How Modems Work

If you are reading this article on your computer at home, it probably arrived via modem.

In this edition of NoWireTechnologies, we'll show you how a modem brings you Web pages. We'll start with the original 300-baud modems and progress all the way through to the ADSL configurations!

(Note: If you are unfamiliar with bits, bytes and the ASCII character codes, reading How Bits and Bytes Work will help make this article much clearer.)

The Origin of Modems

The word "modem" is a contraction of the words modulator-demodulator. A modem is typically used to send digital data over a phone line.

The sending modem modulates the data into a signal that is compatible with the phone line, and the receiving modem demodulates the signal back into digital data. Wireless modems convert digital data into radio signals and back.

Modems came into existence in the 1960s as a way to allow terminals to connect to computers over the phone lines. A typical arrangement is shown below:







In a configuration like this, a dumb terminal at an off-site office or store could "dial in" to a large, central computer. The 1960s were the age of time-shared computers, so a business would often buy computer time from a time-share facility and connect to it via a 300-bit-per-second (bps) modem.

A dumb terminal is simply a keyboard and a screen. A very common dumb terminal at the time was called the DEC VT-100, and it became a standard of the day (now memorialized in terminal emulators worldwide). The VT-100 could display 25 lines of 80 characters each. When the user typed a character on the terminal, the modem sent the ASCII code for the character to the computer. The computer then sent the character back to the computer so it would appear on the screen.

When personal computers started appearing in the late 1970s, bulletin board systems (BBS) became the rage. A person would set up a computer with a modem or two and some BBS software, and other people would dial in to connect to the bulletin board. The users would run terminal emulators on their computers to emulate a dumb terminal.

People got along at 300 bps for quite a while. The reason this speed was tolerable was because 300 bps represents about 30 characters per second, which is a lot more characters per second than a person can type or read. Once people started transferring large programs and images to and from bulletin board systems, however, 300 bps became intolerable. Modem speeds went through a series of steps at approximately two-year intervals:

• 300 bps - 1960s through 1983 or so


• 1200 bps - Gained popularity in 1984 and 1985


• 2400 bps


• 9600 bps - First appeared in late 1990 and early 1991


• 19.2 kilobits per second (Kbps)


• 28.8 Kbps


• 33.6 Kbps


• 56 Kbps - Became the standard in 1998


• ADSL, with theoretical maximum of up to 8 megabits per second (Mbps) - Gained popularity in 1999

(Check out How DSL Works and How Cable Modems Work for more information on the progression of modem technology and current speeds.)

Read More

Pros and Cons to Cable Modems

If you are one of the first users to connect to the Internet through a particular cable channel, then you may have nearly the entire bandwidth of the channel available for your use. As new users, especially heavy-access users, are connected to the channel, you will have to share that bandwidth, and may see your performance degrade as a result. It is possible that, in times of heavy usage with many connected users, performance will be far below the theoretical maximums. The good news is that this particular performance issue can be resolved by the cable company adding a new channel and splitting the base of users.

Another benefit of the cable modem for Internet access is that, unlike ADSL, its performance doesn't depend on distance from the central cable office. A digital CATV system is designed to provide digital signals at a particular quality to customer households. On the upstream side, the burst modulator in cable modems is programmed with the distance from the head-end, and provides the proper signal strength for accurate transmission.

Read More

Cable Modem Termination System

At the cable provider's head-end, the CMTS provides many of the same functions provided by the DSLAM in a DSL system. The CMTS takes the traffic coming in from a group of customers on a single channel and routes it to an Internet service provider (ISP) for connection to the Internet. At the head-end, the cable providers will have, or lease space for a third-party ISP to have, servers for accounting and logging, Dynamic Host Configuration Protocol (DHCP) for assigning and administering the IP addresses of all the cable system's users, and control servers for a protocol called CableLabs Certified Cable Modems -- formerly Data Over Cable Service Interface Specifications (DOCSIS), the major standard used by U.S. cable systems in providing Internet access to users.







The downstream information flows to all connected users, just like in an Ethernet network -- it's up to the individual network connection to decide whether a particular block of data is intended for it or not. On the upstream side, information is sent from the user to the CMTS -- other users don't see that data at all. The narrower upstream bandwidth is divided into slices of time, measured in milliseconds, in which users can transmit one "burst" at a time to the Internet. The division by time works well for the very short commands, queries and addresses that form the bulk of most users' traffic back to the Internet.

A CMTS will enable as many as 1,000 users to connect to the Internet through a single 6-MHz channel. Since a single channel is capable of 30 to 40 megabits per second (Mbps) of total throughput, this means that users may see far better performance than is available with standard dial-up modems. The single channel aspect, though, can also lead to one of the issues some users experience with cable modems.

Read More

Inside the Cable Modem

Inside the Cable Modem: Demodulator

The most common demodulators have four functions. A quadrature amplitude modulation (QAM) demodulator takes a radio-frequency signal that has had information encoded in it by varying both the amplitude and phase of the wave, and turns it into a simple signal that can be processed by the analog-to-digital (A/D) converter. The A/D converter takes the signal, which varies in voltage, and turns it into a series of digital 1s and 0s. An error correction module then checks the received information against a known standard, so that problems in transmission can be found and fixed. In most cases, the network frames, or groups of data, are in MPEG format, so an MPEG synchronizer is used to make sure the data groups stay in line and in order.

Inside the Cable Modem: Modulator

In cable modems that use the cable system for upstream traffic, a modulator is used to convert the digital computer network data into radio-frequency signals for transmission. This component is sometimes called a burst modulator, because of the irregular nature of most traffic between a user and the Internet, and consists of three parts:

• A section to insert information used for error correction on the receiving end


• A QAM modulator


• A digital-to-analog (D/A) converter

Inside the Cable Modem: MAC

The MAC sits between the upstream and downstream portions of the cable modem, and acts as the interface between the hardware and software portions of the various network protocols. All computer network devices have MACs, but in the case of a cable modem the tasks are more complex than those of a normal network interface card. For this reason, in most cases, some of the MAC functions will be assigned to a central processing unit (CPU) -- either the CPU in the cable modem or the CPU of the user's system.

Microprocessor

The microprocessor's job depends somewhat on whether the cable modem is designed to be part of a larger computer system or to provide Internet access with no additional computer support. In situations calling for an attached computer, the internal microprocessor still picks up much of the MAC function from the dedicated MAC module. In systems where the cable modem is the sole unit required for Internet access, the microprocessor picks up MAC slack and much more. In either case, Motorola's PowerPC processor is one of the common choices for system designers.

Read More

Inside the Cable Modem

Cable modems can be either internal or external to the computer. In some cases, the cable modem can be part of a set-top cable box, requiring that only a keyboard and mouse be added for Internet access. In fact, if your cable system has upgraded to digital cable, the new set-top box the cable company provides will be capable of connecting to the Internet, whether or not you receive Internet access through your CATV connection. Regardless of their outward appearance, all cable modems contain certain key components:

• A tuner


• A demodulator


• A modulator


• A media access control (MAC) device


• A microprocessor

The tuner connects to the cable outlet, sometimes with the addition of a splitter that separates the Internet data channel from normal CATV programming. Since the Internet data comes through an otherwise unused cable channel, the tuner simply receives the modulated digital signal and passes it to the demodulator.

In some cases, the tuner will contain a diplexer, which allows the tuner to make use of one set of frequencies (generally between 42 and 850 MHz) for downstream traffic, and another set of frequencies (between 5 and 42 MHz) for the upstream data. Other systems, most often those with more limited capacity for channels, will use the cable modem tuner for downstream data and a dial-up telephone modem for upstream traffic. In either case, after the tuner receives a signal, it is passed to the demodulator.

