Archive | November, 2004

The Wonder and Magic of Proxy Servers, By Glenn Rawdon

5 Nov

What is a Proxy Server?

When we want to surf the Web, the usual setup consists of a computer with a modem connected to a phone line. Dial Up Networking (DUN) dials up the Internet Service Provider (ISP), logs onto the network, and we are connected. This works fine for one computer from home or one user at the office, but if you have five users at the office, all of whom want to be connected, then you need five modems, five phone lines, and five IPS accounts. With a good 56K modem still costing about $150, a business line at least $50 a month, and an IPS at least $20, you are talking $600 extra in startup and $280 per month.

One way we can cut down this cost is with modem sharing software. This software (which is built into some network operating systems, such as LANtastic and Microsoft Small Business Server) lets several computers connect to a modem on another computer on the network. With this, you can eliminate the extra costs of Internet access. But there is a downside. Since there is only one modem, if someone is using it no one else can.

If all you need is occasional access, modem sharing might work for you, but the Internet is becoming a bigger tool in our business each day. After the fourth time you try to log on to do legal research, only to find the modem is still in use, the frustration level in the office will reach a new high.

Enter the Proxy Server. This piece of software is similar to modem sharing in that it allows several computers on the network access to the modem for Internet access. The difference is that more than one computer can be on the Internet at one time, still using one modem, one phone line, and one ISP account.

How a Proxy Server Works

The proxy server runs on the computer with the connection to the Internet, be it ISDN, T-1, or a 56K modem. It establishes the connection to the ISP, then takes requests from the other computers to retrieve information. For example, Bill opens up his browser and requests the Microsoft home page. The proxy server requests this page, then forwards it to Bill’s computer when it is returned. If Jane logs on and requests the OSCN page, the proxy server gets this page and sends it to Jane’s browser. The ISP sees only one connection, but two really exist, with the requests directed by the Proxy Server.

Most proxy servers require that your network run the TCP/IP protocol. This is the language of the Internet. With TCP/IP, each device, whether computer, printer, camera, or whatever has a unique number, called an IP address. A typical IP address looks like this: The proxy server uses this address to route the information retrieved.

When you log on to your ISP with DUN, the server at your ISP assigns you an IP address for that session. Your ISP has a range of IP address assigned to it and it assigns them to you as needed. One session you will be one number, the next session a different one. When you request information using a workstation on the network, the proxy server makes that request from the number assigned by the ISP. When it comes back, the proxy server then routes it to your IP address.

Think of it this way — all of the mail for your office comes to one address, then your secretary sorts it and gives it to the appropriate person. A proxy server works in this same manner.

Setting up a Proxy Server

So you are sold on the idea of a proxy server, but how easy is it to set up? My experience has been that they are relatively simple to set up, but learning to use all of the features will take some time. Many of the terms and concepts you must come to understand may be new to you.

It is not unlike using a word processor. Getting out a simple letter doesn’t take much time, but learning to use tables, generating tables of contents, and creating outlines comes slowly, as needed.

I have had hands on experience with Wingate and Microsoft Proxy Servers. By far the easier of the two was the Microsoft. It comes included with Microsoft Small Business Server (SBS) and installed as part of the installation. With SBS, once the server is installed, you add users and it makes an installation floppy disk for each workstation. When you run the install floppy on the workstation, it logs on to the server and downloads all of the software it needs. Part of this is the proxy client. The only change to the default settings I had to make was so I could get mail both from Exchange Server and my POP3 account with my ISP. Once you know this change, you can make it on the server and it will download to the workstations as they are set up.

Wingate was more involved, especially if you do not have TCP/IP already installed on your network. You must configure each computer that will use Wingate to run TCP/IP before you install the software. This must be done on each machine, so it is time consuming. (But I installed the Microsoft Proxy Server as part of a new SBS install. If it were purchased as an add-on to an existing NT network, it might be as cumbersome to install.)

Once TCP/IP is set up, you install the server software. This can be done on an NT Server or any Windows 95/98 machine. This is one advantage of Wingate. You can set it up on an existing Windows 95/98 peer-to-peer network without investing in an NT Server. I have done this in one of our offices and it has worked fine.

After you have the server running, you configure the workstations. Wingate has a small program that does this and it does it quite well. It configures the workstation to see the Wingate server and configures your browser and POP3 and SMTP mail clients to use Wingate.

At this point you would be up and running for Web browsing. To get more sophisticated, you will have to start learning more.

Different types of information on the Internet come to your computer in different ways. They get routed to your computer through TCP/IP using different ports. You must set up the server and the clients to use the same ports. Here is what the Connection Tab for the settings of IE4 looks like when you set it up to use a proxy server:

If we go into the Advanced settings, you can see what I mean about ports.

You can see that the different functions of the browser look to different ports for their information. When you add another function, such as Real Audio, it looks to additional ports. For each service you want to pass through your proxy server, you must learn how to set it up.

Wingate’s configuration software is called Gatekeeper. Here is the opening screen for it:

I have expanded the Services portion of setup so you can see the different functions I have set up for my office. I want to get mail from my POP3 accounts so I had to set up Wingate to do this. Here is the setup screen for this service:

I also wanted to use Real Audio. Here is the screen for it:

As you can see, the port settings for these are different. I have learned that most of these settings are standards, but you must learn how to find them and how to set them up for the proxy server that you choose.

You can also see that there are tabs for many other settings for the services, such as Bindings, Sessions, and Policies. I have found that proxy servers give you great flexibility and control. Let’s explore that control.

Controlling Access

The control starts with how you connect to the Internet. You set up a DUN entry for your ISP. You then set the proxy server to connect to this entry when someone requests a connection to the Internet. You also set the proxy server to disconnect from your ISP when it is idle for a certain period of time.

The typical proxy server lets you name users just like you do with your network. You can then set access according to the user name, again just like granting access to files on the network. If you want a user to be able to view web sites, but not to be able to download files using FTP, you set these restrictions.

You can also set the hours of usage. If you wanted to restrict certain employees to certain hours of usage so that you could be sure not to overload your bandwidth, this can be done. Here is how this looks in Wingate:

This would be useful if you only have one dial up modem connection and ten users sharing it. You could set different hours for different employees insuring that no more than two or three were connected at any one time, thus insuring a faster connection.

You can also designate the sites that they can visit or exclude certain sites. Here is how that might look:

As you can see, no one in this office can visit the Hustler Web Site.

