faq_router

-Router-

General Questions

Q31:What should I set for Router to make Windows XP Remote Desktop work? (2005/7/29)
About Internet Network
Q30: What is DHCP (Dynamic Host Configuration Protocol)?
Q29: What is Dynamic IP Address?
Q28: What is Fixed IP Address?
Q27: What is TCP/IP?
Q26: What is TCP (Transmission Control Protocol)?
Q25: What is IP (Internet Protocol)?
Q24: What is ICMP Protocol and “ping”?
Q23: What is MAC Address?
Q22: What is UDP Protocol (User Datagram Protocol)?
Q21: What is Subnet Mask?
Q20: What is DNS (Domain Name Server)?
Q19: What is default gateway?
About Broadband Router
Q18: What is NAT (Network Address Translation)?
Q17: What is Router?
Q16: What is Firewall?
Q15: What are Hacker and Cracker?
Q14: What is DoS (Denial of Service Attack)?
Q13: What is IP Spoofing?
Q12: What is Packet Filtering?
Q11: What is DMZ?
Q10: What is Load Balancing?
Q09: What is Mapped IP?
Q08: What is Service?
Q07: What is Virtual Server?
Q06: Which server can be installed in DMZ?
Q05: What is Throughput?
Q04: If I already have an Ethernet connected by a router to Internet,
how to test another new router?
Q03: I already have a PC connected to an ADSL Modem to Internet,
how to insert a broadband router between PC and ADSL modem?
Q02: How to use ping command?
Q01: How do I know my IP address in Windows?

Q31:What should I set for Router to make Windows XP Remote Desktop work? (2005/7/29)

For Remote Desktop, you just need to setup PC in Virtual Server port 3389. (Example setting picture)

Besides on your XP, you must setup your account’s password and enable Remote Desktop Control function from system Remote tag.

top

Q30: What is DHCP (Dynamic Host Configuration Protocol)?

DHCP is Dynamic Host Configuration Protocol, which is a protocol that lets network administrators manage and allocate Internet Protocol (IP) addresses in a network. Every computer has to have an IP address in order to communicate with each other in a TCP/IP based network. Without DHCP, each computer must be entered in manually the IP address. DHCP enables the network administrators to assign the IP from a central location and each computer receives an IP address upon plugged with the Ethernet cable everywhere on the network.

When a computer with no fixed IP address starts up, it asks the DHCP server for a temporary IP address. The DHCP server allocates an IP address, which falls within the same sub-network as the DHCP server and does not conflict with other computers on the network, to the client.

top

Q29: What is Dynamic IP Address?

An IP address that is assigned automatically to a client station in a TCP/IP network by a DHCP server.

Q28: What is Fixed IP Address?

An IP address that is fixed assigned by the network administrator.

If the IP address is officially registered and managed on the internet, we call it public IP address. Everybody on the internet can reach you by public IP address.

If the IP address is not officially registered and managed only inside your network, we call it private IP address. Nobody can reach you through your own private IP address, because only you know its address and not managed on the internet. There are three IP address blocks that have been assigned as private IP address space.

Q27: What is TCP/IP?

TCP/IP is Transmission Control Protocol/ Internet Protocol. The basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network, i.e. intranet or internet. When you set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP.

top

Q26: What is TCP (Transmission Control Protocol)?

TCP is a connection-oriented protocol it establishes a logical connection between two computers. Before transferring data, the two computers exchange control messages to make sure a connection has been established, this process is called handshaking. TCP sets up control functions in the Flag field of the Segment Header. Compared to UDP, TCP is a very reliable protocol, and uses PAR (Positive Acknowledgment with Re-transmission) to guarantee that data from one host computer can reach the other host computer safely and correctly.

Q25: What is IP (Internet Protocol)?

IP stands for Internet Protocol. IP address uniquely identifies a host computer connected to the Internet from other Internet hosts, for the purposes of communication through the transfer of packets. IP has following features:

Defining data packet structure, packet is the basic unit of data exchange.
Addressing data packets.
Moving data between Network layer and Transport layer.
Routing packets from the sender to the destination network.
Breaking messages into packets and reassembling the packets into the original message.

Q24: What is ICMP Protocol and “ping”?

ICMP stands for ‘Internet Control Message Protocol’, it is a Network layer of Internet protocol that reports errors and provides other information relevant to IP packet processing. ICMP sends the following messages: Flow Control, Destination Unreachable, Redirecting Routes and Echo Message. For example, the UNIX command Ping is based on ICMP to test whether a particular computer is connected to the Internet.

top

Q23: What is MAC Address?

Each network interface card has a unique six bytes long identification number that has been assigned in the factory. When a data packet arrives, the network card matches the destination address on the data packet with its own MAC address to decide whether to receive or discard the packet.

