| All communications between machines using the IP protocol (the most
protocol used on the Internet, most often TCP/IP) is done in packets of
information the is addressed with a from and to address, just like US mail.
However, the from and to addresses are large (32 bit) numbers, rather than
name and street addresses, and they are usually written in the form "<0..255>.<0..255>.<0..255>.<0..255>".
For example. "10.0.0.1" (10.*.*.* is for private class A subnets,
192.168.1-255.* is for private class C subnets ). Of course, even this
simplified four chunk representation of the large numbers is not simple
for humans, and so a the Domain Name Service (DNS) translates
normal human text names into IP numbers. But let's stick with the numbers
to understand routing.
It is the job of "routing" to determine where to send a packet in order
to get it to its destination; the post office uses zip codes in the very
same a way. Quite often special hardware is used to perform routing, for
speed, however the functionality can also be performed by software available
for many systems. For example, local Windows routing is discussed below.
To make routing simpler, computers in the same area are grouped by IP
address, in exactly the same way as zip codes work. For example, zip codes
starting in "0" are on the east coast of the US. Of course computers are
a bit more flexible than our postal system, and so the groupings are not
quite as consistently predictable. Nevertheless, computers with the most
significant IP values the same, are likely to be located closer together
in the Internet infrastructure to make routing more effificent.
As part of the grouping computers by address, standard "blocks" of addresses
are designated as classes of addresses. Within classes, blocks of addresses
have been allotted to companies, and they in turn will break them down
further and dole them out to other individuals. As one becomes familiar
with IP addresses, they also will hear about:
-
Class A Licenses: <Fixed>.*.*.*
-
Class B Licenses: <Fixed>.<Fixed>.*.*
-
Class C Licenses: <Fixed>.<Fixed>.<Fixed>.*
-
(Assigned numbers list RFC-1166)
In this list, a class A license would be all IP addresses
starting with the same first number. As a result, there can only be 255
class A licences. While this grouping system helps in delivery, many individuals
feel that it is one of the reasons there is a pending shortage of IP addreses.
For example, many big blocks were given out early on, and significant portions
of these blocks remain unused. Specifically, Class A 9.*.*.* is listed
in RFC-1166
as IBM. While IBM is big, does it need 255 x 255 x 255 (about
16 million) addresses (they are not alone, there are others)? Of course,
there is also a substantial number of addresses tied up at a micro level
bacause of the grouping methods.
The most immediate outbound routing - close
to home
Commonly, as discussed here,
users connect their computers to more than one network, perhaps a LAN and
the Internet. Since this means there are multiple networks for communication,
and since the Internetwork is composed of an endless collection
of segments, alomst everyone has to do some configuration to determine
which route communications will travel to get to the desired destination.
For example:
-
If I want to get to the files on the other computer, do I go to the modem
and the Interent connection, or do I use the LAN etherent connection?
-
If I want to access the American Red Cross web site, do I use my LAN ethernet
connection, or do I go to the modem and the Interent connection?
-
Once I've determined that I need to use the modem and the Interent connection
to reach the American Red Cross web site, how does that message get beyond
my modem to find the American Red Cross computer?
This is called routing.
Binding - Local Outbound Routing
After selecting what language protocol will be used by your computer
for a particular communications task, the first level of routing is to
get the messages sent to the right hardware connection. This is done in
the PC Network Control Panel, or in the Macintosh TCP/IP or AppleTalk Control
Panels.
In some cases, you may have multiple connections. For example, you may
have multiple network cards and/or you may have an network and modem
connection. Since communications might happen over any of these mediums,
you must have a way to choose which one to use in each case.
As each generation of computers emerge, the possiblites of binding get
more extensive. Earlier incarnations like the Macintosh may only allow
you to select one path for each language protocol using a menu; more advanced
systems like Win95 and Win98 may let you specifiy multiple channels for
each protocol; the most advanced system will allow you to specify full
bindings for every possible language protocl and hardware combination -
like WinNT.
Network Routing
Once hardware bindings are configured, then communications happen directly
between machines on the same local network segment. Machines communicate
with each other by addressing every communication packet with the specific
harware address of the other machine.
However, when a computer needs to communicate with another computer
that is outside their segment, the communication packet must be sent directly
to a router on the local segment which knows how to transfer
the message to other segment(s) on the way to its destination.
