Ordinarily, NTL sell their Cable Modem service on the basis of a single PC connection. However, they do not place any restrictions on your having a network residing behind your Cable Modem connected PC. As previously mentioned, NTL only provide one IP address, so you need to have some mechanism that converts the addresses of your networked machines to the address that you are assigned from NTL's DHCP server. This process is called Network Address Translation and is a pre-requisite when considering your Cable Modem sharing.
Another consideration when sharing your Cable Modem connection is that you will still only have your 512K/128K bandwidth from your Cable Modem to the Internet. If one of the PCs on the LAN runs a system such as Napster, say, then this will affect all other users on the LAN. In particular, any sharing of files to folks on the Internet will result in a major degradation in your overall Internet service.
Network Address Translation
Network Address Translation is often abbreviated to NAT. You will often hear someone mention a NAT'd address, and this just refers to the fact that an address has been modified by some Network Address Translation function.
Consider a home network that has been set-up to use IP addresses from the network 192.168.3.0 (Note: If you do not know what an IP address is, then I suggest you visit somewhere like Whatis.com and read a while;-)). One of the machines may have an address of 192.168.3.50, say, whilst your NTL address is, say, 184.108.40.206. Your 192 address is not designed to work on the Internet, so if your PC address is not changed to your NTL address then you will not be able to connect to systems on the Net. NAT ensures that all of your networked machines appear as one IP address on the Net.
The diagram below shows a very simplified view of what is happening. The NAT device will maintain a table of the connections going through it so that it can pass the correct data stream from the Internet back to the correct device on the private network.
Before the discussion turns to connecting your network, lets initially consider the single PC connection. In order to connect the PC to the Cable Modem you will need a Category 5 cable terminated in male RJ45 connectors (usually supplied with your Cable Modem). This cable needs to be wired in such a way that it constitutes a 'straight' cable (corollary: An RJ45 'cross-over' cable. Used to connect two PC's back-to-back). You will also require an Ethernet Adapter in your PC capable of accepting the RJ45 plug on your Cat 5 cable, and all that is required is that you plug one end of your cable into your Adapter and the other into the ethernet port of your Cable Modem.
Your choice of ethernet card is determined by two factors - firstly can you physically insert it into your machine? and second, what network speed your Cable Modem will support, either 10MBps or 100MBps. If you have a 3Com CMX or Sharkin, your ethernet card will need be 10MBps compatible, tho' it is perfectly possible to use a 10/100 card as well. It just will not work at the higher speed. The Motorola SB3100 also only supports 10MBps connections as well, but the SB4100 does support 100MBps connections. The other consideration for your network card is whether you can physically insert it into your PC. There are two main bus types in PCs, ISA and PCI, and either type will work fine with a Cable Modem. Your ethernet card will need to match whatever free slot you have in the bus you have. Most modern PCs will normally have a combination of both.
See the Hardware section for more info on PC networking hardware and cabling.
Your PC will need to have it's IP Address allocation to be automatic. For the technically minded, this means that your NIC will get it's IP address from a DHCP server. When told to do so by your OS, your machine will initially send broadcast packets out of the NIC searching for a DHCP server. Once found, your NIC will be allocated an IP address by the NTL DHCP server. You can see this address by using whatever utility your OS has to show your IP address (see Finding your assigned IP address).
In addition, all of the additional TCP/IP settings should be set so that your PC gets both it's DNS servers and default gateway from the DHCP server as well.
The diagram below shows a schematic of how your PC connects to the NTL Network. Notice that when you are connected you will have two IP addresses allocated by NTL. The one allocated to your PC is a Public Internet Address and this will be the address that you appear as on the Internet. The second one is obtained by your CM when it boots up and, as it is a privately assigned address, this address cannot be seen out on the Internet.
Finding your assigned IP Address:
Use the command winipcfg by selecting Run from the Start Menu. A window will be shown that looks like this:
Note that this screen will also show the MAC or hardware address of your NIC, or, in the case of Winipcfg, the Adapter Address. This is the address that your Cable Modem learns on boot-up.
In a dos command window, type ipconfig :
C:\>ipconfig Windows 2000 IP Configuration Ethernet adapter Local Area Connection 5: Connection-specific DNS Suffix . : nigs.net IP Address. . . . . . . . . . . . : 192.168.3.201 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.3.254
Or, for more detail, ipconfig /all :
C:\>ipconfig /all Windows 2000 IP Configuration Host Name . . . . . . . . . . . . : NIGS Primary DNS Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : nigs.net Ethernet adapter Local Area Connection 5: Connection-specific DNS Suffix . : nigs.net Description . . . . . . . . . . . : Linksys EtherFast 10/100 CardBus PC Card (PCMPC200) Physical Address. . . . . . . . . : 00-E0-98-21-25-4C DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.3.201 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.3.254 DHCP Server . . . . . . . . . . . : 192.168.3.254 DNS Servers . . . . . . . . . . . : 192.168.3.254 Primary WINS Server . . . . . . . : 192.168.3.254 Lease Obtained. . . . . . . . . . : 15 July 2001 20:06:44 Lease Expires . . . . . . . . . . : 16 July 2001 20:06:44
At your shell prompt type ifconfig, which will result in output that will look very similar to that shown in the following screen dump, which shows the output from a two NIC Linux machine where eth0 is attached to an NTL Cable Modem and eth1 is attached to the internal network. Note that there is no indication here as to eth0 having obtained it's address via DHCP.