Read More

Streams

When a cable company offers Internet access over the cable, Internet information can use the same cables because the cable modem system puts downstream data -- data sent from the Internet to an individual computer -- into a 6-MHz channel. On the cable, the data looks just like a TV channel. So Internet downstream data takes up the same amount of cable space as any single channel of programming. Upstream data -- information sent from an individual back to the Internet -- requires even less of the cable's bandwidth, just 2 MHz, since the assumption is that most people download far more information than they upload.

Putting both upstream and downstream data on the cable television system requires two types of equipment: a cable modem on the customer end and a cable modem termination system (CMTS) at the cable provider's end. Between these two types of equipment, all the computer networking, security and management of Internet access over cable television is put into place

Read More

Extra Space

You might think that a television channel would take up quite a bit of electrical "space," or bandwidth, on a cable. In reality, each television signal is given a 6-megahertz (MHz, millions of cycles per second) channel on the cable. The coaxial cable used to carry cable television can carry hundreds of megahertz of signals -- all the channels you could want to watch and more. (For more information, see How Television Works.)

In a cable TV system, signals from the various channels are each given a 6-MHz slice of the cable's available bandwidth and then sent down the cable to your house. In some systems, coaxial cable is the only medium used for distributing signals. In other systems, fiber-optic cable goes from the cable company to different neighborhoods or areas. Then the fiber is terminated and the signals move onto coaxial cable for distribution to individual houses.

Read More

How Cable Modems Work

Internet Connection Pictures
Photo courtesy Motorola, Inc.
Motorola SURFboard modem
See more internet connection pictures.

For millions of people, television brings news, entertainment and educational programs into their homes. Many people get their TV signal from cable television (CATV) because cable TV provides a clearer picture and more channels. (See How Cable TV Works for details.)

Many people who have cable TV can now get a high-speed connection to the Internet from their cable provider. Cable modems compete with technologies like asymmetrical digital subscriber lines (ADSL). If you have ever wondered what the differences between DSL and cable modems are, or if you have ever wondered how a computer network can share a cable with dozens of television channels, then read on. In this article, we'll look at how a cable modem works and see how 100 cable television channels and any Web site out there can flow over a single coaxial cable into your home.

Read More

Alternatives to ADSL

There are lots of variations in DSL technology -- many of them address DSL's distance limitations in one way or another. Other types of DSL include:

• Very high bit-rate DSL (VDSL) - This is a fast connection, but works only over a short distance. It is capable of handling Internet access, HDTV and on-demand services at rates of 52 Mbps downstream and 12 Mbps upstream.


• Symmetric DSL (SDSL) - This connection, used mainly by small businesses, doesn't allow you to use the phone at the same time, but the speed of receiving and sending data is the same.


• Rate-adaptive DSL (RADSL) - This is a variation of ADSL, but the modem can adjust the speed of the connection depending on the length and quality of the line.


• ISDN DSL (IDSL) - This is a combination of the Integrated Services Digital Network (ISDN) and DSL technology. ISDN was the solution to dial-up Internet -- it allowed voice, text graphics, video and other data to share one telephone line. This made it possible to talk on the phone and use the Internet at the same time. IDSL is faster than ISDN connections but slower than DSL. It can travel a longer distance of 5 to 6 miles, so it is usually a good option for people who can't get DSL in their area.


• Universal DLS (Uni-DSL) - This emerging technology, developed by Texas Instruments, is backwards compatible with all existing versions of DSL. It offers somewhat of a middle ground between ASDL and VDSL -- at longer distances, it can reach the speeds of ASDL, but it can provide greater speeds than VDSL at shorter distances. In some locations, Uni-DSL can provide four times the amount of speed as VDSL.

Alternatives to DSL
With DSL's distance limitation and lower availability, what are some other options? There are two major alternatives to DSL -- cable and wireless.

Cable and DSL are the two big rivals in the world of broadband. Cable isn't limited by distance like DSL -- cable wires reach most neighborhoods, and signal strengths don't weaken over long distances. While DSL allows you to use the telephone and Internet simultaneously, cable lets users watch television and surf the Internet at the same time. Many cable companies are also beginning to bundle services with cable TV, Internet and digital telephone on one bill. Although cable and DSL speeds are about the same, the one disadvantage with cable is bandwidth -- connection speeds can slow down if too many people are using a cable service at the same time.

A new technology, known as WiMax or 802.16, looks to combine the benefits of broadband and wireless. WiMax will provide high-speed wireless Internet over very long distances and will most likely provide access to large areas such as cities. WiMax technology will be available in most American cities in 2008.

To learn more about DSL and other topics, check whole www.nowiretechnologies.com

Read More

DSL Equipment

ADSL uses two pieces of equipment, one on the customer end and one at the Internet service provider, telephone company or other provider of DSL services. At the customer's location there is a DSL transceiver, which may also provide other services. The DSL service provider has a DSL Access Multiplexer (DSLAM) to receive customer connections.







The Transceiver
Most residential customers call their DSL transceiver a "DSL modem." The engineers at the telephone company or ISP call it an ATU-R. Regardless of what it's called, it's the point where data from the user's computer or network is connected to the DSL line.

Photo courtesy Allied Telesyn DSL modem

The transceiver can connect to a customer's equipment in several ways, though most residential installation uses USB or 10 base-T Ethernet connections. While most of the ADSL transceivers sold by ISPs and telephone companies are simply transceivers, the devices used by businesses may combine network routers, network switches or other networking equipment in the same platform.

The DSLAM
The DSLAM at the access provider is the equipment that really allows DSL to happen. A DSLAM takes connections from many customers and aggregates them onto a single, high-capacity connection to the Internet. DSLAMs are generally flexible and able to support multiple types of DSL in a single central office, and different varieties of protocol and modulation -- both CAP and DMT, for example -- in the same type of DSL. In addition, the DSLAM may provide additional functions including routing or dynamic IP address assignment for the customers.

The DSLAM provides one of the main differences between user service through ADSL and through cable modems. Because cable-modem users generally share a network loop that runs through a neighborhood, adding users means lowering performance in many instances. ADSL provides a dedicated connection from each user back to the DSLAM, meaning that users won't see a performance decrease as new users are added -- until the total number of users begins to saturate the single, high-speed connection to the Internet. At that point, an upgrade by the service provider can provide additional performance for all the users connected to the DSLAM.

For information on ADSL rates and availability in the United States, go to Broadband Reports. This site can provide information on ADSL service companies in your area, the rates they charge, and customer satisfaction, as well as estimating how far you are from the nearest central office.

ADSL isn't the only type of DSL, and it's not the only way to get high-speed Internet access. Next, we'll look at ADSL alternatives.

Read More

Splitting the Signal

The CAP System
There are two competing and incompatible standards for ADSL. The official ANSI standard for ADSL is a system called discrete multitone, or DMT. According to equipment manufacturers, most of the ADSL equipment installed today uses DMT. An earlier and more easily implemented standard was the carrierless amplitude/phase (CAP) system, which was used on many of the early installations of ADSL.







CAP operates by dividing the signals on the telephone line into three distinct bands: Voice conversations are carried in the 0 to 4 KHz (kilohertz) band, as they are in all POTS circuits. The upstream channel (from the user back to the server) is carried in a band between 25 and 160 KHz. The downstream channel (from the server to the user) begins at 240 KHz and goes up to a point that varies depending on a number of conditions (line length, line noise, number of users in a particular telephone company switch) but has a maximum of about 1.5 MHz (megahertz). This system, with the three channels widely separated, minimizes the possibility of interference between the channels on one line, or between the signals on different lines.

The DMT System
DMT also divides signals into separate channels, but doesn't use two fairly broad channels for upstream and downstream data. Instead, DMT divides the data into 247 separate channels, each 4 KHz wide.







One way to think about it is to imagine that the phone company divides your copper line into 247 different 4-KHz lines and then attaches a modem to each one. You get the equivalent of 247 modems connected to your computer at once. Each channel is monitored and, if the quality is too impaired, the signal is shifted to another channel. This system constantly shifts signals between different channels, searching for the best channels for transmission and reception. In addition, some of the lower channels (those starting at about 8 KHz), are used as bidirectional channels, for upstream and downstream information. Monitoring and sorting out the information on the bidirectional channels, and keeping up with the quality of all 247 channels, makes DMT more complex to implement than CAP, but gives it more flexibility on lines of differing quality.

