Networking Terms - A
ad hoc (networking)
adapter (network adapter)
address (network address)
ADSL - Asymmetric Digital Subscriber Line
AIM - AOL Instant Messenger
aircard
anonymous proxy
Apache
API - Application Programming Interface
APIPA - Automatic Private IP Addressing
Ares (Galaxy, Lite)
ARP - Address Resolution Protocol
ASP - Application Service Provider
ATM - Asynchronous Transfer Mode
AUP - Acceptable Use Policy
autosense
Azureus
Access point, wireless
Definition: Wireless
access points (APs or WAPs) are specially configured nodes on wireless local area networks (WLANs). Access points act as a central transmitter and receiver of WLAN radio signals.
Access points used in home or small business networks are generally small, dedicated hardware devices featuring a built-in network adapter, antenna, and radio transmitter. Access points support Wi-Fi wireless communication standards.
Although very small WLANs can function without access points in so-called "ad hoc" or peer-to-peer mode, access points support "infrastructure" mode. This mode bridges WLANs with a wired Ethernet LAN and also scales the network to support more clients. Older and base model access points allowed a maximum of only 10 or 20 clients; many newer access points support up to 255 clients.
Also Known As: base station
What is Ad-Hoc Mode in Wireless Networking?
Answer: On wireless computer networks, ad-hoc mode is a method for wireless devices to directly communicate with each other. Operating in ad-hoc mode allows all wireless devices within range of each other to discover and communicate in peer-to-peer fashion without involving central access points (including those built in to broadband wireless routers).
To set up an ad-hoc wireless network, each wireless adapter must be configured for ad-hoc mode versus the alternative infrastructure mode. In addition, all wireless adapters on the ad-hoc network must use the same SSID and the same channel number.
An ad-hoc network tends to feature a small group of devices all in very close proximity to each other. Performance suffers as the number of devices grows, and a large ad-hoc network quickly becomes difficult to manage. Ad-hoc networks cannot bridge to wired LANs or to the Internet without installing a special-purpose gateway.
Ad hoc networks make sense when needing to build a small, all-wireless LAN quickly and spend the minimum amount of money on equipment. Ad hoc networks also work well as a temporary fallback mechanism if normally-available infrastructure mode gear (access points or routers) stop functioning.
Ad Hoc Wireless Network Diagram
Wireless Home Network Diagram Featuring Ad Hoc Wi-Fi Connections
Key Considerations - Using ad hoc Wi-Fi mode eliminates the need for a network router or access point in a wireless home network. With ad hoc wireless, you can network computers together as needed without needing to be in reach of one central location. Most people use ad hoc Wi-Fi only in temporary situations to avoid potential security issues.Optional Components - Networking an ad hoc layout for Internet access, printers, or game consoles and other entertainment devices is not required for the rest of the home network to function. Simply omit any of these components shown that do not exist in your layout.
Limitations - All devices connecting via ad hoc wireless must possess a working Wi-Fi network adapter. These adapters must be configured for "ad hoc" mode instead of the more typical "infrastructure" mode.
Because of their more flexible design, ad hoc Wi-Fi networks are also more difficult to keep secure than those using central wireless routers / access points.
Ad hoc Wi-Fi networks support a maximum of 11 Mbpsbandwidth, while other Wi-Fi networks may support 54 Mbps or higher.
Adapter
Definition: A
network adapter interfaces a computer to a network. The term "adapter" was popularized originally by Ethernet add-in cards for PCs.
Modern network adapter hardware exists in several forms. Besides traditional PCI Ethernet cards, some network adapters are PCMCIA devices (also know as "credit card" or "PC Card" adapters) or USB devices. Some wireless network adapter gear for laptop computers are integrated circuit chips pre-installed inside the computer.
Windows and other operating systems support both wired and wireless network adapters through a piece of software called a "device driver." Network drivers allow application software to communicate with the adapter hardware. Network device drivers are often installed automatically when adapter hardware is first powered on.
A few network adapters are purely software packages that simulate the functions of a network card. These so-called virtual adapters are especially common in virtual private networking (VPN).
Also Known As: NIC, LAN card
Address (Network Address)
Definition: A network address serves as a unique identifier for a computer on a network. When set up correctly, computers can determine the addresses of other computers on the network and use these addresses to send messages to each other.One of the best known form of network addressing is the Internet Protocol (IP) address. IP addresses consist of four bytes (32 bits) that uniquely identify all computers on the public Internet.
Another popular form of address is the Media Access Control (MAC) address. MAC addresses are six bytes (48 bits) that manufacturers of network adapters burn into their products to uniquely identify them.
ADSL - Asymmetric Digital Subscriber Line
Definition: ADSL is a form of Digital Subscriber Line (DSL) Internet service. ADSL provides greater bandwidth for downloads at the expense of upload speeds. ADSL is the most common form of DSL used in home networking.
ADSL is designed to support the typical home user who frequently downloads large amounts of data from Web sites and P2P networks but upload relatively less often. ADSL works by allocating a majority of the available phone line frequencies for communication of downstream traffic.
In other respects, ADSL possesses all of the characteristics one associates with DSL, including "high-speed" service, an "always on" combination of voice and data support, and availability and performance that is limited by physical distance. ADSL is technically capable of up to 6 Mbps (roughly 6000 Kbps), but ADSL customers in practice obtain 2 Mbps or lower for downloads and up to 512 Kbps for uploads.