As well as giving you control, a proxy server allows you to monitor usage. You can set up log files which list as much information as you would ever want about your Internet usage. Every hit made by every computer can be recorded. Here is how the information is logged:

03/27/98 14:46:22 Guest 0000000075 Requested:…es/netstore.gif

03/27/98 14:46:22 Guest 0000000076 Requested:…etcenter_50.gif

03/27/98 14:46:23 Guest 0000000077 Requested:…ack2_banner.gif

03/27/98 14:46:23 Guest 0000000076 Traffic 1391 558 504 1391 2s

03/27/98 14:46:24 Guest 0000000078 Requested:…nNNSoftware.gif

03/27/98 14:46:24 Guest 0000000072 Traffic 990 556 502 990 5s

03/27/98 14:46:27 Guest 0000000079 Requested:…oductUpdate.gif

As you can see, the log is so extensive that it shows each image downloaded from this visit to the Netscape web site. Not only to see how much time your employees are using the Internet, but you can review your logs to be sure they are using it for work related activities.

Speeding Access

A cache stores Internet information on your server so that the next time it is requested it does not have to be downloaded. Having a proxy server with caching can speed up your access to the Internet. Suppose John logs on to OSCN at 9:00 AM, then Jane logs on at 10:00 AM. With the OSCN page in the cache, Jane will get her page much quicker. The second time it is coming from the local server, not through the modem. You decide how much hard disk space on your proxy server to use for your cache.

As you can see, I have set the cache in my office to 300 MB. What about pages that are updated? As you can see, the proxy server lets you set the number of days until it will recheck for updates. If the page has changed, the new page will be downloaded. If it has not, the cached version is sent. There are also settings to let you choose what files to cache and when to purge the cache.

If you couple this caching feature of the proxy server with the automatic update features built into the browsers, you can greatly increase your access time to the web pages you use the most. If you have not already done this with your browser, you should check it out. In Internet Explorer 4 it is called Subscriptions. You subscribe to a page and IE4 checks it for content, according to the schedule you specify. You can schedule daily, weekly, or monthly updates for all of the Web sites you subscribe to or for individual sites.

Using OSCN, let’s see how this would work. In IE4 I log on to OSCN. I then choose Add to favorites. Most of you have probably done this, but instead of just adding it, choose the last option.

After you have done that, go back into favorites and choose Manage Subscriptions. Right click on OSCN and choose Properties.

Pick the receiving tab and select Notify like the screen below.

Now choose the Schedule Tab and set it up to suit your preferences. I set mine up to download at midnight each night. By doing this, the proxy server will have this page in cache each morning. Anyone who logs on to OSCN will get the page directly from our server with no delay. Only one computer in the office needs to be set up for the common subscriptions. The proxy server will dial up at midnight each night, connect to the ISP, download the pages we use the most and have them waiting for us the next morning.

How well does it work?

My organization has proxy server software running in seven locations. After the initial period of getting the bugs out, they have worked well for us. The biggest limitation we have found is obvious. Even though ten people can connect to the Internet through one phone line, the modem speed has not increased. If one person is on at 56K, when two log on you each only have 28K. With four you are down to 14K.

How much a problem is this? It depends upon what you do with the Internet. If everyone is browsing Web pages, maybe not much of one. While I am reading my page you may be downloading yours. It also depends upon the pages you are downloading. High graphics pages take longer than those with primarily text. If you set up the cache so that much is downloaded automatically at night, this helps, too.

Where you begin to see real problems are with applications such as Real Audio. It is downloading the entire time you are using it. If you have a need for Real Audio, video conferencing, or something similar, a proxy server connected to a modem is not a viable solution. But this is not a limitation of the proxy server, only a limitation of the bandwidth of a dial up connection. In our largest office, we have gone to ISDN to increase our bandwidth.

Security Issues

How will a proxy server affect the security of your network? A proxy server actually can give you more security than just a dial-up connection by using it as a firewall. According to the criteria you set, only that traffic is permitted. Here is how Wingate explains it: “As traffic passes between your network and the Internet it’s examined by the firewall, which follows the strict guideline of whatever is not expressly permitted is denied.” We have set up our proxy server to only permit our internal IP addresses access to the proxy server. With this setup, we have had no problems.

Which Proxy Server is Best?

I hate questions such as these. It is like asking which word processor is best. If one were a clear choice there would only be one. I have had good luck with both Wingate and the Microsoft Proxy Server. PC Magazine picked WinProxy as the best workgroup Proxy Server for 1998. They liked its low cost and ease of setup.

The good news is you do not have to buy one to try it out. You can get a 30 day trial copy of WinProxy at and of Wingate at You can also download a 30-day trial version of Microsoft Proxy Server 2.0 from Or a 60-day trial version of Netscape Proxy Server 3.5 is available at

What do they cost? Netscape Proxy Server with a 100-user license is $525. Microsoft Proxy Server lists for $995. (Before I would pay this much I would get SBS, which includes the Proxy Server.) The Wingate Standard 6 user version is $140 and the Pro version is $300. WinProxy Lite allows three users and is $59.95. WinProxy for unlimited users is $299.

There are other products out there. Artisoft (remember LANtastic?) makes I-Share. The good thing about this product is that you do not need to run TCP/IP on the whole network. The 10-user version of it lists for $219. I tried out an early version of it but went with Wingate because there was no NT version at the time. Now Version 3.0 works with NT as well as Windows 95/98. A plus for this product is that you do not need TCP/IP on all computers. One copy will support up to 32 users. For more information, find out all about it at

For pure economy, check out 602Pro INTERNET SERVER Lite or 602Pro INTERNET SERVER. Both versions allow unlimited users for $50 and $200 respectively. To download and try, log on to

Remember that most software companies have non-profit, government, or academic pricing for which you may qualify. Always ask; you will save money.


Log onto the Web sites listed here and read about these products. Go onto and see what the Ziff-Davis people have to say about the products. Pick out one you think best suits your needs and download the trial version. Drive it around the block.

If you have only a Windows 95/98 peer-to-peer network, look at WinProxy, Wingate, or I-Share. If you have been planning to get an NT network and have no more than 25 users (soon to support 50), get Microsoft Small Business Server. I think it is the best buy in software today. You get NT Server, Exchange Server, modem sharing, Proxy Server, SQL Server, Fax Server, and more all in one affordable package.


As we covered at the beginning, a proxy server can pay for itself quickly in savings over individual connections to the Internet. This is just the beginning. Giving everyone in your office access to browse the web is beneficial, but the proxy server allows you to open up the world of e-mail to all of your users.

Once you have a shared connection to the Internet, all you need to give everyone an e-mail address is an account with a ISP or Web host to provide you with e-mail accounts. The cost for these can vary widely. Typically, your ISP will give you one e-mail account with your Internet connection. The account name will look something like Additional accounts can cost as much as $5.00 apiece. This can add up quickly. Shop around.

We decided to go with a Web host. The one we chose, Top Choice, gives us a Web site and 25 e-mail accounts for $25 per month. Additional e-mail accounts are $5.00 for each 10 additional. An organization with 55 employees can have a Web site and 55 e-mail accounts for only $40 per month. That is a bargain.

Once you have your accounts, you do not need to spend anything on software. You can configure either Outlook, Outlook Express, or Netscape Messenger to check each employees e-mail automatically during the day using the proxy server connection. If you are using Outlook for your e-mail client, both intraoffice e-mail and Internet e-mail will come to the same inbox.