Filters
CAP and DMT are similar in one way that you can see as a DSL user.







If you have ADSL installed, you were almost certainly given small filters to attach to the outlets that don't provide the signal to your ADSL modem. These filters are low-pass filters -- simple filters that block all signals above a certain frequency. Since all voice conversations take place below 4 KHz, the low-pass (LP) filters are built to block everything above 4 KHz, preventing the data signals from interfering with standard telephone calls.

Read More

Asymmetric DSL

Most homes and small business users are connected to an asymmetric DSL (ADSL) line. ADSL divides up the available frequencies in a line on the assumption that most Internet users look at, or download, much more information than they send, or upload. Under this assumption, if the connection speed from the Internet to the user is three to four times faster than the connection from the user back to the Internet, then the user will see the most benefit most of the time.

Photo courtesy Corning DSL signals can't pass through fiber-optic cables.

Precisely how much benefit you see from ADSL will greatly depend on how far you are from the central office of the company providing the ADSL service. ADSL is a distance-sensitive technology: As the connection's length increases, the signal quality decreases and the connection speed goes down. The limit for ADSL service is 18,000 feet (5,460 meters), though for speed and quality of service reasons many ADSL providers place a lower limit on the distances for the service. At the extremes of the distance limits, ADSL customers may see speeds far below the promised maximums, while customers nearer the central office have faster connections and may see extremely high speeds in the future. ADSL technology can provide maximum downstream (Internet to customer) speeds of up to 8 megabits per second (Mbps) at a distance of about 6,000 feet (1,820 meters), and upstream speeds of up to 640 kilobits per second (Kbps). In practice, the best speeds widely offered today are 1.5 Mbps downstream, with upstream speeds varying between 64 and 640 Kbps. Some vast improvements to ADSL are available in some areas through services called ASDL2 and ASDL2+. ASDL2 increases downstream to 12 Mbps and upstream to 1 Mbps, and ASDL2+ is even better -- it improves downstream to as much as 24 Mbps and upstream to 3 Mbps.­

You might wonder -- if distance is a limitation for DSL, why is it not also a limitation for voice telephone calls? The answer lies in small amplifiers called loading coils that the telephone company uses to boost voice signals. Unfortunately, these loading coils are incompatible with ADSL signals, so a voice coil in the loop between your telephone and the telephone company's central office will disqualify you from receiving ADSL. Other factors that might disqualify you from receiving ADSL include:

• Bridge taps - These are extensions, between you and the central office, that extend service to other customers. While you wouldn't notice the­se bridge taps in normal phone service, they may take the total length of the circuit beyond the distance limits of the service provider.


• Fiber-optic cables - ADSL signals can't pass through the conversion from analog to digital and back to analog that occurs if a portion of your telephone circuit comes through fiber-optic cables.


• Distance - Even if you know where your central office is (don't be surprised if you don't -- the telephone companies don't advertise their locations), looking at a map is no indication of the distance a signal must travel between your house and the office.

Next, we'll look at how the signal is split and what equipment DSL uses.

Read More

How DSL Works

When you connect to the Internet, you might connect through a regular modem, through a local-area network connection in your office, through a cable modem or through a digital subscriber line (DSL) connection. DSL is a very high-speed connection that uses the same wires as a regular telephone line.

Here are some advantages of DSL:

• You can leave your Internet connection open and still use the phone line for voice calls.


• The speed is much higher than a regular modem


• DSL doesn't necessarily require new wiring; it can use the phone line you already have.


• The company that offers DSL will usually provide the modem as part of the installation.

But there are disadvantages:

• A DSL connection works better when you are closer to the provider's central office. The farther away you get from the central office, the weaker the signal becomes.


• The connection is faster for receiving data than it is for sending data over the Internet.


• The service is not available everywhere.

In this article, we explain how a DSL connection manages to squeeze more information through a standard phone line -- and lets you make regular telephone calls even when you're online.

Telephone Lines
If you have read How Telephones Work, then you know that a standard telephone installation in the United States consists of a pair of copper wires that the phone company installs in your home. The copper wires have lots of room for carrying more than your phone conversations -- they are capable of handling a much greater bandwidth, or range of frequencies, than that demanded for voice. DSL exploits this "extra capacity" to carry information on the wire without disturbing the line's ability to carry conversations. The entire plan is based on matching particular frequencies to specific tasks.

­ To understand DSL, you first need to know a couple of things about a normal telephone line -- the kind that telephone professionals call POTS, for Plain Old Telephone Service. One of the ways that POTS makes the most of the telephone company's wires and equipment is by limiting the frequencies that the switches, telephones and other equipment will carry. Human voices, speaking in normal conversational tones, can be carried in a frequency range of 0 to 3,400 Hertz (cycles per second -- see How Telephones Work for a great demonstration of this). This range of frequencies is tiny. For example, compare this to the range of most stereo speakers, which cover from roughly 20 Hertz to 20,000 Hertz. And the wires themselves have the potential to handle frequencies up to several million Hertz in most cases. ­

­ The use of such a small portion of the wire's total bandwidth is historical -- remember that the telephone system has been in place, using a pair of copper wires to each home, for about a century. By limiting the frequencies carried over the lines, the telephone ­system can pack lots of wires into a very small space without worrying about interference between lines. Modern equipment that sends digital rather than analog data can safely use much more of the telephone line's capacity. DSL does just that.

Read More

Proxy Servers and DMZ

A function that is often combined with a firewall is a proxy server. The proxy server is used to access Web pages by the other computers. When another computer requests a Web page, it is retrieved by the proxy server and then sent to the requesting computer. The net effect of this action is that the remote computer hosting the Web page never comes into direct contact with anything on your home network, other than the proxy server.

Proxy servers can also make your Internet access work more efficiently. If you access a page on a Web site, it is cached (stored) on the proxy server. This means that the next time you go back to that page, it normally doesn't have to load again from the Web site. Instead it loads instantaneously from the proxy server.

There are times that you may want remote users to have access to items on your network. Some examples are:

• Web site


• Online business


• FTP download and upload area

­ In cases like this, you may want to create a DMZ (Demilitarized Zone). Although this sounds pretty serious, it really is just an area that is outside the firewall. Think of DMZ as the front yard of your house. It belongs to you and you may put some things there, but you would put anything valuable inside the house where it can be properly secured.

Setting up a DMZ is very easy. If you have multiple computers, you can choose to simply place one of the computers between the Internet connection and the firewall. Most of the software firewalls available will allow you to designate a directory on the gateway computer as a DMZ.

Once you have a firewall in place, you should test it. A great way to do this is to go to www.grc.com and try their free Shields Up! security test. You will get immediate feedback on just how secure your system is!

Read More

Why Firewall Security?

There are many creative ways that unscrupulous people use to access or abuse unprotected computers:

• Remote login - When someone is able to connect to your computer and control it in some form. This can range from being able to view or access your files to actually running programs on your computer.


• Application backdoors - Some programs have special features that allow for remote access. Others contain bugs that provide a backdoor, or hidden access, that provides some level of control of the program.


• SMTP session hijacking - SMTP is the most common method of sending e-mail over the Internet. By gaining access to a list of e-mail addresses, a person can send unsolicited junk e-mail (spam) to thousands of users. This is done quite often by redirecting the e-mail through the SMTP server of an unsuspecting host, making the actual sender of the spam difficult to trace.


• Operating system bugs - Like applications, some operating systems have backdoors. Others provide remote access with insufficient security controls or have bugs that an experienced hacker can take advantage of.


• Denial of service - You have probably heard this phrase used in news reports on the attacks on major Web sites. This type of attack is nearly impossible to counter. What happens is that the hacker sends a request to the server to connect to it. When the server responds with an acknowledgement and tries to establish a session, it cannot find the system that made the request. By inundating a server with these unanswerable session requests, a hacker causes the server to slow to a crawl or eventually crash.


