Download Building a Home Network

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
Document related concepts

Net neutrality wikipedia , lookup

Deep packet inspection wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

AppleTalk wikipedia , lookup

Wi-Fi wikipedia , lookup

National Broadband Plan (United States) wikipedia , lookup

Net neutrality law wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Airborne Networking wikipedia , lookup

Net bias wikipedia , lookup

Computer network wikipedia , lookup

Network tap wikipedia , lookup

Distributed firewall wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Policies promoting wireless broadband in the United States wikipedia , lookup

Wireless security wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Transcript 
Building a Home
Network
Kent Reuber
[email protected]
Outline
Will focus on physical layouts.
Hard to get very specific.
Too many OS versions and
network hardware combinations.
Example network layouts.
Example home network
components.
General recommendations
 Buying things:
 Ask questions (e.g., Expert Partners list) before
you buy. Have a goal…
 Check online to see if manuals are available.
 Buy stuff that you can return, if possible.
 Use dedicated hardware (e.g., print
servers, broadband routers) rather than
software
 Dedicated hardware is more robust and
simpler to operate.
 Don’t have to depend on a computer being
up.
Networking shopping list
Necessary or highly recommended:
Internet Service Provider (ISP).
Broadband (NAT) router.
Print server or network printer.
Cables.
Optional:
Wireless access point.
Wireless repeater.
Small hubs/switches.
Web cams, …
Network addressing
“All I did was to ask for her
IP address.” (IT Guy comic)
 All IP addresses within
the network must be
unique.
 Check your docs for
subnet mask and
gateway.
 Most broadband
routers have DHCP
servers, so you don’t
have to manage
addresses manually.
Broadband routers
Broadband (NAT) router
 Hides network
from the outside
world using NAT.
 Connections:
QuickTime™ and a
TIFF (Uncomp resse d) d eco mpres sor
are nee ded to s ee this picture .
 WAN Ethernet
interface for
connection to ISP
equipment.
 Ethernet LAN
interface(s).
 Usually also has
wireless.
What is NAT?
 NAT = “Net Address Translation”
 Several different methods. For the gory
details, see RFC 1613.
 Most frequently encountered method is
the one used in home broadband routers
which “hide” an entire non-routable
network range behind a single routable
“public” IP address.
 Ref: Bill Dutcher: “The NAT Handbook”
(Wiley)
Why would you want to use
NAT?
 Allows you to buy a single IP address from
your ISP and share that address among a
large number of devices. (May save $$)
 All devices on the local network can
access the Internet at the same time,
though the bandwidth is shared.
 Firewall:
 Outside hosts can *reply* to hosts behind the
NAT router.
 Inside hosts have to initiate the connection.
 Note: there are some ways around this.
NAT router setup
 NAT routers are given
two IP’s addresses:
 1 non-routable (LAN -you)
 1 routable (WAN – ISP)
 Machines on LAN side
get special non-routable
addresses (usually
10.*.*.* or 192.168.*.*).
 No IP addresses in these
ranges are routed on
the Internet.
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
How NAT works
 Normal routers maintain
source and destination
IP addresses from endto-end.
 NAT routers change IP
addresses and port.
 Outgoing packets
appear to come from
the NAT router’s public
address.
 NAT routers keep track
of each “flow” so that
replies can be returned.
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
How NAT firewalling works
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
 Suppose a host (either friendly or malicious) sends a
packet to the NAT router without the connection being
initiated from the inside.
 Outside hosts can’t send directly to the hosts on the local
network side -- they have non-routable addresses!
 Since there is no entry in the flow table, the NAT router
has no idea where to forward it and drops the packet.
Instant firewall!
Circumventing the NAT
firewall (if you must)
 You may want to run a server behind your NAT
router. How do you let in some traffic?
 NAT routers have a limited ability to “port
forward”, sending all traffic to a given computer
on the internal net and bypassing the flow table.
 For example:
 Send all Web traffic (port 80) to 192.168.1.3
 Send all mail traffic (port 25) to 192.168.1.5
 You can get hacked if forwarded port is running a
vulnerable service! For example, if your IIS Web
server isn’t patched, your firewall won’t help you.
Always keep services with open ports patched.
Should you use a NAT
router?
 It’s your only choice if you get 1 address
from your ISP and you want to create a
network.
 If you get multiple addresses from your
ISP, you don’t necessarily need one, but
it’s still a good idea.
 Examples: Stanford DSL, Stanford West, Welch