Q22: What is UDP Protocol (User Datagram Protocol)?

User Datagram Protocol is a transport layer protocol in the TCP/IP protocol stack. UDP uses application program to pack user data into packets, and IP transfer these packets into their destination. Under UDP, applications can exchange messages with least costs. UDP is an unreliable, connectionless protocol. Unreliable means that this protocol has no specification to exchange datagram with guaranteed delivery, but it does transfer data correctly over network. UDP used source port, and destination port, in the message header to transfer message to the right application.

Q21: What is Subnet Mask?

The method used for splitting IP networks into a series of sub-groups, or subnets. The mask is a binary pattern that is matched up with the IP address to turn part of the host ID address field into a field for subnets.

Subnet Mask is used to segment a network into 2, 4, 8, etc sub-networks. For example, take a Class B network with network number 172.16.0.0 and subnet mask 255.255.244.0. The first two numbers represents network number after segmentation. The first 3 bits of the third number is the Subnet Number. There are 2^3= 8 sub networks. The remaining five bits plus the eight bits of fourth number, thirteen bits in total, are the networks addresses available for each sub-network. Each sub-network can have 2^13=8192 networks addresses.

Q20: What is DNS (Domain Name Server)?

The Domain Name Server (DNS) services all request from other TCP/IP clients, routers or other servers to resolve a domain name into IP address or vice versa. For example, if you type www.yahoo.com in URL address line, it needs a DNS server to resolve into IP address like 66.218.70.50.

top

Q19: What is default gateway?

Every TCP/IP node needs to know who is the next to send IP packet, if it has no information where to send that packet, then there is an assigned IP address who will transfer your packet to the proper receiver. That assigned IP address is the default gateway of this node. For example, if all workstations, servers and routers connected on the same Ethernet, all the stations Ethernet LAN IP address are in the same network (ex: 192.168.1.xxx), there is no problem to send from 192.168.1.111 to 192.168.1.222. If there is a request to send from 192.168.1.111 to 66.218.70.50 which is not the IP address in the same Ethernet, then there is a router required to route it to Internet. The router (192.168.1.1) is the default gateway of all nodes in this Ethernet network.

Q18: What is NAT (Network Address Translation)?

NAT is the translation of IP addresses between internal or private networks and the public IP addresses on the Internet. There are three IP address blocks that have been assigned as private IP address space:

In Class A block: 10.0.0.0 – 10.255.255.255

In Class B block: 172.16.0.0 – 172.31.255.255

In Class C block: 192.168.0.0 – 192.168.255.255

Through the NAT mechanism, an enterprise’s internal networks can use any IP addresses that fall in the three private spaces. Note that, private IP addresses cannot pass through routers directly to their destinations, so there is a network address translation from private IP to public IP required. This NAT mechanism is a natural firewall of the LAN users.

Q17: What is Router?

Between two networks, there is a router required to let them communicate to each other. These two network are in two different addresses. For example, network 192.168.1.xxx and 192.168.2.xxx are two different networks. LAN and WAN are two different networks, too. To communicate between LAN and WAN, there is a broadband router required. The modern broadband router is not only routing data packet, it is usually added with many functions like DHCP Server, NAT, Firewall, Security control as well as many application features.

top

Q16: What is Firewall?

The firewall has three basic functions:
1.Restrict data to enter at a control point.
2.Restrict data to flow out at a control point.
3.Keep attackers away from servers.

Firewall protects:
1.Software data
2.Hardware data
3.Company’s reputation

Firewall’s standard interfaces are
1.External (WAN) network also known as Un-trusted Network
2.Internal (LAN) network also known as Trusted Network
3.DMZ network also known as De-Militarized Network

Add-on values of firewall are:
1.NAT to provide company with enough IP addresses.
2.Reduce the risk of exposing server to the outside world.
3.Record Internet usages effectively
4.Alarm the administrator to take emergency step in a timely fashion
5.Encrypt sensitive data to transfer them safely across internet

Firewall has following restriction:
1.Can’t block hackers’ attacks from inside.
2.Can’t monitor connection that doesn’t pass through firewall
3.Can’t prevent new type of threats.
4.Can’t prevent virus’s attacks.

top

Q15: What are Hacker and Cracker?

Hackers are those smart and aggressive programmers who actually initiate the recent computer revolution. These programmers are crazy about exploring new technology to solve problems and create new methodologies. Their objectives are to construct solid networks and not to destroy other computer systems.

Crackers on the other hand are programmers who attack private networks, but don’t steal or destroy data. Phrackers are people who use stolen data to enter computer systems illegally to make damage.