Also Known As: Asymmetric Digital Subscriber Line
AIM
Definition: AIM is a peer to peer instant messaging (IM) application and service supplied by America Online (AOL). The AOL AIM client application is a free download that runs on Windows, Linux, Macintosh, other computers, and cell phones. The AOL IM client download contains optional adware components.
AIM supports basic "chat" based instant messaging as well as file sharing. Local folders can be shared in AIM and a "Get File" option allows others to reach those folders. The TCP port number used for AIM file transfers can also be configured in the AIM client.
Several extensions to the basic AOL AIM client exist. AIM Remote allows the AOL IM service to be utilized through a Web browser. The Dead AIM application enhances the functionality of the basic AIM client.
Encrypted and other secured versions of the AIM system exist for use in business networks.
Also Known As: AOL Instant Messenger, AOL AIM, AOL IM
What is an Aircard?
Answer: An aircard is a type of wireless broadband modem used for connecting to cellular networks. Aircards provide roaming access to the Internet from mobile computers outside the range of Wi-Fi hotspots. They may also be used as an alternative to home dial upInternet service in rural areas.Types of Aircards
Several manufacturers produce wireless network modems including Kyocera, Novatel, Option and Pantech. In recent years, however, the term "aircard" has become associated most closely with the Sierra Wireless AirCard brand of wireless modem products.Cellular network service providers typically bundle (and sometimes rebrand) compatible wireless modems together with their service contracts. In the U.S., for example, both AT&T and Verizon utilize Sierra Wireless products even though these may be called "AT&T AirCard" and "Verizon AirCard."
The Sierra Wireless AirCard family includes wireless modems in three standard form factors:
- ExpressCard
- PCMCIA PC Card
- USB
Wireless modems implement one or more of the common cellular network protocols. Sierra Wireless AirCard products specifically support either the EV-DO or HSDPA / HSPA protocols.
Aircard Speeds
Aircards support much higher data rates than do dialup connections. For example, the Sierra Wireless AirCard 595U USB modem that supports EV-DO offered up to 3.1 Mbps data rate for downloads (and up to 1.8 Mbps for uploads). Their newer Compass USB modems advertise max 7.2 Mbps down and 5.76 Mbps up. Even though typical aircard data rates achievable in practice are much lower than these theoretical maximums, they still far exceed the 0.05 Mbps throughput of dialup.Unfortunately, aircards tend to suffer from high network latency, sometimes even higher than that of a dialup connection. Expect to experience sluggishness and slow response times when loading Web pages over an aircard connection. Network games are also generally unplayable on them for this reason. Overall, aircards cannot compete with the overall performance levels of DSL or cable broadband Internet connections.
Anonymous proxy :
Proxy Servers Tutorial - About Proxy Servers
Introduction to Proxy Servers
Some home networks, corporate intranets, and Internet Service Providers (ISPs) use proxy servers (also known as proxies). Proxy servers act as a "middleman" or broker between the two ends of a client/server network connection. Proxy servers work with Web browsers and servers, or other applications, by supporting underlying network protocols like HTTP.Key Features of Proxy Servers
Proxy servers provide three main functions:- firewalling and filtering
- connection sharing
- caching
The features of proxy servers are especially important on larger networks like corporate intranets and ISP networks. The more users on aLAN and the more critical the need for data privacy, the greater the need for proxy server functionality.
Proxy Servers, Firewalling and Filtering
Proxy servers work at the Application layer, layer 7 of the OSI model. They aren't as popular as ordinary firewalls that work at lower layers and support application-independent filtering. Proxy servers are also more difficult to install and maintain than firewalls, as proxy functionality for each application protocol like HTTP, SMTP, or SOCKS must be configured individually. However, a properly configured proxy server improves network security and performance. Proxies have capability that ordinary firewalls simply cannot provide.
Some network administrators deploy both firewalls and proxy servers to work in tandem. To do this, they install both firewall and proxy server software on a server gateway.
Because they function at the OSI Application layer, the filtering capability of proxy servers is relatively intelligent compared to that of ordinary routers. For example, proxy Web servers can check the URL of outgoing requests for Web pages by inspecting HTTP GET and POST messages. Using this feature, network administrators can bar access to illegal domains but allow access to other sites. Ordinary firewalls, in contrast, cannot see Web domain names inside those messages. Likewise for incoming data traffic, ordinary routers can filter by port number or network address, but proxy servers can also filter based on application content inside the messages.
Connection Sharing with Proxy Servers
Various software products for connection sharing on small home networks have appeared in recent years. In medium- and large-sized networks, however, actual proxy servers offer a more scalable and cost-effective alternative for shared Internet access. Rather than give each client computer a direct Internet connection, all internal connections can be funneled through one or more proxies that in turn connect to the outside.Proxy Servers and Caching
The caching of Web pages by proxy servers can improve a network's "quality of service" in three ways. First, caching may conserve bandwidth on the network, increasing scalability. Next, caching can improve response time experienced by clients. With an HTTP proxy cache, for example, Web pages can load more quickly into the browser. Finally, proxy server caches increase availability. Web pages or other files in the cache remain accessible even if the original source or an intermediate network link goes offline.
