Looking Out To Sea

For the past three and a half years I have been working on router redundancy protocols. When your router (or its upstream connection) dies for some reason you want to minimise the loss on people using the network. Ideally users should never notice loss of connection, though in the real world there will be some time delay before things are working again. The work I’ve been doing relies on having a second router which has its own connection to the local network and to the wider world. It acts as a redundant backup so that when the first one dies the second can step into its place within some short period.

When the primary router is working normally the secondary doesn’t do much. Its only role is to monitor the liveliness of the primary machine. The redundant router can often be used for other things when the primary is operating — and many times the primary acts as a redundant router for the secondary’s clients. Each provides backup for the other.

So when I found out recently that I was being made redundant I thought “great! I’ll just sit and watch other people working and take over if they burst into flames”. But it turns out that when people are redundant it’s totally different from when routers are redundant. Instead of being relied on for backup in case of failure, it means “no longer working”. Strange but true! I can see why it wouldn’t catch on very well in networking.

My last day at Cisco is this Friday (30 July). It’s been an interesting few years and provided novel experiences, silly conversations about Star Trek and given me a bit more confidence. I’m sad to be going, and though there will always be loose ends to tie up and the promise of interesting projects on the horizon, the team I’m leaving behind seems to have a glut of these at the moment. I’m also disappointed that the study group at work will continue reading SICP without me. Obviously I can read it alone but the discussion and peer support/pressure was a useful part of it.

Meanwhile, the job hunt continues. Recruitment agencies make this process at least ten times harder by hiding the employer, the industry and the specifics of the job for their own ends. I have had a few friends pass on job details, and had some telephone discussions, but no success yet. Watch this space, or one very much like it.

The internet protocol (IP) address of my laptop is 192.168.0.3/24. What does this mean?

The first and obvious question is, What’s an IP address? It’s an identifier that your computer uses to talk to other computers on the network. It bears a lot of resemblance in form and function to a telephone number. There are prefixes which are shared by every address in the area, and then there’s a bit specific to you.

An IP address has two important pieces of information embedded in it. The first is the host ID — the identifier of my specific computer. The second is the network address — which is the number of the network my computer is found in, and is analogous to a telephone area code.

Just to make things difficult though, the two numbers are joined together so you can’t tell where one part ends and the other begins. So when talking about addresses we need another piece of information to tell us which part is network and which part is host.

First, let’s write out 192.168.0.3 in binary. This makes a very long number but it will make everything much clearer from here on. Each number between the dots is converted separately. This number is not the same as 19,216,803.

192.168.0.3 = 11000000 10101000 00000000 00000011

I’ve left spaces where the dots were previously. Each section is 8 binary digits long, so each section can represent a maximum number of 11111111 — which is 255 in decimal.

The next bit we come to is choosing a point on that line so that all the digits on the left represent the network address and all the ones on the right show the host address. Looking back up at the address I gave at the top you’ll see a “/24” sitting at the end. This is called the network mask and it works just like a piece of card with a hole in it. You write out your address and then align 24 bits underneath: everything with a 0 underneath is masked out, leaving the network address. We are getting the result of 1 whenever both the address and the mask is 1.

192.168.0.3  = 11000000 10101000 00000000 00000011
mask 24 bits = 11111111 11111111 11111111 00000000
result       = 11000000 10101000 00000000 00000000

Back in decimal land, that network address is 192.168.0.0. Since the network mask is also a binary number it is often written like an IP address, as four decimal numbers separated by dots. The same address can be written as 192.168.0.3/24 or 192.168.0.3/255.255.255.0.

We can invert the network mask to give a host mask and use the same procedure to find out the host ID, which turns out to be 00000011, otherwise known as 3.

192.168.0.3 = 11000000 10101000 00000000 00000011
mask 8 bits = 00000000 00000000 00000000 11111111
result      = 00000000 00000000 00000000 00000011

You probably knew that from inspection but computers ain’t so clever!

Another useful number we can learn from the address and mask is the broadcast address. This can be used to send messages to everyone on the network. We calculate this by inverting the mask again, so we’ve got 8 bits on the right instead of 24 bits on the left, and taking the result to be 1 wherever the address or the mask is 1.

