TCP/IP basics

Let me try to give you a short (it will not be very short) and simple introduction to TCP/IP. I will try to keep it as simple as possible (it
too simple for some of you, but if you need all the TCP/IP details, you need to go to your local bookstore and buy on of these books wit
pages on TCP/IP). I will also not bother you with the history of TCP/IP and the Internet, unless required for the understanding of the se

IP-address:
Each Ethernet board worldwide has a unique Ethernet-address, it is a 48 bit number
(the first 24 bits indicate the manufacturer, the last 24 bits are a unique number for each
Ethernet board/controller-chip assigned by the manufacturer).
This is also called the MAC-address.

When systems on a local area network ("LAN") are configured with NetBEUI or IPX/SPX protocol, they use these hardware-addresses to
each other, so there is no need to define manually a network address.
But TCP/IP was designed as a Wide-area-network ("WAN"), able to continue to function, even if part of the network was not operating
( damaged or destroyed).

TCP/IP uses IP-addresses, which are 32-bit numbers. To make it easier to memorize such IP-addresses, they are usually expressed as
numbers (example: 192.168.10.1), where each of the 4 numbers is within the range of '0' to '255' (there are restriction on using '0' an
avoid using them.).
When setting up a small private network, you are free to use ANY IP-address, however, when you are connected to a company network
need to ask the Network-administrator to assign you an IP-address. And if you are connected to the Internet, your ISP (Internet Servic
Provider) will assign an IP-address to you.
Even if a network is NOT connected to the Internet, it has become custom to use on private networks a range of IP-addresses, which a
reserved for private networks (that makes it later possible to connect your private network to the Internet without having to re-configu
everything). The reserved IP-address is: 192.168.x.y, where x=same number on all systems and y=different/unique number on all sy
A small network of 3 systems would use:

You configure this IP-address in the properties of the TCP/IP-protocol:

(For now, simply enter as 'Subnet Mask" 255.255.255.0, it will be explained later in this document)
That's it, if you just like to connect systems on a small network, the network should work and you can test the Connection using the TC
ping.

On a small network, you can still memorize the IP-addresses used, but if your network grows to 50+ systems, it becomes a serious
management job. But TCP/IP offers some help by allowing to configure it to:
"obtain an IP address automatically":

To be able to make this automatic assignment, there needs to be now on the network a database, keeping track of possible IP-address
whom these addresses have been assigned:
DHCP (Dynamic Host Configuration Protocol)
On bootup, the system sends out a call on the network to find a DHCP-server, which assigns an IP-address to such a system. The IP
are usually assigned NOT permanently, but for a specific time (could be days, weeks, months or on Internet-connections just for the O
connection). If the system contacts the DHCP-server again during this time, the 'lease' on the IP-address is extended. But if you come
from a long vacation, your 'lease' of the IP-address may have expired, that IP-address may have been assigned now to somebody else
you/your computer get now assigned a new IP-address.
Windows95 itself does NOT include any DHCP-server, you need to connect to a Windows NT (or similar class) server , which is configur
DHCP-server.

Microsoft supplies now with Windows98/ME and with Windows 2000/XP a feature for

IP-Auto-Configuration without a DHCP-server on the network.

DHCP-server may also be buildin to some other products ( example : software Router for
Internet Connection Sharing ) .

If you are using/intend to use "obtain an IP address automatically", please do NOT reply
on it without verifying, that you did get an IP-address assigned.
Please make the check using either "winipcfg" , "ipconfig" or view the Status information.

Looks simple until now ? Actually there is already a lot more 'hidden' actions:
The systems have IP-addresses, but Ethernet-boards ONLY know their Ethernet-address, so as soon as a TCP/IP configured system is s
on, it is advertising its presence onto the network:" Hey, I am alive, my Ethernet address is '08000b 0a0238' and my IP-address is
'192.168.10.2' ". , and each TCP/IP system on the network builds up a table with all this information, which is usually checked/verified
intervals of 15 min.

If your system needs now to communicate with a station, for which it does NOT have an entry in its table of IP/Ethernet-Addresses, it
a search-message to everybody ("Broadcast-Message") like: " Hey, I like to communicate with the IP-address '192.168.10.4', but I d
know your Ethernet-Address. Please, identify yourself". This causes the system with the requested IP-address to send out its advertisin

These processes are called ARP (Address Resolution Protocol) and RARP (Reversed Address Resolution Protocol).

This ARP/RARP works fine on a local-area-network (on an Ethernet network), but will NOT work for Internet communications, because:
- the Database of Ethernet-to-IP-address would need to have 10+ Million entries
- the Internet would only be busy with ARP/RARP.

Gateway/Router:
To connect a TCP/IP local-area-network to another TCP/IP LAN (which could be the complete Internet) or via a Wide-Area-Network (WA
need now a device called : Gateway or Router

You need to tell Windows95 about the Gateway in the TCP/IP-properties:

Now, also the 'Subnet-Mask', which is usually '255.255.255.0', becomes important: if you now like to connect to 207.68.137.53 (which
Website of Microsoft), TCP/IP checks your own IP-address and the IP-address of the destination against the Subnet-mask. Lets do that
comparison on a binary level:

System: IP/subnet-mask Binary

your system 192.168.10.1 11000000 10101000 00001010 00000001
local server 192.168.10.10 11000000 10101000 00001010 00001010
Microsoft 207.68.137.53 11001111 01000100 10001001 00110101
Subnet-mask 255.255.255.0 11111111 11111111 11111111 00000000

