Microcomputer Services

Home Networking: Wired & Wireless

Understanding this Document
If you encounter terminology in this document that you aren't familiar with, see the glossary at the bottom.

Overview
It's possible to purchase a single device for less than $100 which enables you to transparently share your network connection between multiple wired and wireless computers. This document discusses some of the issues involved and includes a practical guide for setting up a home network which enables you to share the Internet connectivity in your home.

Limited Support
Microcomputer Services does not, in a general sense, support home networks. There is inherent complexity with this process. For example, each of the choices you make in terms of hardware, and how it is setup will effect any troubleshooting process. It is not possible for our folks to know all of the possible permutations. You're welcome to ask any question you like, but do not assume we can bring an arbitrary home-networking problem to resolution. Most likely, if you experience difficulty, you'll need to either help yourself through available documentation, support from the vendor, or hire someone to come out to your house. Disclaimers aside, there are quite a few folks who have taken on this project and been successful with limited need for assistance. It can also be quite a bit of fun.

Considering High Speed Internet At Home?
Some providers make it easy to share the connectivity they sell you, and others make it difficult. In some cases it may be against the policy of the provider to share connectivity even between your own computers at home. There's also a practical issue DSL users need to avoid. Here's some criteria to look for:
1) Make sure the provider doesn't prohibit sharing connectivity in your home. Most allow it, even though they may not help you set it up. In fact, you may be forced to disconnect your sharing hardware, and connect a single PC should they be asked to come and troubleshoot a connectivity issue. Comcast (cable modem) does permit network sharing between up to 5 PC's in the same household. See the Comcast policy regarding home networks for more information.
2) Make sure the provider gives you real ethernet. For example, Comcast cable modems have one connector for the coax cable, then provides a real RJ45 ethernet jack so you can connect your home PC or most any other ethernet compatible device. The only providers we've heard of that don't allow this type of connection are the very-low-cost DSL options that give you an internal DSL modem and subsequently no external ethernet connectivity. If you go with the DSL option, ask for an external modem and real ethernet connectivity.

Who should consider a home network?
Anyone who is already paying for a "broadband" high speed DSL or Cable Modem for Internet access. In a typical family setting, you probably have more than one personal computer and it only makes sense to enable all of them to use the connectivity you are already paying for. We've even received calls from folks who are paying $50/month for a DSL connection in one room of a house, then routinely dial-in via modem in another room of the same house. Obviously, this person isn't aware of a better way to accomplish their goal of having Internet access in two locations of their home. The DSL example is particularly bad because DSL also uses the phone line, and actually reduces the speed and reliability of conventional modem connections. This type of setup also negates one of the best features of broadband connectivity which is to allow Internet access without tying up the phone line. Note that it is generally prohibited to share your network connectivity between residences. The sharing described here presumes family use within the same residence.

Important Restrictions On-Campus
Please do not connect a network sharing device including one that supports wireless connections to the UO Campus network without asking for permission first from network services. These devices typically come with a feature called DHCP for automatic IP address assignment turned on. DHCP is broadcast based, and subsequently, there should be only one DHCP server on a given network. Connecting one of these network sharing devices to UOnet without first disabling the DHCP component can deny network service to campus users. Network Services can be reached at nethelp@ns.uoregon.edu or 346-4395.

Methods of Sharing Your Connection

#1: Multiple IP Addresses (not recommended) - [aka Purchase multiple gobally-routable static IP addresses]
Connect an ethernet cable between your cable modem or DSL modem to a hub or switch. Connect the computers you have via ethernet cables to the switch. Purchase additional IP addresses for each computer. If a switch has 5 ethernet ports, one of the ports is the uplink and the others are for your devices (home computers). On some switches you need to indicate you're using for the "uplink" to the Internet via cable modem or DSL modem by pressing a button on the switch.

#2: Single IP address Sharing (Recommended) [aka Use NAT with dynamically assigned private addresses]
Purchase a standalone device that combines the functions of a switch (sharing the physical connection) and then also provides network address translation for IP address sharing. This is the typical way to build a home network. It not only saves you money (vs. buying multiple IP addresses), but also helps to secure your home computers from unwanted computer connections (attacks). Note that it is easy, and even cheap to add wireless connectivity at the same time through a single device that does both wired and wireless. One of the benefits of network sharing (NAT) is that your computers at home are given private addresses which are not addressable from external networks and only the network-sharing device has a real globally routeable IP address.

