following scenario:

A network with a G router, and two G network cards in computers. When a machine with a B card is brought in and connected, the router will sense this and (Unless set up to not do this) downgrade itself to B class to talk to this newcomer. The two others on the network will also have to follow suit if they are to talk to the router (Which they have to to remain on the network). In effect, the B device has “dragged down” the rest of the network.

“N”

Currently the organization that publishes and designs these standards, w:IEEE, is in the process of coming up with another new one: 802.11n. This is still in development, but is public and the most recent versions are complete enough that they can be used. Manufacturers have been producing “draft-N” devices to take advantage of this.

  Security standards

There are three formal standards for securing a wireless network from unwanted access and use:

* Wireless equivalent privacy/WEP — Notoriously insecure, AVOID
* Wi-Fi Protected Access/WPA — Newer and much safer
* IEEE 802.11i-2004/WPA2/WPA2-PSK — The latest and preferred

All equipment will state on the packaging which standard(s) it supports. Most modern equipment will support all three. As noted above, equipment supporting only WEP should be avoided as that standard has been fatally compromized and can be defeated with minimal effort by an attacker.

More so then with connectivity standards, the security standard (and password) used must be constant throughout the network. See the “Security” section for more information.

  Components

Wireless networks require hardware, and to a lesser degree, software.

  Hardware

At a minimum, the following are needed:

* A router — This typically connects to a high-speed internet connection and manages the network’s communication with the Internet. If you’re dealing with a network not connected to the Internet (Rare), a switch or hub may be used. If you’re only connecting two computers to each other (An “Ad Hoc” network), only adapters are needed.
* Adapters for each machine on the network — These will be expansion cards for desktop computer and PCMCIA cards for laptops.

If you have a large area to cover, separate antennas and/or access points may be needed.

  Software

All computers on the network need to have an operating system version (Windows, Mac OS, Linux, etc) that can deal with wireless networking.

* All Windowses from 98 on have some degree of ability in this field. 98, ME and 2000 require additional software and drivers. XP with the latest updates from Microsoft will work automatically with many network cards, Vista will work natively.
* Mac OS 9 has some wireless networking ability, 10 will work natively.
* Most recent Linux kernels have builtin wireless networking capability.

  Notes

Most wireless routers also have 4 Ethernet (Hardwired, conventional networking) ports on them. If you have a machine that you don’t or can’t put on the new network, consider locating it and the router close together so it can get on the network by a cable.

Both adapters, routers and other ancillary parts can range in price from 20 USD up to several hundred. A good advice is to go with a well known brand, the currently dominant three are D-link, Linksys and Netgear.

  Hardware setup

Assuming a basic router-and-clients setup, the following hardware will be needed:

1. At least one router
2. A wireless adapter for each machine that doesn’t already have one (Some laptops have built in antennas)
3. A cable and adapter for each machine that will be wired into the network
4. Depending on the layout of your house and devices, you may need some repeaters. The following section will explain this.

  Location of equipment

Most likely your router will have to connect to your modem (If you don’t have an Internet connection, you can disregard this). If this is in a central location for your planned uses, then you will likely not need anything beyond the router and adapters. If you’re installing the modem and are planning to have wireless networking, consider installing it in a central location.

If not, you can run more wiring in your house to get it to the router, or accept a weaker signal in the parts of the house farther from the router. If this is an issue, you may want to invest in a repeater that can bring your wireless signal to the far corners of your house.

As discussed previously, wireless signal strength is of significant importance. Some points of information about signals and permiability:

* Wireless signals can pass through drywall relatively easily, but if it must pass through a significant number of walls the signal will degrade rapidly.
* Wireless signals do not travel well through cinderblock walls.
* Wireless signals can be disrupted by ducts of an climate control system.
* Water can greatly distort wireless signals. Take into account aquariums, sinks, and water pipes. Remember, the human body is 66% water, so locations with a high density of people can distort wireless signals. This also includes rain or humidity, so consider bath/shower rooms or other regularly wet areas.