We have seven offices covering the entire eastern half of Oklahoma. Now we all communicate regularly, sharing information and solving problems. It has cut down on our costs for phone calls and, since documents can be scanned and sent as attachments, faxes have decreased. We do as much communication a possible over the Internet because there is no additional cost.

Perhaps the greatest benefit is the sense of community it provides our people. Instead of feeling like a small office in the middle of nowhere, each of us feels like an important member of a large firm serving the poor of Oklahoma.

Ethernet Networking Explained

4 Nov

Step by step instructions on setting up a PC Ethernet Local Area Network (LAN) of any size
(followed by a load of detailed technical information)
This page may take a little while to load. I opted to put all of the information on one annoying big page, rather than split it into lots of annoying little pages.

A Local Area Network (LAN) has been an essential tool for business computing for many years, and great fun for gaming for not quite so long. And setting up a basic small LAN is now a very easy task. But networking catalogues are full of bridges and switches and hubs and routers, making it hard for the beginner to figure out what’s going on. What do you need, and what do you not?
This Web page will tell you. The first half is the stuff you need to know to knock together a basic Windows network for playing games or ordinary small business use. It tells you how the common kinds of Ethernet differ, and what to do to make your network work and keep it working. After that, there’s the more technical information for people who are working with larger networks, or are just curious. Jump to the technical stuff.

Three flavours
This document will deal only with the three most popular kinds of PC networks, 10Base2, 10BaseT and 100BaseT. A number of the terms used here have different meanings when applied to older and more esoteric networking systems, but only these three flavours are currently in use for home and small business – and, often, large business – applications.

10Base2 is also called thin Ethernet or “cheapernet”. 10BaseT looks to the computer like 10Base2, but offers more flexible layout. Both of these are Ethernet; the term refers both to the kind of cable used in a network, and the kind of signals sent on the cable. 100BaseT is a ten-times-faster version of 10BaseT, using the newer “Fast Ethernet” system.

The “10” in the names of the two slower flavours of Ethernet indicates that these versions have a signalling speed of 10MHz, giving a maximum useful data throughput, from the user’s point of view, of about half a megabyte per second. 100BaseT uses 100MHz signalling and is commensurately faster. The “Base” in the names means they’re “baseband” networks, which means that they have only one channel for data transmission, so only one device can transmit at a time. This is important; as baseband networks get more and more machines on them, it’s more and more likely that two machines will try to transmit at once, causing a “collision”. After a collision, the machines that caused it each wait a brief randomly chosen period of time and try again. This means that even severely congested baseband networks still work, but they get slower and slower as more and more machines are added. Special devices like switches, bridges and routers exist to deal with this problem.

The “2” in 10Base2 indicates the maximum segment length in hundreds of metres – the maximum aggregate length of cables you can use, with up to 30 computers connected, before you have to start using routers, bridges or switches, of which more later. In the real world, the maximum reliable 10Base2 segment length is 185 metres.

Just to be awkward, the “T” in 10BaseT and 100BaseT has nothing to do with cable lengths; it indicates that these systems use unshielded twisted pair (UTP) telephone-type cable, against the “RG-58” 50 ohm coaxial cable used by 10Base2.

Cables and connectors
Coaxial cable, as used in 10Base2, has a single centre conductor covered with a layer of insulation, a braided and/or aluminium foil second conductor and then the outer jacket. It’s used in various versions for all sorts of high frequency applications. The old thick “10Base5” Ethernet cabling has lower loss than RG-58, and is much thicker, much more expensive and much less flexible. It’s technically incompatible with 10Base2, but will generally work and can be used in a pinch.

The “twisted pair” cabling used for 10BaseT uses pairs of conductors twisted around each other to reduce susceptibility to induced currents. 10BaseT uses unshielded twisted pair (UTP) cabling, which is cheap, and comes in different “levels” or “categories”; the higher the category, the better the data carrying ability. Level 3 cable is all 10BaseT requires, though many current installations are using Level 4 or Level 5 in anticipation of faster network standards in the future.

10BaseT does not have a distinct maximum cable length – 100 to 150 metres is the generally accepted limit, but high grade low loss cable can extend this. This maximum length is the distance each computer can be from its hub, not the total cable length in the system, so a single $200 17-port hub makes it easy to cable up a good-sized office.

“RJ-45” stands for Registered Jack 45. “BNC” variously stands for Bayonet Navy Connector, British Naval Connector, Bayonet Neill Concelman, or Bayonet Nut Connection, depending on who you ask.
10BaseT’s dual-twisted-pair cables have RJ-45 modular connectors at the end. RJ-45s look similar to the RJ-11 modular telephone connectors which are valiantly attempting to replace the antiquated giant Australian phone plugs, but have eight pins instead of the RJ-11’s six. 10Base2’s twist-on BNC connectors violate the standard rule of computer connectors which states that they should snag as many other cables as they can when pulled through a mess of wiring. Fortunately, most RJ-45’s redress the balance; the plastic clip on the back of the connector is not only very good at catching other cables, but impressively fragile as well, and a broken clip renders the connector very unreliable.

BNCs, however, can be very unreliable when not obviously damaged at all. Frequent plugging and unplugging can make the centre pin terminal a loose fit, and corrosion can also cause problems. RJ-45 connectors at least generally LOOK wrong when they’re broken.

Setting it up
The step by step procedure for installing a basic small business or game-playing LAN is now, usually, very simple – install your network cards like any other card, hook up the cable, and as soon as your operating system knows about it, it works. In Windows 95 or 98, all you’ve got to do is make sure you’ve got your workgroup name set the same as that of the people you want to connect to, and that all the computers on the network share at least one network protocol.

About the only problem you’re likely to have in setting up a small network is making the cards work – a standard NE2000-compatible network card needs an IRQ and a few I/O addresses, and setting one up on a packed machine may require some resource juggling. This, however, is not a problem peculiar to networks, and since you can now get dirt cheap Plug and Play network cards, setup is often effortless. (If it’s not, check out my Step By Step column on troubleshooting Plug and Play problems, here.)

There are, however, some basic facts about networks which it helps to know.

Topology is, for network purposes, the layout of computers and cables and other gadgets in the network. The basic topology for 10Base2 and 10BaseT is simple.

A 10Base2 segment (a segment, in this case, is a network with no bridges or switches or other fancy devices in it) contains two or more computers, each with a network card (NIC) fitted with a T-piece which accepts two network cables, or a network cable and a 50 ohm terminating resistor. Each end of the network must have a terminator and a cable connected, and everything else has two cables connected. The T-piece must go right on the network card – you can’t use extension cords between the card and the T-piece.

You can take a computer out of the network by disconnecting its T-piece from the network card, leaving the cables connected to the T-piece’s two arms. Disconnect in any other way, or remove either terminator, and the network stops working until you plug it back together. Every machine has to be at least 50 centimetres of cable away from every other machine, too.

