Red Hat Linux Fedora For Dummies [Electronic resources] نسخه متنی

Designing and Building Your Private Network

Private networks take on many shapes and sizes. As you may expect, the design of a LAN for a large- or medium-size organization is different than for a small office or home. Individuals and small organizations generally don’t require complex networks unless they perform complex work. For the purposes of this book, we assume that you want and need a simple network. We describe how to design a basic LAN that is both powerful and reliable. This network can be used for many small- or medium-size businesses and most households.

This chapter shows you how to design a flat network. Flat refers to the fact that all the computers connected to the network communicate over a single subnetwork (or subnet, for short). Subnets can be combined within a single LAN, but that makes the network more complex to design, build, and maintain.

The network we describe here is also designed to use a Red Hat Linux Internet gateway. The Internet gateway is a computer that acts as a portal, connecting the private network to the Internet. The networked computers in the private network — also referred to as hosts or clients — are connected through one of two methods:

Wired connections: Hosts are connected to the LAN through a device called an Ethernet hub or Ethernet switch (hub or switch, for short). Switches are superior to hubs in performance and are becoming the standard. For your LAN, we suggest that you connect all computers (hosts), including the Internet gateway, by using an Ethernet switch. Figure 15-1 shows an example of our private network, where the interconnecting fabric is the Ethernet switch. (In recent years, Ethernet switches have become inexpensive and common, and Ethernet hubs have been disappearing.)

Figure 15-1: A simple private network.

Wireless connections: Wireless devices make it possible to build a network without interconnecting cables. Wireless networks can take two forms:

Using an access point: Using a device called an access point, you can connect wireless hosts to a LAN. This design has the hosts connect to the access point via radio frequency (RF) signals. The access point also connects to a wired network, and the wireless hosts communicate to the wired network through that connection.

Tip The RF signals used by wireless networks are the same ones you tune in to on your radio or communicate with on your cell phone or open your garage door with. The only differences between the RF signals coming from an AM radio station and a wireless network device are its frequency and strength. The Federal Communications Commission (FCC) permits anybody to use the 5 GHz (billions of cycles per second) frequency portion of the spectrum for any purpose as long as the signal strength is low.

Access points have become the most popular system for creating wireless LANs. You can find access point devices in consumer electronics stores for much less than $100.

Using ad-hoc mode: The alternative wireless-connection method, called ad-hoc mode, doesn’t require a separate access point, other than a wireless device for each host. Wireless hosts communicate directly with each other by using ad-hoc mode. (You can read more about ad-hoc mode in the section “Wiring your network with wires,” later in this chapter.)

The ABCs of switches and hubs

Switches are slightly more expensive than hubs because they do a little more work. Suppose that your network consists of three machines — A, B, and C — all connected to a switch. When machine A wants to communicate with machine B, the switch transmits the network traffic from A directly to B.

Machine C is totally out of the loop. By making sure that C doesn’t know what A and B are saying, the switch keeps network communication private. Hubs, on the other hand, broadcast the network traffic from one machine to all machines connected to the hub. When A sends information to B, the hub broadcasts that information to both B and C.

The following section describes how to build a wired network; the section after that shows a wireless one. You can mix wired and wireless networks, but, for simplicity, we describe how to build a pure wired or wireless network.

Wiring your network with, uh, wires

Way back in prehistoric times (circa 1996), you had to be technically savvy to wire your own network. Wiring consisted of coaxial cables like those used for cable TV connections. Coaxial cables are bulky and require you to use special tools to attach the connectors to the cable ends.

Life is easy now. Wiring your network requires that you obtain Cat 5 cables, similar in appearance to telephone cables. Cat 5 cables are manufactured with telephone-like connectors that are a snap (pardon the pun) to use. No muss, no fuss.

TipYou can buy Cat 5 cables at any electronics store. They come in many colors and sizes. Cat 5 cables aren’t cheap, but they aren’t terribly expensive, either. They’re reliable and much easier to work with than coaxial cables.

