[Murrkf]

[phuzi0n]

[ad5mb]

[MrAlvin]

Hi Murrkf (and others), what a great initiative!!!

I think that this could be the beginning of a GREAT (simple) wiki entry about networking. Let me just remind everyone that one of the secrets of great writing is to re-write! So having different people give their different approach, will eventually lead to something very understandable……. once its all re-written.

Here's a few of my thoughts. Maybe a bit long, but then someone else then gets a good chance to boil the essence out of it :

When connecting computers to a network, they are given an address also called an IP number. This could be 192.168.1.34 o r 10.0.0.34 or some other number. )
For mathematical reasons (see the binary system), each of the four numbers separated by dots, can only be in the range of 0-255, with a few extra limitations on the first number. The first number in the IP address should be in the range of 1-224.
Also the last number must only go up to .254 – the .255 is reserved for other purposes, as will be revealed shortly.
(editors note: must find out if 224 is the actual practical recommended limit for the first number.

Once a computer has a unique address (a unique IP number) it can practically talk to every other computer on the Internet.

ONE network can however be likened to ONE road. If one single road had to carry all the traffic of all vehicles in the world, it would be a VERY busy and VERY crowded road, and thus there are many roads, connected by intersections. This allows for local addresses and local-only traffic.

Likewise with the biggest known network - the Internet - it has many roads (network segments) connected by intersections (routers).

Traffic between local computers can stay on the local “roads” – the local network. That is; on the local network segment. For data to travel to non-local addresses (other network segments) it has to pass through a router (the intersections between network segments). Routers are also referred to as gateways.

When your computer sends a data-package through the network it must pre-determine if that data-package should stay local, or needs to go through the local router (local gateway) to end up on another network segment.
The tool to help your computer determine this is called the network mask (or for short the MASK).
If your computer sends data from your IP number (ie. 192.168.1.34), which may have the MASK of 255.255.255.0 it automatically knows that data to any other 192.168.1.x address is local, and on the same network segment, and thus does not need to first be sent to the router.
Whereas data to ex. 192.168.5.1 is on a different network segment (because the first three numbers are not the same as your computers IP number).


For your computer to send data packages through a router, it must know the local IP number of that router. Lets assume the router number is 192.168.1.1

With these three pieces of information:
IP number: 192.168.1.34
MASK: 255.255.255.0
Gateway: 192.168.1.1
Your computer is now ready to send data both local and non-local.

Your local network is often referred to as a LAN (Local Area Network). A LAN always has at least one network segment.

With the three pieces of information above we know, that the network number is 192.168.1 and the computer number (also called a node number) is .34

If the Network MASK number had been 255.255.0.0 the network number would have been 192.168 and the node number would have been .1.34

A network mask of 255.0.0.0 is called an A class network
A network mask of 255.255.0.0 is called a B class network
A network mask of 255.255.255.0 is called a C class network

Home networks are almost always C class networks – because it just makes practical sense.


DHCP - automatic assignment of basic IP information/setup
In the early days of TCP/IP computing, one would manually need to enter these three pieces of basic information on every computer connected to the local network. That quickly became boring, and someone came up with a system where one computer (or one router) on the local network segment could take on the job of handing out these basic pieces of information. The job of handing out IP numbers (and a bit more basic network information) is handled by the DHCP server (or DHCP function) running on a pc, server or router.

There can only be ONE active DHCP operator on a physical network segment. This is because the DCHP system uses the “broadcast” address of a network segment.
The highest address on a network segment is reserved for use as a broadcast address. No one specific pc can take on that (or should be assigned) the highest node number.

On a C class network the highest node number is n.n.n.255 or just .255
On our example network the broadcast address would be 192.168.1.255

(editors note: isn’t 255.255.255.255 the actual highest number and thus the broadcast number? Must be looked into)

All computers on a network segment listen to and process any data packages that are sent to the broadcast address. Otherwise network chips will usually (in non-promiscuous mode) filter out all data packages that are not addressed to that pc’s IP number/address. So the CPU on your pc does not have to waste time processing non-relevant data traffic.


On a network layer below the IP system is the physical hardware layer, that is, your network card has from the manufacturer been assigned worldwide unique number a MAC number. MAC numbers and addresses can only send data on ONE physical network segment. One way to ensure that there is only ONE network card in the whole wide world using a specific MAC number is, that part of the MAC number is the international registered unique manufacturer number.