How to wire a 10BaseT crossover cable, for connecting two, but only two, machines together without a hub. This is the same kind of cable that is used to “cascade” multiple hubs into one network. The pin numbers are as you look at the contact side of the plug, with the cable running away from you.

10BaseT, on the other hand, requires a special piece of hardware called a “hub” if you want to use more than two computers. Two machines can hook together with a simple crossover cable, but otherwise every machine on the network must have its own single lead to a port on the hub, which must therefore have enough ports to support the number of machines you wish to network. Multiple hubs can be connected together to allow larger networks; see here for more information on hubs.

Both approaches have their pros and cons. Both offer really, really cheap network cards – $40 (Australian dollars) gets you a vanilla NE2000-clone card with both 10Base2 and 10BaseT connectors. And, for 10Base2, that’s pretty much where the spending stops; the network cards come with T-pieces, so all you need are enough cables and a couple of terminators, and you’re in business.

For 10BaseT, you have to buy a hub as well, and this will set you back about $100 for a five port hub, or around twice as much for 17 ports. 10BaseT hubs are available in various sizes and can be “cascaded” to add more ports to your network.

So why should you bother with 10BaseT? Well, in the 10Base2 configuration, one dud cable, dodgy T-piece, duff terminator or poor connection makes the whole network stone dead until the defective component or connection is fixed – or, worse yet, just interrupts the network every now and then. Intermittent problems are the most annoying. Finding the defective component in 10Base2 is a process of elimination – you just start somewhere, anywhere, and then “divide and conquer” – cut the network in two and reterminate the two halves, then see which half still has the problem and divide it again, and so on, until you locate the source of the failure.

In 10BaseT, on the other hand, one bum cable or network adapter will only remove one machine from the segment. A dead hub will kill the network for every machine directly connected to that hub, but hubs are much more reliable and less prone to accidental damage than 10Base2 cables, T-pieces and terminators.

Repeaters, routers and hubs – the basics
Each 10Base2 segment can only be 185 metres in length, and can only accommodate 30 computers. For many applications, this is fine, and so you can get away with a $40-or-less network card in each machine and a few ten buck cables. But 185 metres can be used up surprisingly quickly in standard into-the-wall-and-up through-the-ceiling cable installations.

If you need more length, a repeater lets you join 10Base2 segments together. The Ethernet spec allows for up to four repeaters in a network – which, for the mathematically disinclined, means five segments – but only three of these segments can be “populated” – have computers connected to them. So your maximum 10Base2 cable length using repeaters is 925 metres, with 555 metres of that being useable for up to 90 computers.

This rule applies to 10BaseT, as well, because every 10BaseT hub acts as a repeater. This can result in rather complex layout diagrams, but the basic rule is easy to remember – the path between any two computers must not include more than four repeaters or hubs, or more than three populated cable segments.

Having 90 computers connected via Ethernet, though, is not a good idea unless each of them doesn’t use the network much. With only 10 megabits per second shared between 90 machines, all of them trying to move data at once gives each computer a theoretical maximum bandwidth available to it of about 14 kilobytes per second. Since there’d be collisions galore from all that simultaneous chatter, the real bandwidth would be much lower, and the network would d to a halt.

What you need to do to cut down the chatter is either increase the total shareable bandwidth by switching to Fast Ethernet (which won’t actually help all that much if you’ve got 90 computers talking at once; the network will probably still be painfully slow), or chop the network up into smaller segments, with traffic only escaping a segment when it’s actually addressed to a computer on the outside. Dividing your LAN up like this is called “internetworking”, and allows big networks to be both faster and physically larger, as it overcomes the maximum cable run problems.

To get around the maximum number of repeaters problem, you have to use bridges. Bridges are more expensive than repeaters, but they let you extend your network without breaking the rules, by intelligently filtering and forwarding data based on the machine it’s intended for – the bridge has enough brains to know what machine addresses are on each side of it, and block the passage of traffic addressed to a section of network which does not contain the intended recipient of the data. When calculating legal routes, you can reset your repeater count to zero if the data path goes through a bridge. The Ethernet specification allows no more than seven bridges on a network. Bridges can have multiple ports, and so connect to more than two network segments; by using multi-port bridges, you can build huge networks, because each collision domain can have up to 1024 nodes on it. In practice, any normal computers will generate enough network traffic that 1000 computers in one collision domain will hopelessly clog the network, but if they’re really, really quiet, you can do it.

Routers are like bridges, only more so. They do the same data filtering, but can also connect completely different networks to each other, allowing, for example, an office network to be connected to the Internet. With the use of routers, there’s no practical limit to how many machines you can network together.

Setting up Windows networking
One of Windows 95’s big selling points was that it finally made PC networking simple enough for anyone to set up. Provided your network card is correctly addressed by Windows – an automatic procedure, for current Plug and Play cards – all you have to do is add the network protocols of your choice in Network Properties.

Windows 98 doesn’t change much in this department. If you’ve set up 95’s networking, you can set up 98’s. Once your network card is working with Windows, add the clients and protocols you need in Network Properties (accessible from Control Panel, or by right-clicking the Network Neighbourhood icon and selecting Properties). For most small business networks and Internet access, all you’ll need is the Client for Microsoft Networks, the NetBEUI protocol for your network card and TCP/IP for your Dial-Up Adapter; you only need to install the first yourself, since the Internet Connection Wizard takes care of the dial-up stuff.

NetBEUI is a fast protocol that works well on networks with fewer than 50 machines, which covers the majority of situations. If your network uses IPX and/or TCP/IP, install them for your network card too; if you only want them for multiplayer gaming, turn off all of the bindings in their Properties windows, and say no to the dialogue box asking if you’d like to change your mind. The bindings let Windows use these protocols for regular network communication as well as the raw data transfer the games want, and redundant bindings slow down your network.

If you’ve got a Windows 95 computer with TCP/IP set up for its network card and leave it on the default “automatically obtain an IP address” setting, the network the computer’s connected to must have what’s called a Dynamic Host Configuration Protocol (DHCP) server connected to it to dole out an address. Without such a server, any 95 machines without addresses will fail to communicate over TCP/IP, and will furthermore slow the network down as they periodically yodel down the wire, hoping a server’s shown up.

Windows 98 does a bit better than this. Machines set to automatically obtain an address which don’t find a server will give themselves an address in the “LINKLOCAL network” IP address space, which means an address starting with 169.254 and with two more arbitrary numbers on the end. The LINKLOCAL space is a “class B network”, which means the network ID is the first two numbers. All 169.254.X.X computers can see each other provided they each have a different combination of the last two numbers, and since the last two numbers can be from 0 to 255 and from 1 to 254 respectively, up to 64,515 computers can be on this network at once and address clashes are unlikely.

