networking fundamentals - cop security security networking... · 2 tel: +44 (0)1457 874 999 | fax:...
Post on 09-Sep-2018
219 Views
Preview:
TRANSCRIPT
Official UK distribution partner
tel: +44 (0)1457 874 999 | fax: +44 (0)1457 829 201 | email: sales@cop-eu.com | web: www.cop-eu.com
Networking FundamentalsAn Introduction to Networks
3Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com2 3Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com2
Network types
LANs & WANs
IP Addresses, Subnet Masks & Gateways
IP Address Assignment
DNS Servers
Ports
Router Programming (Port Forwarding)
DDNS
The following course covers the fundamentals of computer networking for both novices and as a refresher for experienced installers
Topics covered include:
Course Content
5Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Networks are a group of devices connected together, enabling communication between one another
What Is a Network?
• Networks can consist of Copper cables, Fibre cables, Wireless or a combination of multiple mediums
• A networks purpose is to allow communication and file sharing between devices
• One of the most popular network types is Ethernet
• Network communication consists of digital signals that pass data packets between devices
Ethernet is a connection method commonly used in computer networks and IP CCTV systems
What Is a Ethernet?
• Ethernet is the connection method often used by Home or Business networks
• Ethernet cables link devices together via Routers & Switches or direct
• With the use of Routers and Switches, devices can be connected in either a bus or star topology
Ethernet Cable Ethernet Switch
Ethernet cables consist of 8 cores of wire arranged into pairs. Each pair is twisted together to protect the signal from interference and cross talk.
Ethernet Cables
• Ethernet cables can be made from Cat5e or Cat6 cable
• Unshielded Cat5e/6 cable is called UTP (Unshielded Twisted Pair)
• Shielded Cat5e/6 cable is called FTP (Foiled Twisted Pair)
• RJ45 connectors are used to terminate the ends of the cable
Cat5e Cable RJ45 Connector
There are two types of Ethernet cables currently in use, Patch and Crossover
Wiring Standard
• Patch cables are used to link devices such as DVRs to switches and routers
• Crossover cables are used to link devices directly to each other such as PC to DVR
• When terminating the ends of a network cable, the T-568 wiring standard must be used
• Patch cables can be either T-568A or T-568B but both ends of the cable must be the same
• Crossover cables require that one end of the cable is wired as T-568A and the other end T-568B
• Many modern network ports support Auto MDIX, a feature ruling out the need for crossover cables
It is extremely important to follow the T-568 wiring standard when terminating Ethernet cables.Failing to do so may result in communication issues.
There are multiple types of Ethernet primarily based on speed. All types however use the same connections and are backwards compatible
Ethernet Types
Ethernet 10Mbps 2 Pairs (4 Conductors)
Fast Ethernet 100Mbps 2 Pairs (4 Conductors)
Gigabit Ethernet 1000Mbps 4 Pairs (8 Conductors)
• Ethernet standards are commonly known by their Base Number. 10Base-T, 100Base-T & 1000Base-T
• 10Base-T is no longer in widespread use
• Identifying the type of Ethernet available on a device is important when designing a network. Large amounts of network data such as on the backbone of a network, will usually require 1000Base-T network ports
What Is a Network?
7Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
The question of whether Cat5e or Cat6 cable should be used for any new network is the subject of many debates. In the IP CCTV industry, Cat5e is often used
Cat5e vs Cat6
• Cat5e supports speeds up to 1Gbps and up to 100m
• Cat6 supports speeds up to 10Gbps and up to 100m
• Cat6 costs roughly 30% more than Cat5e
• Cat5e is usually sufficient for an IP CCTV installation
• Cat6 is widely used for future proofing or network backbones
The terms LAN and WAN are used to describe a type of network
LANs and WANs
• LAN (Local Area Network) is a network connected together within the geographic location such as a Home or Office
• WAN (Wide Area Network) is a network of multiple LANs connected together from various locations. The internet itself is one large WAN network.