If you want coverage outdoors (which can be very nice during good weather with a laptop!), consider locating the router or a repeater near a window facing the direction you want to cover. An upper floor can be an excellent place for a router or signal propigator for coverage around the outside of the building, and possibly inside as well.

  Wiring up the router

Most residential routers are fairly simple to set up and have standarized markings. The usual setup is this:

1. Plug the Ethernet (data) cable from your cable or DSL modem into the “WAN” port (If your modem has USB and Ethernet ports, use the Ethernet port and don’t connect anything to the USB port).
2. Plug any computers you wish to hard-wire to your router to one of the “LAN” ports. If every computer is to connect wirelessly, skip this step.
3. If possible, disconnect the antenna, or shield it from transmission.
4. Shut off/unplug your modem for about 15 seconds
5. Restore power to your modem
6. Plug in your router

After a few seconds (At most), the router should start up with the default settings. Leave the antenna disconnected/blocked until you’ve had a chance to change the wireless security settings, as router defaults are notoriously insecure.

  Software Setup

The vast majority of residential routers are configured by a “web-based interface” (A webpage).

To access this webpage, a special address is used. This is normally detailed in the users manual or “quick start guide”. The username and password to be used are also listed. If a “quick start wizard” comes up, you can follow it through or dismiss it. The rest of this guide assumes that it didn’t appear or was dismissed.

Once logged in to the router, the first steps should be to strengthen the security. See below…

Expansion cards should be installed with the computer turned off. PCMCIA cards for laptops can be inserted at any time. If the operating system doesn’t automatically detect and set up the new networking hardware, try using the disc that came with it.

  Security

Security is of the utmost importance for many reasons. You might be sanctioned or disconnected by your ISP if someone else perpetrates a Terms of service-violation while mooching off your connection. Worse, you might get hit with legal action for the same reason. If your Internet connection rate is determined by your level of use, you could easily end up paying a significant amount for it. As the operator of your end of a connection, you are responsible for preventing its illegal or proscribed (mis)use and excercising due diligence. Finally, if you share files or devices, unwanted users could access them.

Security is of increasing importance in higher density locations where someone’s increasingly likely to pick up on your signals.

As mentioned above, routers’ default settings are notoriously insecure. Almost every router and installation can be well secured with three steps:

  Update the router’s firmware

The firmware is sortof like the router’s operating system (Windows, Mac OS, etc.) and, like every other operating system, it receives security updates. These and other revisions to the router’s software are called “firmware updates” and can be found on the manufacturer’s website. Since these both improve security (usually) and frequently reset all changes to the router configuration, they should be applied first.

Enable decent encryption

Most routers will default to having no encryption, or using WEP. Both are EXTREMELY insecure and should be changed immediately. If you have good equipment, there should be an option to change to WPA or WPA2. If you can, select WPA2, if not WPA. If only WEP is available (Or there’s no encryption option!), your router is so insecure is should be returned for a refund or replaced with a better one. WEP is little better than nothing, as the FBI showed, it can be defeated in a few minutes with ease.

WPA and WPA2 depend on a “passphrase” (Password). Like any other, its strength depends almost solely on its complexity. Good WPA passphrases should be long compared to other passwords, and extremely confusing. The more nonsensical your passphrase, the better. For example,

f7S9^jeiF9ratt4-esttM8,25.4nZ8s

is more secure than the passphrase

fff4526—-354

which is better then

4352354frewch

which is better then

sdfnvuihgwkjsgdf

which is better then

toaster

etc.

For more information on choosing good passwords, visit Password Policy.

Finally, remember you will only need to enter this once (When you set up your network and computers), so you can make it really strong and write it down rather then try and remember it. Just make sure you don’t lose the paper, but keep it safe somewhere.

Change the network name

Routers will usually default to giving networks a certain name. Linksys defaults to “linksys”, Netgear “NETGEAR” and D-link “default”. An unchanged network name is a dead giveaway the network is unconfigured or minimally configured. Since most such networks have no security to them, they are immediate targets for attackers.