169.254 addresses are not, however, valid for networks connected to the Internet. Rest assured that calling your ISP and connecting with TCP/IP for the Dial-Up Adapter does not constitute “connecting to the Internet” in this sense.

Earthing 10Base2
Got a 10Base2 terminator with a little dangly thing hanging off it? It’s a ground chain – or strap, or wire. If you screw the lug at the end of the chain, strap or wire to the chassis of the computer with any convenient mounting screw, you earth the shield conductor of the network cable.

This may or may not be a good thing.

The 10Base2 spec says the network “may” be grounded in one (and ONLY one) place, and doing this may reduce network errors. Grounding the network in more than one place WILL cause errors and may damage equipment thanks to potential differences between different “grounds”. So don’t do that.

This is especially bad if you run a 10Base2 cable between buildings, which is something you’re not meant to do. Different buildings often have markedly different earth potentials, and if the cable’s grounded at both ends, a hefty current can flow through the shield, causing lots of network errors and, possibly, starting fires. If some hapless person at the other end unplugs the network connector, or even just touches it if it happens to be grounded at the far end but not the near one, they can receive an electric shock.

If your network works fine without grounding, there’s no need to change. If it’s grounded and you’re getting errors, try ungrounding it, or grounding it at the other end.

If your network has a repeater on one end of a segment, it probably automatically grounds that end. So don’t ground the other one.

That’s it for the basic stuff…


…now here’s the more complex info.

How much is a megabit?
Computer-savvy people know that the kilo-, mega- and giga- prefixes, in computer usage, don’t mean 1,000, 1,000,000 and 1,000,000,000, as they do normally. Computers use binary arithmetic, so everything’s in powers of two, and the three prefixes indicate 1,024, 1,048,576 and 1,073,741,824 – two to the power of ten, two to the power of twenty and two to the power of thirty, respectively. Easy, right?

Well, sometimes.

RAM (Random Access Memory) is specified in these “proper” megabytes; a 64 megabyte RAM module has exactly 67,108,864 bytes of storage space, disregarding error-checking bits, if they’re present. But when it comes to hard disk sizes, manufacturers tend to specify their drives’ raw (unformatted) capacity in nice round millions and billions of bytes. Unfortunately, they call these measurements “megabytes” and “gigabytes”, in order to make their drives sound bigger.

So a “6.4 gigabyte” hard drive actually has a capacity of about 5.96 real gigabytes, before you format it and lose another few per cent. You can thank the marketing people for this.

And now to network speeds. Data communication is specified not in kilobytes and megabytes, but kilobits and megabits per second – kBps and MBps, respectively, although there’s terrible inconsistency in the use of the upper and lower case “B” to indicate bits and bytes, just to annoy you further.

A bit is one-eighth of a byte – nobody’s ever decimalised the byte, because making it 10 bits would make things look smaller and slower, which the marketing people find less attractive for some reason. So, logically, you’d expect one megabyte per second to be eight megabits per second, right?

Ha! No such luck. Like hard disk capacities, network speeds are expressed in round numbers, not powers of two. A “64 kilobit” ISDN line moves exactly 64,000 bits per second, or a megabyte (the real kind, not the hard disk kind) every two minutes and eleven seconds. “10 megabit” Ethernet is good for exactly ten million bits per second, or 1.192 megabytes per second. And so on.

Bridges, switches and routers in detail
Once upon a time, you could point to a gadget that hooked network segments together and say, with confidence, what it was. Well, so I’m told, anyway. Today, there are all sorts of devices designed to move data from one network to another, with all kinds of fancy features, and their names are a highly unreliable guide to what sort of device they actually are. The three basic categories of network-joining device are switches, bridges and routers, but those definitions blur into each other so much that defining them separately is impossible. The words mean different things to different companies. You just have to look at the specification sheets and decide whether a given device is what you need. Here’s how to tell.

A bridge, officially, is a stand-alone device or specially configured computer that connects different LANs, and allows them to act as segments of one LAN.

A bridge can only connect networks which are using an identical network protocol, like, for example, Ethernet. A bridge with appropriate connections can connect networks which are using the same protocol on different kinds of connection – bridges that have a collection of 10BaseT ports and a 10Base2 coaxial connector are common, for instance. But, canonically, if it can connect networks of different kinds, like Token Ring to Ethernet, it isn’t a bridge.

Since bridges only operate at OSI Layer 2, they cannot connect network segments which couldn’t be connected WITHOUT the bridge there, disregarding media differences. If you’re talking TCP/IP, that means that all segments connected to a bridge must have the same subnet mask – the second number, subsidiary to the IP address, which determines what subnet a computer is on. Computers on different subnets can’t see each other.

Bridges, unlike simple repeaters, do not retransmit a frame until they’ve received the whole thing. This means devices on either side of a bridge can transmit simultaneously without causing collisions, and so you can use a bridge to segment a network into smaller chunks to reduce collisions and improve performance. This, indeed, is the major function of the bridge – chopping up big ungainly networks into smaller “collision domains”, so the overall chatter level doesn’t bog the network down. The tiny single frame delay introduced by the bridging system is a small price to pay.

All modern bridges are “learning” bridges. This means they have the ability to figure out, by looking at where data are coming from, what machines are connected to which of their ports. They can therefore restrict packet retransmission to only the port they know connects to the network node to which the frame’s addressed. If a frame isn’t addressed to a machine the bridge knows about, it retransmits it on all ports except the one it came from, because everything on the segment the frame came from heard it at the same time the bridge did. If a given address doesn’t transmit for a given period of time, the bridge removes it from its address table, so as not to fill its table (which has a limited size) with addresses for machines which may not necessarily even be on the network any more.

Bridges can even handle being connected up in loops. If this situation were left uncorrected, it would cause instant and hopeless congestion as every bridge retransmitted every packet to every other bridge in the loop, and then got it retransmitted back, ad infinitum. The bridges deal with this by arranging themselves into what’s known as a “spanning tree”; they very quickly shut down connections between bridges until all of the loops are eliminated. This allows redundant network wiring; if one cable is cut, the bridges sort out the problem and create a new tree using a previously ignored cable.

A switch is, essentially, a bridge with knobs on. Or a really smart kind of hub. Or, in its simplest form, maybe just a multi-port bridge. Essentially, switches are a creation of marketing departments; there may be some under-the-surface differences between them and previous devices, but from an operational point of view they’re the same as earlier bridges and routers, only faster. Perhaps. A LAN with a switch joining its segments is referred to as a “switched LAN”.

Like a bridge, a switch connects networks and filters packets, only sending on packets to a given network segment if they’re addressed to a device on that segment. Also like a bridge, your basic switch operates at OSI Layer 2 – it cannot change the data it’s sending, to route information from one network flavour to another. Everything connected to a Layer 2 switch has to be configured as if it were on the one network – like a bridge, these switches can only connect network segments that could be connected anyway, as far as the computer settings go. Each port on a switch can support a whole LAN or a single station. If only one station is connected to a switch port, it is said to have a “dedicated LAN”.

