[dba-Tech] Modems

Drew Wutka dbatech at wolfwares.com
Tue Aug 19 19:52:57 CDT 2003 

Steve, you asked, so I'm gonna learn ya!

Okay, first of all, to begin this course, we need to understand the ways of
the Internet (or GoreNet as you put it.)

Way back in the old days, you had modems that talked to each other.  When
they talked, the main protocol in use was the speed protocol, so the modems
knew how fast to listen.  However, the internet needed to be a LOT smarter
then your typical BBS, and a LOT dumber at the same time.  The primary
concern of the Internet is to get the information from point A, to point B,
with as little hassle as possible.  Back in the BBS days, the issue was more
about line noise, then routing, because most BBSers were directly calling
their BBS, so the BBS knew exactly where to send the information.

Thus, TCP/IP was put into effect.  TCP/IP is the Internet Protocol layer.
(Transfer Control Protocol/Internet Protocol).  There's a lot of internal
protocols involved, but there are two key processes you must understand.
First, Information/Data is split up into packets.  A packet is just like a
package you send through the post office.  It has a TO and FROM, and has
something in it.  However, when talking about internet communications (or
TCP/IP network communications on a LAN), instead of a data file being one
package, it is split up into a bunch of smaller packets.  Each packet is
received (or asked to be resent), and then reassembled on the other side.
This makes for much smoother communication since if a packet gets lost in
the shuffle, it is simply resent, instead of scratching the whole process.

The next concept is the IP Address.  The IP Address is a 4 byte number (32
bits), which is the Unique ID each computer has when using the internet.
The IP Address is you phone number on the internet.  An example would be
192.168.0.1 .  The far left number is like the area code, and the far right
number is the more specific.  (ie, when a computer reads the IP Address, it
looks at the 192 number, and then narrows it further with 168, then 0, then
1.).  Now, the dumb part of the internet, is that it does really care what
it's sending.  It only looks at where the information is supposed to go.

Okay, I am going to go through how a computer would pull up a website, step
by step, and I'll explain, along the way, on what processes are involved.

Okay, let's start with your computer turned off.  To begin with, you will
probably notice (if you look), that as long as the power is plugged into
your computer, that your NIC lights are on (Network card).  This is because
a NIC's communicate on a very basic level (just like Modems did, where you
might transfer a file with the XModem protocol, but the modems themselves
are talking with 56k Flex).  In todays world, NICs usually use the Ethernet
protocol.  (One older protocol was called Token Ring).  The Ethernet
protocol has it's own identification system, which uses your NIC's MAC
Address.  When you connect your NIC to a hub/switch/router, or even another
NIC, they actually talk to each other using the MAC addresses.  So let's
say, for this example, that you have your machine plugged into an 8 port
switch.  While your machine is off (but there is still power), the 8 port
switch has internally noted that port X (where you are plugged into), is MAC
Address xyz (MAC addresses are pretty long....just using xyz for an
example).

Now, let's turn on your machine.  While windows boots, and it creates it's
network connections, it needs to assign the NIC an IP Address.  There are
two ways to do this.  The first is to manually set the IP Address.  (Thus
the information would be stored in the registry.).  The second and more
common approach is to use DHCP.  Dynamic Host Configuration Protocol.  The
way DHCP works, is when the NIC needs an IP Address, it sends out a
broadcast message asking for an IP Address.  When it does this, it sends the
message out it's Cat-5 cable, the 8 port switch gets the packet(s) and says,
oh, this is a broadcast message, and it sends it out on every other port.
This flies all over the LAN.  (Packets are encoded with a TTL setting, (Time
To Live) which tell switches and routers if it should keep sending it, or
let it die....that prevents lost packets from bouncing around forever).  Now
don't panic, broadcast packets (like DHCP requests) do not pass through
routers.

Need a quick router explaination.  A switch and a hub are just like a
manifold in a fluid system.  Fluid can come and go from and to many
directions.  A router is like a dual manifold, where you have two separate
fluid systems that need to cross connect once in a while, but still maintain
their separateness.  A router will usually have several 'switch like ports',
where you can plug several computers of the same LAN into, then one or more
ports that go out to another network.  These individual networks are called
subnets.  (Will explain a little more later.)