Apache
Definition: Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server has been ported to Windows and other network operating systems (NOS). The name "Apache" derives from the word "patchy" that the Apache developers used to describe early versions of their software.The Apache Web server provides a full range of Web server features, including CGI, SSL, and virtual domains. Apache also supports plug-in modules for extensibility. Apache is reliable, free, and relatively easy to configure.
Apache is free software distributed by the Apache Software Foundation. The Apache Software Foundation promotes various free and open source advanced Web technologies.
API - Application Programming Interface
Definition: An
API allows computer programmers to access the functionality of pre-built software modules. An API defines data structures and subroutine calls. Networking APIs are entry points to libraries that implement network and data communication protocols.
Traditionally, the primary networking APIs have been implemented in socket libraries. Berkeley sockets and Windows Sockets (Winsock) APIs have seen widespread use for many years. More recently, Java network APIs such as servlets and Web APIs like XML-RPChave emerged as newer network programming standards.
Also Known As: Application Programming Interface
APIPA - Automatic Private IP Addressing
Definition: A feature of Microsoft Windows,
APIPA is a DHCP failover mechanism. With APIPA, DHCP clients can obtain IP addresses when DHCP servers are nonfunctional. APIPA exists in all popular versions of Windows except Windows NT.
When a DHCP server fails, APIPA allocates addresses in the private range 169.254.0.1 to 169.254.255.254. Clients verify their address is unique on the LAN using ARP. When the DHCP server is again able to service requests, clients update their addresses automatically.
In APIPA, all devices use the default network mask 255.255.0.0 and all reside on the samesubnet.
APIPA is enabled on all DHCP clients in Windows unless the computer's Registry is modified to disable it. APIPA can be enabled on individual network adapters.
Also Known As: Automatic Private IP Addressing; AutoNet
Examples: Because APIPA uses IP addresses in the private Class B space, APIPA is a feature generally only useful on home or other small intranet LANs.
Ares Lite
Definition: Ares Lite is a software application for Windows computers that enables sharing of files on the Ares P2P network.The creators of the genuine Ares Lite Edition started from the Ares Regular application and adjusted it to run more efficiently on Windows 98 and other old versions of Windows. Specifically, Ares Lite was designed to consume less computer processor and memory resources than Ares Regular. Ares Lite also removed all embedded advertising logic that consume both computer resources and network bandwidth.
From the networking point of view, Ares Lite Edition offers the same file searching, downloading and chat features as Regular.
Ares Lite downloads can be difficult to find on the Internet, as its creators now prefer all users run Ares Regular. See the sidebar for a current Ares Lite download location.
ARP - Address Resolution Protocol
Definition: ARP converts an Internet Protocol (IP) address to its corresponding physical network address. ARP is a low-level network protocol, operating at Layer 2 of the OSI model.
ARP usually is implemented in the device drivers of network operating systems. It is most commonly seen on Ethernet networks, but ARP has also been implemented for ATM, Token Ring, and other physical networks. RFC 826 documented the initial design and implementation of ARP.
ARP works on Ethernet networks as follows. Ethernet network adapters are produced with a physical address embedded in the hardware called the Media Access Control (MAC)address. Manufacturers take care to ensure these 6-byte (48-bit) addresses are unique, and Ethernet relies on these unique identifiers for message delivery. When any device wishes to send data to another target device over Ethernet, it must first determine the MAC address of that target given its IP address These IP-to-MAC address mappings are derived from an ARP cachemaintained on each device. If the given IP address does not appear in a device's cache, that device cannot direct messages to that target until it obtains a new mapping. To do this, the initiating device first sends an ARP request broadcast message on the local subnet. The host with the given IP address sends an ARP reply in response to the broadcat, allowing the initiating device to update its cache and proceed to deliver messages directly to the target.
Also Known As: Address Resolution Protocol
ASP - Application Service Provider
Definition: An Application Service Provider (ASP) is a business that offers software services to customers, using computer networks and the Internet as the mechanism to deliver and manage the service. Among the most well-known Application Service Providers are Clickability, Salesforce.com and WebEx.The goal of an ASP business is to reduce the cost of software distribution and maintenance. Using a client/server model (often Web-based), network software can be installed in a centrally-controlled place and hosted - accessed by the customers over remote links. This method to providing software solutions is sometimes called the software as a service (SaaS) approach.
Common ASP Applications
These classes of network applications are often hosted by ASPs:- human resources (accounting and payroll)
- sales (sales force automation)
- enterprise resource planning (ERP)
- office and workgroup productivity tools
ASPs have had success selling these types of applications on a subscription-based model. Smaller businesses cannot afford to pay large sums of money to acquire a full-featured ERP tool, for example, but they can very possibly afford to rent these applications on a monthly or yearly basis. In this way, Application Service Providers function much like automobile leasing services: ASPs allow businesses to use application software for a known up-front cost using a periodic payment schedule.Networking Issues for Application Service Providers
A successful ASP must have robust technology for:- network security - protecting the business data flowing through the network
- network monitoring and troubleshooting - ensuring the hosted applications remaining running. Often, ASPs will be under contract to meet network uptime and performance goals.