Wireless

What is Wireless? Technology that enables you to connect to your home network (and the Internet) without any physical wires or cables. The technology is radio-based, and very similar to that used with a cordless phone. For it to work, you need a base-station which is hard-wired, and a personal computer (usually a laptop) with a wireless capability. Wireless cards can be purchased for laptops for around $75 or less. Think of wireless network access as having the same properties as a wired network (like a hub without wires).

Should I enable wireless?

While we do recommend you purchase a device that can share a single IP address for both cost and security reasons, you can go all wired in terms of connections, all wireless, or do both wired and wireless with one device. The cost has come down to the point where it is unlikely to be the deciding factor. For example, Buy.com sells the Linksys multi-port wired and wireless access point with network sharing (NAT and Dynamic address assignment) built-in for $79.99. For convenience sake, getting a single network sharing device with both wired and wireless may make the most sense. Just the same, some users will choose to avoid wireless due to the potential that someone could attain unauthorized access to your home network. With this access, they may engauge in a behavior that is unacceptable to your provider causing a problem similar to identity theft, or they may be able to view your confidential communication. With a non-wireless (wired) network, this potential problem is much less likely as the perpetrator would require physical access to your network. On the other hand, if you use most or all of the "Securing a Home Wireless Network" suggestions below, and enable end-to-end encryption for private communication, you can limit your exposure to these issues even with a wireless network. An example of end-to-end encryption is the current UO SSL encryption requirement for email. In addition, if you use the web to buy something with a credit card, you should only deal with vendors who provide SSL encryption. The presence of SSL encryption is indicated with a "closed lock" icon in Internet Explorer and Netscape. With the use of encryption, an eavesdropper may be able to "hear" your communication, but they won't be able to make anything meaningfull out of it.

Securing a Home Wireless Network (What you can do):
Unforunately, there is no way to completely secure your home network, but at least you can make it less easy for unintended users to get onto your home network. Here are some things you can do:

* These first two steps should be taken by anyone, even someone who is not concerned about securing their home network at all.

I Do Want Wireless: Which Wireless Standard Do You Choose?

Issues:
802.11a
802.11b
802.11g
Compatible with other 802.11 networks?
Not yet. This is an emerging technology. For now, if you go with A, you need to buy all A devices. The UO does support both "a" and "b."
Yes, this is the older of these standards, the cheapest, and most compatible.
Yes, "g" will fall back to "b" when it needs to, albeit at "b" speed.
Maximum Theoretical Speed:
54Mbit/s
11Mbit/s
54Mbit/s
Supported at the UO Campus
Yes
Yes
Yes, in the slower "b" mode.
Advantages
Works in the less crowded 5 Ghz range which means less chance for interference. Enables higher density placement of access points which is better for larger numbers of users.
Oldest, cheapest, most compatible. This is the defacto strandard. Most users will probably want to start here.
Higher speed, enables fall-back to "b" when "g" not available.
Radio Frequency
5Ghz range - not much uses this right now which is a good thing.
2.4Ghz Range - many things, including cordless phones use this.
2.4Ghz Range - many things, including cordless phones use this.
Disadvantage
"a" devices are not compatible with networks that only support "b." There are some "a+b" devices that do support both, but cost more. "a" has relatively shorter range per access point.
Speed, issues with addressing higher density use.
Possible conflict with other 2.4Ghz devices. Some "g" devices go "b" speeds anytime a device using "b" is present.

Our Recommendation: It's best to use the same standard with all of your devices. If you go with "b" then use all "b" devices, or if you go with "a" then use all "a" devices etc. Speed is only an issue for the few folks doing video or other large data intensive applications, so "b" will work well for most other folks. Note that Apple only sells "b" and "g" hardware at this time. Apple's marketing name for "g" is "Airport Extreme." The hardware using the "a" standard will cover a smaller area in most cases than that using the "b" or "g" standards.

