IP Addressing (continued):
Most of us are allocated a single dynamic IP address by our
ISP. This means that it's subject to change occasionally. It also means that you can only
connect ONE PC to the Internet at a time.
To address this, Microsoft has introduced Internet Connection Sharing in
Windows 98 & above to allow multiple PC's to share a single internet connection. You
can find out how to do this in the "help" menu, but I'm personally not too fond
of this solution (I think it has "issues").
A better way is to purchase a SOHO (small office/ home office) broadband router
(see the Linksys or SMC DSL Routers). You'll usually find that they have a built-in switch or
hub for several PC's as well. If you're using dial-up you can do
this too (check out this Netgear
site for an example).
 |
 |
 |
| Linksys BEFSR41 | SMC Barricade | Netgear RM356 |
There are several nice things about these devices. One, they perform NAT (Network Address Translation), and in the process provide a good degree of firewall protection ...
And now, I must digress again. It's time to discuss firewalls.
You really should exercise a degree of caution over internet security. Most hackers are
probably benign & just like to see what they can do. However, I know I don't want them
practicing on my machine & I suspect you don't either.
When a broadband router performs NAT, it takes the
"public" IP address that your ISP gives you, and translates it
into a "private" IP address. The router then gives this new address to your
computer. When you initiate a session, the router does the reverse. It translates your
"private" address into the "public" one. There's a literal and very
real distinction between public and private IP addresses.
When standards were developed for IP, it was determined that certain address ranges would
be designated for private use, and would be "unroutable" (useless) over the
Internet. There are three address ranges designated as private:
- 10.x.x.x (Class A networks that start with 10.)
172.16.x.x (Class B networks that start with 172.16.)
192.168.1.x (Class C networks that start with 192.168.1.)
With few exceptions, everything else falls into the "public" (routable) domain. When the typical hacker gets to your firewall, unless he's very good that's probably as far as he's going to get.
The other thing that NAT does is to make it possible for multiple machines to use the same
public IP address at the same time. Now, if you're thinking, you might wonder why
replies from a web site don't go to all the computers on the network.
After all, they share the same public IP address.
The answer is that while NAT translates all the different "inside private"
addresses into a single "public" address, it uses different "ports"
for each computer. So all the machines identify themselves to the internet with the same
IP address, but with different ports. (F.Y.I.: The combination of IP
address and port is known as a socket).
This way you can have multiple simultaneous internet connections from your network without
confusion.
| return... |