You have to use a network switch or hub in conjunction with Cat 5 cables. Switches and hubs are the glue that holds your network together. Both switches and hubs connect individual computers so that they can communicate with each other.

Most — if not all —networking equipment is now based on the Ethernet protocol. Ethernet is inexpensive and readily available. You can purchase it from any consumer electronics store, mail-order catalog, or online computer seller. You don’t need to know any of the technical aspects of Ethernet because it requires no configuration. You need to know only that an Ethernet connector looks similar to a telephone jack. However, Ethernet and telephone jacks aren’t compatible.

TipOne byproduct of a switch’s design is that it effectively makes your network faster. Network traffic flows only between the machines that are talking to each other. The computers that aren’t talking to each other don’t use the switch’s bandwidth. For example, when machine A is sending information to B, machine C doesn’t see any of the traffic.

For your network, start by connecting your machines to a central switch. (You can use a hub, if you want.)

Although you can connect as many computers as your switch or hub can handle, to keep the job as simple as possible, these steps describe how to wire two computers, Cancun and Veracruz. These steps assume that you have a switch or hub, and at least two Cat 5 cables:

On the first computer, plug one end of a Cat 5 cable into the Ethernet network interface connector (NIC) on the back of the machine.

Plug the other end of the cable into the switch.

A green light should appear near the connector you used on the switch. The green light indicates that you have link status, indicating that an Ethernet connection has been established: You have an active connection between the computer and the switch.

If you don’t get a link status, make sure that both connectors on the cable have been properly inserted. Pull each connector out and firmly press it back in (called reseating).

Tip If this suggestion doesn’t fix the problem, make sure that the cable is working correctly. Check the cable for cracks and cuts, for example. Check the cable’s connectors for loose wires. Substitute another cable, if possible; using a cable that you know works can help you determine whether the suspect cable is at fault.

If neither of these options works, you may have either a broken switch, cable, Ethernet NIC, or any combination. You may have to replace either or all of the devices to determine the real problem. Perhaps you can borrow a known good cable and NIC from a working network and use them to eliminate the problem.

Repeat Steps 1 and 2 for each additional computer.

After you have successfully connected all your computers to the switch, you can proceed to the section “Building an Internet Gateway,” later in this chapter. That section describes how to build an Internet gateway on a Linux computer. The Internet gateway connects your entire private network to the Internet.

Wiring without wires

Life has gotten easier in the past few years (circa 2000). Wireless networking is the best technological advance for home or small-business network users in the past five years, and it’s now affordable for consumers.

Going wireless means

Not having to string cables around your house or office: You don’t have to spend money and time pulling wires through walls, ducts, attics, and cellars, for example. (The authors have enjoyed all these activities.) You also save the cost of the cables themselves.

Geographical freedom: You have the freedom to use your computers anywhere, regardless of where your server or Internet gateway or printers are located. Ah, life is easier when you can sit outside on a nice day and clack away at the keyboard.

Looking good: You look high-tech even if you’re not. You can impress your friends and family.

The process of constructing a wireless network is straightforward. You have to decide how to connect your wireless devices to your private network. You can do that in two ways:

Use a wireless access point: A wireless access point (WAP) is a device through which wireless devices communicate. An access point provides a single point of contact through which all other devices communicate.

An access point uses two network connections. One is an Ethernet port that connects to your private LAN through a Cat 5 Ethernet cable, and the other point connects to your wireless devices. The access point serves as a common connection point to your LAN.

The other connection point is the access point’s wireless receiver. The wireless “port” communicates with all other wireless devices on your network.

Use point-to-point (ad-hoc) communication: Contrary to popular opinion, you can create a wireless network without an access point. Wireless NICs are designed to communicate directly with each other as well as through an access point. You configure each NIC to know a common network name and a common encryption key, and the NICs form their own ad hoc network by communicating directly with each other. We show you how, later in this section.