A Typical Home Network: A Practical Guide

Here's a practical how-to guide for those using either Apple's Airport Basestation or a Linksys device. Note that there are many alternative products, and new ones coming all the time. Unfortunately, it is not possible to document all of the available options, however, the concepts will be the same.

Basic Glossary of Terms

Packet: Messages can be broken into distinct pieces or packets and then reorganized after delivery. Computers on the Internet communicate via packets.
IP address: Each computer connected to the Internet has an IP address. This is a number assigned to your computer to enable you to send and receive information somewhat analogus to the "To:" and "From:" address on a letter.
Router:
1. Routers determine the best path to forward packets. A router is connected to at least two networks. Routers select a path through the interconnected networks called the Internet so that a packet can reach its destination.
2. In home networking products, you want a device that claims to be a "router" to enable you to share one IP address which is not the typical use of this term outside of home networking. A better term to describe address sharing is "network address translation," but unfortunately, the word "router" is the term used most often by vendors to describe these devices that share an IP address.
Private IP address: Also called a non-routable address, is an IP address that is not generally reachable from external networks, but acceptable for internal communication. When a home network device shares one "real" globally routable address, it assigns private addresses to the devices (computers) on the home network. One advantage to this method is that you don't have to pay for multiple IP addresses from your provider. Another advantage is that it is not generally possible for computers on external networks to make (unwanted) connections to your computers with private addresses at home which is desirable to protect your privacy and the integrity of your home computers.
Globally Routable IP Address: A "normal" IP address in the sense that any computer in the world which is connected to the Internet can contact the computer having one of these IP addresses. Typically, this is what you mean if you say "IP address" unless you are specifically talking about private and global addresses like you would have in a typical home network.
DHCP: Dynamic Host Configuration Protocol - enables a computer automatically acquire an IP address on startup when connected to a network. DHCP uses broadcast and subsequently it becomes important to only have one DHCP server on a network.
Static Address: An IP address you purchase from your Internet provider which does not change over time. This type of address is the one you would typically want or need to run a server.
Dynamic Address: An IP address you purchase from your Internet provider that may change over time. DHCP is used to dynamically assign an address to your computer.
Hub: A simple device for sharing network connectivity. When a hub receives a packet on a designated port, it replicates that data to the other ports. Hubs are very cheap these days, but so are switching hubs. In most cases you'd be better served with a switching hub which usually just called a "switch."
Switch: Similar in function to a hub (also called a switching hub): reads the destination address of each packet, then forwards the packet to the correct port. For this type of device, a switch is the thing to buy (as opposed to a hub).
Up-Link: This term has been borrowed from satellite communication terminology. The up-link refers to the connection between the earth station and the satellite. On home network sharing devices, the term is sometimes used to describe the connection between that device and the larger Internet (which is your DSL or cable modem). In the case of Linksys devices, the uplink port is either a standard port (for another device) or it can be used to connect another switch should you need more ports.
WAN Port: Wide Area Network Port. For Linksys devices, this describes the port to connect to your DSL or Cable modem in order to connect to the larger Internet.
AP or Access Point: This is a device which shares a wired connection with wireless clients. Think of an AP as a wireless hub.
MDIX: Medium Dependent Interface Crossover (the “X” representing “crossover”). This is typically the label given for the port you need to connect to the cable-modem or DSL modem. Think of this port as the "up-link" for connection to the larger Internet.
NAT: Network Address Translation. Refers to an IP sharing scheme where you have one globally routable IP address shared between several computers. Each of those computers is given a private address, which is non-routable, and the NAT device handles the translation. Most current home networking products use the term "router" to describe the ability to share a single IP address.
MAC address: Media Access Control. Each network card has a unique hardware address. You can use this address to restrict access to only those computers with ethernet addresses that match a list you supply.
SSID: Service Set Identifier, also called "network name." Client computers must supply the network name to associate with a wireless access point. This can be used as a simple method to help keep unwanted users off your home wireless network.
WEP: Wired Equivalent Privacy. Encryption scheme used to try and protect wireless networks. Various exploits for WEP have been discovered, so, unfortunately, it is not very secure.