Before your pc gets assigned an IP number by the DHCP server, communication between your pc and the DHCP server relies on using the MAC number.

Thus (using the MAC number for identification) your pc can send a broadcast message to the IP number 192.168.1.255 without yet having an IP number it self. And thus the DHCP server can answer, by using your pc’s network card’s unique MAC number as the receiver of the IP assignment.

Fancy – I know!!! One of the olds was really smart. And I mean SMART.



Well that is it for now. Talk to you all later.

[socal87]

[Masterman]

I put this link to a subnet calc in the wiki->basic tutorials:

http://www.subnet-calculator.com/

[squibT]

Looking at the WIKI link...This is a mess. Use the forum for discussion and add the basic "dummy" info back here bit by bit in an orderly, easy to understand fashion. Some of the info is way to complicated for a "dummy"...this happens all the time... We tend to over think things and say "oh we need to add this and this and this"....and soon the simple explanation is far more complicated than necessary. Remember, this is for "noobs to networking". For in-depth or additional info on any subject the reader should be encouraged to GOOGLE. It would really help all if the info was presented showing how it relates to DD-WRT applications.

squibt

[ad5mb]

the thing is, you forget how little you knew when you were a newbie. things that were first month things are way ahead of first day guy.

[squibT]

So true.

When I was in College a guy from the computer network administration class (very smart guy) was hired by our govt to provide simple computer/user instruction to employees...basic stuff...he made everything so complicated they fired him...and told him why...

I don't like the term "For Dummies" because anyone wanting to learn is no dummy. They may not have your knowledge or understanding right now but, for sure, one day they may surpass you. Give them a help up the ladder...don't make them jump rungs.

squibt

[MrAlvin]

Here is my second take on a Networking 101

I think that the DD-WRT networking 101 should also have a 102 and 103 where the same issues are explained but each time with a bit more information, that way it will probably be easier to maintain a differentiated entry level for all the users of DD-WRT, as they come here with quite different levels of networking / Linux / router knowledge.
One goal might also be to explain/link to the sometimes quite advanced issues that are handled by the DD-WRT software.


IP networking 101

IP number
An IP number is a 4 byte number. Usually shown like four numbers separated by dots, like 192.168.1.1 or 172.20.20.10

Netmask
A netmask separates an IP number into a network number and a node number (computer number on that network). The first part of the IP number is always the network number, the last part of the IP number is the computer number (node number).

Examples:
For the IP number 192.168.1.1 with a netmask 255.255.255.0 The network number is 192.168.1 and the node (computer) number is 1

If the netmask had been 255.255.0.0 The network number would have been 192.168 and the computer number would have been 1.1
For short the network mask is called: MASK

Network classes
There is a definition of three network classes called class A, B and C. The network mask shows which class of network we are talking about.
Class A has a network mask of 255.0.0.0 also referred to as /8
Class B has a network mask of 255.255.0.0 also referred to as /16
Class C has a network mask of 255.255.255.0 also referred to as /24

It has been tradition that the following IP numbers are used with the different network classes:

1.x.x.x -126.x.x.x is class A IP numbers with a netmask of 255.0.0.0
128.1.x.x - 191.254.x.x is class B IP numbers with a netmask of 255.255.0.0
192.0.1.x - 223.255.254.x is class C IP numbers with a netmask of 255.255.255.0
224.x.x.x - 255.x.x.x is reserved for special purposes and is sometimes referred to as class D

0.x.x.x and 127.x.x.x is used for software specific purposes.


Private IP numbers
or
IP numbers reserved for local networks
or
NAT networks.

Basically an IP number can only be use by ONE computer on the entire Internet. Using a system called NAT (Network Address Translation) it is how ever possible to create a local network where you in principle can re-use all of the IP numbers for your private purposes. For practical reasons a limited group of IP numbers have however been assigned for use on local networks. These are the IP numbers:

From class A: 10.0.0.0 - 10.255.255.255 - class A netmask 255.0.0.0
From class B: 172.16.0.0 - 172.31.255.255 - class B netmask 255.255.0.0
From class C: 192.168.0.0 - 192.168.255.255 - class C netmask 255.255.255.0

For practical reasons it can be wise to use a class C netmask, even if you use 10.x.x.x addresses on your local network.