A router knows how to take a message from one computer segment, and
trasfer it to another computer segment, fixing up addresing along the way.
For example NetworkA-Computer might send a message through NetworkAB-Router
to get to NetworkB-Computer. In doing so, NetworkA-Computer
sends the message directly to the NetworkAB-Router GATEWAY,
and it is moved over to NetworkB and sent directly to NetworkB-Computer.
Not all communications can be routed!
NetBEUI can only communicate within one segment of wire. So, should you
need toshare Windows files with a computer on another segment using NetBIOS,
you will have to configure the systems to use NetBIOS-TCP/IP, not NetBIOS-NetBEUI
in your Network Control Panel.
Routers and Software
A router may either be a dedicated black box, or a general computer
with two or more network connections. If using a general computer to provide
routing, you will either have to configure the system, or possible add
extra software.
Some routers provide other services as well. For example a NAT tool
like SyGate translates messages as they are routed to the Internet so that
multiple computers on a LAN can share one Internet connection.
Local Protocols (inbound local protocol routing)
The Internet's Protocl (IP) carries many different sorts of communications
between computers. Once IP routing has been completed using outbound methods
above, and the message reaches the desired computer, the communication
must be directed to the proper program for processing. Some IP messages
may contain Transmission Control Protocol (TCP), others User Datagram Protocol
(UDP), or there is a vast list of others
(TCP and UDP are the most common). A number within the IP message identifies
this, and users have very little control here. The programs you use in
combination with the network drivers determine this, and about you
can do is be aware of it. The next level "port" routing of the common TCP
and UDP protocols decribed below, is of more value
to the average user.
SOME ADVANCED PROTOCOL LINKS
(IP supports UDP[light] and TCP[heavy], full list RFC-1700)
(ICMP
- Internet Control Message Protocol)
(ARP
- Address Resolution Protocol)
(RARP
- Reverse Address Resolution Protocol)
(DHCP
- Dynamic Host Configuration Protocol [uses BOOTP])
(Special original assigned numbers list RFC-790)
mk:@ivt:ntddk/native/ddk/ng1/src/101gen_1.htm
In MS Dev Network Lib (CD)
http://web.syr.edu/~jmwobus/lans/
basic LAN info
http://www.pmg.lcs.mit.edu/cgi-bin/rfc/view?894
Common Link Layer IP Encapsulation
http://www.pmg.lcs.mit.edu/cgi-bin/rfc/view?1042
New Link Layer IP Encapsulation
http://www.lanl.gov/projects/ia/stds/ia560120.html
TCP/IP overview
http://www.well.com/user/peterh/dcbwpktd.htm
TCP/IP win config
http://www.mg-soft.si/pktdrv.html
Packet Drivers, basic TCP/IP.
http://www.danlan.com,The
Cyrnwr Packet Driver Collection,
Packet
Drivers for IBM PCs and Clones, Naked
Packet Drivers,
Packet Driver
Interfaces for LANs, AltaVista
Search "Packet Driver"
http://www.lanl.gov/projects/ia/stds/ia560211.html
IP Specs
http://www.lanl.gov/projects/ia/stds/ia830410.html
UDP Specs
http://www.winmag.com/win98/32.htm
Notes on PPTP (pt-pt tunnel proto) VPN (virt priv net)
http://www.webopedia.com/Networks/Network_Protocols/
SNMP - Simple Network Management Protocol (TCP/IP) reports only
whether a device is functioning properly-> RMON adds new stuff . On the
Internet, Java-based SNMP applications are becoming readily available
and Java SNMP dev-kits are freely available.
CMIP - Common Management Information Protocol (OSI-Open
System Interconnection), is Object Oriented Managment, big, unused
http://www.inforamp.net/~kjvallil/t/snmp.html
http://www.cisco.com/univercd/home/home.htm
Cisco IOS Software Config Rel 1.13 Configuration of Cisco Internetwork
Operating System (IOS), lots of protocol info. Cisco IOS is an SNMP, I
think. See configuration/network protocols.
