Network Design
The first thing to do is decide how to design your home network. We will make some assumptions in designing a network that you can use. The first is that you have at least two computers ready to network. The second is that you are using a broadband connection such as a cable modem. Whether you have a static IP address or dynamic address doesn't really matter—they are interchangeable. The third is that you have some personal firewall such as ZoneAlarm Pro or WinRoute Pro to protect your home network and be your gateway to the Internet. We will use a mix of Windows operating systems to give you different tastes of how networking can work with different operating systems. We will not cover Linux or MacOS in these scenarios. The last assumption we will make is that you know how to install a network interface card (NIC) and have one in each computer.
We might not leave you completely on your own with the NICs. What you really need to understand is that two basic type of cards exist, and they deal with speed. For speed, NICs can either send data at 10 megabits per second (Mbps) or 100Mbps. You probably want to get a 10/100 NIC, which can handle both speeds. The way the card fits in your computer is the other concern. NICs can either be PCI or ISA cards, depending on which slots you have available in your computer. Your computer specs should tell you what kinds of slots you have available. Most new computers have PCI slots available. The NICs come with the appropriate drivers on a CD-ROM that you will use to install them properly.
After you have the NIC cards installed, you need a hub. A hub is a small device with jacks for twisted pair plugs that can be used to connect computers in the network. You can connect multiple computers through a hub. You probably won't need more that two 4-port hubs. Again, you can buy these at any computer store. Several popular models include SMC, Netgear, Linksys, and Dlink. If you are going with 10/100 NIC, you will want to buy a hub that supports 10/100 transfer speeds. You also will need 10BASE-T Ethernet cables to connect all your devices. To know the length of the cables, you will have to measure the distance between computers. You can, of course, get rid of cables altogether and use wireless, but we won't go into those scenarios here. We will discuss the pros and cons of wireless in Chapter 14.
We discussed the various firewall products that you can use. Of the several products we discussed in detail, only a few of them can act as gateways for the rest of your network. Some, like BlackICE, can only protect one machine and are not really meant for networking computers together. For our discussion, we will use ZoneAlarm Pro and WinRoute Pro to demonstrate two products at different ends of the home networking spectrum that gives you the widest possible choices.
Design Diagram
Figure 13.1 is the basic diagram we will follow in setting up the home network environment. It's basic, but it shows all the necessary functionality you probably will need as you start your vast networking empire. One key feature we want in the network design is a gateway/firewall to protect the network. We also want a computer on the internal network for printer sharing that will reside on the internal IP address space of 192.168.1.x. We allow a Web server to run on a computer behind the firewall that allows all outbound traffic but blocks inbound traffic and restricts access to a shared folder with a password. This scenario can cover all your basic needs, from sharing information, protecting the network, and running your own Web site where you can share picture of the kids to running a small e-commerce Web site from home.
Figure 13.1. Home network design.
The network design is as follows:
Your cable modem/DSL connection is the first thing you must set up— When you have your connection working correctly, you can begin setting up the rest of your network.
Your gateway machine is your first line of defense as well as your main system to perform routing and provide DHCP service for the rest of your network— You do not have to use DHCP for your internal network. You can use a static internal address scheme if you want. You can run any other service such as a Web server on this machine or any other machine.
Your external NIC will be set with the IP address that your ISP provides, whether by DHCP or via a static IP address— In our example, the external IP address that the ISP provides is 24.7.48.68. Our DNS address is 216.182.1.1. This allows us to resolve names such as www.microsoft.com to an IP address. Our firewall must have a gateway (24.7.48.1) to route traffic out to the Internet.
The second NIC in our firewall machine has the internal address for our home network (192.168.1.1)— This is the gateway for the home network, which will route traffic out the external interface and out to the Internet. Because this internal address is the gateway for the Internet, it does not need a default gateway address. The DNS server address is 216.182.1.1.
The Ethernet cables must be connected to a hub— This allows all the devices to talk to the one internal interface. If you were connecting multiple hubs together—for example, one hub from the second floor connects to a hub on the first floor of your house—you would have to use the uplink port on the main hub. In this case, we are only using one hub, so we do not have to worry about the uplink port on the hub.
Our computers and devices are on the internal network— We can run anything on the internal network from ICQ to Web servers. This machine can get an IP address from the firewall, or we can assign it statically, such as 192.168.1.2. The gateway is 192.168.1.1, which is the internal interface of the firewall. The DNS server we use is the external IP address 216.182.1.1. Another option is running a DNS server on our firewall.
A shared printer is connected to our PC— Because it is shared on the internal network, all PCs on the network can share one printer.
A second PC on the internal network is Win9xPC, which is assigned IP address 192.168.1.3— It has the gateway address of 192.168.1.1 and DNS address of 216.182.1.1. It has a shared folder with a password.
Like a shared printer, we can share a CD-ROM burner off of this PC.
We can also share a scanner— Any device can be shared with other PCs on the internal network.