• E-mail bombs - An e-mail bomb is usually a personal attack. Someone sends you the same e-mail hundreds or thousands of times until your e-mail system cannot accept any more messages.


• Macros - To simplify complicated procedures, many applications allow you to create a script of commands that the application can run. This script is known as a macro. Hackers have taken advantage of this to create their own macros that, depending on the application, can destroy your data or crash your computer.


• Viruses - Probably the most well-known threat is computer viruses. A virus is a small program that can copy itself to other computers. This way it can spread quickly from one system to the next. Viruses range from harmless messages to erasing all of your data.


• Spam - Typically harmless but always annoying, spam is the electronic equivalent of junk mail. Spam can be dangerous though. Quite often it contains links to Web sites. Be careful of clicking on these because you may accidentally accept a cookie that provides a backdoor to your computer.


• Redirect bombs - Hackers can use ICMP to change (redirect) the path information takes by sending it to a different router. This is one of the ways that a denial of service attack is set up.


• Source routing - In most cases, the path a packet travels over the Internet (or any other network) is determined by the routers along that path. But the source providing the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network! Most firewall products disable source routing by default.

Some of the items in the list above are hard, if not impossible, to filter using a firewall. While some firewalls offer virus protection, it is worth the investment to install anti-virus software on each computer. And, even though it is annoying, some spam is going to get through your firewall as long as you accept e-mail.

The level of security you establish will determine how many of these threats can be stopped by your firewall. The highest level of security would be to simply block everything. Obviously that defeats the purpose of having an Internet connection. But a common rule of thumb is to block everything, then begin to select what types of traffic you will allow. You can also restrict traffic that travels through the firewall so that only certain types of information, such as e-mail, can get through. This is a good rule for businesses that have an experienced network administrator that understands what the needs are and knows exactly what traffic to allow through. For most of us, it is probably better to work with the defaults provided by the firewall developer unless there is a specific reason to change it.

One of the best things about a firewall from a security standpoint is that it stops anyone on the outside from logging onto a computer in your private network. While this is a big deal for businesses, most home networks will probably not be threatened in this manner. Still, putting a firewall in place provides some peace of mind.

Read More

Firewall Configuration

Firewalls are customizable. This means that you can add or remove filters based on several conditions. Some of these are:

• IP addresses - Each machine on the Internet is assigned a unique address called an IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a "dotted decimal number." A typical IP address looks like this: 216.27.61.137. For example, if a certain IP address outside the company is reading too many files from a server, the firewall can block all traffic to or from that IP address.


• Domain names - Because it is hard to remember the string of numbers that make up an IP address, and because IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names. For example, it is easier for most of us to remember www.nowiretechnologiess.com than it is to remember 216.27.61.137. A company might block all access to certain domain names, or allow access only to specific domain names.


• Protocols - The protocol is the pre-defined way that someone who wants to use a service talks with that service. The "someone" could be a person, but more often it is a computer program like a Web browser. Protocols are often text, and simply describe how the client and server will have their conversation. The http in the Web's protocol. Some common protocols that you can set firewall filters for include:
  
  
  
  • IP (Internet Protocol) - the main delivery system for information over the Internet
  
  
  • TCP (Transmission Control Protocol) - used to break apart and rebuild information that travels over the Internet
  
  
  • HTTP (Hyper Text Transfer Protocol) - used for Web pages
  
  
  • FTP (File Transfer Protocol) - used to download and upload files
  
  
  • UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video
  
  
  • ICMP (Internet Control Message Protocol) - used by a router to exchange the information with other routers
  
  
  • SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail)
  
  
  • SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer
  
  
  • Telnet - used to perform commands on a remote computer
  
  
  
  A company might set up only one or two machines to handle a specific protocol and ban that protocol on all other machines.


• Ports - Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server (see How Web Servers Work for details). For example, if a server machine is running a Web (HTTP) server and an FTP server, the Web server would typically be available on port 80, and the FTP server would be available on port 21. A company might block port 21 access on all machines but one inside the company.


• Specific words and phrases - This can be anything. The firewall will sniff (search through) each packet of information for an exact match of the text listed in the filter. For example, you could instruct the firewall to block any packet with the word "X-rated" in it. The key here is that it has to be an exact match. The "X-rated" filter would not catch "X rated" (no hyphen). But you can include as many words, phrases and variations of them as you need.

Some operating systems come with a firewall built in. Otherwise, a software firewall can be installed on the computer in your home that has an Internet connection. This computer is considered a gateway because it provides the only point of access between your home network and the Internet.

With a hardware firewall, the firewall unit itself is normally the gateway. A good example is the Linksys Cable/DSL router. It has a built-in Ethernet card and hub. Computers in your home network connect to the router, which in turn is connected to either a cable or DSL modem. You configure the router via a Web-based interface that you reach through the browser on your computer. You can then set any filters or additional information.

Hardware firewalls are incredibly secure and not very expensive. Home versions that include a router, firewall and Ethernet hub for broadband connections can be found for well under $100.

Read More

What Firewall Software Does

A firewall is simply a program or hardware device that filters the information coming through the Internet connection into your private network or computer system. If an incoming packet of information is flagged by the filters, it is not allowed through.

If you have read the article How Web Servers Work, then you know a good bit about how data moves on the Internet, and you can easily see how a firewall helps protect computers inside a large company. Let's say that you work at a company with 500 employees. The company will therefore have hundreds of computers that all have network cards connecting them together. In addition, the company will have one or more connections to the Internet through something like T1 or T3 lines. Without a firewall in place, all of those hundreds of computers are directly accessible to anyone on the Internet. A person who knows what he or she is doing can probe those computers, try to make FTP connections to them, try to make telnet connections to them and so on. If one employee makes a mistake and leaves a security hole, hackers can get to the machine and exploit the hole.

With a firewall in place, the landscape is much different. A company will place a firewall at every connection to the Internet (for example, at every T1 line coming into the company). The firewall can implement security rules. For example, one of the security rules inside the company might be:

Out of the 500 computers inside this company, only one of them is permitted to receive public FTP traffic. Allow FTP connections only to that one computer and prevent them on all others.

A company can set up rules like this for FTP servers, Web servers, Telnet servers and so on. In addition, the company can control how employees connect to Web sites, whether files are allowed to leave the company over the network and so on. A firewall gives a company tremendous control over how people use the network.

Firewalls use one or more of three methods to control traffic flowing in and out of the network:

• Packet filtering - Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.


• Proxy service - Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.


• Stateful inspection - A newer method that doesn't examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Read More

How Firewalls Work

Firewalls have helped protect computers in large companies for years. Now, they're a critical component of home networks, as well. See more computer networking pictures.

If you have been using the Internet for any length of time, and especially if you work at a larger company and browse the Web while you are at work, you have probably heard the term firewall used. For example, you often hear people in companies say things like, "I can't use that site because they won't let it through the firewall."

If you have a fast Internet connection into your home (either a DSL connection or a cable modem), you may have found yourself hearing about firewalls for your home network as well. It turns out that a small home network has many of the same security issues that a large corporate network does. You can use a firewall to protect your home network and family from offensive Web sites and potential hackers.







Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next. As you read through this article, you will learn more about firewalls, how they work and what kinds of threats they can protect you from.

Read More

Backbone of the Internet

In order to handle all the users of even a large private network, millions and millions of traffic packets must be sent at the same time. Some of the largest routers are made by Cisco Systems, Inc., a company that specializes in networking hardware. Cisco's Gigabit Switch Router 12000 series of routers is the sort of equipment that is used on the backbone of the Internet. These routers use the same sort of design as some of the most powerful supercomputers in the world, a design that ties many different processors together with a series of extremely fast switches. The 12000 series uses 200-MHz MIPS R5000 processors, the same type of processor used in the workstations that generate much of the computer animation and special effects used in movies. The largest model in the 12000 series, the 12016, uses a series of switches that can handle up to 320 billion bits of information per second and, when fully loaded with boards, move as many as 60 million packets of data every second. Beyond the computing power of the processors, these routers can handle so much information because they are very highly specialized. Relieved of the burden of displaying 3-D graphics and waiting for mouse input, modern processors and software can cope with amazing amounts of information.