ATM - Asynchronous Transfer Mode
Definition: ATM is a high-speed networking standard designed to support both voice and data communications. ATM is normally utilized by Internet service providers on their private long-distance networks. ATM operates at the data link layer (Layer 2 in the OSI model) over either fiber or twisted-pair cable.ATM differs from more common data link technologies like Ethernet in several ways. For example, ATM utilizes no routing. Hardware devices known as ATM switches establish point-to-point connections between endpoints and data flows directly from source to destination. Additionally, instead of using variable-length packets as Ethernet does, ATM utilizes fixed-sized cells. ATM cells are 53 bytes in length, that includes 48 bytes of data and five (5) bytes of header information.
The performance of ATM is often expressed in the form of OC (Optical Carrier) levels, written as "OC-xxx." Performance levels as high as 10 Gbps (OC-192) are technically feasible with ATM. More common performance levels for ATM are 155 Mbps (OC-3) and 622 Mbps (OC-12).
ATM technology is designed to improve utilization and quality of service (QoS) on high-traffic networks. Without routing and with fixed-size cells, networks can much more easily managebandwidth under ATM than under Ethernet, for example. The high cost of ATM relative to Ethernet is one factor that has limited its adoption to "backbone" and other high-performance, specialized networks.
Acceptable Use Policy - AUP
An Acceptable Use Policy (AUP) is a written agreement all parties on a community computer network promise to adhere to for the common good. An AUP defines the intended uses of the network including unacceptable uses and the consequences for non-compliance. You will most commonly see AUP when registering on community Web sites or when working on a corporate intranet.Why Acceptable Use Policies Are Important
A good Acceptable Use Policy will cover provisions for network etiquette, mention limits on the use of network resources, and clearly indicate of the level of privacy a member on the network should expect. The best AUPs incorporate "what if" scenarios that illustrate the usefulness of the policy in real-world terms.
The importance of AUPs is fairly well-known to organizations like schools or libraries that offer Internet as well as internal (intranet) access. These policies are primarily geared towards protecting the safety of young people against inappropriate language, pornography, and other questionable influences. Within corporations, the scope expands to include other factors such as guarding business interests.
What Should an Acceptable Use Policy Contain?
Many policy details you should expect to find in an AUP relate to computer security. These include managing passwords, software licenses, and online intellectual property. Others relate to basic interpersonal etiquette, particularly in email and bulletin board conversations. A third category deals with overuse or misuse of resources, such as generating excessive network traffic by playing computer games, for example.If you are in the process of developing an Acceptable Use Policy, or if you already have such a policy in your organization, here are some factors to consider in evaluating its effectiveness:
- Does it clearly specify the policy owner or owners?
- Have scenarios been documented unambiguously for the key policy issues? Descriptions of so-called "use cases" or "situational analyses" help everyone to relate the policy to real life situations especially those based on actual past experience.
- Are the consequences for non-compliance clear and intended to be enforced?
An increasing number of organizations monitor their computer networks for unacceptable uses, and good Acceptable Use Policies cover network monitoring strategies such as these:- Scanning proxy server logs to find hits to inappropriate Web sites including non work-related access occurring during business hours.
- Installing filtering software that blocks access to certain public Web sites
- Scanning of incoming and outgoing emails
- Establishing disk space quotas on shared network drives
Use Cases for an AUP
Consider what you would do in these situations:- a co-worker asks to log into the network using your user name and password because their account is "unavailable"
- you receive a politically sensitive joke in email that you think is very funny and are considering forwarding it to your office mates
- the person sitting next to you spends all of their time at work downloading financial quotes and trading stocks online
- your word processor claims it has detected a virus on your computer
If you aren't certain of the action to take in cases like these, an Acceptable Use Policy should be the place you turn for answers.
Create an AUP - Acceptable Use Policy
An AUP (Acceptable Use Policy) for private networks defines proper usage behaviors as well as unacceptable behaviors and their consequences. Learn how to create (or improve upon) your network AUP.
Difficulty: Average
Time Required: n/a
Here's How:
- Establish clear owners for the policy (one individual or one group). Owners maintain responsibility for content but do not necessarily enforce the policy.
- Give notice to the entire network community that policy creation (or revision) is underway. Establish a contact point for collecting feedback.
- Collect one or more model AUP documents to use as examples.
- Collect and categorize past incidents of controversial intranet network use within organizational memory.
- Create a rough outline of your AUP document based on community feedback, past network incidents, and sample documents from other organizations.
- Make sure the outline includes the key intranet network policy issues: use of email, bulletin board postings, abuse of network resources, and netiquette.
- If your network is connected to the Internet, be sure to include coverage of personal Internet use in the outline.
- If your network has an open Web publishing model, include intranet content ownership, roles, and responsibilities in the outline.
- Draft the complete network AUP document from the outline. Spell out the consequences of non-compliance clearly. Be honest about any monitoring (active and passive) that may be occurring.
- Publish the draft for the entire organization to read and comment upon.
- Conduct training sessions to help raise awareness of key policies: for example, password management and handling of confidential information or viruses.
- Revise the draft document based on feedback and publish again to the organization.
- Establish a periodic update process for future revisions of the document.
Tips:
- Encourage honesty as the best policy.
- Over time, identify and reward role models within the organization, but make the award criteria objective to avoid the appearance of favoritism.