Point-to-point communication is referred to as ad-hoc mode. The term ad hoc means that you put something together with what you have in whatever way you can. Using wireless ad-hoc mode means that each wireless device can communicate with the other wireless devices. (Setting up a network with wireless NICs is less expensive than using WAPs.)

You can purchase an access point to construct your wireless LAN. That’s simple and quick, if a little expensive. If you choose that route, we leave it up to you to follow the access point’s instructions for connecting other computers to it. You can follow the steps in Chapter 7 for configuring your Red Hat Linux wireless NIC to an access point.

We describe how to save a few bucks and use a Linux computer to build an ad hoc network. Building an ad hoc network requires you to put a Wi-Fi NIC on a Linux gateway. You then configure every computer, on your private network, to use the same network name and encryption key. The computers can then communicate directly with each other through the Linux gateway to the Internet.

Follow these steps to create a wireless LAN:

Install both a Wi-Fi and Ethernet NIC on the Internet gateway computer.

Each of your private network’s computers can talk to the Internet gateway through the wireless NIC. The Ethernet connects the gateway to the Internet through either a DSL or cable modem; you can substitute a telephone modem for the Ethernet NIC, if necessary.

The next section in this chapter describes how to build an Internet gateway.

Install a Wi-Fi NIC on each of your Linux and Windows computers.

Configure each Wi-Fi NIC to use the same network name and encryption key.

Refer to Chapter 7 to find out how to configure a Wi-Fi NIC; use the network IP addresses, netmasks, and other items described there.

Configure your Internet gateway to forward your private network traffic to the Internet.

Configure a firewall on your Internet gateway.

Refer to the section “Protecting your LAN with a firewall,” later in this chapter.

Technical StuffOne advantage of using infrastructure mode is that a wireless device can move from access point to access point without reconfiguration. Access points provide mobility and flexibility, which can be a good thing if you happen to work on a large, dispersed environment. For example, if your company is spread across several locations, you want to be able to use your computer anywhere. However, if you don’t correctly configure your access point correctly — for example, not using an encryption key — then flexibility becomes a security liability. Make sure that you correctly configure all your wireless devices.

Designing and Building Your Private Network

Private networks take on many shapes and sizes. As you may expect, the design of a LAN for a large- or medium-size organization is different than for a small office or home. Individuals and small organizations generally don’t require complex networks unless they perform complex work. For the purposes of this book, we assume that you want and need a simple network. We describe how to design a basic LAN that is both powerful and reliable. This network can be used for many small- or medium-size businesses and most households.

This chapter shows you how to design a flat network. Flat refers to the fact that all the computers connected to the network communicate over a single subnetwork (or subnet, for short). Subnets can be combined within a single LAN, but that makes the network more complex to design, build, and maintain.

The network we describe here is also designed to use a Red Hat Linux Internet gateway. The Internet gateway is a computer that acts as a portal, connecting the private network to the Internet. The networked computers in the private network — also referred to as hosts or clients — are connected through one of two methods:

Wired connections: Hosts are connected to the LAN through a device called an Ethernet hub or Ethernet switch (hub or switch, for short). Switches are superior to hubs in performance and are becoming the standard. For your LAN, we suggest that you connect all computers (hosts), including the Internet gateway, by using an Ethernet switch. Figure 15-1 shows an example of our private network, where the interconnecting fabric is the Ethernet switch. (In recent years, Ethernet switches have become inexpensive and common, and Ethernet hubs have been disappearing.)

Figure 15-1: A simple private network.

Wireless connections: Wireless devices make it possible to build a network without interconnecting cables. Wireless networks can take two forms:

Using an access point: Using a device called an access point, you can connect wireless hosts to a LAN. This design has the hosts connect to the access point via radio frequency (RF) signals. The access point also connects to a wired network, and the wireless hosts communicate to the wired network through that connection.

Tip The RF signals used by wireless networks are the same ones you tune in to on your radio or communicate with on your cell phone or open your garage door with. The only differences between the RF signals coming from an AM radio station and a wireless network device are its frequency and strength. The Federal Communications Commission (FCC) permits anybody to use the 5 GHz (billions of cycles per second) frequency portion of the spectrum for any purpose as long as the signal strength is low.

