blog_network

With an ever-growing number of products and systems using networks for communication and content distribution, it's more important than ever to understand the most frequent concepts and terms. In a previous post, I looked at some of the basic skills a media server operator needs in our networked world. This post digs a bit deeper. Read on…

  • How can I plan and structure a LAN?
  • Basic network scenario at home
  • Planning the network
  • Network components: Router, switch, firewall
  • Network security
  • Wired or wireless network
  • Further reading

How can I plan and structure a LAN?

Stop right there… Before you do anything, define your needs for the network. How many devices? What kind of devices? Wired? Wireless? Do you need to connect your Local Area Network (LAN) to the Internet? 

The network itself consists of cabling (or wireless, or a combination - as most networks today), switches, routers and firewalls. These devices will provide the backbone of the network and will allow devices to communicate, as well as providing connectivity to the Internet.

If you are planning larger networks comprising of several locations, you may have to add some more skills to the pot – but it still doesn't have to be overly complex.

In addition to choosing the kind of connectivity (wired or wireless), you should consider how to plan your IP-addresses. In the following scenario, you hardly need to think about anything.

Basic Network Scenario at home

All (well, at least the majority of you) have a network at home. Usually, the network is based on a router/gateway from your Internet provider, and this unit is connected to the phone system (xDSL), cable-TV or even a dedicated fibre system (fibre at home has become more and more common – when I built my first network, I had a dial-up modem. If you don't know what I mean, google it and you will understand that I am, in fact, a dinosaur).

In most cases, the router/gateway will also be a wireless access point, where you can connect your phone, laptop or tablet. A network printer can also be connected – either physically to the router or wireless.

The router/gateway will provide your devices with the requisite IP address to communicate with the other network devices or with the Internet. The IP address that your device receives from the router is usually a private, non-public IP address, very often in this configuration:

IP-address: 192.168.1.X

Subnet: 255.255.255.0

Gateway: 192.168.1.1

The router/gateway will dynamically provide IP-addresses to all devices with which it communicates (through DHCP, covered in the previous blog post). This means that your device may get different IP-addresses from day to day.

The router/gateway – which we'll cover in the next chapter – will have a public IP address and “translates” the communication from the inside of the router/gateway to the Internet where all IP-addresses are public. This translation is called NAT (Network Address Translation) and will also be covered later. Mañana, Mañana ;)

Download a free e-book: The Marketers' Guide to Projection Mapping

Planning the network

Usually, just like the home network above, you do not really need to think too much about assigning IP-addresses, defining IP-ranges, setting subnets, etc. But if you set-up a network for professional use, you will often find yourself in a situation where you want to assign fixed IP-addresses to the devices on the net.

Assume that your network will consist of the following devices (60-ish units):

  1. 5 x media servers
  2. 10 x projectors
  3. 20 x LCD screens
  4. 2 x signal splitters
  5. 1 x music server
  6. 1 x integrated amplifier
  7. 10 x speakers
  8. 2 x laptops
  9. 5 x switches with 16 ports (16 * 5 = 80units)

No device will ever connect to the Internet, so there's no need for a gateway or router. All units will be connected physically to the switches. We plan for network expansion as the switches have room for 80 devices in total.

In a network like this, your plan for the IP-range could be as follows:

192.168.0.1-19
Infrastructure (switches).

Save the 192.168.0.1 for the gateway if you need to add one.

192.168.0.20-49
Media servers and signal splitters.

192.168.0.50-100
Display devices (LCD screens and projectors)

192.168.0.100-149
Audio devices.

192.168.0.150-199
For later use.

192.168.0.200-254
DHCP assigned IP-addresses (temporary, non-fixed).

If you need to temporarily connect a unit that does not need a fixed IP-range, you can get a temporary address assigned. This can be good to have if you expect to bring in external help from consultants or others who have their own equipment.

As you can see from the above, we have basically allocated a lot of empty IP-addresses in the “ranges” that we have defined. This allows for adding more units to the network, temporary units (if a unit fails and needs service) etc.

network COMPONENTS

Let us have a look at some of the units that you will typically find in your network, such as a router, switch and firewall.

What is a router?