Even with the computing power available in a very large router, how does it know which of the many possibilities for outbound connection a particular packet should take? The answer lies back in the configuration table. The router will scan the destination address and match that IP address against rules in the configuration table. The rules will say that packets in a particular group of addresses (a group that may be large or small, depending on precisely where the router is) should go in a specific direction. Next the router will check the performance of the primary connection in that direction against another set of rules. If the performance of the connection is good enough, the packet is sent, and the next packet handled. If the connection is not performing up to expected parameters, then an alternate is chosen and checked. Finally, a connection will be found with the best performance at a given moment, and the packet will be sent on its way. All of this happens in a tiny fraction of a second, and this activity goes on millions of times a second, around the world, 24 hours every day.

Knowing where and how to send a message is the most important job of a router. Some simple routers do this and nothing more. Other routers add additional functions to the jobs they perform. Rules about where messages from inside a company may be sent and from which companies messages are accepted can be applied to some routers. Others may have rules that help minimize the damage from "denial of service" attacks. The one constant is that modern networks, including the Internet, could not exist without the router.

Read More

Denial of Service Attacks

In the first quarter of 2000, there were several attacks on very popular Web sites. Most of these were "Denial of Service" attacks -- attacks that served to prevent regular readers and customers of the sites from getting a response to their requests. How did someone manage to do this? They did it by flooding the servers, and their attached routers, with requests for information at a rate far too great for the system to handle.

Most routers have rules in the configuration table that won't allow millions of requests from the same sending address. If too many requests from one address are received in a short period of time, the router simply discards them without forwarding. The people responsible for the attacks knew this, so they illicitly planted programs on many different computers. These programs, when triggered, began sending thousands of requests a minute to one or more Web sites. The programs "spoofed" the IP address of the sender, placing a different false IP address on each packet so that the routers' security rules wouldn't be triggered.

When the packet floods were triggered, millions of requests for information began to hit the targeted Web sites. While the servers were being heavily taxed by the requests, the real impact was to the routers just "upstream" from the servers. Suddenly these routers, which were robust but of a size appropriate for normal traffic, were getting the levels of requests normally associated with Internet backbone routers. They couldn't handle the massive number of packets, and began discarding packets and sending status messages to other routers stating that the connection was full. As these messages cascaded through the routers leading to attacked servers, all paths to the servers were clogged, legitimate traffic couldn't get through the logjam, and the attackers' goals were accomplished.

Web content providers and router companies have placed new rules designed to prevent such an attack in the configuration tables, and the companies and universities whose computers were used to launch the attacks have worked to prevent their systems being used maliciously. Whether their defenses, or the new attacks designed by criminals, will prevail remains to be seen.

Read More

Tracing a Message

If you're using a Microsoft Windows-based system, you can see just how many routers are involved in your Internet traffic by using a program you have on your computer. The program is called Traceroute, and that describes what it does -- it traces the route that a packet of information takes to get from your computer to another computer connected to the Internet. To run this program, click on the "MS-DOS Prompt" icon on the "Start" menu. Then, at the "C:\WINDOWS>" prompt, type "tracert www.nowiretechnologies.com". When I did this from my office in Florida, the results looked like this:







The first number shows how many routers are between your computer and the router shown. In this instance, there were a total of 14 routers involved in the process (number 15 is the nowiretechnologies.com Web server). The next three numbers show how long it takes a packet of information to move from your computer to the router shown and back again. Next, in this example, starting with step six, comes the "name" of the router or server. This is something that helps people looking at the list but is of no importance to the routers and computers as they move traffic along the Internet. Finally, you see the Internet Protocol (IP) address of each computer or router. The final picture of this trace route shows that there were 14 routers between the Web server and me and that it took, on average, a little more than 2.5 seconds for information to get from my computer to the server and back again.

You can use Traceroute to see how many routers are between you and any other computer you can name or know the IP address for. It can be interesting to see how many steps are required to get to computers outside your nation. Since I live in the United States, I decided to see how many routers were between my computer and the Web server for the British Broadcasting Corporation. At the C:\WINDOWS> prompt, I typed tracert www.bbc.com. The result was this:







You can see that it took only one more step to reach a Web server on the other side of the Atlantic Ocean than it did to reach a server two states away!

On the next page, we'll go into detail about Denial of Service attacks.

Read More

Understanding the Protocols

The first and most basic job of the router is to know where to send information addressed to your computer. Just as the mail handler on the other side of the country knows enough to keep a birthday card coming toward you without knowing where your house is, most of the routers that forward an e-mail message to you don't know your computer's MAC address, but they know enough to keep the message flowing.

Routers are programmed to understand the most common network protocols. That means they know the format of the addresses, how many bytes are in the basic package of data sent out over the network, and how to make sure all the packages reach their destination and get reassembled. For the routers that are part of the Internet's main "backbone," this means looking at, and moving on, millions of information packages every second. And simply moving the package along to its destination isn't all that a router will do. It's just as important, in today's computerized world, that they keep the message flowing by the best possible route.

In a modern network, every e-mail message is broken up into small pieces. The pieces are sent individually and reassembled when they're received at their final destination. Because the individual pieces of information are called packets and each packet can be sent along a different path, like a train going through a set of switches, this kind of network is called a packet-switched network. It means that you don't have to build a dedicated network between you and your friend on the other side of the country. Your e-mail flows over any one of thousands of different routes to get from one computer to the other.

Depending on the time of day and day of the week, some parts of the huge public packet-switched network may be busier than others. When this happens, the routers that make up this system will communicate with one another so that traffic not bound for the crowded area can be sent by less congested network routes. This lets the network function at full capacity without excessively burdening already-busy areas. You can see, though, how Denial of Service attacks (described in the next section), in which people send millions and millions of messages to a particular server, will affect that server and the routers forwarding message to it. As the messages pile up and pieces of the network become congested, more and more routers send out the message that they're busy, and the entire network with all its users can be affected.

Read More

Logical Addresses

Every piece of equipment that connects to a network, whether an office network or the Internet, has a physical address. This is an address that's unique to the piece of equipment that's actually attached to the network cable. For example, if your desktop computer has a network interface card (NIC) in it, the NIC has a physical address permanently stored in a special memory location. This physical address, which is also called the MAC address (for Media Access Control) has two parts, each 3 bytes long. The first 3 bytes identify the company that made the NIC. The second 3 bytes are the serial number of the NIC itself.

The interesting thing is that your computer can have several logical addresses at the same time. Of course, you're used to having several "logical addresses" bring messages to one physical address. Your mailing address, telephone number (or numbers) and home e-mail address all work to bring messages to you when you're in your house. They are simply used for different types of messages -- different networks, so to speak.

Logical addresses for computer networks work in exactly the same way. You may be using the addressing schemes, or protocols, from several different types of networks simultaneously. If you're connected to the Internet (and if you're reading this, you probably are), then you have an address that's part of the TCP/IP network protocol. If you also have a small network set up to exchange files between several family computers, then you may also be using the Microsoft NetBEUI protocol. If you connect to your company's network from home, then your computer may have an address that follows Novell's IPX/SPX protocol. All of these can coexist on your computer. Since the driver software that allows your computer to communicate with each network uses resources like memory and CPU time, you don't want to load protocols you won't need, but there's no problem with having all the protocols your work requires running at the same time.

On the next page, you’ll learn how to find your computer’s MAC address.

