Network


Setting up a network is fairly easy these days. Each of your computers needs a network card (NIC), you need a centralized hub or switch, and with the proper tweaking of your computer's network settings, you're off to the races. 

What I'll discuss here is more the setup of your network.

I'll make the great assumption that the cabling you use will be Category 5 cable (Cat 5) with the RJ45 jacks that look like phone jacks but have 8 wires instead of 2 or 4 wires. The reason this type of cabling is clearly the best way to go is because almost every type of network card out there has the jack for this cable. Also, this cable allows you to reach faster speeds than normal coax cable. Also, with cat5 cabling, you can have each computer connect to a central hub so that if one of the computers goes down, the other computers can stay online. The old coax cable linked one computer to another in a circle so that if at any point in the circle there was a break, every computer went down. The cat5 cabling method with a centralized hub is in a spoke wheel configuration. If one spoke breaks, the other computers can remain connected to the network.

10baseT or 100baseT?
With the price of hardware the way it is today, I cannot think of a good reason to go with 10baseT. 10baseT gives you a theoretically maximal transfer rate of 1.25 megabytes per second. 100baseT alternatively is rated 12.5 megabytes per second although I have yet to see a network hit that speed. 3-5 Megs per seconds is a much more realistic number. If you're going to be transferring large files from computer to computer, the speed difference is very noticeable. If you're going to be just surfing the web, you won't see any difference at all. Get 100baseT, it cost only a little bit more and makes life on the LAN less of a headache when it comes time to upload/download files from your server. Trust me.

Another reason you'll want a fast network (100baseT) is that you'll probably double up your webserver as a file server or print server. My webserver acts as a file server that is only accessible from the LAN side, not from the Internet or WAN side. I have a directory that has all the install files, programs, even complete copies of CD-ROMs that I've copied onto the hard disk. I do this so when I build a new computer, I can simply install all my programs and drivers off the network instead of looking for dozens of floppy disk and CD-ROMs with drivers and programs. It saves a lot of time! I also make back ups of important files and documents from my own personal computer onto the file server.

Which network card is the best?
We wondered the same thing so we did some tests and came up with some interesting answers.  Check it out: Network Adapter Testing.

What's the difference between a hub and a switch?
 

Hubs Switches
Half Duplex Mode:
Send OR receive data to or from a node
Full Duplex Mode:
Send AND receive data to or from
a node at the same time
Shared Bandwidth:
All users share the hub's bandwidth
Dedicated Bandwidth:
Each user enjoys dedicated bandwidth without sharing with other users
Broadcasts Data Packets:
Sends data to all nodes until
it finds the right address
Address Storing Feature:
Recalls data packet's destination 
and sends it there directly

As you can see, there are many advantages to switches over hubs, however, switches are usually twice as expensive as hubs.  If you can afford it, get a switch.   Otherwise, a hub should be fine.

Network Cables - Straight or Crossover?
There are two major types of Ethernet network cables, "straight through" (also known as regular) and "crossover" cables.  In most situations, you will use straight through cables for most of your network needs, however there are a few instances where you need crossover cables.  The most likely time you will need a crossover cable is when you connect two computers together without going through a hub.  In the typical situation where you DO use a hub, the hub "crosses" the wires internally.  What a crossover cable does is put the "cross" inside the cable itself so you don't need a hub, hence the name crossover cable.  Unfortunately, this may not be the only time you use a crossover cable.  There are special situations that require crossover cables such as with certain DSL/Cable modems, or when connecting several hubs together.  Here is a small guide for your cabling enjoyment. By the way, "hub" in this table broadly includes network switches as well.  Also, "NIC" stands for "Network Interface Card" which I'm sure you already knew!
 

Network Cable Connection Table
NIC to NIC:
  • NIC to NIC - Crossover Cable
  • NIC to Hub - Straight (regular) Cable
  • NIC to Uplink - Crossover Cable
Hub to Hub:
  • Hub (regular) to Hub (regular) - Crossover Cable
  • Hub (regular) to Hub (Uplink) - Straight (regular) Cable
DSL/Cable Modem to Uplink port on a DSL/Cable Router (WAN port):
If your Modem came with a Straight Cable:
  • Modem to NIC - Straight (regular) Cable
  • Modem to Hub - Crossover Cable
  • Modem to Uplink - Straight (regular) Cable 
If your Modem came with a Crossover Cable:
  • Modem to NIC - Crossover Cable
  • Modem to Hub - Straight (regular) Cable
  • Modem to Uplink - Crossover Cable

Static, Dynamic, and Mixed Static/Dynamic LAN IP addresses.
Note: Here, we are talking about internal (LAN) IP addresses, not external (WAN) IP addresses.  The WAN IP address is the one that your DSL/Cable provider gives you.  The LAN IP addresses are ones that exist on your local network and are not accessible from the Internet unless you enable port forwarding or DMZ (demilitarized zone) on your router.  Clear?  Look at this diagram if you're still confused.