For most people, the router is the network device that allows communication between your network (home or professional) devices and the Internet. The router is most often connected to the infrastructure that provides Internet access through a cable. Your devices on the LAN side of the router can be connected to the router through cable or wireless. Most home networks today are wireless.

If you are building a Wide Area Network and not a Local Area Network, you will have a router at each location. The two routers connect the two LANs and you will experience the WAN as a single network.

The router can assign IP-addresses to the devices as they connect (DHCP) or be configured so that the devices needs fixed IP-addresses. The latter is not very common.  

The router can have several physical ports where you can connect your cabled devices. When you have a network with more devices than fit in the router, you need to add a switch to the network.

What is a SWITCH (COMPARED TO A ROUTER)?

A switch is a physical device that looks similar to the router, but has a different role in the network. It is used to create a network, and a router is used to connect different networks. A switch connect devices on the network (computers, printers, …) in a building and acts as a controller, allowing the devices to communicate efficiently (and securely).

There are basically two kinds of switches: the dumb ones (unmanaged) and the smart ones (managed).

An unmanaged switch is plug and play. It has virtually no features except to allow connected units to communicate with each other. This kind of switch is typically found in home networks and smaller office networks, where the need to manage the switch is limited.

A managed network switch is configurable and offers often higher performance, security and flexibility as well as monitoring features. A feature you find in a managed switch can be the capability to prioritize the network traffic to a specific device or service, or to build virtual LANs in the network.

What is a firewall?

A firewall is a network device that monitors network traffic (especially incoming as most threats are on the outside of your local network) and decides to allow, or block, specific traffic based on a defined set of security rules.

The firewall might look like the routers and switches, but the primary task of the firewall is to be the defense that protects your network. It's the gatekeeper between your safe and controlled internal network, and the unsafe and untrusted network on the outside – the Internet.

In many home networks, the router acts as a firewall. These routers have limited functionality compared to the dedicated firewalls, but they're good enough for most home networks.

There are many levels of firewalls. If you want to read about the different ones, I can recommend a peak at Cisco, where you can read about proxy firewalls, stateful firewalls, Next-gen firewalls, Unified threat firewalls or threat focused firewalls. (Head over to Cisco to read more!)

NETWORK SECURITY

The most secure unit is one that is not connected to anything, placed in a locked room and is turned off! If you are not THAT paranoid, you need to have a basic understanding of network security.

As you´ve read, a firewall (or a router with firewall capabilities) is an important unit to build a secured network – if you need your network to be connected to the Internet or outside world in any way.

When you have an internal network, you might want to access the network from the outside. But you do not want ANYONE to access it from the outside. One way to connect to the network is through something that is called VPN (Virtual Private Network).

A VPN allows you to connect to your local network, through a safe and encrypted connection over the Internet. As all traffic is encrypted, preventing unauthorized people and bad-guys from intercepting your traffic. This opens up for the users to work remotely – I can sit at home and have access to my office network devices, as if I was physically present. This is called secure remote access.

Most firewalls will have this feature, while most routers will not – at least not in home environments.

wired or wireless network?

Earlier this would have been very easy to answer: Wired. However, today a wireless network can be configured to be very reliable. The technology has matured and it is easier to secure a wireless network than ever before. 

Advantages with a wired network:

  • Wired networks are faster than wireless. From the initial 10 megabits per second, to 10 gigabits per second.
  • Ethernet plugs are found on all workstations and older laptops. For newer laptops and tablets, you need a converter such as USB->ETHERNET.
  • A cabled network is more reliable. Wireless networks are exposed to interference.

Advantages with the wireless networks:

  • Easy setup – no need to pull cables anywhere.
  • Fast deployment – you start your access point and are up and running
  • Can be used with mobile phones and tablets.
  • Almost all devices have wireless support today

This concludes the second part of network basics for media server operators.

If you are interested in reading a third chapter where we go into the more geeky parts of the network (such as firewall operation with DMZ, Port forwarding and NAT, a more in-depth look at VPN, networks dedicated for broadcast, etc), post a comment below!!

Further reading (or viewing)

Read the first part of this blog: "Network Basics for Media Server Operators"

Yamaha Audio has made several short and pithy video tutorials on networking:

Download the e-book for free: The Marketers' Guide to Project Mapping >>Download now>>