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ita/index.htm
Gossary
http://web.syr.edu/~jmwobus/comfaqs/dhcp.faq.html
DHCP FAQ
http://www.cis.ohio-state.edu/htbin/rfc/rfc826.html
Ethernet Packets and ARP
Ethernet
Packet : "EIT...C"
E = Etherent Header "dst"
d = Destination 48 bit MAC Address [Vendor
Codes][MultiCast
Codes]
s = Source 48 Bit MAC Address
t = Type Code (IEEE802.3 Length) (16 bit)
[Type
Codes]
I = IP Header, T=TCP Header,... = Data
C=Ethernet Checksum (16 bit?)
AppleTalk refers to the Apple networking architecture.
Apple refers to the actual transmission media used in an AppleTalk network
as LocalTalk (Apple's proprietary twisted-pair transmission medium for
AppleTalk), TokenTalk (AppleTalk over Token Ring), EtherTalk (AppleTalk
over Ethernet [Ethertalk, Type Code 809B]), and FDDITalk (AppleTalk over
Fiber Distributed Data Interface).
The Internet Protocol (IP) is a packet-based protocol used to
exchange data over computer networks. IP handles addressing, fragmentation,
reassembly, and protocol demultiplexing. It is the foundation on which
all other Internet protocols, collectively referred to as the Internet
Protocol suite, are built. IP is a network-layer protocol that contains
addressing information and some control information that allows data packets
to be routed.
The Transmission Control Protocol (TCP) is built upon the IP
layer. TCP is a connection-oriented protocol that specifies the format
of data and acknowledgments used in the transfer of data. TCP also specifies
the procedures that the computers use to ensure that the data arrives correctly.
TCP allows multiple applications on a system to communicate concurrently
because it handles all demultiplexing of the incoming traffic among the
application programs.
Novell Internet Packet Exchange (IPX) is derived from the Xerox
Network Systems (XNS) Internet Datagram Protocol (IDP). One major difference
between IPX and XNS is that they do not always use the same Ethernet encapsulation
format. A second difference is that IPX uses Novell's proprietary Service
Advertisement Protocol (SAP) to advertise special network services.
TCP/UDP Ports (inbound most local routing)
The vast majority of IP carried TCP or UDP protocol information. For
these protocols, there is significantrouting done after your communiction
reaches the desired computer and the local protocol. This routing is done
based on the "port" on the machine you are communicationg with. Port functionality
allows many different kinds of programs to silmoultanteously operate on
the same computer, by associating each with its own port. This is to say
that you may use the same IP address to communicate with a machine for
WWW and FTP services, each of which talk a different protocol (language
syntax), because each service is distinguished by having its own port.
Thus, you can access WWW and FTP at the same time on the remote machine.
Since each uses a unique port, the computers know what language to communicate
by (what program to route the communications to for processing), based
on the port number of the communication.
Since TCP and UDP are most commonly used, it is worth noting that there
is a standard that is used to list port numbers when there is ambiguity
(most often it is implied). When required, a port number is usually appended
to the textual IP address, seperated by a colon(":"). For example, 12.12.12.0:25
would be "Simple Mail Transfer Protocol" (SMTP, mail post office), and
12.12.12.9:80 would be "World Wide Web" (HTTP-Hypertext Transfer Protocol).
For port numbers to work, there is a standardized list of ports, and
what programs use them. This way, the sending and the recipient computers
are on the same page. However, as a side note, it is important to note
that after connecting with each other using a standardized port, some programs
may dynamically grab other port(s) above 1024 for subsequent communication
(kind of like switching to another channel using CB radio after finding
a party on a common channel).
Common tcp ports:
echo 7 Echo
systat 11 Active Users
qotd 17 Quote of the day
msp 18 Message Send Protocol
ftp-data 20 File Transfer (Data Channel)
ftp 21 File Transfer (Control)
telnet 23 Telnet
smtp 25 Simple Mail Transfer
name 42 TCP Nameserver
bootps 67 Bootstrap Protocol Servre
bootpc 68 Bootstrap Protocol Client
tftp 69 Trival File Transfer
gopher 70 Gopher
finger 79 Finger
www 80 World Wide Web
kerberos 88 Kerberos
pop 109 TCP post office
nntp 119 USENET
https 443/tcp https MCom
nfs 2049 Network File System
Full tcp/udp list here,
was a great one with links here,
and short mac oriented list here,
app oriented list here.
Windows
Feedback
You may obtain information about TCP/IP routing on your machine using the
command line utility "route.exe". Enter "route" for the syntax, "route
print" being very useful. Related is the command line utility "winipcfg.exe"
for Win95, and the equivalent "ipconfig.exe" for WinNT. Enter "winipcfg
/?" or "ipconfig /?" for the syntax; the "/all" switch is most useful.
