Network Primer Part I

[unstable]

Network Primer Part I - Submitted by UNSTABLE

--------------------------------------------------------------------------------

I hate writing, I actually despise it. Putting thoughts into words and trying to talk about something like networking is a major pain in the butt. But I've always believed in sharing information with people, if someone gets something useful out of this document, then I guess it was worth my time and effort to type it up.

Networking...there is more that I don't know about networks than I do. After being involved with computers for years and learning a little here and a little there, I actually started putting stuff together and it began to all make sense. Despite what pre-concieved notions that people may have about my skill level, I'm NOT a network technician. From 9-5 each day I work as a glorified help desk attendant. I run around and fix paper jams in printers, install operating systems and applications and do all of the normal crap a help desk guy would. I guess the only thing that sets me apart from a standard help desk attendant is that I am responsible for 160 some-odd computers, 20 some-odd enterprise servers, some switches and some firewalls. I know a little about alot of things.

Desktop Computer

On your computer, click "start-->run" and then type "CMD" press enter.

From the command line type "ipconfig"

You should get something like:

quote:

--------------------------------------------------------------------------------

C:Documents and Settingsunstable>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : myhost

Primary Dns Suffix . . . . . . . :mydnssuffix

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : somenet.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : somenet.net

Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-50-8D-A8-2D-C2

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 10.10.255.1

10.10.255.2

--------------------------------------------------------------------------------

Physical Address a.k.a. Mac Address

Physical addresses, in this example "00-50-8D-A8-2D-C2" is supposed to be unique in the entire world. I can say that I have heard of computers with duplicate Mac addresses, which should not be possible, but mistakes happen. Anyhow, what is important about Mac Addresses? Well, the mac address is basically the lowest level that a computer "talks" to another computer at. You often hear about "IP addresses" or "Host Names" but actually the communication is happening at the mac level.

Here's the important facts about macs. First of all, Mac addresses do not traverse a router. When your computer sends communications beyond your router (or default gateway), the router strips off the mac address, makes a little note that your computer sent out this request, the router then puts ITS OWN mac address on the communication and sends it to the next hop router. The next router takes the communication, strips off the prior router mac address, makes a little note, puts ITS OWN mac on and sends it along. The same thing happens on the way back. Pretty amazing when you think of it. Second important fact about Mac addresses is, you can't have two computers with the same mac address on the same network segment, it won't work. If you ever run into this problem, you can usually fix it one of two ways, (1) throw a router in front of the duplicate mac or (2) most high-performance network cards allow you to change the mac address in the settings.

IP address

IP addresses. These are the numbers you will deal with probably the most in networking...unless you're a genius and you're able to tear packets down and do all of that stuff. If you're at that level, drop me a line I'd love to learn a thing or two, you're probably not going to be reading this though.

Ok, back to IP addresses. When I first started to understand IP addresses, I (mistakenly) noticed that the third octet in an IP address usually specifies the network, the fourth octet specifies the host: i.e.

quote:

--------------------------------------------------------------------------------

IP ADDRESS: 192.168.1.1

NETWORK ID: 192.168.1.0

HOST ADDRESS: XXX.XXX.X.1

--------------------------------------------------------------------------------

Well guess what? This is actually an OK way of looking at networks and hosts for a beginner. If you're not subnetting a network, this method is accurate, if you are subnetting this is not always going to be accurate...But what exactly ARE networks and what good is all of this information?

Networks

Let's say we've got two computers addressed in the following fashion:

quote:

--------------------------------------------------------------------------------

HOST1: 192.168.1.1

NET ID: 192.168.1.0

HOST2: 192.168.10.2

NET ID: 192.168.10.0

--------------------------------------------------------------------------------

If you look at the third octet you will see these two computers ARE NOT on the same network. Host1 is on 192.168.1.0 and Host2 is on 192.168.10.0...If they are both plugged into a switch, can they "talk"....NO they cannot "talk" without a router. A router "routes" communications between networks.

So what is the point of having 2 seperate networks like this? There could be any number of reasons for setting up seperate networks. Usually it's a mixture of management, accesses and network efficiency. The more computers you put on a single network, the slower it's going to be. I'm not going to get into the details of broadcast domains and all that nonsense because I don't think it's really too important. Again, chances are you're an average guy (or girl) who wants to learn a little more about networking not read about crap that doesn't really pertain to you.