Read More

Knowing Where to Send Data

Routers are one of several types of devices that make up the "plumbing" of a computer network. Hubs, switches and routers all take signals from computers or networks and pass them along to other computers and networks, but a router is the only one of these devices that examines each bundle of data as it passes and makes a decision about exactly where it should go. To make these decisions, routers must first know about two kinds of information: addresses and network structure.

When a friend mails a birthday card to be delivered to you at your house, he probably uses an address that looks something like this:

Umair Zahid
Maple Street
Smalltown, FL 45678

The address has several pieces, each of which helps the people in the postal service move the letter along to your house. The ZIP code can speed the process up; but even without the ZIP code, the card will get to your house as long as your friend includes your state, city and street address. You can think of this address as a logical address because it describes a way someone can get a message to you. This logical address is connected to a physical address that you generally only see when you're buying or selling a piece of property. The survey plot of the land and house, with latitude, longitude or section bearings, gives the legal description, or address, of the property.

Read More

Routing Packets: An Example

Let's take a look at a medium-sized router -- the router we use in the HowStuffWorks office. In our case, the router only has two networks to worry about: The office network, with about 50 computers and devices, and the Internet. The office network connects to the router through an Ethernet connection, specifically a 100 base-T connection (100 base-T means that the connection is 100 megabits per second, and uses a twisted-pair cable like an 8-wire version of the cable that connects your telephone to the wall jack). There are two connections between the router and our ISP (Internet service provider). One is a T-1 connection that supports 1.5 megabits per second. The other is an ISDN line that supports 128 kilobits per second. The configuration table in the router tells it that all out-bound packets are to use the T-1 line, unless it's unavailable for some reason (perhaps a backhoe digs up the cable). If it can't be used, then outbound traffic goes on the ISDN line. This way, the ISDN line is held as "insurance" against a problem with the faster T-1 connection, and no action by a staff member is required to make the switch in case of trouble. The router's configuration table knows what to do.

In addition to routing packets from one point to another, the HowStuffWorks router has rules limiting how computers from outside the network can connect to computers inside the network, how the HowStuffWorks network appears to the outside world, and other security functions. While most companies also have a special piece of hardware or software called a firewall to enforce security, the rules in a router's configuration table are important to keeping a company's (or family's) network secure.

One of the crucial tasks for any router is knowing when a packet of information stays on its local network. For this, it uses a mechanism called a subnet mask. The subnet mask looks like an IP address and usually reads "255.255.255.0." This tells the router that all messages with the sender and receiver having an address sharing the first three groups of numbers are on the same network, and shouldn't be sent out to another network. Here's an example: The computer at address 15.57.31.40 sends a request to the computer at 15.57.31.52. The router, which sees all the packets, matches the first three groups in the address of both sender and receiver (15.57.31), and keeps the packet on the local network. (You'll learn more about how the addresses work in the next section.)

Between the time these words left the Howstuffworks.com server and the time they showed up on your monitor, they passed through several routers (it's impossible to know ahead of time exactly how many "several" might be) that helped them along the way. It's very similar to the process that gets a postal letter from your mailbox to the mailbox of a friend, with routers taking the place of the mail sorters and handlers along the way.

Read More

The Path of a Packet

The routers that make up the main part of the Internet can reconfigure the paths that packets take because they look at the information surrounding the data packet, and they tell each other about line conditions, such as delays in receiving and sending data and traffic on various pieces of the network. Not all routers do so many jobs, however. Routers come in different sizes. For example:

• If you have enabled Internet connection sharing between two Windows 98-based computers, you're using one of the computers (the computer with the Internet connection) as a simple router. In this instance, the router does so little -- simply looking at data to see whether it's intended for one computer or the other -- that it can operate in the background of the system without significantly affecting the other programs you might be running.


• Slightly larger routers, the sort used to connect a small office network to the Internet, will do a bit more. These routers frequently enforce rules concerning security for the office network (trying to secure the network from certain attacks). They handle enough traffic that they're generally stand-alone devices rather than software running on a server.


• The largest routers, those used to handle data at the major traffic points on the Internet, handle millions of data packets every second and work to configure the network most efficiently. These routers are large stand-alone systems that have far more in common with supercomputers than with your office server

Read More

Transmitting Packets

Your browser does not support JavaScript or it is disabled.

When you make a telephone call to someone on the other side of the country, the telephone system establishes a stable circuit between your telephone and the telephone you're calling. The circuit might involve a half dozen or more steps through copper cables, switches, fiber optics, microwaves and satellites, but those steps are established and remain constant for the duration of the call. This circuit approach means that the quality of the line between you and the person you're calling is consistent throughout the call, but a problem with any portion of the circuit -- maybe a tree falls across one of the lines used, or there's a power problem with a switch -- brings your call to an early and abrupt end. When you send an e-mail message with an attachment to the other side of the country, a very different process is used.

Internet data, whether in the form of a Web page, a downloaded file or an e-mail message, travels over a system known as a packet-switching network. In this system, the data in a message or file is broken up into packages about 1,500 bytes long. Each of these packages gets a wrapper that includes information on the sender's address, the receiver's address, the package's place in the entire message, and how the receiving computer can be sure that the package arrived intact. Each data package, called a packet, is then sent off to its destination via the best available route -- a route that might be taken by all the other packets in the message or by none of the other packets in the message. This might seem very complicated compared to the circuit approach used by the telephone system, but in a network designed for data there are two huge advantages to the packet-switching plan.

• The network can balance the load across various pieces of equipment on a millisecond-by-millisecond basis.


• If there is a problem with one piece of equipment in the network while a message is being transferred, packets can be routed around the problem, ensuring the delivery of the entire message.

Read More

Directing Traffic

The router is the only device that sees every message sent by any computer on either of the company's networks. When the animator in our example sends a huge file to another animator, the router looks at the recipient's address and keeps the traffic on the animator's network. When an animator, on the other hand, sends a message to the bookkeeper asking about an expense-account check, then the router sees the recipient's address and forwards the message between the two networks.

One of the tools a router uses to decide where a packet should go is a configuration table. A configuration table is a collection of information, including:

• Information on which connections lead to particular groups of addresses


• Priorities for connections to be used


• Rules for handling both routine and special cases of traffic

A configuration table can be as simple as a half-dozen lines in the smallest routers, but can grow to massive size and complexity in the very large routers that handle the bulk of Internet messages.

A router, then, has two separate but related jobs:

• The router ensures that information doesn't go where it's not needed. This is crucial for keeping large volumes of data from clogging the connections of "innocent bystanders."


• The router makes sure that information does make it to the intended destination.

In performing these two jobs, a router is extremely useful in dealing with two separate computer networks. It joins the two networks, passing information from one to the other and, in some cases, performing translations of various protocols between the two networks. It also protects the networks from one another, preventing the traffic on one from unnecessarily spilling over to the other. As the number of networks attached to one another grows, the configuration table for handling traffic among them grows, and the processing power of the router is increased. Regardless of how many networks are attached, though, the basic operation and function of the router remains the same. Since the Internet is one huge network made up of tens of thousands of smaller networks, its use of routers is an absolute necessity.

Read More

Keeping the Messages Moving

Your browser does not support JavaScript or it is disabled.

When you send e-mail to a friend on the other side of the country, how does the message know to end up on your friend's computer, rather than on one of the millions of other computers in the world? Much of the work to get a message from one computer to another is done by routers, because they're the crucial devices that let messages flow between networks, rather than within networks.

Let's look at what a very simple router might do. Imagine a small company that makes animated 3-D graphics for local television stations. There are 10 employees of the company, each with a computer. Four of the employees are animators, while the rest are in sales, accounting and management. The animators will need to send lots of very large files back and forth to one another as they work on projects. To do this, they'll use a network.