Q14: What is DoS (Denial of Service Attack)?

DoS attacks disables the servers’ abilities to serve, makes system connections impossible, and prevents system from providing services to any legal or illegal users. In other word, DoS’s objective is to kick the server under attacked out of the network.

There are four known types of DoS attacks:

Bandwidth Consumption: Attackers use wider bandwidth to flood victims’ bandwidth with garbage data. For example, using a T1 (1.511Mbps) leased line to attack 56k or 128k leased line, or using several 56k sites to stuff a T3 (45Mbps).
Resource Exhaustion: This attack exhausts the victims’ systems resources, such as CPU usage, memory, file system quota or other system processes. The attack can bring down the system or slow down the system.
Defect program: Attackers use programs to generate exception condition that can’t be handled by applications, systems, or embedded hardware to cause system failure. In many occasions, attackers send weird (system can not identify) packet to targeted systems to cause core dumps and attacker issue commands that has privileges to destroy the systems in the mean time.
Router and DNS attacks: Attacker alter routing table and cause legal requests to servers be rejected. This kind of attack redirects user requests to an enterprise’s DNS to specific addresses or black holes, usually un-existing addresses.

top

Q13: What is IP Spoofing?

Data packets sent is from a fake source address. If the firewall’s policy does not restrict these packets from passing through, they could be used to attack internal servers easily.

Q12: What is Packet Filtering?

Packet Filters check the headers of IP, TCP and ICMP packets to gather information, such as sources addresses, source ports, destination addresses, and destination ports. It also checks the relationships between packets to decide whether a packet is for normal connection. In this way, attacks can be detected and blocked.

Q11: What is DMZ?

DMZ is the network between the firewall’s external interface and routers. DMZ’s network number is allocated by ISPs. For example, when the network number an ISP provides is 210.71.253.128 and subnet mask is 255.255.255.240. Machines inside DMZ can have IP addresses ranged from 210.71.253.128 to 210.71.253.140, sixteen different IP addresses. However, only thirteen of the sixteen IP addresses ranged from 210.71.253.129 to 210.71.253.141 are useable. 128 is the network number, 143 is the Broadcasting Address, and 142 is used by router. Because DMZ is located at the outside of a firewall and is not protected by firewall, it is considered to be insecure. To fix the loophole, more firewall products provide a dedicate DMZ interface to provide protection for DMZ connections. In the previous example, the system manager segments the network into two sub-networks, 210.71.253.128/29 and 210.71.253.136/29 respectively. Since the route’s IP is 210.71.253.142, the external interface’s IP must be one of 210.71.253.136/29, and DMZ interface’s IP must belong to 210.71.253.128/29. As the following graph shows:

top

Q10: What is Load Balancing?

Load Balancing is a function that Virtual Servers provide. It allows a Virtual Server to be mapped to more than one physical server, which provide the specific service at the same time. When a Virtual Server receives data packets, it forwards the packet to the first physical server, and the next packet to the next physical server. The INTERNET FIREWALL uses Least Connection for load balancing.

Least Connection: Because each physical server has different processing speeds, Least Connection forwards data packets to the physical server with the least number of connections at that time. In this way, each packet can have the least waiting time, and the number of packets a server receives is proportional to its processing efficiency.

Q09: What is Mapped IP?

Both Mapped IP and Virtual Server use IP mapping mechanism to allow outside users access internal servers through the firewall. They are different in following ways:

Virtual Server has Load balance feature, and Mapped IP has not.
Virtual Server has a one-to-many mapping relationship to physical servers and Mapped IP is mapped to physical servers in one-to-one fashion. A virtual server can be mapped to only one service, such as SMTP, HTTP or FTP. A Mapped IP can be mapped to all services provided by a physical server.

Q08: What is Service?

TCP protocol and UDP protocol provided different services. Each service has a TCP port number and a UDP port number, such as TELNET(23), FTP(21), SMTP(25), POP3(110), etc. This system supports two kinds of services: standard services and user defined services. The most popular TCP and UDP services are already defined in standard services table, and can not be modified or deleted. Users can setup their own services with proper TCP and UDP port numbers if necessary. When setting up a user defined service, the client’s port number range is 1024:65535, and server’s is 0:1023.

top

Q07: What is Virtual Server?

The router separates an enterprise’s Intranet and Internet into internal networks and external networks respectively. Generally speaking, in order to allocate enough IP addresses for all computers, an enterprise assigns each computer a private IP address, and converts it into a real IP address through the firewall’s NAT (Network Address Translation) function. If a server is located in the internal network, outside users can’t directly connect to it by specifying the server’s private IP address. First, we set the real IP address of an external network interface to the actual IP address of a Virtual Server. Through IP translation of the Virtual Server, outside users can access the servers of the internal networks.

