Everything you ever wanted to know about setting up a home Network or a single PC on a Digital or DSL cable. Copywrite 2008 by G. Mike Raymond - K5HUM ABOUT DSL (skip if you know all about DSL) Fast DSL Modems are now overtaking the use of the slower analog dialup modems (those with top speed limits of only 56K). An advantage to DSL is that it requires no additional phone line, meaning it can piggyback over your existing phone line. The bandwidth or speed you get vi DSL is limited by A) what tier speed you are paying for, and more importantly, B) if paying for the fastest speed, the cable distance between your phone and the telephone switch providing the service. Generally any distance beyond 18,000 cable feet makes DSL too lossy. Another DSL hassle is the requirement to isolate all your existing telephones with a low pass filter in series with the phone's cable (typically installed at the cable's end before it plugs into a modular jack on a wall). This can be somewhat problematic in cases where wall phones are installed but it is not insurmountable problem. CAVEAT: Any phone without a filter will break the DSL modems connection if the phone is taken off hook. Some newer DSL modems also have built in firewalls and DHCP servers. More on this later. Another problem with the newer DSL modems is that they now contain rudimentary firewalls that are enabled by default. Fortunately these modems can be set to "IP Pass through" or "DMZ" to disable the feature and allow port filtering farther downstream in your system. ABOUT DIGITAL MODEMS Digital Cable has none of the DSL cable length disadvantages and typically is available over your existing TV Cable Service. Formerly digital bandwidth was constricted as more users on a local neighborhood node went online. In some older area this might still be a limitation. The newer networks being built today no longer have this limitation. Most modern DSL or Digital Modems offer either Ethernet or USB output. Deciding how to interface your modem to your PC is mostly a matter of choice assuming your PC can accommodate either. I prefer Ethernet which requires your PC to have a NIC or Network Interface Card. Most new PC's typically come with a suitable NIC pre installed. If you go with the USB method you will need to install drivers (typically supplied with the modem) but driver installation is an additional aggravation. The USB drivers essentially provide a software substitute for a hardware NIC. CONNECTING A SINGLE WINDOWS PC TO A DIGITAL MODEM No matter whether you are using DSL or a digital coax for internet service, the following PC setup is required for a single PC to Net setup. The newer Windows operating systems are set by defauly to "Obtain the IP and DNS address automatically" from the modem on powerup. This is the required setting in a single PC setup for either dial up, DSL or Digital cable. Just navigate to the "Properties" of the TCP/IP protocol to check the current settings. This insures that your PC's IP address will be the same as the IP your ISP DHCP server provides after you connect. If your modem is a DSL type, connecting to a USB port, its best to install the drivers "before" plugging in the DSL modem. Remember, most modern DSL Modems have a rudimentary, built in firewall (NAT) that can be turned off (they are usually ON by default). These built in firewalls can be disabled (DMZ'ed or Port Forwarding enabled) by accessing their setup menus. You access this setup menu using your Web Browser. The Modem (and most routers) have a built in "configuration" web server. The IP address to access either the modem or routers web configuration server is provided in the appropriate hardware manual. Typically this IP is "192.168.0.1". More details on this later. SETTING UP MULTIPLE PC's ON A LAN (HOME NETWORK) Let's assume you have a working PC connected to a digital modem (either DSL or cable) and a working Internet Connection. Now you want to share your Internet service with other PC's in your home or office. This is done by adding a Router in-between your modem and your PC's. The digital modem connects to the Router (using a CAT5 cable with a male modular plug on each end) and a similar cable between the router's node ports and the NIC's on each PC to be used on your LAN. Complete technical details on routers can be found at the end of this white paper. CONNECTING multiple PC's to a ROUTER in a LAN There are two ways each PC in a LAN can operate with a Router to establish an IP address (that is, poll the routers DHCP server for a non routable IP address) that will be used to communicate between the PC and Router. 1) The PC's NIC or driver can dynamically acquire a non routable IP address within the range available from the router; or, 2) each PC's NIC can be set to use a static (or fixed) network IP within the routers operating range. The recommended method is the latter. However it requires knowing a bit of information about your router. Specifically you need to know the Routers range of non routable IP addresses permitted (like 192.168.123.100 thru 250), the SubNet Mask (usually 255.255.255.0) the router's gateway address and the routers DNS server address (typically the same as the gateway address). OR, sometimes you can improve the time it takes for your Browser to resolve domain names by using other, faster, more reliable Internet Providers primary and secondary DNS server IP's Each method has some advantages and disadvantages depending on your equipment and operation. Example, the first method also allows you to simultaneous access your dial up modem and make a secondary TCP/IP connection. ABOUT NON ROUTABLE IP ADDRESSES Non routable IP addresses (special numerical ranges of the 4 byte dot quads) are used for security reasons on LAN's because they cannot leave the LAN and traverse the big network routers and backbones used by the Internet itself. One such range example is 192.168.123.1 thru 192.168.123.253 Since there are hundreds of models of Routers out there, I cannot possibly cover all their various configuration