Networking

Networking and network devices

Most homes and companies have a network device and are connected to at least one local area network, or LAN. This section of tech blog will describe some routers, switches and other networking gear you may run into.

The bottom section dives into advanced networking and products you can try to build out more advanced networks.

Home Networks

Routers


Routers provide a network to your home and work network devices like phones, computers and hubs and switches. They usually come from some form of wired or wireless boxes from a ISP or (Internet Service Provider) like Comcast or Google or can be bought in the store or online like Netgear’s. The router itself can be inside a modem provided by the internet provider, or, in bigger form and on a rack/cabinet in a server room or it can be a builtin or separate device from everything, for small space purposes.

Some examples of home or small office wifi routers are:

Netgear R8000
Linksys MR6350 Mesh router
Google Nest
Orbi Mesh

The Basics

PC Network Hardware Setup

Example: how to set up and troubleshoot small network routers to your PC

Setting up a new wired router

1. Power off everything. Unplug the modem from your computer

2. Power on the router and plug in the computer network cable to the WAN port on the back of the router and the Internet WAN port on the modem.

3. Plug the computer or laptop to another port on the router (blue cable in the pic). Turn on the devices and your computer. Wait for all lights to turn on or stop blinking yellow or red.

Find the documentation that came with the router to get the admin username and password.

On the laptop or desktop go to the routers interface from your browser:

Finish the device setup and set a secure password for the admin user.
Test the device. Open a website like google.com to see if it connects to the internet.

Networks talk to computers and other network devices with protocols, tables and data. A basic computer network will use network addresses, device addresses and routing to setup, send, receive and transfer data to and from devices on the network, and to other networks. The data that is sent is called packets. Some networks/routers will keep track of the data in what are called frames. A frame handles segmented data that is travelling through networks.

To have 2 or more computer devices talk to each other, you need them to be routable. Routing involves setting up tables in the router that can be used by the computer device and the network router. It can lookup this data to find out if the computers are on the same network, to find what data protocols are trying to come in and out and the permissions of ports (interfaces both hardware and software that connect net and computer devices together) and will define these connections. Think of a port as the sending or arrival point of the data. When a port is open, it allows connection and certain data to stream in and out.

All of these are controlled by the routing device. Once your computers get connection, they talk to it and it will assign what is needed to both the computer and its network drivers and the routing engine in the router.

Networking Terminology

Network Protocol – A “protocol” that can help define a way to transport data, define a network device or network, define rules for accepting packets of data and transmitting or routing it across other networks.

LAN – A small, private network. Stands for: Local Area Network.
WAN – Wide Area Network. The Internet.
WAP – Wireless Access Point.
WLAN – Wireless Radio based LAN network.
VLAN – A Virtual LAN that can group devices together and control what networks, routes and data can go into and out of it’s LAN.

Firewall – A boundary or wall that limits network traffic into a smaller network or LAN.

Ethernet – a 10 wire cable, plug, and interface on the back of computing devices for networking using twisted series of color wires.

Fiber – A type of network cable and connector which has within it fiber glass material and sometimes optical transmitters and receivers that need to match, that can send and receive high speed laser pulse connection data that internet companies use to connect you at speeds of over 1GBPS to larger highspeed networks

IP Address – A series of 4 numbers separated by 3 dots, called octets. Example: 192.168.1.1
This combination helps catalog your computers internet protocol address among others so that the router and other devices on the network know where/what it is (typically defined dynamically and in sub/smaller networks) so online devices can route net data in and out correctly.

MAC-ID – MAC stands for Media Access Control. MAC-ID’s are hardware ID’s or addresses that are Hex numbers that are assigned to each network device to identify and track them on a larger network in routers and routing tables.

Network Gateway: Net Gateways help routers and computers determine where to route traffic in LAN and Internet networks. At least 1 default gateway is needed on most modern computers and network devices to allow them to connect to Internet and each other. A device on a gateway can communicate with another very quickly without he help of a router or middle route between, and speed up connection and transfer of data.

Packet – Binary and ascII data and information within a network route that’s contained in a network segment, frame or IP block that’s travelling to and from devices on the network.

DHCP – Is “Dynamic Host Configuration Protocol”. This helps computing devices automatically setup the host’s IP addressing and can look up and use a unique IP address and set it in the system, based on the router or networks DHCP server rules.

DNS – Stands for “Domain Name System”. The protocol connects computers together using internet naming registrations and the IP addresses of computers so that when other connections try to reach them, they are found. Typically, computers can have more than one source for a DNS address.

Edge – A network device that connects to a wider network and typically one or more LAN networks. It can provide Internet level firewall at the Internet edge of a network to define a barrier or wall that no traffic but what is authorized can be let in.