192.168.0.3 = 11000000 10101000 00000000 00000011
mask 8 bits = 00000000 00000000 00000000 11111111
result      = 11000000 10101000 00000000 11111111

The result can then be written as 192.168.0.255 in dotted-decimal format. Packets sent to this address will be examined by every host on the local network. This is useful if you don’t know the address of your recipient!

Photo is The World’s Network by saschaaa.

We’ve been fighting with Virgin Media for about 6 weeks now to get our net access transferred over to the new flat. The entire time we’ve been paying for a service we do not have. This will definitely require remuneration when we finally get a service.

We’ve been surviving thus far with a couple of open WiFi connections that we could pick up. Neither were very close to us — this requires careful positioning of laptops to maintain signal levels — but they were still usable.

Were usable. Past tense. On Thursday night both of the networks we used disappeared. One of them hasn’t come back and the other has but appears broken. I can occasionally get an IP address but it doesn’t forward packets past the router. :-( We are bereft, cast loose in a sea of microwaves, all encrypted… we’ve been really suffering!

We’re currently in Montpeliers, downing cocktails and jealously guarding access to the power socket that is powering my laptop. I can highly recommend their Whisky Sour, which is really delightful, and the Espresso Cocktail, which was apparently made with the wrong ingredients but tasted grand anyway. It’s pouring with rain outside and I feel no motivation to get wet.

Email and blogging may be rather light this weekend because we’ll be snatching whatever access is available in cafés and bars (carrying an Eee around is awesome). Please bear with us!

When you send any kind of message on a network it gets shunted from place to place until it finally arrives at its destination, or is discarded. I’ll cover the successful case at some point in future, but for now we can look at why a message (a ‘packet’) might be ‘dropped’.

A network is a series of interconnecting machines which all have a small, possibly erroneous, view of the world. They have an idea of which machine is connected to which other machine but since networks are inherently unreliable this internal map is never accurate for very long.

Occasionally a group of machines will be convinced that someone else in the group is the “next step” when delivering a packet. So A will transmit to B will transmit to C will transmit back to A again. This would ordinarily constitute an infinite loop, where these packets will continue being shunted round forever (or at least until someone accidentally pulls out a power cable and kills one of the machines…).

This can be prevented by giving each packet a “lifetime”, known as its Time To Live (TTL). Rather than being measured in seconds the TTL is measured in hops — whenever it is transmitted from one machine to another this number is decremented. If a machine receives a packet which has a TTL of zero, but that machine is not the ultimate destination, then the packet is discarded. This prevents immortal packets from roaming the network forever, undelivered and lost.

The TTL also gives us a nifty tool to find out where packets are disappearing. When a router discards a packet for being too old, it’s supposed to send back a message saying what happened (ie, “too old”) and who discarded it. A packet with a TTL of zero should be discarded at the first machine it meets; a packet with TTL of one at the second machine; and so on down the line. So we can send out little packets with gradually increasing TTLs to see where they go.

This is an example: me tracing the hops to reach www.google.com. The first line is the default gateway for my ISP, which all our home traffic goes through, and the last line is a machine belonging to Google.

dougal@cuttlefish ~ $ traceroute www.google.com
traceroute to www.google.com (64.233.183.104), 30 hops max, 40 byte packets
 1  10.123.104.1 (10.123.104.1)  18.965 ms  19.484 ms  20.071 ms
 2  77-96-1-2.cable.ubr01.azte.blueyonder.co.uk (77.96.1.2)  20.959 ms  21.532 ms  22.123 ms
 3  * * *
 4  pop-bb-a-so-300-0.inet.ntl.com (213.105.175.130)  126.573 ms  127.143 ms  130.025 ms
 5  pop-bb-b-ae0-0.inet.ntl.com (213.105.174.230)  130.604 ms  131.190 ms  131.766 ms
 6  * * *
 7  212.250.14.138 (212.250.14.138)  118.341 ms  120.692 ms  163.523 ms
 8  209.85.252.76 (209.85.252.76)  118.807 ms  124.392 ms  123.757 ms
 9  72.14.232.149 (72.14.232.149)  132.502 ms  133.543 ms  133.671 ms
10  209.85.255.137 (209.85.255.137)  139.149 ms 209.85.255.13 (209.85.255.13)  137.904 ms  138.661 ms
11  72.14.233.77 (72.14.233.77)  143.339 ms 72.14.233.79 (72.14.233.79)  161.037 ms 72.14.233.77 (72.14.233.77)  124.609 ms
12  216.239.43.34 (216.239.43.34)  132.107 ms 209.85.249.129 (209.85.249.129)  132.696 ms 209.85.249.133 (209.85.249.133)  131.462 ms
13  nf-in-f104.google.com (64.233.183.104)  130.411 ms  127.656 ms  132.048 ms