So, a DHCP or another broadcast message will only go out across that
machines 'subnet'....any routers on the subnet will only pass the packets
along the inside ports.

If there is a machine on the subnet that is listening for DHCP packets, it
will respond, by returning data back to the requestor, which will include
whatever settings the DHCP server has been setup with.  There are TONS of
settings, but here's the gist.  First it will hand out an IP address (to the
requesting computer), it gets this from it's list of available IP Addresses.
You can have 'reserved' IP Addresses which are handed out based upon the
machines MAC Address.  (This allows the stability of a static IP Address
with the flexibility of having a DHCP server), it also hands out DNS
settings, Gateway and subnet settings (these will all be discussed), and it
can go even further to hand out mail server settings, domain controller
settings, etc.

Now we have an IP Address.  To make an IP Address work with TCP/IP, you need
two other settings, which I already mentioned.  Gateway, and Subnet.  These
are EXTREMELY important.

Subnet, this is a term previously mentioned.  The best way to describe a
subnet, is to look at a city's zoning diagram.  That's what a subnet is.
It's a computer 'zone'.  Here's how the subnet works.  It looks like an IP
address, but it is really a bit mask.  If there is a 1, then the bits have
to match, if there is a 0, then the bits don't have to match.

For example, if your IP Address is 192.168.0.1, and your subnet is
255.255.255.0, then the computers on your subnet are 192.168.0.0 through
192.168.0.255.  That is because 255 is a byte with all of the bits turned
on, so the first three quads have to be an exact match.  A 0 is a byte with
all 0's, so the last number can be anything.

However, if you have an IP Address of 192.168.0.1 and your subnet is
255.255.255.254, then only 192.168.0.0 and 192.168.0.1 are in your subnet.
Same IP with a subnet of 255.255.255.252 allows for .0,.1,.2,.3 for the last
quad.

So, what gives with the subnet, so it's a grouping, how does it affect my
network.  TCP/IP is setup for two levels of communication, and this is where
most 'tutorials' either get way to technical, or they completely gloss over
this.  You have local subnet communication, and then you have router
communication.  A subnet is built with switches and hubs.  Hubs usually
aren't smart.  They get a packet, and send it to every port it has active.
A switch actually directs 'traffic' a little better.  It will build a NAT
table (Network Address Translation).  What a NAT table stores is information
on where to direct specific IP Addresses.  If the address is on the switch,
it sends it right to that port, if it's not on that switch, it will send it
to other switches, and will actually learn what address are on other
switches, so in the future it can send it to the right switch.  This is why
initial communication on a switch may be a little sluggish, but once
everything has been connected for a while, communication is very swift.  A
router is like a JOIN between to sets of NAT tables.  This is where your
Gateway setting comes into play.  The Gateway is the Router on your subnet,
that you want to use when you want to go somewhere that's not on your
subnet.  So, let's say you have an IP of 192.168.0.2, your gateway is
192.168.0.1, and your subnet is 255.255.255.252.  You want to get to
192.168.0.3.  The gateway is not bothered at all, because you know that
192.168.0.3 is on your subnet, and it's up to your switches and hubs to find
the right machine.  If you want to go to 192.168.0.100, then the packet is
immediately sent to the gateway (192.168.0.1), since you know that
192.168.0.100 is not on your subnet.  The packet the gateway(router) gets,
says it's from 192.168.0.2, and is going to 192.168.0.100.  The
gateway/router then looks at it's NAT tables.  (A router sits between two
subnets, but it can have multiple routers on either end, to pass packets on
even further)  If the gateway/router sees 192.168.0.100 on it's other
subnet, it passes the data to it, if not, it passes it to the other routers
on that subnet.  And the process continues.

Okay, hope I haven't lost anyone yet.  We are now running our OS, but before
we go on, just a quick note.  For all the above to happen, you have to have
TCP/IP bound to a NIC.  TCP/IP is one of many network protocols.  There are
other network protocols such as IPX/SPX and NETBEUI.  These protocols can be
used on a LAN, but only TCP/IP will work on the Internet.  When you look at
your network settings (through the control panel, you should see what
protocols are bound to what.  If you use a modem (dialup), you'll see the
Dial-up Adapter.  The Dial-up adapter acts like a virtual NIC, so that when
you dial-up to the interent, DUN (Dialup networking) pretends it's a NIC, so
that your OS, and all of your software don't have to worry about talking to
a modem, they just 'think' the modem is a NIC.  Anyways, make sure that each
NIC/adapter has the TCP/IP protocol bound to it.