Q06: Which server can be installed in DMZ?

The Internet router provides three Interface Ports to divide the enterprise’s networks into internal networks, external networks, and DMZ. The internal networks use private IP addresses, which routers can’t transfer. Therefore server’s IP address needs to be a real IP address instead of a private one. External Internet users can’t connect to any server with private IP address in the internal networks directly. DMZ employs real IP addresses. By setting the permission in DMZ policies to allow packets to flow through, servers inside DMZ can exchange packet with any Internet IP address. There is no restriction about which kind of server is used in DMZ.

Q05: What is Throughput?

The amount of data transferred successfully from one point to another in a given period of time.
For Ethernet CSMA/CD protocol, the protocol overhead as follows:
There is a minimum Frame Gap between packets: 96 Bit Time
There is a Preamble required: 64 Bit Time
There is a CRC required: 32 Bit Time
So, for transmitting 60-byte packet, the overhead is (12 + 8 + 4) / (12 + 8 + 60 + 4) = 28.57 %
For transmission 1,024-byte packet, the overhead is (12 + 8 + 4) / (12 + 8 + 1024 + 4) = 2.29 %
For transmission 1,514-byte packet, the overhead is (12 + 8 + 4) / (12 + 8 + 1514 + 4) = 1.56 %
That means physically for 100Mbps, transmission 1K bytes packet throughput maximum is 97.71Mbps.
But considering the other interface overhead between hardware bus, software driver, lower to upper layer protocols and other factors, the Fast Ethernet throughput maybe up to 80 to 90 Mbps is the sealing of the number.

top

Q04: If I already have an Ethernet connected by a router to Internet, how to test another new router?

The router is usually shipped from factory with:
1.WAN port set as automatically get dynamic IP address from a DHCP server.
2.LAN port set as DHCP server enabled to assign IP addresses to clients.

You just need to connect WAN port to the existing Ethernet and check if WAN LED light correctly.
Then connect a Windows PC (automatically get IP address) to the LAN port of router and check LAN LED light.
It is almost plug and play, then you may browse Internet from PC Windows.
There is one thing maybe need to be verified, the router LAN IP address cannot be the same as the other router.

Q03: I already have a PC connected to an ADSL Modem to Internet, how to insert a broadband
router between PC and ADSL modem?

Please set hardware as follows:
1.ADSL Modem LAN port connects to the router WAN port and check if WAN LED light correctly.
2.PC LAN port connects to the router LAN port and check if LAN LED light correctly.

Please set software as follows:
1.Set PC Windows to get IP address automatically from router.
(Ex: Router IP is 192.168.1.1; PC IP address is assigned 192.168.1.100)
2.Open PC’s Web browser to URL address of Router IP address (192.168.1.1)
3.Login with default administrator password, it is usually “admin” for most routers.
4.Setup WAN connection with your ADSL account/password
(PPPoE or PPTP depends on what your ISP supplied).
5.Save WAN settings and reboot the router to make it active.

There is one thing need to be noticed, if your ISP does not supply DNS server setting automatically, you may enter DNS server manually. Most of the case is that you can ping to Internet by IP address, but can not use domain name for browsing.

top

Q02: How to use ping command?

It is very easy to make sure Internet connection by “ping” command.

1.In Windows DOS prompt, jut type ping and its options then press enter to get result message of ping.
2.For example, if your PC connected to a router with IP address 192.168.1.1, after you type C:>ping 192.168.1.1 you get reply from that IP address, that means your PC is connected to the router.
3.For example, if you type C:>ping 66.218.70.50 you get reply from 66.218.70.50, that means your PC is routed through router to the 66.218.70.50 web server.
4.If you type C:>ping www.yahoo.com then you get reply from 66.218.70.50, that means your PC set up with working DNS server. If you can not get reply that means your DNS maybe not setup correctly.
5.Other ping command options as follows: (please type ping /? To see detail)
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] destination-list

Q01: How do I know my IP address in Windows?

There are different ways to know your IP address:
1.Windows XP: Click “Start” -> “Setting” -> “Network”, double click “LAN Card Connection”-> “Support”.
2.Windows 2000, open “DOS Prompt”, type command ipconfig
3.Window 98/Me, Click “Start” -> “Run” -> type winipcfg

top

EUSSO Technologies, Inc. is a dedicated data communication and networking company. With professional experiences in design, production, marketing and service support, we deliver the full range networking products including Gigabit Ethernet, Fiber Optic, Wireless LAN, Switches, Hubs, LAN cards, PCMCIA adapters, Converter, Transceivers. As well as Internet Telephony Gateway, Print Servers, Broadband Router and many others.