Autosensing
Definition: Network adapters that support both traditional and Fast Ethernet choose the speed at which they run through a procedure called autosensing. Autosensing is a feature of so-called "10/100" Ethernet hubs, switches, and NICs. Autosensing involves probing the capability of the network using low-level signalling techniques to select compatible Ethernet speeds. Autosensing was developed to make the migration from traditional Ethernet to Fast Ethernet products easier.When first connected, 10/100 devices automatically exchange information with each other to agree on a common speed setting. The devices run at 100 Mbps if the network supports it, otherwise they drop down to 10 Mbps to ensure a "lowest common denominator" of performance. Many hubs and switches are capable of autosensing on a port-by-port basis; in this case, some computers on the network may be communicating at 10 Mbps and others at 100 Mbps. 10/100 products often incorporate two LEDs of different colors to indicate the speed setting that is currently active.
Azureus Free P2P File Sharing Client
Azureus System Requirements:- Java Runtime Environment (JRE) on Windows, Linux, MacOS or other computer with sufficient CPU and RAM. JRE version 1.5 recommended.
P2P Networks Supported by Azureus: Default Azureus Network Ports:- TCP port 6881 for all Azureus downloads
- TCP port 6969 for incoming connections to the embedded tracker
Azureus Network Protocols:- BitTorrent distribution protocol
- I2P
- Tor
Azureus Networking Capabilities:- built-in download speed limiter (version 2.1.0.0 and newer)
- limits on number of simultaneous downloads and active torrents
- limit on bandwidth allocation for uploads
- limit on number of peer connections per torrent
- peer IP address filtering
- embedded tracker with external IP address
- IRC (chat) client
- plugin suppport for email notifications, automatic downloads, automatic speed adjustments, and remote control
Azureus Download Location:
Networking Terms - B
backbone
bandwidth
baud
bit
BitTorrent
Bluetooth
BPL - Broadband over Power Line
bps (bits per second), Bps (bytes per second)
bridge (network bridge)
broadband
broadband modem
broadband router
byte (byte order, byte-oriented protocols)
What is TCP/IP?
TCP/IP is a universal standard suite of protocols used to provide connectivity between networked devices. It is part of the larger OSI model upon which most data communications is based.
One component of TCP/IP is the Internet Protocol (IP) which is responsible for ensuring that data is transferred between two addresses without being corrupted.
For manageability, the data is usually split into multiple pieces or "packets" each with its own error detection bytes in the control section or "header" of the packet. The remote computer then receives the packets and reassembles the data and checks for errors. It then passes the data to the program that expects to receive it.
How does the computer know what program needs the data? Each IP packet also contains a piece of information in its header called the "type" field. This informs the computer receiving the data about the type of transportation mechanism being used.
The two most popular transportation mechanisms used on the Internet are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
What is TCP?
TCP opens up a connection between client and server programs running on separate computers so that multiple and/or sporadic streams of data can be sent over an indefinite period of time. TCP keeps track of the packets sent by giving each one a sequence number with the remote server sending back "acknowledgement" packets confirming correct delivery. Programs that use TCP therefore have a means of detecting connection failures and requesting the retransmission of missing packets. TCP is a good example of a "connection oriented" protocol.
What is UDP?
UDP is a connectionless protocol. Data is sent on a "best effort" basis with the machine that sends the data having no means of verifying whether the data was correctly received by the remote machine. UDP is usually used for applications in which the data sent is not mission critical. It is also used when data needs to be broadcast to all available servers on a locally attached network where the creation of dozens of TCP connections for a short burst of data is considered resource hungry.
What are TCP / UDP Ports?
So the data portion of the IP packet contains a TCP or UDP segment sandwiched inside. Only the TCP segment header contains sequence information, but both the UDP and the TCP segment headers track the "port" being used. The source/destination port and the source/destination IP addresses of the client & server computers are then combined to uniquely identify each data flow.
Certain programs are assigned specific ports that are internationally recognized. For example, port 80, is reserved for HTTP web traffic and port 25 is reserved for SMTP email. Ports below 1024 are reserved for privileged system functions, those above 1024 are generally reserved for non system third party applications.
Usually when a connection is made from a client computer requesting data to the server machine that contains the data:
o the client selects a random unused "source" port greater than 1024 and queries the server on the "destination" port specific to the application. If it is an HTTP request, the client will use a source port of say, 1095 and query the server on port 80 (HTTP)
o The server recognizes the port 80 request as an HTTP request and passes on the data to be handled by the web server software. When the web server software replies to the client, it tells the TCP application to respond back to port 1095 of the client using a source port of port 80.
The client keeps track of all its requests to the server's IP address and will recognize that the reply on port 1095 isn't a request initiation for "Nicelink" (See theBibliography for a link to a TCP/IP port listing), but a response to the initial port 80 HTTP query.
What is a TTL?
Each IP packet has a Time to Live (TTL) section that keeps track of the number of network devices the packet has passed through to reach its destination. The server sending the packet sets the TTL value and each network device that the packet passes through then reduces this value by "1". If the TTL value reaches "0", then the network device will discard the packet.
This mechanism helps to ensure that bad routing on the Internet won't cause packets to aimlessly loop around the network. TTLs help to reduce the clogging of data circuits with unnecessary traffic.
What is ICMP?
There is another commonly used protocol called the Internet Control Message Protocol (ICMP). It is not strictly a TCP/IP protocol, but TCP/IP based applications use it frequently.