Rd. apartments.
 May want to put one or more hosts on the
public side of the NAT (e.g., file server).
 You should keep most private information
(e.g., bank accounts) on the private side.
Example home network:
mixed public/NAT setup
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
Wireless
Wireless frequency choices
Usually you’ll want wireless
802.11b/g support.
My opinion: wait on 802.11n until the
standard is more mature.
Internet access speed is usually
limited by the ISP.
Most DSL is only 1 Mbps. Even
802.11b won’t be a bottleneck.
Faster 802.11g usually only matters
for transfers within your network.
Wireless network name
 A computer will be able to roam freely
between access points with the same
network name (also called SSID)
 Any of your access points should have a
different SSID than those of your neighbors.
 In most cases, all of your access points should
broadcast the same SSID.
 If you put up your own wireless on
campus, it should not use the SSID
“Stanford”. Use a name that indicates
that it belongs to you.
Wireless protection
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
 Use address filters,
WEP or WPA to
prevent neighbors
from using your
wireless.
 May want to use
hidden SSID (network
name).
 Use encrypted
protocols (https, SSH,
Kerberos, SSL)
especially in public
wireless areas.
Printing and cabling
Print server
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
 Used to network a
printer that
doesn’t have a
network interface.
 Usually has one
Ethernet and one
or more parallel or
USB interfaces.
 Wireless also
available.
Cables
Ethernet cables
Category 5 or 5e is sufficient. No
need for Category 6.
Only 2 pair cable is necessary for
10/100. Gigabit needs 4 pairs.
May need crossover cables for
switch-switch connections.
May also need USB or parallel
cables.
Other devices
Wireless access point
Wireless broadband router without
the router.
Usually only 1 Ethernet port.
Use if you need more than one
wireless for coverage.
Also useful if your broadband router
doesn’t have wireless.
Range extenders are also
available.
Hubs and switches
Probably doesn’t matter which you
use. Unlikely that your net is so
congested that a switch would
add performance.
Switch speed is almost always faster
than your ISP, so switch speed will
not be a bottleneck to accessing
the Internet.
Always remember not to create
loops in cabling -- you must wire in
a “star” shape.
Web cams
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
 Many of the new
Internet cameras
have built-in Web
servers so that you
don’t need a
computer.
 Some people use
cams for security
or just to watch
their kittens…
Voice over IP (VoIP)
Many companies are starting to sell
equipment that can place calls
over Internet connections.
Expect lower quality voice, but you
may save money.
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Stanford-run networks
Stanford DSL
 5 usable Stanford IP addresses.
 Network is ready to go.
 Can access resources IP limited resources
(e.g., journals)
 Don’t need a broadband router, but it’s still
a good idea.
 Netopia router (provided):
 Can distribute your addresses via DHCP.
Good for laptops.
 Has 4 10/100 ports for devices.
 Only routes IP.
 DNS is provided by campus servers.
 You can connect to your computer by specifying
its hostname (xxx.stanford.edu).
Kent’s Stanford DSL Network
QuickTime™ and a
TIFF (LZW) decompressor
are needed to see this picture.
Stanford West/Welch Rd.
 10Mbit Ethernet service. Not DSL!
 Way faster than DSL. 100Mbit service
available.
 Up to 4 Stanford IP address for each paid jack.
Can also get additional private (non-routable)
addresses for print-servers, access points, etc.
 Like department Ethernet networks, any
network protocol that gets sent onto the
wire can affect your neighbors. Play
nice!
 DHCP & DNS provided by campus
servers.
Books
“Linksys Networks, the Official
Guide”, Kathy Ivens, Larry
Seltzer, Osborne
“Home Networking Bible”, Sue
Plumley, Wiley
Web Sites
Stanford West/Welch Rd.
Computing FAQ:
http://www.stanford.edu/services/
stanfordwest/faq.html
Stanford VPN Service:
http://vpn.stanford.edu
Stanford DSL Service:
http://www.stanford.edu/services/dsl/
Related documents
Network Address Translation (NAT)
Network Address Translation (NAT)
Quest study guide#1
Quest study guide#1
Document
Document
Check Your Understanding Chapter 7 Part 1 For a quick review to
Check Your Understanding Chapter 7 Part 1 For a quick review to
Network Address Translation (NAT)
Network Address Translation (NAT)
russian picnic
russian picnic
Cell Structure and Function Chart
Cell Structure and Function Chart
Interpreters and Compilers
Interpreters and Compilers
Nature of Structural Geology
Nature of Structural Geology
MTA 98-366 Networking Fundamentals
MTA 98-366 Networking Fundamentals
percussion WHAT IS INVOLVED IN NAT 5 MUSIC?
percussion WHAT IS INVOLVED IN NAT 5 MUSIC?
Prytaneion
Prytaneion