Now we are going to try to connect to a web page.  We have an IP address of
192.168.0.3, a gateway of 192.168.0.1, and a subnet of 255.255.255.0.  (This
is how Internet Connection Sharing sets things up....192.168.0.1 is the
adapter which will communicate with the adapter that actually sees the
internet, turning that machine into a virtual router.).  Now, I'm sure
someone may have already asked themselves, 'Hey Drew said you only need the
subnet and Gateway settings...what about DNS?'.  You do not need a DNS
server to communication on the internet.  DNS servers are the phone books of
the internet.  Switches, routers and hubs don't care about Yahoo.com, they
care about 66.218.71.198.  The DNS setting is only put there for us humans,
who remember words better then numbers.

So, we open up Internet Explorer, and type in Yahoo.com.  Here's what
happens.  First, IE is going to resolve Yahoo.com to an IP Address (which is
currently 66.218.71.198).  It is then going to request information from that
IP Address.  So how does it request this.  Okay, here we get a little more
involved.  Ever notice that you can hit a website, an FTP server, an email
server, and all sorts of other communication dependant services off of the
same machine?  Well that is because TCP/IP has another layer to it, other
then the IP Address.  Yes, an IP Address will get you to the right machine,
but that doesn't do anything, you need to deliver it to the right place on
the machine.  Thus you have TCP/IP ports.  There are 64k ports, the first
thousand or so are already 'predefined' for specific purposes.  For example,
web requests are 80 or 8080, SMTP (Simple Mail Transport Protocol (what you
use to send mail)) is 25, POP3 (Post Office Protocol 3, what you use to get
email) is 110, port 13 is designated as a Time Protocol port (the atomic
clock servers listen to port 13 for time requests, etc.  So, Internet
Explorer just assumes you are asking for port 80, so it sends bunch of
packets out to 66.218.71.198, from 192.168.0.3, going to port 80.  Well,
that's not on your subnet, so they get sent to the gateway.  The gateway
then does two things.  First, it changes the return address to itself (not
192.168.0.1, but the IP Address it has on it's other subnet), and then
internally marks it to be rerouted back to 192.168.0.3 when it comes back.
And off your packets go, from router to router, until it finds
66.218.71.198.  Those packets are then returned, and your TCP/IP stack then
determines which is the best 'route' to take, in order to send your data
(based on how many stops and how fast the packets returned).  Then your
packet is sent to the correct port on 66.218.71.198.  Yahoo's web server
gets the request on port 80, and says 'aha', you want a webpage, but you
didn't ask for anything specific, so I'm going to hand you my default page.
It then sends the data back to the ICS (Internet Connection Sharing) NIC
(which has a valid Internet IP Address), which in turn routes them back to
you, at 192.168.0.3.

Whalla, you have now downloaded a web page, and you should understand the
basic concepts used to do this.

Now let's get into some of the more interesting twists.

We know that we use a DNS server to resolve Yahoo.com, but how do we resolve
MyComputerA or MyComputerB.  Now we are talking about the bane of most home
networkers.  If there is not a DNS server, or WINS server on the local
network (WINS is Windows Internet Naming Server, and it acts much like a DNS
server, but it is only used on a local LAN, not the internet), then the
computers on your network have to use computer browsing.  Computer browsing
is a very goofy system of trying to share the phonebook responsibility.
Essentially, all the computer on a network hold an election (not kidding),
and decide which computer is going to be the Master Browser.  The master
browser then keeps the official list of who is where and has what IP
address.  However, if the Master Browser is turned off, then another
computer gets elected.  Guess what, when the original Master Browser comes
back up, it is going to fight the new one.  As you can guess, this process
is pretty hairy, and can result in the complete demise of your LAN!
<evilgrin>

Most home networkers get around this by using host files, which are local
files that tell each machine what the IP Addresses of the other machines on
their networks are.  Host files work, however, they are not dynamic.  If a
change is required, you're going to have to reboot.