As your computer stands at the moment, it is possibly liable to abuse from someone out on the Internet. Specifically, once you install an Ethernet card in a Windows PC,
then Windows will also install Microsoft networking. Unless it is specifically required I would suggest it is removed as your PC will start offering this service to anyone that
cares to have a poke. This is especially true with the release of utilities such as Sharesniffer
To expand on this, when a service is made available on a TCP/IP networked computer then it will advertise that service on a particular port, as defined by the service. A lot of common services, such as http, FTP and Microsoft Networking have defined and well-known ports that are used by default. Microsoft Networking will offer it's own service on a combination of ports 135, 137, 138 and 139 depending on a) the version of Windows in use, and, b) the actual status of any file and print sharing you may be offering. Each of the ports is used by MS Networking for a particular function of the service and each can be exploited in it's own way. Even if you do not have any sharing enabled, the machine will still advertise these ports.
In addition, it is worth considering getting one of the Personal Firewall systems that are available as well as some antivirus software. Firewalls include ZoneAlarm, Norton Internet Security, or Black ICE, etc., tho' to be strictly accurate Black Ice is not a firewall. For Anti-virus software, try InoculateIT, AVG, Norton (again), or, if you are desparate, McAfee from Network Associates.
If you are using Linux, then there are numerous things that you can do on your PC in order to make it almost invisible on the Internet. By default, however, most Linux systems will allow many types of services to be available to anyone. There are numerous documents included in your Linux distro that explain some of the things you may need to look at. Start with man ipchains and also read the Firewalling HOW-TO. Pay particular attention to the set-up of Sendmail and Squid if you have installed them so that , in the case of the former, you are not used a mail relay, and, in the case of the latter, that someone does not use you for their proxy server!!
There are two main ways of connecting PCs together to form a network. There are others, but for now, we will consider only the Ethernet alternatives:
Coaxial ethernet is really a fading concept. Two types are available, Thick-wire and Thin-wire. Thick-wire is very unlikely to be found on modern networking equipment but thin-wire is fairly common. Thin-wire ethernet consists of lengths of 50ohm coax cable that are terminated in BNC bayonet connectors. Thin-wire compatible equipment sport a round barrel that the coax is plugged into. Unfortunately, connecting thin-wire is not always so simple. It is important that a thin-wire cable is correctly terminated and not all thin-net NICs are able to automatically terminate a cable. In this case, it is necessary to use a t-piece c/w a terminator so that a cable impedance of 50ohm is maintained. Failure to observe this will result in communication problems between the network devices.
Note: Thin-wire ethernet is also known by it's technical notation of 10base2.
TP, or Twisted Pair Ethernet is the modern equivalent of 10base2 cable systems. Far more flexible, neater and less prone to network faults, TP appears on a myriad of networking and communications equipment. If you have your single PC already connected to your CM then you are already using RJ45 TP cabling and it will almost probably feature in your network. CAT5 cable consists of 4 pairs of wires, with each pair being two insulated copper wires twisted together. These 'twisted-pairs' are then sheathed in a plastic outer sleeve that come in a variety of colours, although 'computer' beige is probably the most common;-). The standards for ethernet over Cat5 cabling define a maximum length of 100 metres for operation at 10MBps, but in practice it is perfectly possible to extend this maximum by 20 or 30 metres without detriment to network communication.
RJ45 refers to the connector that is crimped onto the end of the CAT 5 cable. The connector is rectangular in shape and has a tab at the top. The cable is inserted so that the tab latches onto a small recess in the socket, rather like the side latch on the ubiquitos BT telephone plug.
Connecting a Single PC to a CM connected PC
For this set-up a single piece of thinwire co-ax is used to connect two PCs, with each end of the cable physically connected to a T-piece, with the 'spare' connector capped with a terminator to maintain the cable impedance.
It is important to use the correct cable type for thinwire so that the impedance is correct. The official designation is RG58.
Where two PCs are connected using an RJ45 cable, a cross-over cable needs to be used. An RJ45 cross-over cable actually crosses the transmit and receive pairs in the cable so that one NICs transmit connects to the other NICs receive, and vice versa.
Connecting Multiple PCs to a CM connected PC
To add additional clients to the network, remove one of the t-pieces and connect another thinwire coax cable to the vacant connector and replace the terminator at the t-piece of the last device.
Note that some network cards have an on-board termination setting.
In an RJ45 cabled network, adding additonal clients requires the use of an intermediary device such as a hub or a switch. PCs connect to the hub/switch using straight cables and these are, in turn, connected internally within the hub or switch.
In this environment, there is no requirement for RJ45 cross-over cables.