Endpoint – A network ending point can be a device or computer where traffic is sent and ends up at the end of it’s defined routes.

Bridge – A network term used to describe connecting or bridging traffic to one or more networks together that are governed by device name, MAC ID, IP, Gateway Mask and Routes. Some computers determine a bridge as a description at the computer interface end, other devices rely on routers, switches and switching topology, and IP protocols to determine what bridges are available for traffic to traverse across. You can typically define them in the linux and windows settings or in a router’s settings. Some are labeled: br-0 br-1 etc.

Now, a bit more advanced discussion.

Troubleshoot a network / network device

In order to work, your device has to use either a Dynamic or Static IP address. When your computer device is brand new, it will use DHCP or “dynamic host control protocol” first to get it to talk with others.

For internet connections, usually your ISP or internet provider will give you the information to set into your router and modem to connect them.

Initially, your device is not connected to the internet. To do this, it would need a internet service and WAN IP, as well as a setting called DNS inserted to the router that it connects to. Most internet provider companies will ship your device with this already inserted. If not, contact them to get the correct values.

In Windows, you can check all this with control panel in the Network center under network device connection settings. Each device should let you change the adapter settings. Then select the device, and right click it. Select properties, and IPv4, properties button (see below). All devices on your network need this IPv4 address to work. In Linux or Mac, you can also click the network connections from finder or Network app and select the device from the dropdowns and side menus and check it’s properties. If the computer does not get a IPv4 assignment, it will not work. Check the connections and settings are correct in your computer until this works correctly.

Windows Examples:
DHCP IP:

Static IP:

Firewalls and security

Most modern PC’s have built in firewalls. These are OS or Soft firewalls. They can control what programs and devices have access to which networks and what goes through them. Some examples are: email outlook app, firefox or chrome browser, network file explorer etc.

When setting up a new computer, check that it’s firewall is on. This can be done in network security settings in control panel and in the network firewall manager on linux systems. On macs, this is in the network contol.

If setting up a new PC, or one without antivirus, install the latest version and updates. For windows, update defender. Since windows computers are most vulnerable to hackers and viruses, make sure you also install a trusted antivirus like malwarebytes, webroot or Avast free edition.

Go to the security blog page for more information

Network types

To function correctly, a computer or device must have correct settings for each type of network it talks on.

LAN – Local Area Network.
A local area network is one that can work independent of the internet. In this way, computers and devices are “Firewalled” from the WAN or internet. This provides better security and connections from outside the LAN are not allowed inside.

WAN – Wide Area Network.
A wider area network, is one that many routers, switches and computers connect to. They typically allow browsers and computers to freely connect from any location, even outside of a home or office. Phones, laptops, smart TV’s and other devices all use a WAN to connect to the internet. Again, the information to connect to a internet WAN is given to you by your ISP company. To use a WAN, you need a modem or internet gateway

WAN IP – If you need your device to communicate over the internet to others, it needs a WAN IP. These can be had from your ISP. Ask them if the service can provide you a single or range of WANIP, depending on your needs. Smaller home routers can not take multiple WAN IP’s normally. Check with the hardware provider of your device for it’s capabilities first. These should be also available in your DNS connection, also provided by the ISP.

Network Gateway – Allows all devices to go to the same network
A network has to have one or more primary gateways to function. This in combination with an IP address, tells the network traffic where to go on the network. The router, computer and any switches in between, all use this to communicate to each other. The gateway is typically in between a WAN modem and a LAN computer and acts as the middle gate to direct network traffic and packets. The typical gateway is located on a LAN device like a modem or router and is programmed into a computer or device in it’s network settings.

Example:

To fully work, the gateway network also must use a thing called a network mask and a subnetwork.

Network Mask – A mask of bits that specifies to the device to use its own subnet or to which sub network it will connect to

Subnet – A sub network that is a part of a larger network but does not communicate directly with it. Through proper net routing, specifying a proper gateway and masking, network traffic can flow through and to the sub network and its hosts.

VPN ( IPsec / PPTP )

VPN’s are Virtual Private Networks that you can use to Mask your home and work networks behind a tunnel. This network tunnel uses network masking technologies to hide it’s data and IP information from prying eyes. Normal traffic on a WAN can be intercepted and packet sniffed to determine it’s uncompressed, insecure data. In VPN tunnels the data does not route like normal packet data. Instead a Point to Point data stream is established that is encrypted at both ends. Without the encryption key on both ends, you can not get at this data. Once you connect your PC or computer to the other end of the tunnel (this is usually a server or firewall-router device), you can start to receive the data just like you were connected to the other network physically.