Also, if your in an area with many networks, alot will have the same default as yours. If you don’t change it, you might end up connecting to someone else’s network without intending to or realizing it.

The new name should be something recognizable, for your sakes, as well as anyone else you may invite to use it.

Change the configuration password

Finally, you should change the password to access the routers web configuration to something other than the default. Entire web sites exist with nothing but default passwords (See, for example, this Google search for “default router passwords”. If a person made use of these unnoticed, they could disable all security measures and otherwise ruing the network.

Change other miscellaneous settings

Also, most routers have an option to anyone who knows the router’s configuration password (See above) to view and change the router (and network) settings. Unless you have a need to regularly configure your router when not on your network, this should ALWAYS be disabled.

Home Wireless Network Basics and FAQ

WikiBooks

What is PPPoE of home network router :

PPPoE, Point-to-Point Protocol over Ethernet, is a network protocol for encapsulating PPP frames inside Ethernet frames. It is used mainly with ADSL services where individual users connect to the ADSL transceiver (modem) over Ethernet.

Ethernet networks are packet-based and have no concept of a connection or circuit. But using PPPoE, users can virtually “dial” from one machine to another over an Ethernet network, establish a point to point connection between them and then transport data packets over the connection.

When you are using ADSL internet connection, you need to set PPPoE on your router with a user name and password provided by your ADSL internet providers.

Home router PPPoE on Router FAQs.

Router DMZ Setting:

A router normally blocks incoming Internet traffic from getting on your network, unless the traffic is in response to one of your computers within your Home network LAN, that is : router will let incoming traffic go though which is a response to a computer that initiated this connection, like when you surf a web page from your computer within LAN,

the web server will response to this by sending back traffic to this computer. But if this traffic is initiated from outside of your network, router will normally stop it.

But some times you may want some terrific initiated from outside your network to pass through your router to reach a computer with in your LAN. For example, you want to run some kind servers, like, you want to set an FTP server on your computer, and some one can download some file from your computer within your LAN. Maybe you want to put a Web server, so people from outside can visit your web site.

 You can achieve this using port forwarding from your router, (or just open some port for incoming traffic , like open port 80 for web server). you can also send incoming traffic to one computer on your network by establishing a “Default DMZ Server”. (”Demilitarized Zone”.) This avoids you having to figure out what ports an Internet application wants — by throwing all ports open for that computer. For example, you want to expose your computer with an private IP address: 192.168.0.34 to outside world, you can set DMZ to this IP. In this way, all incoming traffic will be able to reach this computer.

But a computer with DMZ loses firewall protection, and is exposed to exploits from the Internet. If compromised, your own computer can attack the rest your network. Instead of DMZ, use port forwarding.
However, Some times, the DMZ server feature is helpful:

*When you have a problem connecting to an Internet service. Setting up a DMZ will determine whether a closed port is responsible for the problem.

*With some online games and videoconferencing applications that are incompatible with NAT.

Home Network Router Comfiguration

Computer Network Basics

A computer network is an interconnection of a group of computers. Networks may be classified by what is called the network layer at which they operate according to basic reference models considered as standards in the industry such as the four-layer Internet Protocol Suite model. While the seven-layer Open Systems Interconnection (OSI) reference model is better known in academia, the majority of networks use the Internet Protocol Suite (IP) as their network model.

Personal area network (PAN)

personal area network (PAN) is a computer network used for communication among computer devices (including telephones and personal digital assistants) close to one person. The devices may or may not belong to the person in question. The reach of a PAN is typically a few meters. PANs can be used for communication among the personal devices themselves (intrapersonal communication), or for connecting to a higher level network and the Internet (an uplink).

Personal area networks may be wired with computer buses such as USB and FireWire. A wireless personal area network (WPAN) can also be made possible with network technologies such as IrDA, Bluetooth, UWB, and ZigBee.

Local Area Network (LAN)

A local area network (LAN) is a computer network covering a small geographic area, like a home, office, or group of buildings e.g. a school. The defining characteristics of LANs, in contrast to Wide Area Networks (WANs), include their much higher data transfer rates, smaller geographic range, and lack of a need for leased telecommunication lines.