LAN Network
WAN Network
Creating a Network
• In the example below, a network is created by connecting two devices together
• Each devices network interface card (NIC) is connected to the Ethernet cable
• Depending on the devices themselves, a crossover cable may be required
Computer DVR
Ethernet
9Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
IP Address
• The most common type of IP address is an IPv4 address• IPv4 addresses are made up of 4 octets, separated by a decimal place• 192.168.1.108 is an example of an IPv4 address• Each devices IP address on a network must be unique, usually determined by the digits after the last decimal place
(last octet)• In the example below the PC address is 192.168.1.100 and the DVR address is 192.168.1.108
IP Address: 192.168.1.100 IP Address: 192.168.1.108
Ethernet
For any device on a computer network to communicate with another device, each device must have their own unique identifier, this is called an IP address
Subnet Mask
• An example of a typical Subnet Mask would be 255.255.255.0
• The first three octets determine the network address (255.255.255)
• The last octet determines the device ID (.0)
• By viewing the IP address and Subnet mask together, you can see how the address range is set
The purpose of the Subnet Mask is to dictate which IP addresses can be used within the network itself
Network Address192.168.1
255.255.255
Device Address.100.0
Network + Device Address (IPv4 Address)192.168.1.100255.255.255.0
• In the example below, the DVR is configured for 192.168.1.108 with a subnet mask of 255.255.255.0
• This requires that for the PC and DVR to be able to communicate the PC must also be configured to the 192.168.1 address range
• The last octet can be configured to any number between 1 & 254
• Once a device has been assigned an IP address, no other device can use that same address
• If both devices were set to 192.168.1.100, then communication would fail as the two devices would have an IP address conflict
IP Address: 192.168.1.100Subnet Mask: 255.255.255.0
IP Address: 192.168.1.108Subnet Mask: 255.255.255.0
Ethernet
Checking the Connection
• The first step is to check the computer IP address
• On a Windows PC, press and hold the Windows key and press R
• In the run box type cmd and press Enter
• You should now be presented with the command prompt, type ipconfig and press Enter
• The command prompt will now display the current network addresses for each network adapter on your computer (Wired & Wireless)
• Find the IPv4 address and verify it is correct
Now that the devices have been connected and appropriately addressed, the next step is to verify they can communicate with one another
11Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Checking the Connection
• In Command Prompt type ping followed by a space and the IP address of the DVR, press Enter
• If the DVR is reachable on the address, the command prompt will show that the DVR has replied to the ping command
• If the DVR is not reachable then you will see the message “Destination Host Unreachable” or “Request Timed Out”
• Ping tests are one of the most basic and useful tools when troubleshooting network connections
• If the ping fails, double check the physical connection and the IP address of both devices
Now that the IP address of the computer has been verified, check communication between the computer and the DVR
Successful Ping
Failed Ping
Checking the Connection
• Most DVRs have built in web browsers for remote viewing
• To connect to a DVR using the web browser, open Internet Explorer and type the DVR IP address into the address bar
• If prompted, install any required plugins
• Login to the DVR using the default username and password (admin, admin on Dahua devices)
Now that communication has been verified, it should be possible to contact the DVR and view images
Dahua Web Browser Login Screen
13Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Adding More Devices
• Switches are a powered device with multiple Ethernet ports
• The job of a network switch is to pass data packets between devices
• There are a large variety of switches available including 4, 8, 16, or 32 port options
• Networks can be expanded further by linking switches together
• Standard network switches are powered devices but passive on the network, they do not require an IP address to function
The assembled network so far will only support two devices, to add more devices to the network a switch can be used
Switch
Computer Computer DVR
• The computer is configured with a network address in the 192.168.1 range and given the available unique identifier of 101
• The computer is given the Subnet Mask of 255.255.255.0
• The ipconfig and ping commands can be used to verify the computers network connection
To allow the newly added computer to communicate with the DVR, the computer must also be configured with an IP address and Subnet Mask in range with the existing devices
IP Address: 192.168.1.100Subnet Mask: 255.255.255.0
IP Address: 192.168.1.101Subnet Mask: 255.255.255.0
IP Address: 192.168.1.108Subnet Mask: 255.255.255.0
Internet Access
• Routers usually have at least four Ethernet ports for connecting devices