Types of VPN clients

Microsoft software PPTP VPN client (point to point tunnel protocol)
SSL VPN and IPSec VPN with VPN client (Hardware and software based VPN)
Gateway to Gateway IPSec IKE 2 phase tunnel (hardware based)
IPSec to Endpoint VPN (tunnel from device to computer)
L2TP VPN (Layer2 tunnelling protocol)

Network Topology

Big advanced networks have layers and topology. These allow a flow of your data and connections in and out of networks more efficiently.

Virtual LAN’s are setup not at the computer level, but in the network switches and router. VLAN’s can help you partition and segment a large network into smaller groups of networks. VLAN’s connect physical devices together in a group, and allow you to limit what is allowed in and out. Do not confuse VLAN with a Virtual Network Adapter or Virtual IP. Those are all for VM’s and not related to physical devices in a VLAN.

Layer types

A network and it’s computers typically use layers of a stack to help communicate to each other. They are Application, Presentation, Session, Transport, Network, Data Link, and Physical layers. These layers help computers and networked devices by defining how to and what responses should be had after setting up each protocol, to help communicate across networks.

Components and Architectural considerations

Components of larger networks can be added to create corporate, backbone or core networks. These are the fastest inter-connect involved. They are typically 40Gig or faster, meaning the transfer rate is over 1G, if you are already familiar with Internet networks. These can route large data packets across very blasingly fast, and offer immediate transfer. In setting up this, it’s always best to have full-redundancy and plan to have 2 or 3 core fast switches at the center. From here, plan out the rest. Get fast edge firewall devices, again 2 devices minimum to have highly available redundancy.

When rack mounting devices in a server room or datacenter, use color codings and simple, visible wire routing for ethernet. For switched setups, use same colors for all network related wires. If you have the option, use shortest distance wires for the fastest most critical connections (IE. those that connect redundency and internet ports). Do not try to splice your own ethernet wires for production. Use tested, well produced products that have not been tampered with.

Don’t use cheap connectors and cables. Find the fastest and best for the money. Make sure they are all compatible with your devices. If the network serves your core business, this is the most critical budgeting and networking components and so the quality and speed should be maximum.

everything else under these can be minimal or upgradable. Plan to use core components that are always online, and automatically provisioned and upgraded.

Business Network Devices

Ubiquiti Unifi

Ubiquiti networks is a manufacturer of wifi devices. They have a wifi device family called Unifi, and the Unifi platforms. These wifi devices can work in tandem with security cameras and access points to enable wifi cellphones, laptops or just about any wifi device to connect wirelessly to your LAN or WAN.
They can also pair together if you have more than one and create a “mesh” network that helps increase wifi coverage and throughput. Some Ubiquiti devices have an admin dashboard (web pages) that can let you control what devices can and can’t get onto your wifi.

Cisco Network and IOS Devices

Cisco Systems provides fast smart switch devices for business networks. Cisco routers and switches are so good in quality they can last years and modern incarnations can update themselves. These are high speed rack mounted boxes that have blinking lights and ethernet ports on the front, with wifi and hardwired ethernet that can connect to larger network boxes, really fast. You can also set these up to connect computers and servers to what’s called a VLAN or Virtual LAN that can control what network data goes where at your work, school or home.
The latest “Meraki” models of these can connect to a smart phone and be controlled wirelessly and have built in AI to help route data and programs on the network.

Aruba or HPE network devices

Aruba networks owned by HP (HPE), a smaller company that makes wireless control smart switches and devices that can help shape wifi bandwidth and speed. Their switches are boxes that look similar to Cisco’s and Dell’s. They have many graphs and some bandwidth and connection tools are controlled by AI, that can let you and your company be the master of control. They can allow VLAN traffic, dictate which switch is master, enable/disable wireless hubs and other devices or by rules to allow a change of route depending on bandwith. Turn on and off device functionality easily with their web based interfaces.

Dell networks devices

Dell / SonicWall offers very fast smart switches and firewall devices for no-nonsense workhorse needed environments. These can be found in government datacenters, smaller corporate server rooms and the most tech savvy tech university campuses. SonicWall is the firewall division of Dell networks. Dell’s line of smart switches perform well and are easier to manage on average than most competitors. I like how dell adds a layer of simplicity to complex 40gig link pairing and switching tech. They are mostly com port accessible, but lately their web accessible interfaces have been improving. You can’t get much better for the buck. They are the lower priced alternatives to Cisco and HP, yet they are blindingly fast and fairly reliable. When I worked with them, I rarely had a bricked (or crashed) unit.

Last update – 10/12/2023 from Orem, Utah