Ethernet over unshielded twisted pair cabling, and Wi-Fi are the two most common technologies currently, but ARCNET, Token Ring and many others have been used in the past.

Campus Area Network ( CAN)

A campus area network (CAN) is a computer network made up of an interconnection of local area networks (LANs) within a limited geographical area. It can be considered one form of a metropolitan area network, specific to an academic setting.

In the case of a university campus-based campus area network, the network is likely to link a variety of campus buildings including; academic departments, the university library and student residence halls. A campus area network is larger than a local area network but smaller than a wide area network, in some cases (WAN)

Metropolitan Area Network ( MAN)

Metropolitan area networks, or MANs, are large computer networks usually spanning a city. They typically use wireless infrastructure or Optical fiber connections to link their sites.

Wide Area Network ( WAN)

Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network whose communications links cross metropolitan, regional, or national boundaries ). Or, less formally, a network that uses routers and public communications links . Contrast with personal area networks (PANs), local area networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) which are usually limited to a room, building, campus or specific metropolitan area (e.g., a city) respectively. The largest and most well-known example of a WAN is the Internet.

Global Area Network (GAN)

Global area networks (GAN) specifications are in development by several groups, and there is no common definition. In general, however, a GAN is a model for supporting mobile communications across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile communications is “handing off” the user communications from one local coverage area to the next. In IEEE Project 802, this involves a succession of terrestrial Wireless local area networks (WLAN) [3]. INMARSAT has defined a satellite-based Broadband Global Area Network (BGAN).

Internetwork

Two or more networks or network segments connected using devices that operate at layer 3 (the ‘network’ layer) of the OSI Basic Reference Model, such as a router. Any interconnection among or between public, private, commercial, industrial, or governmental networks may also be defined as an internetwork.

In modern practice, the interconnected networks use the Internet Protocol. There are at least three variants of internetwork, depending on who administers and who participates in them:

* Intranet
* Extranet
* “The” Internet

Intranets and extranets may or may not have connections to the Internet. If connected to the Internet, the intranet or extranet is normally protected from being accessed from the Internet without proper authorization. The Internet itself is not considered to be a part of the intranet or extranet, although the Internet may serve as a portal for access to portions of an extranet.

Intranet

An intranet is a set of interconnected networks, using the Internet Protocol and uses IP-based tools such as web browsers, that is under the control of a single administrative entity. That administrative entity closes the intranet to the rest of the world, and allows only specific users. Most commonly, an intranet is the internal network of a company or other enterprise.

Extranet

An extranet is a network or internetwork that is limited in scope to a single organization or entity but which also has limited connections to the networks of one or more other usually, but not necessarily, trusted organizations or entities (e.g. a company’s customers may be given access to some part of its intranet creating in this way an extranet, while at the same time the customers may not be considered ‘trusted’ from a security standpoint). Technically, an extranet may also be categorized as a CAN, MAN, WAN, or other type of network, although, by definition, an extranet cannot consist of a single LAN; it must have at least one connection with an external network.

Internet

A specific internetwork , consisting of a worldwide interconnection of governmental, academic, public, and private networks based upon the Advanced Research Projects Agency Network (ARPANET) developed by ARPA of the U.S. Department of Defense – also home to the World Wide Web (WWW) and referred to as the ‘Internet’ with a capital ‘I’ to distinguish it from other generic internetworks.

Participants in the Internet, or their service providers, use IP Addresses obtained from address registries that control assignments. Service providers and large enterprises also exchange information on the reachability of their address ranges through the BGP Border Gateway Protocol.

Basic Network Hardware Components

All networks are made up of basic hardware building blocks to interconnect network nodes, such as Network Interface Cards (NICs), Bridges, Hubs, Switches, and Routers. In addition, some method of connecting these building blocks is required, usually in the form of galvanic cable (most commonly Category 5 cable). Less common are microwave links (as in IEEE 802.11) or optical cable (”optical fiber”).