When one animator sends a file to another, the very large file will use up most of the network's capacity, making the network run very slowly for other users. One of the reasons that a single intensive user can affect the entire network stems from the way that Ethernet works. Each information packet sent from a computer is seen by all the other computers on the local network. Each computer then examines the packet and decides whether it was meant for its address. This keeps the basic plan of the network simple, but has performance consequences as the size of the network or level of network activity increases. To keep the animators' work from interfering with that of the folks in the front office, the company sets up two separate networks, one for the animators and one for the rest of the company. A router links the two networks and connects both networks to the Internet

Read More

The Router

Photo courtesy Newstream.com
Fujitsu GeoStream R980 industrial strength router. See Internet connection pictures to see ways to get online.

The Internet is one of the 20th century's greatest communications developments. It allows people around the world to send e-mail to one another in a matter of seconds, and it lets you read, among other things,







We're all used to seeing the various parts of the Internet that come into our homes and offices -- the Web pages, e-mail messages and downloaded files that make the Internet a dynamic and valuable medium. But none of these parts would ever make it to your computer without a piece of the Internet that you've probably never seen. In fact, most people have never stood "face to machine" with the technology most responsible for allowing the Internet to exist at all: the router.

Read More

CSMA/CD

The acronym CSMA/CD signifies carrier-sense multiple access with collision detection and describes how the Ethernet protocol regulates communication among nodes. While the term may seem intimidating, if we break it apart into its component concepts we will see that it describes rules very similar to those that people use in polite conversation. To help illustrate the operation of Ethernet, we will use an analogy of a dinner table conversation.

Let’s represent our Ethernet segment as a dinner table, and let several people engaged in polite conversation at the table represent the nodes. The term multiple access covers what we already discussed above: When one Ethernet station transmits, all the stations on the medium hear the transmission, just as when one person at the table talks, everyone present is able to hear him or her.

Now let's imagine that you are at the table and you have something you would like to say. At the moment, however, I am talking. Since this is a polite conversation, rather than immediately speak up and interrupt, you would wait until I finished talking before making your statement. This is the same concept described in the Ethernet protocol as carrier sense. Before a station transmits, it "listens" to the medium to determine if another station is transmitting. If the medium is quiet, the station recognizes that this is an appropriate time to transmit.

Read More

Ethernet Terminology

Ethernet follows a simple set of rules that govern its basic operation. To better understand these rules, it is important to understand the basics of Ethernet terminology.

• Medium - Ethernet devices attach to a common medium that provides a path along which the electronic signals will travel. Historically, this medium has been coaxial copper cable, but today it is more commonly a twisted pair or fiber optic cabling.


• Segment - We refer to a single shared medium as an Ethernet segment.


• Node - Devices that attach to that segment are stations or nodes.


• Frame - The nodes communicate in short messages called frames, which are variably sized chunks of information.

Frames are analogous to sentences in human language. In English, we have rules for constructing our sentences: We know that each sentence must contain a subject and a predicate. The Ethernet protocol specifies a set of rules for constructing frames. There are explicit minimum and maximum lengths for frames, and a set of required pieces of information that must appear in the frame. Each frame must include, for example, both a destination address and a source address, which identify the recipient and the sender of the message. The address uniquely identifies the node, just as a name identifies a particular person. No two Ethernet devices should ever have the same address.

Read More

Ethernet Basics

Ethernet is a local area technology, with networks traditionally operating within a single building, connecting devices in close proximity. At most, Ethernet devices could have only a few hundred meters of cable between them, making it impractical to connect geographically dispersed locations. Modern advancements have increased these distances considerably, allowing Ethernet networks to span tens of kilometers.

Protocols
In networking, the term protocol refers to a set of rules that govern communications. Protocols are to computers what language is to humans. Since this article is in English, to understand it you must be able to read English. Similarly, for two devices on a network to successfully communicate, they must both understand the same protocols.

Read More

The Ethernet

In 1973, at Xerox Corporation’s Palo Alto Research Center (more commonly known as PARC), researcher Bob Metcalfe designed and tested the first Ethernet network. While working on a way to link Xerox’s "Alto" computer to a printer, Metcalfe developed the physical method of cabling that connected devices on the Ethernet as well as the standards that governed communication on the cable. Ethernet has since become the most popular and most widely deployed network technology in the world. Many of the issues involved with Ethernet are common to many network technologies, and understanding how Ethernet addressed these issues can provide a foundation that will improve your understanding of networking in general.

The Ethernet standard has grown to encompass new technologies as computer networking has matured, but the mechanics of operation for every Ethernet network today stem from Metcalfe’s original design. The original Ethernet described communication over a single cable shared by all devices on the network. Once a device attached to this cable, it had the ability to communicate with any other attached device. This allows the network to expand to accommodate new devices without requiring any modification to those devices already on the network.

Read More

Local Area vs. Wide Area

We can classify network technologies as belonging to one of two basic groups. Local area network (LAN) technologies connect many devices that are relatively close to each other, usually in the same building. The library terminals that display book information would connect over a local area network. Wide area network (WAN) technologies connect a smaller number of devices that can be many kilometers apart. For example, if two libraries at the opposite ends of a city wanted to share their book catalog information, they would most likely make use of a wide area network technology, which could be a dedicated line leased from the local telephone company, intended solely to carry their data.

In comparison to WANs, LANs are faster and more reliable, but improvements in technology continue to blur the line of demarcation. Fiber optic cables have allowed LAN technologies to connect devices tens of kilometers apart, while at the same time greatly improving the speed and reliability of WANs

Read More

Why Network?

Networking allows one computer to send information to and receive information from another. We may not always be aware of the numerous times we access information on computer networks. Certainly the Internet is the most conspicuous example of computer networking, linking millions of computers around the world, but smaller networks play a role in information access on a daily basis. Many public libraries have replaced their card catalogs with computer terminals that allow patrons to search for books far more quickly and easily. Airports have numerous screens displaying information regarding arriving and departing flights. Many retail stores feature specialized computers that handle point-of-sale transactions. In each of these cases, networking allows many different devices in multiple locations to access a shared repository of data.

Before getting into the details of a networking standard like Ethernet, we must first understand some basic terms and classifications that describe and differentiate network technologies -- so let's get started!

Read More

How Ethernet Works

Ethernet is a local area technology connected devices in close proximity. See more internet connection pictures.

In today's b­usiness world, reliable and efficient access to information has become an important asset in the quest to achieve a competitive advantage. File cabinets and mountains of papers have given way to computers that store and manage information electronically. Coworkers thousands of miles apart can share information instantaneously, just as hundreds of workers in a single location can simultaneously review research data maintained online.

Computer networking technologies are the glue that binds these elements together. The public Internet allows businesses around the world to share information with each other and their customers. The global computer network known as the World Wide Web provides services that let consumers buy books, clothes, and even cars online, or auction those same items off when no longer wanted.

Ethernet Medium

Since a signal on the Ethernet medium reaches every attached node, the destination address is critical to identify the intended recipient of the frame.







For example, in the figure above, when computer B transmits to printer C, computers A and D will still receive and examine the frame. However, when a station first receives a frame, it checks the destination address to see if the frame is intended for itself. If it is not, the station discards the frame without even examining its contents.

One interesting thing about Ethernet addressing is the implementation of a broadcast address. A frame with a destination address equal to the broadcast address (simply called a broadcast, for short) is intended for every node on the network, and every node will both receive and process this type of frame

Read More

Building a Wireless Network

Photo courtesy Consumer Guide Products
A wireless router uses an antenna to send signals to wireless devices and a wire to send signals to the Internet.

If you already have several computers networked in your home, you can create a wireless network with a wireless access point. If you have several computers that are not networked, or if you want to replace your Ethernet network, you'll need a wireless router. This is a single unit that contains:

1. A port to connect to your cable or DSL modem


2. A router


3. An Ethernet hub


4. A firewall


5. A wireless access point

A wireless router allows you to use wireless signals or Ethernet cables to connect your computers to one another, to a printer and to the Internet. Most routers provide coverage for about 100 feet (30.5 meters) in all directions, although walls and doors can block the signal. If your home is very large, you can buy inexpensive range extenders or repeaters to increase your router's range.