MAC number
At the lowest level of the network system (the physical level), each network card/adapter is from the manufacturer assigned a unique number. MAC is short for Media Access Control. The MAC number is a 48-bit (six byte number) usually shown in HEX notation like: 01-23-45-67-89-AB.

On the physical level of the network, one computer (node) can only exchange data with another computer if they share the same wire (or physical network segment).

What is a network segment?
On the lowest level of the network model, computers connected electrically makes up a network segment. On a physical network segment all communication between computers (nodes) can happen based on MAC numbers.

It is possible to extend the physical network segment using a bridge, which basically just re-shapes the electrical signal.

IP network segment
On higher levels of the network system like the IP level you can also talk about a network segment, where all computers sharing the same IP network number are considered to be on the same IP network segment. Like 192.168.3.x (MASK 255.255.255.0) wich can also be written 192.168.3.0/24 - network number is 192.168.3

It is possible to extend an IP segment between physical networks (or different physical locations) using an IP bridge. An IP bridge basically echo’s all data packages between the two sides of the bridge.

What is a bridge or a HUB?
A bridge connects two network segments and will echo data between the two sides of the bridge.
A HUB will echo data from one port to all other ports of the HUB.
Physical Bridges and network HUBs are almost extinct today (2009), these days one will use a switch in place of a HUB. When a router is used as a Bridge, its actually used as an IP Bridge, but for shot its just referred to as a bridge.

A network switch
A switch will keep a list of all MAC numbers of computers connected to its ports, so when a switch receives a data package it will only re-transmit that data package to that switch port where the receiving MAC numbered computer is located.


What is a DHCP server
DHCP is short for Dynamic Host Configuration Protocol.
A DHCP server can hand out IP information to the computers on an IP network segment, when the computers get connected to the network.
All computers on an IP segment needs to know at least two things: Its own IP number, its own network mask. To be able to reach computers outside its own network segment every computer also needs to know the Gateway IP number and to assist the computer-user in Internet browsing it also needs to know the IP number of a DNS server.

For private networks the DHCP servers in a router typically hands out those four IP informations:
a) the computers IP number
b) the network mask (MASK)
c) the Gateway IP number
d) a DNS server IP number


What is a DNS server?
DNS is short for Domain Name System. The DNS system translates between IP numbers of a computer/server and an easy-to-read-by-humans name.

Every computer or server on the Internet is uniquely identified by its IP number, and by its IP number only! Numbers are very practical names to have between computers, not so when humans need to identify a computer or a web page. So the DNS system can perform the translation between a name and the IP number of a computer/server/web page.

The DNS system is a widely distributed system, meaning that each Internet Service Provider (ISP, the place where you buy your Internet connection) has at least two DNS servers where your computer(s) can get name-to-IP translation made.


Networking 102

IP number
IPv4
The current iteration of the IP protocol is number four also called IPv4
An IPv4 number is a 4 byte number (32 bit). Usually shown like four numbers separated by dots, like 192.168.1.1 or 172.20.20.10

IPv4 has room for abt. 4 billion computers ( 4 294 967 295 ), and we will reach that limit any year now.

IPv6
The next iteration of the IP protocol is number six, also called IPv6
An IPv6 number is a 16 byte number (128-bit), usually written as eight groups of four hexadecimal digits, where each group is separated by a colon ( : ). For example, 2001:0db8:0000:0000:0000:8a2e:0370:7334, where consecutive groups of 0 value may be replaced with two colons 2001:0db8::8a2e:0370:7334

IPv6 has room for about 340,282,366,920,938,463,463,374,607,431,768,211,456 computers, which again means that you can assign over 3.7x10**21 addresses per square inch of the earth's surface (that was 3700 billion billon).
A LOT of the IPv6 addresses are however reserved for special purposes, so for practical implementations you may end up with only one IPv4 network per square inch of the earth. But hey, that is still 4 billion uniquely identifiable nodes per square inch (and thats without NAT translation at all!)