The numbers in the left-hand column are TTL values. So it basically took 13 hops to get into the Google heartland. On each line there is an IP address and sometimes a host name for the machine that discarded the packet. Each packet is sent three times, so there are three times at the end of each line showing how long it took to get there and back. (You’ll notice from about line ten onwards there are several IP addresses and several times per line. This suggests that the packets with identical TTL values were going through different routes. I would guess this points to load-balanced routers which share the incoming packets.)

The asterisks which appear on lines 3 and 6 are where the packet was discarded but no error message was received within 5 seconds. And since most of these messages have a round-trip time of about 200 milliseconds, that’s considered time enough to abandon hope.

It’s been a while since I wrote about networking here. So let’s look at domestic networking setups.

The scenario we have in our flat is quite ordinary. There are two computers on the network, one desktop machine and one laptop. Traditionally these two would be connected to a switch so they can communicate with each other. In big companies or other places with extensive networks then a switch is necessary to juggle all the traffic in a reasonable way.

(The diagram here shows three computers connected to a switch, the box with the extended X shape in it. The computers can send packets to each other through the switch.)

But for small networks a full-blown switch is pretty useless. It’s like having a private telephone exchange in a house with only two telephones. So most people won’t see a separate switch: it will be integrated in the box with other things.

One thing you’ll notice in the diagram shown is that there’s no external communication. There’s no internet access — the machines can only talk with others on the same network. The connection between the home network and the rest of the internet is done with a router. It directs the network traffic like a traffic policemen. Local stuff stays local, but data that needs to be sent elsewhere goes via the router.

This is what a network with external access looks like:

You can see that here the router is doing very little as well. There’s only one connection in and one connection out. So in my house, and probably in yours, the router and the switch are combined into one box. It does switching and routing (and often wireless access too). My home network looks like this:

(Apologies for the lame diagrams. Anyone know pretty diagram software for Linux? Pastel shades and smooth gradients welcome.)

Inside the router/switch hybrid beast the software analyses the destination for each packet sent and decides whether the destination is on the local network or somewhere else, and then sends it in different directions accordingly.

Apart from this, it can probably also hand out IP addresses to new machines as they join (extremely useful, so you don’t have to do any manual configuration). There may be some firewall capability too, so that particular programs can be prevented from sending signals in or out. It’s quite amazing what features are available in 50 quid devices!

The fault is all mine. I have started learning more about networking, and so I want to start talking more about networking. But most people, they don’t know about networking. So there’s only one way to solve this problem. Order them to order large books from Amazon! Okay, that’s probably not very effective. The other way is to write about networking myself.

Consider this either a simplified introduction to networking, or a means of cementing my knowledge. You don’t properly know it until you’ve explained it to someone else. This does leave me with a small problem: I can’t actually tell if you’ve had it explained to you, or just told to you. So if there are any unclear bits please let me know.

Continue Reading »

In the interest of continuing professional development and the like, I’ve started studying for the CCNA exam.

What does this mean? Well, a bunch of us at work are having regular study sessions: going through the study guides and the test questions. It’s been easy-going so far, because it’s been the ‘fundamentals’ section and it’s all been stuff that a home network tinkerer might come across. (Well, apart from frame relay…)

I’m nervous that it all just appears easy but the exams will be horrifying. Also, horrifying and expensive to resit. :-(