As with wireless adapters, many routers can use more than one 802.11 standard. 802.11b routers are slightly less expensive, but because the standard is older, they're slower than 802.11a, 802.11g and 802.11n routers. Most people select the 802.11g option for its speed and reliability.

Once you plug in your router, it should start working at its default settings. Most routers let you use a Web interface to change your settings. You can select:

• The name of the network, known as its service set identifier (SSID) -- The default setting is usually the manufacturer's name.


• The channel that the router uses -- Most routers use channel 6 by default. If you live in an apartment and your neighbors are also using channel 6, you may experience interference. Switching to a different channel should eliminate the problem.


• Your router's security options -- Many routers use a standard, publicly available sign-on, so it's a good idea to set your own username and password.

Security is an important part of a home wireless network, as well as public WiFi hotspots. If you set your router to create an open hotspot, anyone who has a wireless card will be able to use your signal. Most people would rather keep strangers out of their network, though. Doing so requires you to take a few security precautions.

It's also important to make sure your security precautions are current. The Wired Equivalency Privacy (WEP) security measure was once the standard for WAN security. The idea behind WEP was to create a wireless security platform that would make any wireless network as secure as a traditional wired network. But hackers discovered vulnerabilities in the WEP approach, and today it's easy to find applications and programs that can compromise a WAN running WEP security.

To keep your network private, you can use one of the following methods:

• WiFi Protected Access (WPA) is a step up from WEP and is now part of the 802.11i wireless network security protocol. It uses temporal key integrity protocol (TKIP) encryption. As with WEP, WPA security involves signing on with a password. Most public hotspots are either open or use WPA or 128-bit WEP technology, though some still use the vulnerable WEP approach.


• Media Access Control (MAC) address filtering is a little different from WEP or WPA. It doesn't use a password to authenticate users -- it uses a computer's physical hardware. Each computer has its own unique MAC address. MAC address filtering allows only machines with specific MAC addresses to access the network. You must specify which addresses are allowed when you set up your router. This method is very secure, but if you buy a new computer or if visitors to your home want to use your network, you'll need to add the new machines' MAC addresses to the list of approved addresses. The system isn't foolproof. A clever hacker can spoof a MAC address -- that is, copy a known MAC address to fool the network that the computer he or she is using belongs on the network.

­Wireless networks are easy and inexpensive to set up, and most routers' Web interfaces are virtually self-explanatory

Read More

WiFi Hotspots

USB wireless adapter and PC wireless card photos courtesy Consumer Guide Products
Wireless adapters can plug into a computer's PC card slot or USB port.

If you want to take advantage of public WiFi hotspots or start a wireless network in your home, the first thing you'll need to do is make sure your computer has the right gear. Most new laptops and many new desktop computers come with built-in wireless transmitters. If your laptop doesn't, you can buy a wireless adapter that plugs into the PC card slot or USB port. Desktop computers can use USB adapters, or you can buy an adapter that plugs into the PCI slot inside the computer's case. Many of these adapters can use more than one 802.11 standard.

Once you've installed your wireless adapter and the drivers that allow it to operate, your computer should be able to automatically discover existing networks. This means that when you turn your computer on in a WiFi hotspot, the computer will inform you that the network exists and ask whether you want to connect to it. If you have an older computer, you may need to use a software program to detect and connect to a wireless network.

Being able to connect to the Internet in public hotspots is extremely convenient. Wireless home networks are convenient as well. They allow you to easily connect multiple computers and to move them from place to place without disconnecting and reconnecting wires. In the next section, we'll look at how to create a wireless network in your home.

Read More

Introduction how to Wifi Works

Computer Networking Image Gallery Wireless networks make it easy to connect to the Internet. See more computer networking pictures.

If you've been in an airport, coffee shop, library or hotel recently, chances are you've been right in the middle of a wireless network. Many people also use wireless networking, also called WiFi or 802.11 networking, to connect their computers at home, and some cities are trying to use the technology to provide free or low-cost Internet access to residents. In the near future, wireless networking may become so widespread that you can access the Internet just about anywhere at any time, without using wires.

Get Connected WiFi Quiz Improve Your Wifi Connection Curiosity Project: Internet Communications Puzzles

WiFi has a lot of advantages. Wireless networks are easy to set up and inexpensive. They're also unobtrusive -- unless you're on the lookout for a place to use your laptop, you may not even notice when you're in a hotspot. In this article, we'll look at the technology that allows information to travel over the air. We'll also review what it takes to create a wireless network in your home.

Read More

What Is WiFi?

What's in a name? You may be wondering why people refer to WiFi as 802.11 networking. The 802.11 designation comes from the IEEE. The IEEE sets standards for a range of technological protocols, and it uses a numbering system to classify these standards.

A wireless network uses radio waves, just like cell phones, televisions and radios do. In fact, communication across a wireless network is a lot like two-way radio communication. Here's what happens:

1. A computer's wireless adapter translates data into a radio signal and transmits it using an antenna.


2. A wireless router receives the signal and decodes it. The router sends the information to the Internet using a physical, wired Ethernet connection.

The process also works in reverse, with the router receiving information from the Internet, translating it into a radio signal and sending it to the computer's wireless adapter.The radios used for WiFi communication are very similar to the radios used for walkie-talkies, cell phones and other devices. They can transmit and receive radio waves, and they can convert 1s and 0s into radio waves and convert the radio waves back into 1s and 0s. But WiFi radios have a few notable differences from other radios:

Other Wireless Networking Standards Another wireless standard with a slightly different number, 802.15, is used for Wireless Personal Area Networks (WPANs). It covers a very short range and is used for Bluetooth technology. WiMax, also known as 802.16, looks to combine the benefits of broadband and wireless. WiMax will provide high-speed wireless Internet over very long distances and will most likely provide access to large areas such as cities.

• They transmit at frequencies of 2.4 GHz or 5 GHz. This frequency is considerably higher than the frequencies used for cell phones, walkie-talkies and televisions. The higher frequency allows the signal to carry more data.


• They use 802.11 networking standards, which come in several flavors:
  
  
  
  • 802.11a transmits at 5 GHz and can move up to 54 megabits of data per second. It also uses orthogonal frequency-division multiplexing (OFDM), a more efficient coding technique that splits that radio signal into several sub-signals before they reach a receiver. This greatly reduces interference.
  
  
  • 802.11b is the slowest and least expensive standard. For a while, its cost made it popular, but now it's becoming less common as faster standards become less expensive. 802.11b transmits in the 2.4 GHz frequency band of the radio spectrum. It can handle up to 11 megabits of data per second, and it uses complementary code keying (CCK) modulation to improve speeds.
  
  
  • 802.11g transmits at 2.4 GHz like 802.11b, but it's a lot faster -- it can handle up to 54 megabits of data per second. 802.11g is faster because it uses the same OFDM coding as 802.11a.
  
  
  • 802.11n is the newest standard that is widely available. This standard significantly improves speed and range. For instance, although 802.11g theoretically moves 54 megabits of data per second, it only achieves real-world speeds of about 24 megabits of data per second because of network congestion. 802.11n, however, reportedly can achieve speeds as high as 140 megabits per second. The standard is currently in draft form -- the Institute of Electrical and Electronics Engineers (IEEE) plans to formally ratify 802.11n by the end of 2009.
  
  
  
  


• Other 802.11 standards focus on specific applications of wireless networks, like wide area networks (WANs) inside vehicles or technology that lets you move from one wireless network to another seamlessly.


• WiFi radios can transmit on any of three frequency bands. Or, they can "frequency hop" rapidly between the different bands. Frequency hopping helps reduce interference and lets multiple devices use the same wireless connection simultaneously.

­As long as they all have wireless adapters, several devices can use one router to connect to the Internet. This connection is convenient, virtually invisible and fairly reliable; however, if the router fails or if too many people try to use high-bandwidth applications at the same time, users can experience interference or lose their connections.

Next, we'll look at how to connect to the Internet from a WiFi hotspot.

Read More