Before you start connecting and configuring your network it can be a good idea to make a note of the IP Addresses and hostnames that you are going to use for your network devices. It is important to choose a sensible IP network and allocate the host addresses appropriately. The Internet standards for IP addressing allow a certain number of addresses (Officially known as RFC1918) that can be used in a private network. There are three main ranges relating to the three main classes of IP address. Most home network type folks will normally go for addresses that have the first two digits of 192.168. It is then very common to see the third digit as either 0 or 1, but this third digit can be any number up to 255 although each of your network devices will all need to have the same number set here otherwise they will not be able to communicate.
On my own network, I use 192.168.3.0 as my network number (er, three coz it's my house number;-)). This allows me to have my hosts numbered from 1 to 254, or, in other words 254 hosts. For example, the PC that this web page was written on is 192.168.3.80, whilst my gateway machine is 192.168.3.254. Note, you cannot use the numbers 0 or 255 as the last number as these are used by all the network devices to know where they are in the IP world and to respond to low-level network requests, which, TBH, do not usually come into the 'basics' category.
The address ranges designated as privately assigned are as shown in the following table. Note that it is highly unlikely that a home network will require thousands or millions of addreses, but it is still possible to use the Class A and B address ranges for your internal network without any penalty. It is very common for the 192.168 address range to be used within a home network as it is very easy to manage.
|Network||Class||Available address Range||Available number of Hosts|
|10.0.0.0||A||10.0.0.1 -> 10.255.255.254||Millions;-)|
|172.16.0.0||B||172.16.0.1 -> 172.31.255.254||Thousands;-)|
|192.168.0.0||C||192.168.0.1 -> 192.168.255.254||254 per network|
For example, if the network number is 192.168.0.0, then this will allow us to use the numbers 192.168.0.1 through 220.127.116.11 for our hosts. If 254 is used as the gateway's address, then each of the other machines can be allocated addresses such as 192.168.0.10, 192.168.0.20, 192.168.0.30, etc.. When setting these other machines, you need to specify the address of your gateway as the Default Router, Default Gateway, depending on your networking software. This tells the PC's IP stack to use your gateway as the route for all your non-local traffic, or, to put it another way, 'I've no idea where that is, ask that geezer over there with the map'.
OK. let's apply this wordy theoretical explanation to one of our physical networks outlined above. Taking probably the most common configuration, multiple PCs connected using RJ45 cabling via a hub or switch, the gateway device (be it a PC, or a Router) needs to be set to obtain an IP address by DHCP on the NTL facing connection. The internal (or LAN) connection on the gateway device will almost invariably have it's IP fixed, and this value will vary depending on the gateway device used. Clients on the network will either get their address from the gateway device or have their address set manually. Either way, the addresses used will need to be of the same network as the LAN address set on the gateway but it most be noted that if you set address manually, you will normally have to set both the Gateway and DNS servers manually as well.
The first of the following diagrams shows how IP addresses are allocated where a LAN dhcp server is available. The only address that is fixed is that of the LAN interface of the gateway device. This is the typical set-up where Microsoft ICS, Sygate, Wingate, Netgear, SMC and Linksys routers are used as the gateway device, i.e., very common.
Where DHCP is used to supply IP addresses, it is normal practice for DHCP to also supply both the Gateway Address and the DNS servers to be used for name resolution.
Most internet sharing devices will offer DHCP services to the LAN but there may be instances where either DHCP does not work (this is more likely with MS ICS rather than a router), or you want to have fixed address set on your LAN. In this case you must also define the subnet mask as well, which for our example below is 255.255.255.0. Note that essentially nothing changes on the gateway device, it still has DHCP set on the Cable interface and a fixed address on the LAN interface.
In addition, where you set a manual address, you also need to set the Gateway address and the DNS servers. In this example, the Gateway and DNS would be 192.168.0.1 but again there are instances where DNS does not work (again more likely with MS ICS!) so there may be a need to set NTL's DNS servers instead. These are 18.104.22.168 and 22.214.171.124 and it is usual to specify both in your set-up.
When setting manual addresses it is important not to cause an IP clash, or, in other words, do not set two IP addresses the same. In addition you should avoid setting any addresses that clash with the IP address scope of any DHCP servers you are running.
Microsoft Networking is supported by all versions of Windows, as well as Unix and Linux variants through the use of SAMBA. It is a useful service to use on your network as it allows both File and Printer sharing between your PCs.
It is not necessary to have Microsoft Networking installed in order to provide Internet access for your LAN.
Again, using the multiple PCs connected via RJ45 cabling, the following diagram shows the requirements for MS Networking. Each PC must have a unique name, and also be part of a Workgroup (shown in Grey). The diagram assumes that TCP/IP is set-up as discussed previously and in order to prevent unwanted access to your shares, the internet facing NIC of the gateway is shown as having File & Print Sharing disabled. In actual fact you should unbind both Client for Microsoft Windows and File & Print Sharing from that interface.
All Copyrights and Trademarks Ack'd. Not to do so would be a SYN!