• A routers purpose is to manage communication between the LAN network and the internet
• Routers can be connected to computers and DVRs directly or via a switch
The process so far has built a closed LAN (one that is not connected to the internet). To enable internet access the network needs to be connected to an Internet Connection, this is usually done using a Router
Router
Computer Computer DVR
• Routers require an IP address on the LAN to function
• The IP address of the router must also be within the same range as the other devices on the network
• In the example below, the router has an IP address of 192.168.1.1
Routers are usually the device that manages the network itself and dictate the IP address range of the network
IP Address: 192.168.1.1Subnet Mask: 255.255.255.0
IP Address: 192.168.1.100Subnet Mask: 255.255.255.0
IP Address: 192.168.1.101Subnet Mask: 255.255.255.0
IP Address: 192.168.1.108Subnet Mask: 255.255.255.0
15Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Gateway
• The Gateway address provides the outbound route for a device to communicate outside of the network and across the internet
• As the router usually performs this task, the gateway address will often be the IP address of the router• Each device on the network will usually have the same Gateway address (Router LAN address)• Without a Gateway address, a computer or DVR would be able to communicate with devices across the LAN but
not across the internet
When devices need to send data outside of their LAN such as remote access via the internet, they do this by communicating with the router
IP Address: 192.168.1.1Subnet Mask: 255.255.255.0
IP Address: 192.168.1.100Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
IP Address: 192.168.1.101Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
IP Address: 192.168.1.108Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
Static vs DHCP
• Static IP addresses are manually set and do not change (the configuration demonstrated so far)
• DHCP (Dynamic Host Control Protocol) are automatically assigned addresses that can change
• Regardless of the allocation method, the IP address set must be in range with the network
• DHCP addresses are managed by a DHCP server, usually a router
Static and DHCP describe the method used to allocate a device with an IP address, Subnet Mask & Gateway
• Most computers have DHCP enabled by default
• Most DVRs have DHCP disabled by default
DHCP
MAC Address
• MAC addresses are hexadecimal and are displayed with pairs of identifying characters such as 5C:F9:DD:75:45:49
• The first three sections of a MAC address identify the manufacturer
• The second three sections are a serial number assigned by the manufacturer
• A DHCP server such as a router, relies on MAC addresses when assigning IP addresses to devices
Your computer MAC address is also displayed when running the ipconfig command and is labelled as the “Physical Address”
MAC (Media Access Control) addresses are a unique identifier hard written to the NIC (Network Interface Card) at the point of manufacturer
WAN Address
• The WAN address allows the router to communicate across the internet
• WAN addresses can be statically or dynamically assigned depending on the ISP or the broadband package
• The WAN address can often be referred to as the Public IP or External IP
• When connecting to a DVR across the internet, the WAN IP address is used
For routers to communicate across the internet, they need to have a second IP address to connect to the ISPs (Internet Service Provider) network. This is called the WAN address
IP Address: 192.168.1.100Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
IP Address: 192.168.1.101Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
IP Address: 192.168.1.108Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1
LAN IP Address: 192.168.1.1
WAN IP Address: 84.92.95.178
17Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Practical Example
Check your current external IP address by visiting the following web site: www.ping.eu
Your current external IP address will be displayed at the top of the page
Ports
• Ports identify which program or service, data should be routed to within a device
• Each service within a DVR or computer use their own unique port numbers
• By default all Dahua devices use ports 80 (HTTP) and 37777 (TCP) for remote connections
• HTTP (Hypertext Transfer Protocol) is the protocol used for basic web browsing across the internet, the default port number for HTTP is 80
Ports are used by all programs and services when communicating across a network
Connection RequestPorts 80 & 37777
HTTP Service – Web Browser Access
Port 80
TCP Service – Video, Audio & Data
Port 37777
TCP & UDP
• TCP (Transmission Control Protocol) ports are used where devices establish a connection with one another and remain connected throughout communication
• UDP (User Datagram Protocol) ports are used where the sending device transmits data without establishing a connection to the destination device first
• TCP ports are used when it is vital that data packets reach their destination correctly