Network mask
A C class network can have about 256 computers in one segment (some computer numbers in a class are reserved for special purposes but lets ignore that for a minute)

As computers work using only two numbers 1 and 0 the network mask can be expressed an 1's and 0'. 255 translates to the binary number 1111 1111

So a network mask of 255.255.0.0 translates to: 1111 1111 . 1111 1111 . 0000 0000 . 0000 0000

To be a class network, the switch between 1's an 0' must happen at the dot.

It is however possible to use non-class networks, where the switch between 1's and 0's does not happen at the dot. Which would be the case of a network mask like 255.255.255.240 which translates to 1111 1111 . 1111 1111 . 1111 1111 . 1111 0000 or /28

Or 255.255.252.0 which translates to 1111 1111 . 1111 1111 . 1111 1100 . 0000 0000 or /22

A 255.255.255.240 network can have no more than 16 computers on the same IP segment
A 255.255.252.0 network can have no more than 1024 computers on the same IP segment


Switch
A switch will keep a list of all MAC numbers of computers connected to its ports, so when a switch receives a data package it will only re-transmit that data package to that switch port where the receiving MAC numbered computer is located.

If the switch does not have the receiving MAC number in its MAC list it will echo the data package to all of its ports – and the first reply will get the MAC number into the list.

If you connect several switches, then all switches will maintain their own list of all MAC numbers for the whole network. One port of one switch can have several MAC numbers associated with it, and the list of associations per switch port will be different for every switch on the network.

Edit: minor formatting

[ad5mb]

http://www.wirelessforums.org/how-tos/wireless-103-long-link-67730.html

you get 10,000 characters, including BB code. write write write post DAMN cut cut post edit DAMN!

[MrAlvin]

So I've been thinking:
- How can I see MAC numbers on my network?
- How can I se IP stuff on my network?
- How can I see routes defined on my network devices?

These are a few commands I have found:

Windows
- IPCONFIG
- IPCONFIG /all
- ARP
- ARP -a
- NETSTAT
- ROUTE PRINT
- PING
?

Linux (DD-WRT)
- ifconfig
- arp
- route
- ping
?

What other commands should I know/use?


And I suppose a 101 question might also be: How do I get to issue these commands?

Edit:

Notes about windows commands.

To issue the commands in windows you will usually use the "command prompt window". This window can be activated in one of several ways:
- Start button -> programs -> accessories -> command prompt
- Start button -> select Run and type: cmd.exe
- Right click Task bar -> select: Task manager -> Menu: File -> New task (run) -> type: cmd.exe
- Win7: Start button -> in search field at the button - > type: cmd.exe


Here are examples of using some of the windows commands: http://www.wirelessforums.org/how-tos/tools-understanding-troubleshooting-tcp-ip-63912.html


Notes about Linux commands

Use a telnet terminal program to establish a command line session with DD-WRT

PuTTY is a free, small and open source telnet and SSH Client (a terminal program) for the Windows and Unix platforms.
Get it here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Select the putty.exe file if in doubt which file to download. The is no installer, because the file is so small, and everything you need is in the .exe file.


Notes about puTTY:
- Run the exe
- In Host name (or IP address) type: 192.168.1.1
- For Connection type - select: telnet
- Click the Open button

The command line window will appear, and DD-WRT is talking to you.
User name is: root
Password is, the same password as you use for the Web interface of DD-WRT.

Your prompt will show <user name>@<router name>:<folder>#
The "~" means root "home folder"


Examples of Basic Linux commands:

# cd /
change directory to the root of the Linux system

# cd /tmp
change directory to the /tmp folder (directory)

When in the tmp folder
# cd var
Moves from /tmp to /tmp/var

# ls
List the content of the folder (directory) you are in.

# ls -l
Detailed list (long list) of the folder (directory you are in.

# ls -l /
Detailed list of the root folder (directory)

# ls -l /tmp
Detailed list of the /tmp folder (directory)

/tmp# cat hosts
Show the text contents of the file /tmp/hosts

# cat /tmp/resolve.conf
Show the text contents of the file /tmp/resolve.conf

All Linux commands have a "man" page (a manual for that command). In DD-WRT these are usually not included because of the restricted space of the routers flash drive.


More Linux commands
You can find a man page (or even a more detailed description of the command) by typing the command and the word "Linux" in google.


A note about the PuTTY window:
- By marking text, using the mouse, in the PuTTY window it is instantly copied to the clipboard.
- By right clicking in the PuTTY window, you instantly paste from the clipboard to the command line in PuTTY.