Something else that is frequently overlooked is the workgroup or DNS suffix.
The DNS suffix is what is used when you query for a computer name, but not a
domain.  For example, yahoo.com is a domain.  MyComputer is NOT a domain,
it's a computer name, so when the DNS server querries for MyComputer, it is
going to attach the default suffix to it.  So if you have ComputerA with a
default suffix of mshome.net, and ComputerB with sbc.com, what will happen
when you try to ping ComputerB from ComputerA, is ComputerA will search for
ComputerB.mshome.net, which doesn't exist.  Now, if you look for
ComputerB.sbc.com, then you'll find that, since you are specifying the DNS
suffix.

Trouble shooting steps.  Your best friend is the ping utility.  It is going
to tell you lots of stuff.  However, first, you need to know what your
settings are.  On 9x operatings systems, you go Start-->Run-->winipcfg and
that will give you your IP Address info (Address, subnet, gateway, DNS
servers, etc.).  You will need to make sure you have the right Adapter
selected though (because it will usually default to an internal adapter that
you really won't care about.).  Don't assume you have an IP Address
correctly assigned either.  IP addresses starting with 169 are usually card
assigned, which means the NIC couldn't find a DHCP server, so it gave itself
it's own IP Address.  If you have the physical connections made correctly,
yet you can't get a DHCP address for a particular computer, try manually
setting the address, rebooting, then set it back to dynamic(DHCP) and reboot
again.  I have seen some 98 machines get a subnet of 255.255.0.0 for some
reason, which is a subnet with 64k addresses.  What happens is it tries to
broadcast the DHCP request across that many addresses, (starting at the
top), and it dies out (due to the TTL) before it hits the actual DHCP
server.  Setting the subnet manually to 255.255.255.0 will usually fix that.
Not sure why it gets stuck like that.  (It may be a setting on one of our
switches).

Once you have a valid IP Address from DHCP (or set manually), make sure you
can ping local machines.  That establishes your network connection is
working.  Then try to ping external Addresses.  For example:

C:\>ping yahoo.com

should result in something like this:

Pinging yahoo.com [66.218.71.198] with 32 bytes of data:

Reply from 66.218.71.198: bytes=32 time=110ms TTL=243
Reply from 66.218.71.198: bytes=32 time=110ms TTL=243
Reply from 66.218.71.198: bytes=32 time=111ms TTL=243
Reply from 66.218.71.198: bytes=32 time=50ms TTL=243

Ping statistics for 66.218.71.198:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 50ms, Maximum =  111ms, Average =  95ms

Notice that after 'Pinging yahoo.com', you get an IP Address in brackets.
This tells you that the DNS server you have set your settings for is
working.  If it doesn't resolve the name, then you need to get your DNS
settings corrected.  Next, you get replies.  Don't sweat it if the replies
time out.  Most sites block ping returns.  Yahoo usually doesn't, so that's
a good way to determine if you are getting through or not.

Now, if you are running W2k or XP, pinging really just tells you if you are
resolving through DNS, however, if you are using 9x, try a few pings, and
see if you get sporadic returns.  You're Winsock .dll's may be corrupt,
you'll probably want to replace them.

That's your Internet Tutorial from Drew!  <grin>

Personally, I recommend that if you have the money, invest in a small
machine, put Windows 2000 server on it, and setup an actual Active Directory
Domain, with WINS, DHCP, and DNS running on it.  It will probably cost ya
about $1500, or so (for the OS and machine....) but you'll have an instant
plug in and go setup.  I have this setup at home, I have drives
automatically mapped when I log in, I can plug a computer into my network
and they have immediate internet access, and I can access my network from
that new machine too (with a login prompt).  I can't tell you how nice it is
to have a print server, because while I'm printing documents, the
printserver is bogged down, not my desktop.  Not too mention the ability to
always be able to 'see' other machines on the network.  My Dad has a
slapshod home network with XP, 98, and W2k.  He constantly has problems with
sharing drives, connecting to the internet, etc.  I get him fixed up, then
he changes something, and it all goes in the can again!

Hope everyone get's a good read from this!

Drew
----- Original Message -----
From: "Steven W. Erbach" <serbach at new.rr.com>
To: <dba-Tech at databaseadvisors.com>
Sent: Monday, August 18, 2003 6:52 AM
Subject: [dba-Tech] Modems


> Dear Group,
>

More information about the dba-Tech mailing list