A lot of inforamation is also available using the Start-> Programs-> Administrative
Tools-> NT Diagnostics (system32\winmsd.exe).
IP Routing
This is enabled or disabled under NT in the Network control panels under
the properties for TCP/IP in the Routing tab. It allows IP traffic on a
network connected to one card in a PC to be transferred to a network contained
on a second card in a PC.
Registry: IP routing is...
WinNT: \HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\
Services\ Tcpip\ Parameters\ IPEnableRouter
Win95/98:HKEY_LOCAL_MACHINE\
System\ CurrentControlSet\ Services\ Vxd\ MSTCP\ EnableRouting (String
Value 0 or 1) |
Multiple Routes
Netman's sanity was challenged when he attempted to establish
two connections to the Internet at the same time. It was his intention
that he might provide multiple routes using "route -f ADD" and "route ADD",
one with lower "metrics" which would activate if the primary route went
down. Sadly, it seemed he could only define gateways in the Network control
panel, which did not allow him to apply metrics. And, when he used "route
ADD" to enable metrics, the gateways automatically taken from the Network
setup got mixed up. So, though he could manually chaging the routes, he
could not configure two automatic "metric weighted" routes for "outgoing"
traffic (since their gateways got mixed up). Note that even if one could
have done this, they might not have enough control over "external incoming"
routers to modify incoming "service" requests addressed for the theoretically
"primary" server address (when it went down).
(Note: an interesting note under MS
VPN PPTP, in the section "Adding the DontAddDefaultGateway Registry
Entry", says "By default, Windows NT Server and Windows NT Workstation
both place a default route (0.0.0.0) on each network adapter in a computer.[...]You
must disable the automatic addition [...] by adding the Registry entry
DontAddDefaultGateway with a value of REG_DWORD 0x1 in the following Registry
key: HKEY_LOCALMACHINE\ SYSTEM\ CurrentControlSet\ Services\ <networkadapter>\
Parameters\ Tcpip\ DontAddDefaultGateway. Perhaps this is applicable)
NetBIOS over TCP/IP
A page here
claims:
The solution to this problem is to 'wrap' the Netbios packets inside
another protocol which is routable such as TCP/IP or IPX/SPX.
This feature can be enabled with Windows 95 OEM B(note: the consumer
version of Windows 95 does not support this feature), Windows 98 or Window
NT 4.0.
First check your network properties to make sure you are not running
Netbeui. If Netbeui is listed under protocols, remove it. Next make sure
you are running either TCP/IP or IPX/SPX depending on your network and
router configuration. Check with your IS department for information on
the proper configuration and settings for these protocols. Now verify that
the Netbios feature is enabled for the selected protocol:
Under Windows 95/98 open the network properties and double click on
the protocol (TCP/IP or IPX/SPX)click on the NetBIOS tab and make sure
the 'I want to enable NetBIOS over ...' box is checked. On TCP/IP it will
be checked but grayed out. If you do not see the NetBIOS tab or the checkbox
then you are using an older version of Windows and this feature is not
supported.
DNS
Domain Name Service (DNS) is the telephone book of the Internet. For
a computer to be accessable to other computers that do not know the IP
address, DNS provides a way to lookup computer IP addresses by name. This
allows computers to change IP address, without getting lost - since they
still have the same name, and other computers look up the number. The directory
of names and numbers is available from Authoritative Name servers (Primary
Name Server - Start of Authority, and Secondary Name Servers), which are
registered with the Internic Root Servers. This information is obtained
as needed by asking Internic Root Servers for an authoritative computer
and then asking that computer for the info. Local copies of the information
are kept as long as allowed, a length of time called Time To Live (TTL)
also specified by the authoritative server when the information is looked
up.
Normally, one would look up an ARec (Address Rec), like this:
forbes.jumpdev.com. (ARec) -> 206.210.79.4
You might know an IP address, and want the name. This can be found by
looking up a PRec with the IP Address reversed and appeneded with "in-addr.arpa.":
4.79.210.206.in-addr.arpa. (Ptr) -> forbes.jumpdev.com.