ICMP provides a suite of error, control, and informational messages for use by the operating system. For example, IP packets will occasionally arrive at a server with corrupted data due to any number of reasons including; a bad connection; electrical interference or even misconfiguration. The server will usually detect this by examining the packet and correlating the contents to what it finds in the IP header's error control section. It will then issue an ICMP reject message to the original sending machine that the data should be resent as the original transmission was corrupted.
ICMP also includes echo and echo reply messages used by the Linux "ping" command to confirm network connectivity. More information on ICMP messages can be found in both the Appendix and the chapter on network troubleshooting.
What Do IP Addresses Look Like?
> All devices connected to the Internet have an Internet Protocol (IP) address. Just like a telephone number, it helps to uniquely identify a user of the system.
> IP addresses are in reality a string of binary digits or "bits". Each bit is either a 1 or a 0. IP addresses have 32 bits in total.
> For ease of use, IP addresses are written in what is called a "dotted decimal" format, four numbers with dots in between. None of the numbers between the dots may be greater than 255. An example of an IP address would be 97.65.25.12.
> The numbers between the dots are frequently referred to as "octets"
> Some groups of IP addresses are reserved for use only in private networks and are not routed over the Internet. These are:
Private IP Addresses
10.0.0.0 - 10.255.255.255
?172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
> Home networking equipment / devices usually are configured in the factory with an IP address in the range 192.168.1.1 to 192.168.1.255.
> You can check the Linux networking topics page on how to configure the IP address of your Linux box.
What Is Localhost?
Whether or not your computer has a network interface card it will have a "built in" IP address with which network aware applications can communicate with one another. This IP address is defined as 127.0.0.1 and is frequently referred to as "localhost"
What Is A Subnet Mask?
> Subnet masks are used to tell which part of the IP address represents:
o The network on which the computer is connected (Network portion)
o The computer's unique identifier on that network (Host portion)
> A simple analogy would be a phone number, such as (808) 225-2468. The (808) represents the area code, the 225-2468 represents the telephone within that area code.
> Subnet masks allow you to specify how long you want the area code to be (network portion) at the expense of the number of telephones in that are in the area code (Host portion)
> Most home networks use a subnet mask of 255.255.255.0. Each "255" means this octet is for the area code (network portion). So if your server has an IP address of 192.168.1.25 and a subnet mask of 255.255.255.0, then the network portion would be 192.168.1 and the server or host would be device #25 on that network.
> In this example, host #0 (192.168.1.0) is reserved to represent the network itself, and host #255 (192.168.1.255) is reserved for broadcast traffic intended to reach all hosts on the network at the same time. You can then use IP addresses from #1 to #254 on your "private" network.
> If you purchased a DSL service from your Internet service provider (ISP) that gives you fixed IP addresses, then they will most likely provide you with a subnet mask of 255.255.255.248 that defines 8 IP addresses. For example if the ISP provides you with a "public" network address of 97.158.253.24, a subnet mask of 255.255.255.248 and agateway of 97.158.253.25, then your IP addresses will be:
> 97.158.253.24 - Network base address
> 97.158.253.25 - Gateway
> 97.158.253.26 - Available
> 97.158.253.27 - Available
> 97.158.253.28 - Available
> 97.158.253.29 - Available
> 97.158.253.30 - Available
> 97.158.253.31 - Broadcast
How Many Addresses Do I Get With My Mask?
The method described in this section only works for subnet masks that start with "255.255.255" which should be sufficient for your home network.
> There are only 7 possible values for the last octet of a subnet mask. These are 0, 192, 128, 224, 240, 248, 252
> You can calculate the number of IP addresses for each of the above values by subtracting the value from 256
> So for example, if you have a subnet mask of 255.255.255.192 then you have 64 IP addresses in your subnet (256 - 192)
What's The Range Of Addresses On My Network?
If someone gives you an IP address of 97.158.253.28 and a subnet mask of 255.255.255.248, how do you determine the network address and the broadcast address, in other words the boundaries of my network? Here are the steps:
Manual Calculation
o Subtract the last octet of the subnet mask from 256 to give the number of IP addresses in the subnet. (256 - 248) = 8
o Divide the last octet of the IP address by the result of step 1, don't bother with the remainder (28/8 = 3). This will give you the theoretical number of subnets of the same size that are below this IP address.
o Multiply this result by the result of step 1 to get the network address (8 x 3 = 24). Think of it as "This is the third subnet with 8 addresses in it". The Network address is therefore 97.158.253.24
o The broadcast address is the result of step 3 plus the result of step 1 minus 1. (24 + 8 -1 = 31). Think of it as "The broadcast address is always the network address plus the number of IP addresses in the subnet minus 1". The broadcast address is 97.158.253.31
Let's do this for 192.168.3.56 with a mask of 255.255.255.224
1. 256 - 224 = 32
2. 56 / 32 = 1
3. 32 x 1 = 32. Therefore the network base address is 192.168.3.32
4. 32 + 32 - 1 = 63. Therefore the broadcast address is 192.168.3.63
Let's do this for 10.0.0.75 with a mask of 255.255.255.240
1. 256 - 240 = 16
2. 75 / 16 = 4
3. 16 x 4 = 64. Therefore the network base address is 10.0.0.64
4. 64 + 16 -1 = 79. Therefore the broadcast address is 10.0.0.79
Note: As a rule of thumb, the last octet of your network base address must be divisible by the "256 minus the last octet of your subnet mask" and leave no remainder. If you are sub-netting a large chunk of IP addresses it's always a good idea to lay it out on a spreadsheet to make sure there are no overlapping subnets. Once again, this calculation exercise only works with subnet masks that start with "255.255.255".