Classier switches can do Layer 3 routing, and are thus called “Layer 3” or “Multi-layer” switches. They can connect network segments on different subnets, by routing between them. They can also create “broadcast firewalls” between ports or groups of ports (and, thus, between any devices you attach to those ports). These groups are called “bridged groups” or “virtual LANs”, and each behave like a bridged network. This allows devices on one Virtual LAN to use one IP subnet (or IPX network number, or Appletalk network number range), and devices on others to use other setups. If the switch is smart enough, it can give each virtual LAN access to the others as if it were a router.

But, remember, all sorts of things are called “switches” these days. Bear in mind that something referred to as a switch can also fairly be described as a bridge or a router.

Switching, the underlying technology that gives switches their name, can be done in two basic ways – cut-through and store-and-forward. Cut-through is the newer technology whose introduction, as much as anything, can be said to have spurred the creation of the “switch” as a distinct gadget. Cut-through switches do nothing but look at the MAC addresses of the frame headers and forward the frames accordingly. A cut-through switch doesn’t care if the packet inside the frame is valid or not, and so it will cut network traffic when all is well, but won’t prevent malfunctioning software or hardware from paralysing the network with tons of rubbish packets. Cut-through forwarding is impossible between media of different speeds, so switches which support, say, 10BaseT and 100BaseT, do not use cut-through when data moves between ports of different speeds.

Store-and-forward switching is the older way of doing it. It actually looks at the packets before sending them on, which means the packets stay in the switch a little longer, but broken ones are weeded out. Under high loads, cut-through switches buffer data and hence run no faster than store-and-forward ones, but they’ve got a slight performance edge in normal operation.

An overloaded switch can make network congestion even worse than it would be without the switch, in some cases. If the switch is receiving data for a given port faster than it can pump it out of that port, it will buffer the data until it runs out of memory and then start dropping packets – throwing them away. The machines sending the data don’t know that it isn’t getting through until the network protocol sorts it out – fragmentary data causes receiving machines to request resends. This is worse than a plain old collision, because in a collision situation all of the sending machines know about the problem at once and resend practically immediately, whereas the resend requests created by a choked switch have to traverse the network path back from the receiving machine to the sender before anything can happen.

A router is a device that connects networks together, like a bridge, but is a great deal smarter. Routers operate at OSI layer 3, which means they understand both logical and physical addresses when moving data around, unlike bridges, which work at layer 2 and only understand physical addresses.

Routers analyse incoming packets and modify them, if necessary, so they’re redirected to another router or to their initially intended destination. This allows routers to send packets from one kind of network across another kind of network on their way to a destination network which can be of yet another kind, via more routers if necessary. As long as the routers know what computers live where, they can figure out the necessary route themselves.

Routers maintain a database of addresses which allows them to correctly route data among the hundreds of millions of in-use addresses accessible via the Internet. The can do this because their ability to send data to other routers lets them pay attention only to the “network number”, the part of the address that indicates the network to which the computer they’re sending data to is connected, and ignore the details of the “host number”, the exact machine they’re aiming at. The router at the other end can handle getting the data to the exact right machine; the sending router only has to get it to the right network.

Routers further reduce the number of addresses they need to know about by “summarising” entries together when a lot of addresses share the same route. Typical Internet routing tables contain only several tens of thousands of routes, rather than the hundreds of millions a “dumb” routing strategy would require.

It is this ability that makes routers the life-blood of the Internet, and similarly important to many other networks, but it also makes them slower than “layer 3 switches”, which can generally only do limited routing within the devices directly connected to them, and do not understand multiple layer 3 protocols.

A truly “Internet-capable” switch has full routing abilities in addition to the quick address lookup capabilities of a regular switch. If it has to send data to somewhere it hasn’t recently received data from (the arriving data bringing with it routing information for replies), the switch behaves like a router. This requires much more processing power than switching and is thus slower. “Slower” in this case is a relative term; router-speed operation, even from older and cheaper models, can still provide packets much faster than a T-1 line (1.544 megabits per second) can handle. These cheaper routers’ speed of operation roughly matches the available throughput from a T-3 line (43 megabits per second). Routers are getting faster every year, too; top-of-the-line products can handle a great deal more data.

There is only any point in using a switch/router like this if some large percentage of the network traffic comes from the same places over and over again – local addresses, in other words. A switch connected to the Internet for public access as well as to a local network must also be able to preferentially cache routes to local addresses, or its address table will be rapidly filled with useless once-only Internet access routes from Net surfers.

Routers can communicate with other routers to provide better traffic management and avoid slow connections; they can, together, determine the best route through a complex WAN. Many routers are used for Media Access conversions – linking networks with different physical connections as well as different Layer 3 protocols, like for example Token Ring and Ethernet. Many routers also support scads of Layer 3 protocols, but they don’t have to in order to qualify as a router.

Some network protocols are inherently unroutable – SNA (IBM’s Systems Network Architecture, originally a set of mainframe networking protocols), NetBIOS (Network Basic Input Output System, the basis for Microsoft’s popular NetBEUI) and LAT (Digital Equipment Corporation’s Local Area Transport protocol), for instance, none of which have the innate ability to work with routers. Some of these, like SNA and NetBIOS, can sort-of-kind-of be routed by being “encapsulated” inside other, routable protocols, but these solutions are slow and inelegant. Modern routers can work wonders at integrating disparate kinds of network, such as tend to develop in large companies, but the elimination of excess protocols is still highly desirable to make management simpler, even when every protocol on the WAN is routable.

“Static” routers must have their routing tables manually updated. “Dynamic” routers build and update their own tables.

Bandwidth, and how to get more of it
A network’s bandwidth is how much data it can move per second. In a plain 10 megabit Ethernet LAN, that bandwidth is, unsurprisingly, ten megabits per second, or a bit more than a megabyte per second. The actual amount of real data throughput is considerably lower, because a lot of bandwidth is taken up by the extra formatting information tacked onto the data to be sent. But if you just look at the bits being sent, the total number per second, assuming no collisions, is ten million (if you’re wondering why this is a round number and not a power of two, check here).

Things get more complicated when you start playing with bridges and switches on larger networks. Both of these devices, after a brief learning period, forward traffic only to network segments that actually contain the computer to which the traffic is addressed.

Depending on the network, you may get a larger performance gain from segmenting a 10 megabit network than from upgrading it to 100 megabit.

If you have a 10BaseT network with, say, 32 computers on it, you could add an eight port bridge or switch with a four port hub hanging off each port. This chops the network into eight segments of four computers each, which means that each computer can yammer all it likes to its three segment companions without cutting into the 10 megabit bandwidth of any of the other segments at all. If a given computer DOES talk to a machine on a different segment, it will only take up bandwidth on those two segments, leaving half of the network untouched.