One might want to know where to send email for a domain name:
forbes.jumpdev.com. (MX) -> 206.210.79.2
You can try such lookups at Men
And Mice's Dig
web site service.
Free DNS Hosting (primary and seconday authorities) here.
Large 300K MS doc on DNS and set up for NT-4 DNS in HTML
or WORD.
Domain name registration on the cheap at "Joker.com"
$16.
Free DNS service at Granite
Canyon. Sample setup here:
; Your.Name, Your Name : Owner's name "John.Doe",
"John Doe"
; YourMail.Mail.Com : Owner's email foo@x.com is foo.x.com
; Your.Com : Name of domain "lycos.com"
; Tech.Name, Tech Name : Technican's name "John.Doe",
"John Doe"
; TechMail.Mail.Com : Technican's email foo@x.com is
foo.x.com
; 209.166.190.229, 209.166.190.230 : Your IP addresses
; bell.apicom.com, gate.ack.org, SQHILL.ack.org : your
backup MX.
; Name Servers; these tell computers where to go to find
; this information. Really, these are more like a comments,
; since Internic has the real list, so these are ignored.
; I mean, you would have to know where to find this info
; in order to get the lines below, but the lines are
supposed
; to tell you where to get the stuff. Catch-22.
Your.Com. IN NS ns1.granitecanyon.com.
Your.Com. IN NS ns2.granitecanyon.com.
; multiple RP records authorize others to submit zone
changes
; from the email address in the first field after the
RP
; This email address is in DNS-email format. That is,
; the '@' (at-sign) is replaced by '.' (dot or period.)
Your.Com. IN RP YourMail.Mail.Com. Your.Name.Your.Com.
Your.Com. IN RP TechMail.Mail.Com. Tech.Name.Your.Com.
Your.Name.Your.Com. IN TXT "Your
Name, Domain Owner"
Tech.Name.Your.Com. IN TXT "Tech
Name, Tech, NIC Handle: XXXXXX"
; addresses for the canonical names
; Many emailers expect the name localhost to exist
; in a domain with this specific, reserved address.
; 127/8 or 127/255.0.0.0 is the address of LOOPBACK-NET
; 127.0.0.1 is reserved to mean this host on the LOOPBACK-NET
localhost.Your.Com. IN A 127.0.0.1
; Location of computers that provide services
Your.Com. IN A 209.166.190.229
mail.Your.Com. IN A 209.166.190.230
; CName is an "alias"; you only list one with the real
; IP address, others are "aliases" (canonical names).
ftp.Your.Com. IN CNAME Your.Com.
www.Your.Com. IN CNAME Your.Com.
; Say where to send mail addressed to roofwright. Send
; mail to entries with higher values if the lowest number
; computer is not available, and the higher numbered
; computers wiill hold the mail until the lowest number
; computer is available.
; The token 'EXTREF' directs nslint to allow external
references.
mail.Your.Com. IN MX 10 mail.Your.Com.
mail.Your.Com. IN MX 20 bell.apicom.com.
;'EXTREF'
mail.Your.Com. IN MX 20 gate.ack.org.
;'EXTREF'
mail.Your.Com. IN MX 20 SQHILL.ack.org.
;'EXTREF'
Your.Com. IN MX 10 mail.Your.Com.
Your.Com. IN MX 20 bell.apicom.com.
;'EXTREF'
Your.Com. IN MX 20 gate.ack.org. ;'EXTREF'
Your.Com. IN MX 20 SQHILL.ack.org.
;'EXTREF'
Cool Windows Tools
TJPing - Good Windows GUI ping and traceroute.
Pinger - Monitors nodes, http log
and alarms (not a service).
Win95/98 - "winipcfg.exe", GUI info about your IP setup.
Win95/98 offer cmd line "ping", "net diag", and "route". Read here.
WinNT - "ping", "ipconfig /all", and "route"command line tools.
Men And Mice's Dig
web page.
Mac
IPNetRouter is a great router solution
at $89 for unlimited users; very configurable, but a bit harder to setup.
Alternativley, on the high end is Vicom's
Softrouter
Plus (NAT+DHCP) $150 for 5 users, $245 10 users, $395 unlimited. This
also provides a Remote Acccess server. And even more expensive Vicomsoft
Internet Gateway ($249-$730) provides censoring filters (parent watch
thing). Vicom supports Win95/98/NT as well - 03/04/99,csm |