Calculation Using A Script
There is a BASH script in the Appendix which will do this for you. Here is a sample of how to use it, just provide the IP address followed by the subnet mask as arguments. It will accept subnet masks in dotted decimal format or "/value" format
[root@bigboy tmp]# ./subnet-calc.sh 216.151.193.92 /28
IP Address : 216.151.193.92
Network Base Address : 216.151.193.80
Broadcast Address : 216.151.193.95
Subnet Mask : 255.255.255.240
Subnet Size : 16 IP Addresses
[root@bigboy tmp]#
What Is Duplex?
> Duplex refers to the ability of a device to transmit and receive data at the same time.
> Full duplex uses separate pairs of wires for transmitting and receiving data so that incoming data flows don't interfere with outgoing data flows.
> Half duplex uses the same pairs of wires for transmitting and receiving data. Devices that want to transmit information have to wait their turn until the "coast is clear" at which point they send the data. Error detection and retransmission mechanisms ensure that data reaches the destination correctly even if it were originally garbled by multiple devices starting to transmit at the same time.
> Data transfer speeds will be low and error levels will be high if you have a device at one end of a cable set to full duplex, and another device at the other end of the cable set to half duplex.
> Most modern network cards can auto-negotiate duplex with the device on the other end of the wire. It is for this reason that duplex settings aren't usually a problem for Linux servers.
What Is A Hub?
> A hub is a device into which you can connect all devices on a home network so that they can talk together. Hubs physically cross-connect all their ports with one another which causes all traffic sent from a server to the hub to be blurted out to all other servers connected to that hub whether they are the intended recipient or not.
> Hubs have none or very little electronics inside and therefore do not regulate traffic. It is possible for multiple servers to speak at once with all of them receiving garbled messages. When this happens the servers try again, after a random time interval, until the message gets through correctly.
> It is for these reasons that devices that plug into hubs should be set to half duplex.
> Note: Hubs can add a lot of delays to your network due to the message garbling "collisions" and retransmissions. A switch is a much more reliable and predictable alternative, and ones made for the home will often cost only a few dollars more.
What Is A Switch?
> A switch is also a device into which you can connect all devices on a home network so that they can talk together. Unlike a hub, traffic sent from Server A to Server B will only be received by Server B. The only exception is broadcast traffic which is blurted out to all the servers simultaneously.
> Switches regulate traffic, thereby eliminating the possibility of message garbling. Switches therefore provide more efficient traffic flow.
> Devices that plug into switches should be set to full duplex to take full advantage of the dedicated bandwidth coming from each switch port.
What Is A LAN?
> A Local Area Network (LAN) is a grouping of ports on a hub, switch or tied to a wireless access point (WAP) that can only communicate with each other.
> It is possible to have LANs that span multiple switches. Simple home switches can be connected in a chain formation to create a LAN with more ports. This is often called "daisy chaining".
> Pure switches provide no access control between servers connected to the same LAN. This is why network administrators group trusted servers having similar roles on the same LAN. They will also ensure that they don't mix servers on different IP networks on the same LAN segment. A good rule of thumb is to have only one network per LAN.
> Communication to devices on another LAN requires a router directly connected to both LANs. The router is also capable of filtering traffic passing between the two LANs therefore providing additional security.
> Larger, more expensive switches can be configured to assign only certain ports to pre-specified Virtual LANs or (VLANs) chosen by the network administrator. In this case, the switch houses ports on multiple LANs. A router is still needs to be connected to each VLAN for inter-network communication.
What Is A Router?
> As stated before, switches and hubs usually only have servers connected to them that have been configured as being part of the same network.
> Routers will connect into multiple switches to allow these networks to communicate with one another.
> Routers can also be configured to deny communication between specific servers on different networks. They can also filter traffic based on the TCP port section of each packet. For example, it is possible to deny communication between two servers on different networks that intend to communicate on TCP port 80, and allow all other traffic between them. Routers therefore direct and regulate traffic between separate networks, much like a traffic policeman.
> If you intend to route between networks, then for each network, you must reserve an IP address for a router and make sure that the router is directly connected to the LAN associated with that network.
> In home networks, routers most frequently provide connectivity to the Internet using network address translation or NAT.
What Is A Gateway?
> Another name for a router.
What Is A Route?
> In the broader networking sense, a route refers to the path data takes to traverse from its source to its destination. Each router along the way may also be referred to as a hop.
> Usually when we speak about a route on a Linux box, we are referring to the IP address of the first hop needed to reach the desired destination network. It is assumed that this first hop will know how to automatically relay the packet.
> Routers are designed to exchange routing information dynamically, and can therefore intelligently redirect traffic to bypass failed network links. Home Linux boxes frequently don't run a dynamic routing protocol and therefore rely on "static" routes issued by the system administrator at the command line or in configuration files to determine the next hop to all desired networks.
> The Linux network topics page shows how to add static routes to your Linux box and also how you can convert it into a simple router.
What Is A Default Gateway?