Segmented networks can therefore offer impressive “aggregate bandwidth” – the total amount of data that can be moved around the network by various machines talking to each other at once. High aggregate bandwidth does not, in this case, indicate higher bandwidth available to any one network conversation. But this is usually OK, as for most operations the transfer rate provided by a 10 megabit network is adequate, provided you can get most or all of it for yourself.

If two machines conduct a 10 megabit conversation between two ports on the bridge or switch that segments this 32 computer network, and another two conduct a similar conversation on each of the other three pairs of ports, the network will be saturated (any extra traffic will produce collisions and slow the LAN down) and an aggregate bandwidth of only 40 megabits per second will have been achieved. On the other hand, if computers on the network happen only to talk to other computers on their own segment, the lack of inter-segment network pollution means the aggregate bandwidth available will be 80 megabits per second. The worst case scenario arises if three segments all want to talk to the fourth at once; in this situation they have to share the fourth segment’s bandwidth, and the network’s aggregate bandwidth drops back to 10 megabits per second.

In this situation, an eight-segment 10MBps network clearly offers significantly less bandwidth, under all circumstances, than an unsegmented 100MBps LAN. But if you double the number of segments to 16, so each one serves only two computers, the aggregate bandwidth figures in the above examples jump to 80 and 160 megabits per second respectively, and the chance of everyone concentrating on one segment falls.

If there’s one computer that commonly attracts lots of traffic – a file server, for instance – that one computer can be given a segment to itself, and can even be given a 100BaseT network card and be connected to a 10/100MBps dual-mode switch or bridge. This gives the high-demand computer a dedicated 100 megabit connection, probably full duplex, to the whole of the rest of the network, even though any given other computer can only move ten megabits per second. If the 31 other computers all try to access the file server now, they’re sharing 100 megabits per second between them instead of 10, and will still receive data at a decent rate. Because bridges and switches prevent collisions between traffic originating on different network segments, if ten 10MBps computers simultaneously request data from the 100MBps server (and everything else happens to shut up), they’ll each get data about as fast as their network cards can handle it, without a single collision. They will, in fact, perform just as well in this situation as if they were networked to the server with 100BaseT all the way.

When there are no switches or bridges or routers to worry about, but only repeaters (remember, a standard 10BaseT hub is a repeater), network performance is easy to work out. Everything shares. It’s not quite as simple as that – in a collision situation NO data gets sent by anyone, so when the network is saturated the total useful throughput is less than the total bandwidth of the network – but at least it doesn’t matter who’s talking to who. A given number of connections will result in a given aggregate bandwidth.

Another important factor is the internal or “backplane” bandwidth of your bridge or switch. To avoid causing bottleneck problems at moments of high network use, you need a backplane bandwidth equal to the aggregate bandwidth of all of a device’s ports. If a bridge, switch or router has this much backplane bandwidth, all of its ports can be operating at full speed all of the time, and the “data pipe” inside the device is wide enough to let all of the data through.

Other definitions
ATM: The modern heir to packet switching and circuit switching, Asynchronous Transfer Mode aims to provide the efficiency and fault-tolerance of the former and the guaranteed delivery of the latter. Today’s network switches are the technological precursors to ATM; switches work with relatively large data packets of variable length, whereas ATM uses small, equal-sized “cells” of data and promises far greater speeds than current LANs over short or long distances. ATM looks, to the connected machines, like a circuit switched system – when they want to transfer data, nothing can impinge upon the 51 or 155 megabit per second pipe assigned to them. The ATM system installed has to be fast enough, of course, to handle as many concurrent pipes as are needed.

Broadcast: A “broadcast packet”, in Ethernet, is a packet that will be received by every node on a LAN – it’s not addressed to anyone in particular, but to everyone in general. This leads to the concept of the “broadcast domain”, which is every node that will be reached by a broadcast from any given node. Routers segment broadcast domains – broadcast packets don’t get past them.

Bus: A kind of network topology. The bus configuration, as used by 10Base2, has all of the devices on the network connected in parallel to one cable. This “cable” is really made up of separate cable segments joined at the T-pieces, but electrically speaking it can be treated as one wire. Any computer can be disconnected from this bus without affecting connectivity for everything else, but if the cable is interrupted anywhere, the whole network goes down.

Category: Twisted pair cable such as is used by 10BaseT and 100BaseT is available in various specification levels or “categories”. 100BaseT requires Category 5 cable, often referred to as “Cat 5”. 10BaseT will work with lower grade, thinner cable, but a lot of installers use Cat 5 cable anyway because it costs little more and makes it easy to upgrade. Make sure the cable you use really is Category 5 cable, not just something labelled “Category 5 quality”.

Collision: When two devices on a baseband network like Ethernet try to send data at once, they talk over each other and cause a collision. When a collision occurs, every device that’s trying to send data pauses for a brief, random period and tries again. This simple system works less and less well as you get more and more computers on a network, which is why segmenting big networks with bridges and/or switches is a good idea. Bridges and switches are thus said to segment the “collision domain”; the group of nodes with whose transmissions it is possible for a given node’s transmissions to collide.

Duplex: In computer communications, there are three kinds of connection between two devices. The first is simplex, in which data can only flow one way. Half duplex is the system used by regular Ethernet; data can flow either way, but only one way at a time. Full duplex allows data flow in both directions at once. Ethernet supports full duplex operation, but only between two devices over twisted pair cables. Regular 10BaseT or 100BaseT cable has two physical pairs of wires in it, which in full duplex operation can be used for full bandwidth data transfer in both directions – one wire pair per direction. This works because when there are only two devices involved, so collisions are impossible. The second wire pair is normally needed for collision detection.

Full duplex doubles the aggregate bandwidth of a connection, but doesn’t greatly increase performance unless both devices send a lot of data. Many network transactions involve a lot of data going one way and only a little going the other, so there’s not much performance difference.

Hub: A hub is a common connection point for network devices. The simplest form of hub is completely passive – it contains no electronics, it’s just a collection of connected ports, and exists only to make wiring more convenient. This sort of hub doesn’t work with 10BaseT or 100BaseT Ethernet, and isn’t very practical for larger 10Base2 networks because of 10Base2’s rather limited segment length.

These days, when someone talks about a “passive” hub they probably mean one like the currently available cheap 10BaseT models. These hubs act as a simple repeater – they copy every packet received at any one of their multiple ports to all of the other ports, which keeps every hub-to-computer connection as a separate network segment.

The most common kind of hub used in small networks is the “stand-alone” variety. Despite their name, stand-alone hubs can usually be connected together with regular twisted pair cable or thick 10Base5 coaxial, so you can add more ports to your basic hub if your networking needs grow.

“Intelligent” or “manageable” hubs include features so an administrator can monitor traffic and configure, enable and disable the ports remotely. They still just copy everything they get to everywhere. The cheap 10BaseT hubs in your local computer store are probably NOT manageable, which is OK for small networks where no user is likely to be more than a 30 second walk from the hub anyway. If you’ve got hubs, bridges, switches and routers all over the place, though, being able to immediately see what’s stopped working is an obvious advantage.