This can be very useful when following wiki directions, just copy the command line(s) from the wiki into PuTTY, no typing or typing errors involved.
(do NOT copy the leading # from the command lines in the wiki. If YOU type the # in the command line, it means that all the following text is a comment).


Wiki page about the Linux Command Line (CLI), Telnet and SSH.

[squibT]

MrAlvin you are right on...this is the type of info we need here...simple, touching on all points relating to DDWRT and home networks....

squibt

[MrAlvin]

[MrAlvin]

Networking 101

The OSI model

In the following I have tried to use as few words and to be as un-technical as I can in order to describe some of what is going on at the different layers/levels of the OSI networking model. Typing OSI model in google will get you to the pages where all the correct, official function words are used. I have on purpose tried to stay away from those descriptions though I'm not sure its entirely possible to do that.

OSI model is short for Open System Interconnection model.

-------

Level 1 - Physical layer

Both ends of the cable will show a 1 or 0 state if a 1 or 0 is applied at one end. It does not matter if the two ends are connected by wire or radio waves.
The individual bit is however not defined, so there is no way of knowing if 101 or 11110000111 have been transmitted.

-------

Level 2 - Data transport layer

Data bit and/or data packages can be transmitted between nodes that are in physical (or radio) proximity. The start, length and end of a 1 or a 0 is defined, and bit, byte and/or package boundaries are defined, so one can send single bits and/or bytes and/or groups of bytes called data packages.

MAC addresses of network adapters are defined at this level.
The use of the IP protocol for a single IP segment is defined at this level.
A standard switch (using MAC lists) work at this level and is thus called a Level 2 device (Level 2 switch)

-------------

Level 3 - Network layer

Routing and connections between network segments are defined at this layer. Gateways, routers, router protocols etc. are defined at this level.
Some managed switches provide advanced VLAN options and sometimes also some level of routing capabilities between the VLANs. This is sometimes referred to as Level 3 switching, or a Level3 switch.

The part of the IP protocol that makes routing possible is defined at this layer of the OSI model

DD-WRT - strike that - standard IP router functions operate on this layer.

-------------

Level 4 – Transport Layer

I’ve got nothing much – Some or all of the TCP protocol is defined in this layer.

Among other things I read”… is responsible for end-to-end error recovery and flow control. It ensures complete data transfer.” TCP protocol does some of that.

-------------

Level 5 – Session Layer

I’ve got nothing much – but somehow a session is defined at this layer. Among other things I read: “The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications at each end. It deals with session and connection coordination.”

-------------

Level 6 – Presentation Layer

I’ve got nothing much – but it seems that security designed to part of the protocol, like IPsec seems to be defined at this layer.

-------------

Level 7 – Application layer

Application protocols like FTP, SSH, HTTP etc. is defined is this layer


Port numbers

Beyound IP numbers, these protocols uses ports to address one another. That is; a FTP client connects to a FTP server using an IP number and a port number.

The FTP server default port to listen on is 21

The default port for a few other known servers are
HTTP 80
HTTPS 443
SSH 22
Telnet 23

Each IP node can operate with a 16-bits selection of ports ~ 64500 ports
The first couple of thousand ports have pre-defined default server assignments. RFC 1700 (at page 15+) used to list them, but RFC 3232 obsoleted rfc1700

-------------

One of the advantages of the layer model, is that functions that are defined at a lower layer can be used transparently by the other upper layers. For example, if you want a secure channel for your FTP communication you can those an application with built-in security at the application layer, or you can default all your traffic to use IPsec, as IPsec is defined at the Presentation layer.


I am not sure where to actually put security protocols like SSH and OpenVPN. It seems to me they exist on layer 7, but can be made to offer services at level 2 and/or 3. I find it at bit confusing.
Edit: I suppose it was the fact that I see them as applications that confused me, but they are just services (daemons in Linux lingo I suppose) so I suppose they actually only DO exist on layers 2-5 in the OSI model.


It may be an advantage, even to the home router user, to know a bit ablut at which layer/level this function or protocol is defined (or as I call it, has its home) as one might then find new and interesting ways to use a function/protocol.


This guy also has a very practical description of the OSI model.