The magazine of the Melbourne PC User Group An Introduction to TCP/IP Mike Chambers

Underlying the Internet, eCommerce, mobile computing, supply chain integration and many other innovations of our networked age is a venerable protocol that enables millions of computers across the planet to interoperate. It's the glue that loosely holds the Internet together. It's called TCP/IP, the Transmission Control Protocol/Internet Protocol.

Innovations in network devices and their configuration have created a world in which many (perhaps most) of us can build a small network without really understanding anything about TCP/IP. While TCP/IP is a topic around which entire books have been developed, let's touch on the essentials needed to understand a home or small workgroup network.

Background

TCP/IP has its roots in 1973 as a project of DARPA, the U.S. Defense Advanced Research Projects Agency. At that time a number of scientific and academic institutions were conducting research related to various defence projects. The advent of minicomputers meant that increasingly scientists were storing both data and analysis in electronic form and in many cases multiple minicomputers in a facility were connected by "point to point" or "multi point" networks. (These networks often consisted of little more than a cable connecting the two computers together, or in some cases, computers connected one to another by a series of cables.) However no facility existed for connecting the networks of one facility to the networks of other facilities conducting research.
 
Moreover, the architecture used by point to point networks was very sensitive to configuration changes, computer failures, and communication line problems. Thus DARPA set out to create a standard for connecting networks that was "robust". Robustness meant that devices could be added to or removed from the network without informing other computers on the network and that information could be moved on the network in spite of communication line failures (up to a point).

TCP/IP developed as a standard for how computers sharing a network could be identified and how information could be routed between them efficiently and robustly. Although TCP/IP is referred to as "a protocol" it is actually a collection of more than 100 protocols that support our modern networks.

As networks of computers became more pervasive in the 1970s and 1980s, the same issues that faced academia now faced the business world. While many businesses had internal networks that connected their computer systems, they needed a means of interconnecting their networks in multiple locations and even allowing people and businesses outside their own to connect in a controlled way. TCP/IP provided the foundation for this "internetworking" and the "Internet" was born.
 
PC Networking Fundamentals

It's a long way from rocket science research to Web surfing and chat. Let's focus in on the basic elements of TCP/IP networking that affect PC configuration and operation on a network.

MAC Address

Media Access Control. Every network adapter has been assigned a unique address identifier by its manufacturer. These addresses are in the form of six 8-bit values, commonly seen as a hexadecimal string like 00-40-ca-56-7e-3f. The high order portions of the MAC address can be used to identify the manufacturer and the lower order portion is somewhat akin to a unique serial number within the manufacturer's product line. The IEEE acts as the registration authority for these numbers, and they provide a search tool (see Figure 1) for looking up the manufacturer associated with a given card http://standards.ieee.org/regauth/oui/index.shtml.
 

In a limited sense, it is possible to move information from a source computer to a target computer using the MAC address. However doing so would be tremendously inconvenient, especially as computers change, network cards get replaced and so on. So TCP/IP requires that communication to each adapter occur via a logical address, the IP Address.

IP Address

By analogy, think of this as a telephone number. Your physical connection to the telephone company's network is via a phone cable that cascades into larger trunks that terminate in a central office. Each element of that physical hierarchy is labelled. So hypothetically, you might be addressed (dialled) by specifying the exact path that the wire takes to reach your phone. However, that would make things incredibly complex for those who didn't know where you were located. So instead the phone company assigns you a logical address, a telephone number, which is mapped to a physical connection, your phone line.
 
Similarly, every network adapter (or NIC) on a TCP/IP network must be assigned an IP address that can be used to route information. (My PC happens to have two NICs, and so my computer has two IP addresses on my network.) The IP Address is a 32-bit binary value, but it is typically expressed in "dotted decimal" form as 4 decimal numbers in the range of zero to 255. Table 1 shows a 32-bit binary IP address mapped to the dotted decimal format at 192.168.0.1.
 

