TCP/IP Network

TCP/IP Network

---

TCP/IP is currently the most common computer communication protocol. It is the foundation of the Internet, email, and almost every recently installed network. One reason for its popularity is scalability; it works on both small and large networks, and other reasons include high performance and low cost.

Most computers in offices are now connected to a local area network via Ethernet. Ethernet provides fast connections at a reasonable cost. Nowadays, computers support Ethernet connections or are equipped with Ethernet cards. If you install an Internet connection, it usually comes with an Ethernet card.

Ethernet offers three connection speeds: 10Mbit/s, 100Mbit/s, and 1,000Mbit/s. It is recommended to use 100Mbit/s at home and in the office.

This chapter describes the composition and protocols of Ethernet. If you want to know more, please refer to books about TCP/IP networks.

A hub acts as a collection point. Typically, a hub can connect 5 to 24 devices. If you need to connect more devices, you can add another hub. To make the network faster, you can use a switching hub or switch, which allows multiple data packets to be transmitted simultaneously. Switches are generally more expensive than ordinary hubs and switching hubs but offer better functionality, so switches are recommended. Switches can connect to 10 Mbit and 100 Mbit Ethernet.

This is a 16-port switch manufactured by D-Link, the DSS 16. Other major manufacturers include Cisco and 3Com.

If there are more than 256 devices connected to the same network, the network needs to be divided into segments. A router must be placed between the segments. A bridge can be used for this function. Some switches have built-in routing capabilities.

Every device on a local area network must have a unique address, an IP address. An IP address consists of four groups of numbers separated by dots. Each number ranges from 0 to 255, e.g., 192.36.253.80. All devices on the same segment must have the same starting part of their IP addresses, e.g., all addresses in a segment starting with 192.36.253.

Each IP address is divided into 65535 ports, with different applications using different TCP/IP ports; HTTP typically uses port 80 (e.g., 192.36.253.80:80). Generally, users do not need to consider port issues.

All data is sent in data packets, which are tagged with destination addresses. Sending a packet over Ethernet takes about 0.1 milliseconds. That means 10,000 packets can be sent per second. Since modern computers and network devices have strong capabilities, they can communicate with several devices simultaneously. Today's network cameras can transmit images to at least 5 computers at the same time.

All devices directly connected to the Internet must have a unique public IP address. Public IP addresses are sold by Internet Service Providers (ISPs). NAT (Network Address Translation) can separate the LAN from the Internet. NAT can be a small box or a program running on a computer.

LANs in offices connect to the Internet primarily for sending emails and browsing online information. Typically, a modem is used for this connection.

Small offices generally connect to the Internet using ADSL. The NAT box separates the LAN from the Internet.

A simple way to establish a local area network is to use a gateway. This product can function as a router, switch, and NAT. Various manufacturers produce gateways, such as D-Link, Cisco, and 3Com.

If there are many devices on the Internet, managing IP addresses can take time. To reduce management time (and save IP addresses), you can use a DHCP server. This server automatically assigns IP addresses to devices connected to the network. The Ethernet example has 14 devices. The devices can be PCs, printers, network cameras, or any other devices with Ethernet ports. Each hub in the example has 9 ports. If the number of devices increases, additional hubs can be added.

In larger networks, a DNS server is included. This server associates host names with IP addresses. For example, if you want to view the camera observing the front door, it's easier to remember the name "door" than to remember the IP address, such as 192.36.253.80.

To prevent hackers, it is recommended to secure the network. You can use a firewall to ensure that only authorized users can connect to the devices on the LAN.

In larger networks, PCs are often used as NAT, DHCP servers, and firewalls. PCs can also serve as email servers, DNS servers, and storage devices.

Offices use PCs as gateways to connect to the Internet. The PC acts as a router, having two IP addresses: one for the internal network and one for the Internet.

How to Address IP Address Shortages

Currently, a significant issue is the shortage of public IP addresses. As a result, connecting cameras on a LAN to the Internet is more difficult. Here are some solutions:

• Obtain an Internet connection that includes space on a web server. Program the cameras to continuously update the web server.
• Add a modem in the office. This way, you can connect to the company network through the modem from home. This is a common solution adopted by many remote workers.
• Use a public IP address for the Internet connection. You can run VPN or SSH software on the gateway computer. This is a secure method via the ISP’s network. This method requires good networking knowledge.
• Use a public IP address for the Internet connection. Configure a firewall/NAT to map different port numbers to the camera's IP address (e.g., www.name.com:8080 will link to the LAN's IP address 10.112.46.14). This method requires good networking knowledge.
• Use a public IP address for the Internet connection. Add a web server and program the cameras to continuously update the web server. This method requires general networking knowledge.

---