settings. Accordingly, I will now explain a technique to avoid most router configuration hell and get up and running quickly. TAKING ADVANTAGE OF DMZ, PORT FORWARDING OR TRIGGERING By putting your router (or modem in a single non LAN PC setup) into DMZ or Port Forwarding mode, you stop the device from blocking packet traffic on incoming (or outgoing) ports. If you go this route, good security practices makes it IMPERATIVE and necessary to use a reputable software firewall on every PC's you are exposing to the Internet. I recommend the free version of ZoneAlarm. If you use ZoneAlarm, set it for Medium (visible) rather than High (stealth) internet security mode. There is practically NO added protection from dedicated hackers by having ZoneAlarm in Stealth mode. Additionally, if using ZoneAlarm and you are running Windows XP, you should disable XP's built in Firewall through TCP/IP's properties. The biggest advantage of the using a good software firewall is the rather seamless and automated fashion it will handle even the most complicated client - server port forwarding requirements. Most Routers allow placing one (1) of the LAN nodes into DMZ mode. DMZ causes the router to blocks nothing (incoming or outgoing) to that one node only. If you also want to run a client/SERVER application that is installed on your DMZ'ed PC, on one of your other LAN PC's, you can do it using Port Forwarding. The only caveat is if you run the program on the PC the ports are forwarded to, you cannot simultaneously run it on the DMZ'ed PC. To run the App on the DMZed PC you need to disable forwarding on the other node. Fortunately this is easy with most modern routers. Port Forwarding on a Router is (sometimes referred to as tunneling) is somewhat similar to DMZ except you specify precisely what Ports/Protocol and what LAN node to allow this incoming and outgoing traffic on. The limitation of Port Forwarding is no two nodes on the LAN can be using the same forwarded incoming ports (see paragraph above). Therefore you cannot run client/servers using the same ports on two or more PCs on your LAN. Remember, DSL Modems that have rudimentary firewalls are typically ON by default, blocking all incoming, but you can enable ALL Port Forwarding which is about the same as using DMZ on a router node. In addition to port forwarding, if your desire is to be able to run PopNote (or any other client/server application) from ALL of your LAN PCs, (but again, NOT at the same time) you can also utilize Port Triggering if its available on your Router. Port Triggering monitors what PC sent out a request on what port and attempts to route "a reply" back to that originating PC. The big disadvantage to Port Triggering is you cannot receive a call as with Port Forwarding, but only receive "AFTER" originating an outgoing call. GENERIC ROUTER INFORMATION A generic modern home Router contains three internal devices. A NAT, a Switch, and a HUB. The NAT (Network Address Translator) also doubles as a sort of hardware firewall. A HUB is just a number of modular hardware cable jacks. The SWITCH multiplexes the packet traffic (divides the signal) across all the HUB's jacks. The NAT (Firewall) accounts for 99% of all headaches experienced by users trying to run popular client and server software that requires special non standard ports to handle its communication. More on this later. Routers are typically designed for business use where a LAN Administrator can control what packet traffic will be allowed to (and from) each terminal. Example, who on the LAN gets WEB access (port 80), FTP (port 21), etc. This is generally an un-necessary operation (and a headache) for home LAN's where you are typically sharing all the Internet connectivity with your mate. A Router will typically allow up to 4, 6, 8 or more PC's (or other devices) to be connected to it. This connectivity is a function of the price you pay. These connections are called Nodes. Some routers have a special node used for daisy chaining even more routers or devices such as a wireless modem. Some routers have a built in wireless node (transceiver) aside from the usual features. Note: There are special security issues when using wireless devices that are beyond the scope of this article. My advice: keep everything as simple as possible. NOTES and CAVEATS Most ISP's provide dynamic WAN IP addresses. Meaning the WAN address can change at the ISP's whim. This is typically referred to as IP leasing. This can be a problem for users wishing to use peer to peer clients that communicate directly (PC to PC over the Internet) that depend on static IP addresses. Of course you can pay more and get a non changing or static IP address. Another work around is to obtain a FREE (verbose) sub domain address like ARC.HOMEIP.NET The www.dyndns.org group offers them (so does www.no-ip.com). To make use of this kind of service, your PC needs to be running a DNS/IP updater utility that contacts the specific DNS servers with your new IP should it ever change. Now, if you type in a users sub domain address, you no longer need to know his current IP as the URL (sub domain address) will first be resolved and return the users current IP so you can communicate. My own small (free) IP updating utility can be found at: http://arc.tzo.com/ham/dnsup.zip OR another at: http://www.palacio-cristal.com/products/DeeEnEs/ General rules still apply. Unless your ISP provides you more than one WAN IP address, you cannot have two terminals on the same LAN both using the same client/ports to communicate with at the same time. Here is my personal treasure trove of useful diagnostic web sites. Find your IP on the web: http://checkip.dyndns.org/ Test for open ports: https://www.grc.com/x/ne.dll?bh0bkyd2 Speed (bandwidth) tests: http://www.bandwidthplace.com/speedtest/ http://www.speakeasy.net/speedtest/ http://performance.toast.net/ Log into a web server remotely (using a proxy) http://www.the-cloak.com/login-accept DSL info: http://www.dslreports.com/scan Router port forward info: http://www.portforward.com TallyHo, Mike - K5HUM