DNS

Domain Name System. Having a phone number is great as long as everyone who needs to call you knows your number and you know the number of every person or business that you need to call. Neither telephones nor computer networks are quite so simple. We have phone books, directory assistance, and Web based directories so that we can look up a name and map it to the phone number.

In your Web browser address line you could type: http://203.12.152.19 and that would connect you to the Melbourne PC User Group Web site. But how many Web addresses could you remember in this fashion? And how would you keep up with the address changes as people and businesses changed Internet providers? The standards for DNS have created a distributed, hierarchical model for keeping up with mapping IP Addresses. Just as phone books enable us to look up the number by using a name, the Domain Name System enables us to locate an IP Address using a domain name like "melbpc.org.au".

So as we configure a PC on our network, we need to provide the IP address of a server that is a part of the domain name system so that our browsers and e-mail programs can direct communications using names rather than IP addresses. The DNS server addresses are typically provided to us by our network administrator or our Internet service provider.
 
Gateway Address

If we want our computers to communicate outside our own local network, we have to provide the address of a gateway. In the early conceptualisation, the gateway was itself a computer system that had an interface to the local network and an interface to another network - most often via a modem telephone line. Today most gateways are routers, dedicated function devices that connect computers on a local network to another network.
 
Subnet Mask

One limitation of IP networks is that any computer can begin talking at any time. When two computers talk at the same time a collision occurs and both must stop talking and wait for a somewhat random period of time before talking again. Thus, the higher the incidence of collisions on a network, the lower its throughput efficiency. As the number of active nodes on a network increases, so does the likelihood of collisions. So fairly early on, network architects realised that a means was needed to logically divide a network in some way.

Consider this analogy. One thousand students in an auditorium can make quite a bit of noise. But if the same space is divided into 50 classrooms, discussions can continue at the same pace with much less confusion.

Subnets do the same thing for IP networks. By grouping related client computers, servers, and printers into a subnet, their "local traffic" can be isolated from creating noise pollution on the broader network. But to make this work we need a means of defining which devices belong to which subnet. Network architects were given this ability by using a portion of the IP address to identify a "network" and a portion to identify the "host" or computer within that network. So a subnet mask of 255.255.255.0 indicates that the first 24 bits of the IP address will identify the network while the last 8 bits identify a host. Network switches can then be used to segment traffic to keep local traffic local, while forwarding non-local traffic outside the subnet.
 
Network Configuration Management

If you are working on a small home network, management of your network configuration is probably not a big issue because your configuration rarely changes (although mobile computing is challenging this situation). Consider the problem of a corporate headquarters with several hundred resident employees and hundreds of other visiting employees from other locations. How do we get and keep everybody connected on the network every day when the computers involved are always changing? Shouldn't there be a way for some computer program to keep up with assigning the right addresses?

DHCP

Dynamic Host Configuration Protocol was created to do just that. DHCP enables network administrators to define rules for how a pool of IP addresses can be dynamically assigned on a network in a way that the user does not need to worry about resetting the IP Address, the DNS Server Addresses, the Gateway address or the Subnet Mask.

In Microsoft Windows, DHCP is used when you specify that IP addresses (and DNS addresses) should be obtained automatically. When a computer configured in this way is turned on (or the network connection is reset), a broadcast message is sent by the computer requesting that a DHCP host (see Figure 4) assigns a dynamic address. This address then becomes the PC's IP address.
 

One of the great advances in home networking has been the inclusion of DHCP host protocol on "residential gateways". These devices take a single broadband network connection (and thus a single IP address provided by the ISP), and through a feature called NAT (Network Address Translation) they enable it to be shared by multiple computers. Since each computer on the "local network" (and in fact each NIC in each computer) must have its own unique IP address, these devices set up a local pool of addresses (often in the range of 192.168.nnn.nnn) that are assigned by DHCP on the gateway. To the outside world the gateway appears as a single IP address assigned by the ISP (manually or more commonly by their DHCP host). NAT takes care of translating the packets from a single ISP IP Address into the appropriate addresses to deliver the packets to right NIC on a local network.
 