Access points have become the most popular system for creating wireless LANs. You can find access point devices in consumer electronics stores for much less than $100.

Using ad-hoc mode: The alternative wireless-connection method, called ad-hoc mode, doesn’t require a separate access point, other than a wireless device for each host. Wireless hosts communicate directly with each other by using ad-hoc mode. (You can read more about ad-hoc mode in the section “Wiring your network with wires,” later in this chapter.)

The ABCs of switches and hubs

Switches are slightly more expensive than hubs because they do a little more work. Suppose that your network consists of three machines — A, B, and C — all connected to a switch. When machine A wants to communicate with machine B, the switch transmits the network traffic from A directly to B.

Machine C is totally out of the loop. By making sure that C doesn’t know what A and B are saying, the switch keeps network communication private. Hubs, on the other hand, broadcast the network traffic from one machine to all machines connected to the hub. When A sends information to B, the hub broadcasts that information to both B and C.

The following section describes how to build a wired network; the section after that shows a wireless one. You can mix wired and wireless networks, but, for simplicity, we describe how to build a pure wired or wireless network.

Wiring your network with, uh, wires

Way back in prehistoric times (circa 1996), you had to be technically savvy to wire your own network. Wiring consisted of coaxial cables like those used for cable TV connections. Coaxial cables are bulky and require you to use special tools to attach the connectors to the cable ends.

Life is easy now. Wiring your network requires that you obtain Cat 5 cables, similar in appearance to telephone cables. Cat 5 cables are manufactured with telephone-like connectors that are a snap (pardon the pun) to use. No muss, no fuss.

TipYou can buy Cat 5 cables at any electronics store. They come in many colors and sizes. Cat 5 cables aren’t cheap, but they aren’t terribly expensive, either. They’re reliable and much easier to work with than coaxial cables.

You have to use a network switch or hub in conjunction with Cat 5 cables. Switches and hubs are the glue that holds your network together. Both switches and hubs connect individual computers so that they can communicate with each other.

Most — if not all —networking equipment is now based on the Ethernet protocol. Ethernet is inexpensive and readily available. You can purchase it from any consumer electronics store, mail-order catalog, or online computer seller. You don’t need to know any of the technical aspects of Ethernet because it requires no configuration. You need to know only that an Ethernet connector looks similar to a telephone jack. However, Ethernet and telephone jacks aren’t compatible.

TipOne byproduct of a switch’s design is that it effectively makes your network faster. Network traffic flows only between the machines that are talking to each other. The computers that aren’t talking to each other don’t use the switch’s bandwidth. For example, when machine A is sending information to B, machine C doesn’t see any of the traffic.

For your network, start by connecting your machines to a central switch. (You can use a hub, if you want.)

Although you can connect as many computers as your switch or hub can handle, to keep the job as simple as possible, these steps describe how to wire two computers, Cancun and Veracruz. These steps assume that you have a switch or hub, and at least two Cat 5 cables:

On the first computer, plug one end of a Cat 5 cable into the Ethernet network interface connector (NIC) on the back of the machine.

Plug the other end of the cable into the switch.

A green light should appear near the connector you used on the switch. The green light indicates that you have link status, indicating that an Ethernet connection has been established: You have an active connection between the computer and the switch.

If you don’t get a link status, make sure that both connectors on the cable have been properly inserted. Pull each connector out and firmly press it back in (called reseating).

Tip If this suggestion doesn’t fix the problem, make sure that the cable is working correctly. Check the cable for cracks and cuts, for example. Check the cable’s connectors for loose wires. Substitute another cable, if possible; using a cable that you know works can help you determine whether the suspect cable is at fault.

If neither of these options works, you may have either a broken switch, cable, Ethernet NIC, or any combination. You may have to replace either or all of the devices to determine the real problem. Perhaps you can borrow a known good cable and NIC from a working network and use them to eliminate the problem.