“Stackable” hubs are designed from the outset to be linked together, and when you link them they act as one unit for management purposes. Linked stand-alone hubs don’t do this. Stackable hubs provide a cost-effective option for businesses starting with a medium sized network but with higher aspirations, since many models allow you to include just one more expensive manageable hub in the stack, and have it provide management access to all of the others.

The next step up the ladder, only of interest to builders of large networks, are modular hubs. These use one chassis or “card cage” into which cards, each of which provides several hub ports, are installed. The cards are cheaper per port than stackable hubs, because the power supply and casing are provided by the chassis. Cards can be installed for various different network types as needed, and a management unit may or may not be installed, according to preference.

“Switching” hubs are smart enough to know what devices are connected to what ports (figuring it out in the same way as learning bridges), and only copy packets addressed to those devices, and thus act as a limited kind of bridge – they work like a bridge, but they only have one device connected to each port.

To avoid or at least reduce confusion, the actual word “hub” is generally only used when you’re talking about Ethernet wiring. If you’re talking token ring networks instead, you should call call the conceptually similar token ring device a “multistation access unit”, or MAU.

MAC address: Every node on a network has a Media Access Control address, which uniquely identifies it. On Ethernet networks, every computer’s network card has a unique MAC address. Blocks of MAC addresses (the addresses are 48 bit numbers, so there are more than 281 trillion of them available) are assigned to network card manufacturers and used sequentially, the result of which should be that no network card has the same MAC address as any other. In the real world, things like reprogrammable cards can result in two machines with the same address on one network, which can cause problems utterly mystifying to the network novice. These problems are, fortunately, extremely rare. MAC addresses are the identification system used by OSI layer 2.

Network Interface Card: Normally shortened to NIC, this is the technical term for what everyone else just calls a network card. The NIC is the board you put in your computer so you can connect the computer to a network. They’re almost always made for a particular kind of network and media, although Ethernet cards commonly have connectors for 10Base2 and 10BaseT, and may also support 100BaseT.

Node: The correct word for a processing location on a network. Things other than computers can be connected to networks – printers, traffic handling devices and so on. Every node has a unique hardware address – see MAC address.

OSI layers: The seven Open System Interconnection layers are the International Standards Organisation networking framework definition. Fortunately, users don’t need to know anything about them, except that the lower the layer number, the closer you are to the hardware. In network communication, control passes from the higher levels to the lower ones at one end, over the network connection to the next network station, and back up the levels again. All seven layers put together make up the entire network system from your application software to the wires, and how each layer actually works in the real world is defined by a plethora of other protocols. For example, Ethernet and Token Ring are two different ways of providing the services defined by OSI layers 1 and 2, the Physical and Data Link layers.

OSI layer Name Function
7 Application Layer Communication between programs. This is the layer that user programs talk to.
6 Presentation Layer Data representation conversions; this layer translates data, between what the network requires and what the computers at each end expect.
5 Session Layer Establishes and maintains communications channels, so program on different computers can establish a link. Often combined with the Transport Layer.
4 Transport Layer Responsible for end-to-end data transmission integrity. Makes sure that the data actually gets there, with no errors, in the right order, regardless of transmission problems.
3 Network Layer Routes data from one network node to another. This layer translates “logical” device names and addresses into their network hardware equivalents, and does routing, if necessary, for devices that are more than one network link away.
2 Data Link Layer Takes care of moving data from one network node to another, not more than one link away.
1 Physical Layer Translates the bits generated by all the other layers into signals to send through the network, and translates them back into bits at the other end.

Packet: A chunk of data transmitted over a packet-switching network. Packet-switching is any protocol in which data is broken up into these packets and can then follow various routes to its destination – different packets which together comprise one message may travel via different paths and are assembled when they arrive. Packets therefore, of necessity, contain a destination address as well as the data to be transmitted. Packets are often with “frames”; frames are the data structures used by the physical network hardware to move the data. Information that needs to be sent is parcelled up into a packet by the computer, and the packets are parcelled up by the network hardware into frames.

Packet switching, as used by the TCP/IP protocol on which the Internet is built, can be compared with simple “circuit switching”, as used by the phone network, where a dedicated link is established from point to point whenever one device needs to communicate with another. Circuit switching is faster, works with much lower-tech equipment and guarantees that data will arrive in the same order it was sent, important for live audio and video. Packet switching is more efficient and can tolerate slower and much less reliable connections.

Repeater: A repeater is the dumbest kind of active network-connecting device. It just takes network traffic in one port and spews it out of one or more others, exactly as it gets it, but louder. This helps overcome cable losses, and lets cable runs be longer. Repeaters send while they receive, without waiting for the end of each packet to see if it’s intact or reduce collisions. Repeaters are, hence, useless as a cure for network congestion. Ordinary 10BaseT and 100BaseT hubs are, in fact, multi-port repeaters.

WAN: Wide Area Network. Any computer network that covers a large geographical area, and is composed, typically, of more than one Local Area Network. A WAN can be composed of a multiplicity of network systems. The Internet is the biggest WAN in the world, both in geographical extent and number of nodes.

Ethernet Standards Quick Reference
10BaseT 10MBps data rate, star wired bus topology, baseband signalling on unshielded twisted pair (UTP) cable. 10baseT cables can be up to 100 metres (328 feet) long, with a minimum cable run between nodes of 2.5 metres (about 8 feet). Maximum of 1,024 nodes per network.
100BaseT 100BaseT, also known as “fast Ethernet”, is essentially like 10BaseT, but run at 100MBps instead of 10MBps. It requires category 5 UTP cable.
100Mbps Ethernet specifications
100baseT4 4-pair Category 3, 4 or 5 UTP or STP
100baseTX 2-pair Category 5 UTP or STP
100baseFX 2-strand fibre-optic cable

10Base2 Thin Ethernet, or “Thinnet”. 10Mbps data rate, bus topology, baseband signalling. The maximum segment length is 185 metres (607 feet). 10Base2 uses RG-58 coaxial cable, and allows 30 nodes per segment, and 90 nodes per network. The total length of the network must be less than 925 metres (3033 feet).
10Base5 Thick Ethernet, or “Thicknet”. The original “standard Ethernet”, now supplanted in popularity by 10Base2. Typically 10Mbps data rate, baseband signalling, with a maximum segment length of 500 metres (1650 feet). Uses thick coaxial cable, RG-8 and RG-11. 100 nodes per segment are permitted, and 300 nodes per network. A maximum of four repeaters and 100 taps are permitted.
10BaseFL Fibre Link Ethernet. 2GBps maximum data transfer, although normally restricted by hardware capabilities to 100MBps. Uses baseband signalling over fibre optic cable. Maximum segment length is 2000 metres (6557 feet).