TCP/IP compare now the part of the addresses, defined by the '1's in the subnet-mask
( or simple: the part of the IP-addresses, where the subnet-mask is 255 ):
xxx indicates, that this part of an IP-address does not matter anymore :

System: IP/subnet-mask Binary

your system 192.168.10.xxx 11000000 10101000 00001010 xxxxxxxx
local server 192.168.10.xxx 11000000 10101000 00001010 xxxxxxxx
Microsoft 207.68.137.xxx 11001111 01000100 10001001 xxxxxxxx
Subnet-mask 255.255.255.0 11111111 11111111 11111111 00000000

if your system connects to another system on the same network (like a local server, in this
example at 192.168.10.10) , that part of the address (the first 24-bits in this example) are the same,
( 192.168.10.xxx ) so TCP/IP looks up the Ethernet address in its ARP table and connects directly
to that system.
But if there is a difference in these 24-bits, then TCP/IP connects to the Gateway (in this example: 192.168.10.20), and it is now the jo
Gateway to establish somehow the connection to the destination system (somewhere inside that Internet 'cloud'). The Gateway/Router
for that purpose special tables and passed on the request to the next router, which itself goes to the next, which itself goes to the next
until you reach the destination.
( If you have on your network multiple gateways/routers (maybe one for a permanent Internet connection and
another for a company internal WAN), you need to program the systems to select the proper gateway using the
ROUTE-command )

Each Router/gateway on the network (which could be the Internet or a Wide-Area-Network WAN)
passes on the message, until it reaches its destination, and the reply comes back the same way
(for more details on Routing: Setup TCP/IP Routing ).

The above assumes, that all systems have an IP-address, which is valid on the Internet !
If you connect via dialup-connection to the Internet, but like to use the connection on
multiple systems on a network, you need a Proxy.

When explaining the use of a Gateway / Router, I usually use this story:

Compare it to sending out invitations to a party :

You have decided to celebrate your birthday (or something else ).

You will invite your good friends, your neighbors (because your party may become
a little noisy, so it is better to invite them ) and some relatives.
You design a nice invitation letter and print it.

How will you deliver it to your neighbors ?

Most probably you will simply walk over in the evening and drop it yourself
in the mailbox of your neighbor.

But your brother/sister lives on another continent !

Will you make a direct delivery ? Most probably no.
You will put the invitation in an envelope, write the address on there and drop it into
the next collection box of your postal service. They will come (maybe with a car, maybe
on a bike), bring it to the next post-office, then on a truck to the next railroad station to
the next airport, then onto a plane, again a truck, again a car/bike, until it arrives at
your brother/sister.

The delivery via postal-service is equivalent to the TCP/IP Gateway/Router :

You just drop your message and then you do not care anymore, it is now the
job of the postal-service (for your invitation letter) or the Gateway/Router (for your
TCP/IP Network traffic) to make sure that it arrives at the proper destination.

You can check this yourself: open on Win95 a DOS-window and run the 'tracert

' command (which is installed as part of the TCP/IP protocol).

In my example, I traced the router to "ourworld.compuseve.com":
TRACERT 149.174.213.39 :

HOSTS/LMHOSTS:
it is difficult to remember IP-addresses, it is much easier to remember names (and having the computer lookup the name and find the
address). That is the purpose of the 'HOSTS'-file and 'LMHOSTS'-file: Windows95 TCP/IP installs in "C:\WINDOWS" a file called 'hosts
'lmhosts.sam', rename/copy it to 'hosts'/'lmhosts' and then use it to define the names:
all lines starting with an '#' are comment lines.
The formatting of 'hosts' and 'lmhosts' is the same:
IP-address, some spaces, computername
example:

172.0.0.1 localhost -> used for internal purposes (loopback), do NOT delete
192.0.0.150 p120 -> refering to a system on the local network
207.68.137.53 www.microsoft.com -> such Internet-Websites URL's are just names for an IP-address

When to use HOSTS and when to use LMHOSTS ?

That is a confusing subject: having 2 files with a very similar job.
HOSTS is read by basic TCP/IP software (ping, ftp, ......)
LMHOSTS is used by the Microsoft Networking/Client/Workgroup management. If systems are on the same cable segment, the
broadcast their presence and find each other automatically, no need to enter anything in LMHOSTS.
However, such broadcast-packets to NOT get routed. Adding then the IP-address manually in LMHOSTS makes the system aware abou
system on different segments.
NOTE: LMHOSTS originates from "Lan Manager HOSTS", a name from the history of Microsoft networks.
An example for using LMHOSTS : Connection via a Router to a NT Domain Server

DNS:
Too much work to typ these IP-addresses ?
Looks like another item for automation, and exactly that is DNS : Domain Name Service:
it allows to use names instead of IP-addresses, but you need to configure it as part of the TCP/IP-properties:
If you now define an address ( like: http://www.microsoft.com/ or someserver.com in the picture below)
TCP/IP will make:
1: a call out to a DNS-server, asking for the IP of someserver.com
2: the DNS server will reply with the IP-address (in this example 192.5.6.111)
3: TCP/IP makes now the connection to the requested server someserver.com,
using the IP-address 192.5.6.111 :

Port:
TCP/IP is a complex protocol, offering multiple services (especially on the Internet), like:
- HTTP (=Web-Browsing)
- FTP
 - e-mail
- file sharing
For each of these services, a port is used for the specific type of communication (advanced TCP/IP)