Static (LAN) IP addresses
In this type of network, you must manually configure each computer's network settings.  This is okay if you have a small network but can become very tedious if you have several computers.  This type of network is good for networks that don't change very often.  A webserver MUST have a static LAN IP so that the router can know exactly which IP address the webserver is at.  Here is a diagram of what this type of network looks like.

Dynamic (LAN) IP addresses
In a dynamic IP network, your computers will get their IP numbers from the DHCP server.  This makes life really easy because you don't have to configure each computer's network settings, you simply tell the computer to get the network settings from the DHCP server.  This type of network is good if you are constantly adding or removing computers.  It's good for workstations that don't care what their internal LAN IP's are.  It's also good for networks with many computers. Heck, it's a good type of network no matter how small your network is.

Mixed (LAN) Static/Dynamic IP addresses
To run a webserver behind a router, you must assign the server a static IP number so that it never changes.  This way, the router can forward web/ftp/email requests to the proper computer each time.  Otherwise, if you gave the server a dynamic LAN IP address, the IP number could change and then your router wouldn't know where to send the web/ftp/email requests.

However, having a dynamic LAN IP's for the rest of the workstations is still desirable because of all the advantages we listed above.  This is why it's called a mixed static/dynamic IP LAN.  We get the best of both worlds (Static for the server, dynamic for the rest of the workstations)  The workstations are dynamically assigned IP numbers by a DHCP server (usually the router).  You must set the DHCP router to start assigning IP numbers AFTER the IP number of the static IP numbers you assign.  For example, if you assigned your server 192.168.1.20, then you must tell your DHCP server to start assigning IP numbers at 192.168.1.21 and beyond.  Here is a diagram of what this type of network looks like.

Which IP numbers can I use inside my LAN?
Theoretically, you can select any IP number you want, but technically, LAN IP addresses should stay within these ranges: 

  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.31.255.255
  • 192.168.0.0 to 192.168.255.255
By staying within these ranges, you'll make life a lot easier for yourself if you start asking for help since people will know that you're talking about LAN IP numbers and not WAN IP numbers.  Currently it seems like the most popular LAN side IP numbers all begin with 192.168.xxx.xxx.  (Not to say that you have to follow the crowd =)

Network Bondage:
Network bondage refers to the binding of network protocols (TCP/IP, IPX, Netbeui)  to particular services such as "File and Printer Sharing".  In order to make networking easier, Microsoft by default binds every protocol to every service.  This makes things easier for the average user, but creates huge security holes that allow anybody with some network knowledge to potentially have full access to your computer.  Do you want to share your hard disk with the whole Internet?  I didn't think so, but there are tons of people out there that have their computers wide open for the taking.  The solution?  Only bind the protocols to the services that need them.

This is a huge problem for people who have their computers directly connected to a Cable or DSL modem, but even if you have a home DSL/Cable router, you're still vulnerable.  I can't do justice to the subject, but there is a great article out there that will explain everything you wanted to know about network bondage and how to secure your network.  Network Bondage Article at GRC.com

Monitor your network:
Want to know what's going on with your network?  There is a free Windows utility called FREEping which is designed to monitor your network (or any IP number in the world for that matter).  I recommended this utility in the DNS section because it also works great at keeping your DSL/Cable connection alive and preventing your IP number from changing by pinging an IP number or domain name at an interval that you specify.  This was not what this utility was designed for, but it works great at that job.

From your LAN, this utility can monitor several computers on your network by constantly pinging them to see if there is any network failure or if a particular computer is down.  Don't forget to ping an outside IP address just to maintain activity on your network as well.

However, this utility is also great from outside your network.  For example, if you happen to be at work, you can install this utility on your computer and have it ping your DSL or Cable IP number.  You can see if your webserver is up.  This utility also has a feature where it can pop up a message to warn you when that your IP number becomes unreachable which means that either your DSL/Cable connection went bad or your server went down.  Good information to have.

Here's a little trick that I picked up for Windows NT and 2000.  Most of the time when you are not using your server I assume that you log out of your computer so that it is inaccessible from grubby little hands.  However, if you have a program that is not designed to run as a service, the program will shut down when you log out which is a big problem.  The trick that I found was to hit "Control, Alt, Del", then select "Lock Computer" which will basically log you out.  The difference between 1. logging out of your computer and 2. locking your computer is that authorized users can still log into 1. while for 2. only there person who locked the computer or an authorized administrator can unlock it.  Since I now use FREEping, which isn't designed to run as a service, I can't log out of my server but I can still lock it for an additional measure of safety.
 



Router

Additional Information
Step by Step: In-house articles: Resources: Utilities:
  • FREEping - Free utility to monitor your network.  Pings an IP number or domain name at an interval you specify to keep your connection and IP number alive.  For Windows.