So with DHCP and NAT, configuring a small home network is frequently as simple as configuring the network connection to obtain an IP address automatically, and connecting a network cable from the NIC to the residential gateway.
 
Internet Connection Sharing

One of the more confusing aspects of installing a new Windows XP system in a home network environment are the "tools" Microsoft has provided to make life easier. When ICS began its life in Microsoft R&D, we lived in a mostly dial-up Internet world and families were beginning to use multiple PCs that needed simultaneous access to the Internet. Thus, Microsoft began developing Internet Connection Sharing to provide a built-in means of having one computer connected to the Internet via dial up and others "share that connection" via a small, local network.

If you are using a broadband service and a number of computers, Internet Connection Sharing is not needed and should not be configured. Instead, a residential gateway should be used to provide local Ethernet connectivity to all the PCs, assigning configuration data via DHCP and NAT. The gateway provides the Internet connection sharing.

However, if you are still using a dial-up Internet connection, ICS is a viable way of getting multiple PCs concurrent Internet access. Configuring ICS is beyond the scope of a TCP/IP tutorial; however, check the resources table at the end of this article for some helpful sites.
 

Hub

The cable from the NIC must connect to a device that links multiple computers together on the local network. The simplest of these devices is an Ethernet hub (see Figures 6 and 7). These can provide multiple RJ45 connections for multiple NICs and they create a transparent connection. A hub does not perform any traffic control or store/forward functions. The vast majority of Ethernet hubs in operation today are 10 Mbit/s hubs, meaning that they were designed for Ethernet connections running at 10 million bits per second. Newer hubs run at 100 Mbit/s and often newer hubs are "auto-sensing," meaning that they will connect both 10 Mbit/s NICs and 100 Mbit/s NICs.
 

Switch

A switch is very similar to a hub, but is somewhat more sophisticated. Rather than being transparent the switch examines the destination address of packets in transmission and forwards them to the correct port.

Thus a switch reduces network chatter and collisions, improving network throughput efficiency on busy networks. Like hubs, switches come in 10 and 100 Mbit/s varieties (see Figure 8) and often support autosensing. Both switches and hubs are typically zero configuration devices. You power them on, connect your NICs and they do the job they are designed to do. At one time, switches were significantly more expensive than hubs. Today however there is little to no difference in price and the switch is a better choice.
 

Router

A router is a device that interconnects two networks. In a home setting, the router connects your networked home computers to the network connection provided by your ISP (see Figure 9) . Although routers are most commonly dedicated function devices, the routing operation can be provided by a computer with two network cards (or even a network card and a serial modem in the case of dial-up sharing). A router requires some configuration, and most come with a Web based interface so that a PC connected to one of its RJ45 ports can configure and control the device with a Web browser by entering in the device's default LAN address (often http://192.168.0.1 but the value varies by manufacturer). The typical home network configuration will require some level of configuration for both networks and router interfaces: the local area network or "LAN" side and the ISP's network or "WAN" side (Wide Area Network).
 

Residential Gateway

This is a specialised form of router that has grown up around the home broadband networking industry. These devices often combine the functions of a router with the functions of a switch, but add local DHCP and NAT so that the gateway can auto-configure IP information for DHCP clients in your home network. The latest of these devices also include a wireless access point, so that with one device you can connect 4 wired network computers via a 10/100 switch and (potentially) 250 wireless devices.
 

A Forward Looking Home Network Schematic

Recently some friends began planning a home remodeling project and asked for some suggestions for a broadband home network architecture. The diagram in Figure 11 below details a conceptual design.
 

Although Gigabit switches and NICs are more expensive, Dave is an avid digital photographer and videographer, so high data traffic in the local network nudged us toward an eight port Gigabit switch and two new Gigabit NICs for his desktop and laptop. Meanwhile, Susan, Sally and Andrew will keep the 100 Mbit/s NICs already available in their systems. They may upgrade to Gbit/s NICs later on.