Network Interface Cards (NIC)

A network card, network adapter or NIC (network interface card) is a piece of computer hardware designed to allow computers to communicate over a computer network. It provides physical access to a networking medium and often provides a low-level addressing system through the use of MAC addresses. It allows users to connect to each other either by using cables or wirelessly.

Repeaters

A repeater is an electronic device that receives a signal and retransmits it at a higher level or higher power, or onto the other side of an obstruction, so that the signal can cover longer distances without degradation.

Because repeaters work with the actual physical signal, and do not attempt to interpret the data being transmitted, they operate on the Physical layer, the first layer of the OSI model.

Hubs

A hub contains multiple ports. When a packet arrives at one port, it is copied to all the ports of the hub. When the packets are copied, the destination address in the frame does not change to a broadcast address. It does this in a rudimentary way, it simply copies the data to all of the Nodes connected to the hub. [4]

Bridges

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model. Bridges do not promiscuously copy traffic to all ports, as hubs do. but learns which MAC addresses are reachable through specific ports. Once the bridge associates a port and an address, it will send traffic for that address only to that port. Bridges do send broadcasts to all ports except the one on which the broadcast was received.

Bridges learn the association of ports and addresses by examining the source address of frames that it sees on various ports. Once a frame arrives through a port, its source address is stored and the bridge assumes that MAC address is associated with that port. The first time that a previously unknown destination address is seen, the bridge will forward the frame to all ports other than the one on which the frame arrived.

Bridges come in three basic types:

1. Local bridges: Directly connect local area networks (LANs)
2. Remote bridges: Can be used to create a wide area network (WAN) link between LANs. Remote bridges, where the connecting link is slower than the end networks, largely have been replaced by routers.
3. Wireless bridges: Can be used to join LANs or connect remote stations to LANs

Switches

Network switch

Switches are a marketing term that encompasses routers and bridges, as well as devices that may distribute traffic on load or by application content (e.g., a Web URL identifier). Switches may operate at one or more OSI layers, including physical, data link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more than one of these layers is called a multilayer switch.

Overemphasizing the ill-defined term “switch” often leads to confusion when first trying to understand networking. Many experienced network designers and operators recommend starting with the logic of devices dealing with only one protocol level, not all of which are covered by OSI. Multilayer device selection is an advanced topic that may lead to selecting particular implementations, but multilayer switching is simply not a real-world design concept.

Routers

Routers are the networking device that forward data packets along networks by using headers and forwarding tables to determine the best path to forward the packets. Routers work at the network layer of the TCP/IP model or layer 3 of the OSI model. Routers also provide interconnectivity between like and unlike media (RFC 1812) This is accomplished by examining the Header of a data packet, and making a decision on the next hop to which it should be sent (RFC 1812) They use preconfigured static routes, status of their hardware interfaces, and routing protocols to select the best route between any two subnets. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP’s network. Some DSL and cable modems, for home use, have been integrated with routers to allow multiple home computers to access the Internet.

Computer Network Basics /Guide /Help 

Check TCP Port Status (Open or Closed)

Some times we need to check the TCP port status of a remote computer or network device/equipment.
for example, to see if a remote web server (port 80) is open, to see a remote H.323 VOIP gateway signalling port 1720 is open for you.
Here is a simple way to check the TCP port.
Telnet is a useful network command /tool which is built in with Windows 2000/XP/Vista

To check the TCP port status :
(1)Come to Command Prompt mode of your computer.
(2) Type: Telnet remote IP address or domain name Port number and hit enter. note: between IP address and port number, you need a space.
for exmple to check Yahoo.com’s web server :
telnet www.yaho.com 80
for exmple to check a remote voip gateway port 1720 status :
telnet xxx.xxx.xxx.xxx 1720
If the port is open, the screen will be cleared immediately and only the cursor is blinking on the screen.
if port is closed, it will show ” Connecting To www.yahoo.com” ,then show you ” Could not open a connection to host on port, Connect failed”

TCP Port Status (Hoe Network TCP Port numbers)