User`s guide
4 billion computers directly connected to the Internet. Fortunately there are
things called routers which allow you to connect multiple computers on a LAN
(local area network) to a single IP address on the internet. Each computer on the
LAN has its own IP address, but in order to communicate with computers on the
internet the computer has to connect to the LAN’s router, called a gateway first.
In addition to allowing multiple computers to connect to the internet using one
global Internet IP address, routers also provide a level of security. Each computer
in the LAN has a private IP address. This address typically starts with 10. or
192.168. IP addresses that start with these numbers are called non-routable IP
addresses and used exclusively in LAN’s. If your computer has an address
starting with one of these numbers then it cannot be accessed from the Internet
without using special tools like VPN (virtual private networking) or a virus. Since
your computer isn’t visible from the outside, it is somewhat protected by the
router. The most common security problem occurs when you get a virus. This
virus runs on your computer and announces to the world (or at least the virus
author) “Here I am!” and creates a link from the inside, much as you would when
you access a web site.
Now, how does your computer know when to look for an IP address that is on the
LAN, for example, a printer, or local file server, and when to go to the gateway
router to access an external computer? This is where the subnet comes in. The
subnet tells your computer which computers are directly accessible and which
computers are only accessible through the gateway. In general, subnets are
specified as 255.255.255.0 or 255.255.0.0 or 255.0.0.0. In the first case, the
subnet includes all addresses with the same first three numbers. So, 192.168.1.1
and 192.168.1.2 would be on the same subnet, but 192.168.2.1 would not and in
order to access that address, your computer would have to ask the gateway,
which would have to somehow have access to that subnet as well, presumably by
having a subnet of 255.255.0.0, which includes all addresses with the same first
two numbers. There are other combinations that don’t include 255, but this gets
much more complicated to figure out and are pretty rare. Typically, in small
LAN’s you will have a single subnet, but if you are in a large corporation, you may
have multiple subnets for different parts of your company. This allows each part
to secure their own network and control their resources. If you are in this
situation, you almost certainly have IT people and should talk to them before
putting anything on the LAN.
Finally, on top of the IP layer there is the TCP/UDP layer. TCP and UDP are two
different methods for data transmission. TCP is what is called a guaranteed
delivery protocol. This means that if you send a packet over TCP to a device, the
Ethernet layers below will keep trying to deliver that packet until it is delivered or
a timeout period occurs. If it is not delivered, then the sending computer is
notified and can take appropriate action. This is the most common method. UDP
is a broadcast protocol. With UDP, the packet is sent without regard to whether it
is received or not. UDP is often used to find out what devices are connected to a
subnet. So, for example, a piece of software could send a UDP command to every
IP address on the local subnet that tells the device to send a response. Then, it
can simply wait for responses and find out who is actually connected.
As mentioned before, just to complicate things, in addition to the IP address,
there are ports on each address. The port is like a communications channel.
Each IP address has 65535 ports available. Some of these ports are used for
common things. For example, HTTP, the protocol used to get web pages, uses
port 80. Most ports are picked arbitrarily by various software packages or