> A default gateway is really a gateway of last resort. Say for example:
o You have two routers R1 and R2
o R1 is connected to both your SOHO home network (192.168.1.0) and the internet
o R2 is connected to both your SOHO home network (192.168.1.0) and your credit card transaction payment the network (10.46.123.0) which is also connected to other corporate networks with addresses starting with 10.X.X.X
> You could put a route on your SOHO servers that states:
o Go to network 10.0.0.0 255.0.0.0 via router R2
o Go to everything else via router R1. R1 therefore would be considered your default gateway
> For most home networks, your default gateway would be the router / firewall connected to the Internet.
> You can check the Linux networking topics page on how to configure the default gateway on your Linux box.
What Is A NIC?
Your network interface card is frequently called a NIC. Currently, the most common types of NIC used in the home are Ethernet and wireless Ethernet cards.
What Does The "Link" Light On My NIC Indicate?
The link light signifies that the NIC card has successfully detected a device on the other end of the cable. This would indicate that you are using the correct type of cable and that the duplex has been negotiated correctly between the devices at both ends.
What Is A MAC Address?
The media access control address (MAC) can be equated to the serial number of the NIC. Every IP packet is sent out of your NIC wrapped inside an Ethernet frame which uses MAC addresses to direct traffic on your locally attached network.
MAC addresses therefore only have significance on the locally attached network. As the packet hops across the Internet, its source/destination IP address stays the same, but the MAC addresses are reassigned by each router on the way using a process called ARP.
What Is ARP?
The Address Resolution Protocol (ARP) is used to map MAC addresses to network IP addresses. When a server needs to communicate with another server it does the following steps:
> The server first checks its routing table to see which router provides the next hop to the destination network.
> If there is a valid router, let's say with an IP address of 192.168.1.1, the server checks it's ARP table to see whether it has the MAC address of the router's NIC. You could very loosely view this as the server trying to find the Ethernet serial number of the next hop router on the local network, thereby ensuring that the packet is sent to the correct device.
> If there is an ARP entry, the server sends the IP packet to its NIC and tells the NIC to encapsulate the packet in a frame destined for the MAC address of the router.
> If there is no ARP entry, the server will issue an ARP request asking that router 192.168.1.1 respond with its MAC address so that the delivery can be made. Once a reply is received, the packet is sent and the ARP table is subsequently updated with the new MAC address.
> As each router in the path receives the packet, it will pluck the IP packet out of the Ethernet frame, leaving the MAC information behind. It will then inspect the destination IP address in the packet and use its routing table to determine the IP address of the next router on the path to this destination.
> The router will then use the ARP-ing process to get the MAC address of this next hop router. It will then re-encapsulate the packet in an Ethernet frame with the new MAC address and will then send the frame to the next hop router. This relaying process continues until the packet reaches the target computer.
> If the target server is on the same network as the source server, a similar process occurs. The ARP table is queried. If no entry is available, an ARP request is made asking the target server for its MAC address. Once a reply is received, the packet is sent and the ARP table is subsequently updated with the new MAC address.
> The server will not send the data to its intended destination unless it has an entry in its ARP table for the next hop. If it doesn't, the application needing to communicate will issue a timeout or "time exceeded" error.
> As can be expected, the ARP table only contains the MAC addresses of devices on the locally connected network. ARP entries are not permanent and will be erased after a fixed period of time depending on the operating system used.
> The Linux network topics page shows how to see your ARP table and the MAC addresses of your server's NICs.
What Is A DTE?
DTE stands for Digital Terminal Equipment, a terminology originally intended for computer terminals located at remote offices or departments that were directly connected modems. The terminals would have no computing power and only functioned as a screen / keyboard combination for data processing.
Nowadays most PCs have their COM and Ethernet ports configured as if they were going to be connected to a modem or other type of purely networking oriented equipment.
What Is A DCE?
DCE is the acronym for Data Circuit-Terminating Equipment. Modems and other purely networking oriented equipment.
What Is A Straight Through / Crossover Cable?
> When a DCE is connected to a DTE, you will need a "straight-through" type cable. DCEs connected to DCEs or DTEs connected to DTEs will always require "crossover" cables. These are the terminologies generally used with Ethernet cables.
> The terminologies can be different for cables used to connect serial ports together. When connecting a PC's COM port (DTE) to a modem (DCE) the "straight-through" cable is frequently called a "modem" cable. When connecting two PCs (DTE) together via their COM ports the "crossover" cable is often referred to as a "null modem" cable.
> Unfortunately, some manufacturers configure the Ethernet ports of their networking equipment to be either of the DTE or the DCE type, so confusion can arise when selecting a cable. If you fail to get a "link" light when connecting your Ethernet devices together, try using the other type of cable.
> A "straight-through" Ethernet cable is easy to identify. Hold the connectors side by side, pointing in the same direction with the clips facing away from you. The color of the wire in position #1 on connector #1 should be the same as that of position #1 on connector #2. The same would go for positions #2 to #8, ie. the same color for corresponding wires on each end. A cross over cable would have them mixed up.
> Here is a good rule of thumb: PC to PC = crossover cable; PC to switch = straight through cable
What Is A Firewall?
Firewalls can be viewed as routers with more enhanced abilities to restrict traffic, not just by port and IP address like routers. Specifically, firewalls can detect malicious attempts to subvert the TCP/IP protocol. A short list of capabilities includes:
> Throttling traffic to a server when too many unfulfilled connections are made to it
> Restricting traffic being sent to obviously bogus IP addresses