Subnet Masks

So what the hell is a subnet mask? Usually it looks like:

quote:

--------------------------------------------------------------------------------

netmask: 255.255.255.0

--------------------------------------------------------------------------------

But how the netmask actually works is REALLY cool, if you're a complete geek and you like this stuff. I don't really like figuring this out on paper, but KNOWING how it works is pretty cool. Let me attempt to explain.

We have the following:

quote:

--------------------------------------------------------------------------------

IP ADDRESS: 192.168.1.100

NETMASK 255.255.255.0

--------------------------------------------------------------------------------

Now if you recall earlier, you should be able to look at this IP address and see what the Network ID is (192.168.1.0) This is an easy one and it's pretty pointless to work through the math, but it should be good for illustration.

First we need to convert the IP address into binary:

(http://www.personal.psu.edu/users/j...260/subnet.html)

quote:

--------------------------------------------------------------------------------

IP Address:192.168.1..100

Binary:11000000.10101000.00000001.01100100

now we convert the subnet mask into binary

IP Address:255.255.255.0

Binary:11111111.11111111.11111111.00000000

--------------------------------------------------------------------------------

now we put the IP address (in binary) over the subnet mask in binary and add them.

quote:

--------------------------------------------------------------------------------

IP BIN: 11000000.10101000.00000001.01100100

NETB: 11111111.11111111.11111111.00000000

-------------------------------------------------------------------------------

11000000.10101000.00000001.00000000

is the netmask in binary. Convery it back to an IP and what do you have?

IP Address:11000000.10101000.00000001.00000000

Base10:192.168.1.0

--------------------------------------------------------------------------------

Alot of work to do by hand and at this point you may be scratching your head wondering what the point of all this is. Well, when your computer makes a request to some IP address, it will take that IP address and compare it to your net address to tell whether or not the computer you are trying to get to is on YOUR network or a different network. This is how it figures it out. If the other address isn't on your net, the request gets fired to the default gateway. This example was intended to be really easy, but when you start talking about subnetting a network with a netmask of 255.255.255.224 things get a little more difficult. =)

DNS - Domain Name Service

Wow, Mac addresses, IP addresses...but what about http://forum.abit-usa.com ? Well that's a hostname/Fully Qualified Domain Name (FQDN) and it's a helluva lot easier to remember than: 65.123.7.5

To my understanding, back in the day when the world wide web consisted of 3 lunatics with 3.5kbs modems, they used a file called a host file to refer to each other's computers. It's kind of an "Alias" type thing. This file is still found on modern computers but is rarely used (c:windowssystem32driversetchost) Everyone had to update this file individually whenever a new computer was added to the network, it made it easy to refer to other computers on the network by a simple, easy to remember NAME. abit, unstable, deepblue etc. Bad thing about this file is that, for every computer added to the network, the name and IP address had to be added to EVERY file on each one of the computers on the network.

Eventually someone got wise to this and came up with DNS, I think it was called "BIND" to begin with. Instead of each computer having a record of every other computer, there was a single computer that had the complete list. If you wanted to know the IP address to get to "Abit" you had to ask the name server. The name server returns the IP address and your computer sends out the request to Abit to initiate communications.

Works basically the same nowadays. You can open a command window (start-->run type "CMD" press enter), in the command window type "ping forum.abit-usa.com",

it will return the IP address of forum.abit-usa.com. You can also do an NSLOOKUP on the IP address of a computer to find out the hostname or NSLOOKUP on a hostname to get the IP address.

Knowing this should really help some of you out. Sometimes when a page doesn't load for me, the first thing I do is ping my DNS servers, I usually don't get a response and I know there's a communication problem between my router and my ISP. Also, sometimes if your DNS servers aren't working correctly, you won't be able to get to websites using their hostname. For example, say you try to go to http://www.google.com, your computer says...hmmm, where is "GOOGLE"? It's not in my cache...let's ask DNS. DNS isn't working so you don't get a response, so your computer doesn't know where to go and you get an error. BUT if you knew the IP address of Google, you could type that in the address bar and get where you need to go.

DHCP