Repeat Steps 1 and 2 for each additional computer.

After you have successfully connected all your computers to the switch, you can proceed to the section “Building an Internet Gateway,” later in this chapter. That section describes how to build an Internet gateway on a Linux computer. The Internet gateway connects your entire private network to the Internet.

Wiring without wires

Life has gotten easier in the past few years (circa 2000). Wireless networking is the best technological advance for home or small-business network users in the past five years, and it’s now affordable for consumers.

Going wireless means

Not having to string cables around your house or office: You don’t have to spend money and time pulling wires through walls, ducts, attics, and cellars, for example. (The authors have enjoyed all these activities.) You also save the cost of the cables themselves.

Geographical freedom: You have the freedom to use your computers anywhere, regardless of where your server or Internet gateway or printers are located. Ah, life is easier when you can sit outside on a nice day and clack away at the keyboard.

Looking good: You look high-tech even if you’re not. You can impress your friends and family.

The process of constructing a wireless network is straightforward. You have to decide how to connect your wireless devices to your private network. You can do that in two ways:

Use a wireless access point: A wireless access point (WAP) is a device through which wireless devices communicate. An access point provides a single point of contact through which all other devices communicate.

An access point uses two network connections. One is an Ethernet port that connects to your private LAN through a Cat 5 Ethernet cable, and the other point connects to your wireless devices. The access point serves as a common connection point to your LAN.

The other connection point is the access point’s wireless receiver. The wireless “port” communicates with all other wireless devices on your network.

Use point-to-point (ad-hoc) communication: Contrary to popular opinion, you can create a wireless network without an access point. Wireless NICs are designed to communicate directly with each other as well as through an access point. You configure each NIC to know a common network name and a common encryption key, and the NICs form their own ad hoc network by communicating directly with each other. We show you how, later in this section.

Point-to-point communication is referred to as ad-hoc mode. The term ad hoc means that you put something together with what you have in whatever way you can. Using wireless ad-hoc mode means that each wireless device can communicate with the other wireless devices. (Setting up a network with wireless NICs is less expensive than using WAPs.)

You can purchase an access point to construct your wireless LAN. That’s simple and quick, if a little expensive. If you choose that route, we leave it up to you to follow the access point’s instructions for connecting other computers to it. You can follow the steps in Chapter 7 for configuring your Red Hat Linux wireless NIC to an access point.

We describe how to save a few bucks and use a Linux computer to build an ad hoc network. Building an ad hoc network requires you to put a Wi-Fi NIC on a Linux gateway. You then configure every computer, on your private network, to use the same network name and encryption key. The computers can then communicate directly with each other through the Linux gateway to the Internet.

Follow these steps to create a wireless LAN:

Install both a Wi-Fi and Ethernet NIC on the Internet gateway computer.

Each of your private network’s computers can talk to the Internet gateway through the wireless NIC. The Ethernet connects the gateway to the Internet through either a DSL or cable modem; you can substitute a telephone modem for the Ethernet NIC, if necessary.

The next section in this chapter describes how to build an Internet gateway.

Install a Wi-Fi NIC on each of your Linux and Windows computers.

Configure each Wi-Fi NIC to use the same network name and encryption key.

Refer to Chapter 7 to find out how to configure a Wi-Fi NIC; use the network IP addresses, netmasks, and other items described there.

Configure your Internet gateway to forward your private network traffic to the Internet.

Configure a firewall on your Internet gateway.

Refer to the section “Protecting your LAN with a firewall,” later in this chapter.

Technical StuffOne advantage of using infrastructure mode is that a wireless device can move from access point to access point without reconfiguration. Access points provide mobility and flexibility, which can be a good thing if you happen to work on a large, dispersed environment. For example, if your company is spread across several locations, you want to be able to use your computer anywhere. However, if you don’t correctly configure your access point correctly — for example, not using an encryption key — then flexibility becomes a security liability. Make sure that you correctly configure all your wireless devices.