By the time they begin the remodelling effort, we may find that the industry has combined an auto-sensing 8-port Gigabit switch with the broadband router/gateway functions. Open ports have been reserved for a future NAS (Network Attached Storage) device that the entire family could share and for a Wireless Access Point. A final port has been reserved for a high speed drop to the entertainment centre where future music and digital video devices may be interfaced to the network.
 
Although Gigabit technology has a lot of capacity given other throughput limits today, those limits are changing. By early 2006 we will be seeing new desktops in the 10 GHz processor speed range. Cable modem industry execs are already discussing movement of US networks from 10 Mbit/s to 50 Mbit/s in the next 24 months. These changes make it likely that home networks of the future will use Gbit/s levels of connectivity.

10 Mbit/s, 100 Mbit/s and Gigabit Technology?

There is an interesting range of views about how much network bandwidth makes sense in a home scenario. DSL and Cable modem connections generally have uplinks based on 10 Mbit/s and the vast majority of home broad band throughput is much slower. Why then would it make sense to implement 100 Mbit/s or Gigabit technology in a home network? I think the question has to be addressed in two parts.
 
10 Mbit/s vs. 100 Mbit/s

Today there is practically no difference in cost of 10 and 100 Mbit/s NICs, hubs, switches, routers and gateways. Thus there is little reason to not deploy the faster technology (unless the cabling is unable to support the higher speed reliably.) Bear in mind that increasingly, home networking is becoming more than just a PC talking to the Internet. When I collaborate with my children on projects, I routinely move files to their "Shared Folders" directory (a standard feature of Windows XP). My son who happens to have the newest and best equipped PC in the house, has a DVD writer.

So when I backed up my 4 GB digital photo archive, I skipped writing 8 CD-Rs and instead shared my archive folder and burned a single DVD over the 100 Mbit/s network. That process took about 25 minutes and would have taken hours on a 10 Mbit/s network. Increasingly, new consumer devices are appearing with the network in mind. Several competitors of the Apple iPod MP3 player allow their devices to be connected by a 10/100Mbit/s Ethernet connection. At 4-5 MB per file, the faster network connection makes a lot of sense.

100 Mbit/s vs. Gigabit

Gigabit technology is the latest speed standard. It is still costly when compared to 100 Mbit/s, but not so much more costly that it isn't worth considering. When counting the cost, remember that most NICs will have to be replaced with Gigabit equivalents to take advantage of the higher throughput. Additionally remember that throughput is limited by the slowest part of the process. Many computers today are incapable of receiving or sending data at the full 100 Mbit/s level, let alone speeds measured in Gbit/s.
 
Planning for the Future

In the not too distant future, I believe we will see more devices for the home market appear with network interfaces as the standard. Moreover, network attached storage is making its way into the consumer market. Soon you may be plugging into your network an external disk drive with 250 - 500 GB of storage capacity, rather than having to decide which PC to put it into. The higher the speed at which computers can talk to storage and to other high data volume devices, the more practical this will become.

Common TCP/IP Services

Since the TCP/IP protocol defines relatively low level communication services between computers on a network, a wide range of services can be deployed on top of that protocol. Here is a short listing of "common" services enabled by TCP/IP
 

SMTP: Simple Message Transfer Protocol. A robust protocol for sending e-mail from a client across a TCP/IP network.
 
TFTP: Tiny FTP. A highly simplified FTP protocol often embedded in configurable network devices (like broadband modems).
 
SNMP: Simple Network Management Protocol. A protocol for reporting and managing devices on a network. Network Management tools (for example Tivoli) rely on SNMP to identify and manage devices on a network.

NNTP: Network News Transfer Protocol. Used to transfer USENET news postings to a local news reader.
 

About the Author
Mike Chambers, mike@mikechambers.com is an IT specialist. He focuses on emerging technologies and the way they impact our lives and our work.

Reprinted from the March 2004 issue of PC Update, the magazine of Melbourne PC User Group, Australia

[ About Melbourne PC User Group ]