• UDP ports are used where speed is the priority such as media streaming and online gaming
There are two types of port you will come across when configuring networks, TCP & UDP
Port Forwarding
• Each router usually has the option for port forwarding within the router configuration page
• The router is programmed to direct traffic on specific port numbers to the DVR using those ports on the LAN
• On Dahua DVRs the default port numbers to forward are 80 & 37777
• Once port forwarding has been configured, the remote computer uses the WAN address of the router to connect to the DVR remotely
• Third party websites such as www.portforward.com provide full guides on port forwarding for many router models
Port forwarding allows remote computers to connect to specific devices on the LAN across the internet
Connection on Ports 80 & 37777 Forwarding on Ports 80 & 37777
19Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
PORT FORWARDING
BT Home Hub
Port forwarding configuration methods varies from router to router. Understanding how port forwarding works is more important than following a step by step guide. Port forwarding can be referred to as Port Forwarding, Virtual Servers, Game and Application Sharing, Open Ports, Service & Firewall Rules and more
• Ports are assigned to a LAN IP address (NVR address). On Dahua NVRs and IP cameras the default port numbers to forward are 80 & 37777
• Port 80 is often found in the routers preset list of applications named HTTP or Web Server
Settings > Advanced Settings > Port forwarding
Supported Applications > Add New Game or Application
Virgin Media Router
Advanced Settings > Security > Port forwarding
Configuration
21Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
Technicolor Router
Toolbox > Games & Applications Sharing
Create a new Game or application
SKY Router
Services > Add Custom Services
Firewall Rules > Inbound Services
Third party websites such as www.portforward.com provide full guides on port forwarding for many router models.
23Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
DNS Servers
• As IP addresses are hard to remember, we use domain names to connect to servers such as ones hosting websites
• DNS Servers hold a list of domain addresses and their corresponding IP addresses
• Computers and other devices contact DNS servers when connecting to a domain address, the DNS server then gives the corresponding IP address to the computer
• The computer then uses this IP address to connect to the serverhosting the website
DNS (Domain Name System) servers are an extremely important element for any device communicating over the internet
In the example, the Cop Security website www.cop-eu.com has an IP address of 89.234.4.219
Computer
DDNS Server
• There are usually two DNS servers used for any device, a Primary and a Secondary• When a DVR is configured for Email, DDNS or P2P, the DNS servers in the network settings of the DVR must be
configured
DNS Server settings on a Dahua DVR
Common DNS Servers: Google (Pre-set in Dahua DVRs) | Primary 8.8.8.8 Secondary: 8.8.4.4
Assign a game or application to a local network device
25Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
DDNS
• A domain address is created with the DDNS provider
• The domain is assigned to the current WAN IP address of the site
• The DVR periodically communicates with the DDNS server, the server checks the WAN IP address the DVR is using against the IP address currently assigned to the domain
• When the DDNS server detects that the WAN IP address has changed, it updates the domain to the new IP address
• When connecting remotely, the domain address can be used instead of the WAN address
DDNS (Dynamic Domain Name System) is used to periodically update a domain address when the WAN address of the site changes
The WAN IP address has changed. I will update the domain address!
Practical Excerises
• Open Command Prompt using the same method stated previously
• Type ipconfig /all and press enter
• The IP address settings displayed earlier will be displayed again, however this time the DNS servers will also be displayed
• Sometimes the DNS servers shown will be the same as the Gateway address, this occurs when the computer uses the router as the DNS server
• To find the currently assigned IP address of a domain, enter the ping command followed by the domain. When the ping command starts, the IP address for the domain will be displayed in brackets
To check the DNS servers currently being used by your computer, follow the steps below
27Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: sales@cop-eu.com | Online: www.cop-eu.com
P2P
• When P2P is enabled the DVR connects to a P2P server
• This connection is permanently maintained by the DVR and server
• When a computer or mobile device wants to view the DVR via P2P, they must also connect to the P2P server
• The server passes data traffic between the DVR and computer/mobile device
• As P2P is technically an outgoing connection by the DVR, port forwarding is not required
• For instructions on configuring P2P consult the Quick Install Guide which can be downloaded from the Cop Security website
P2P (Peer to Peer) is a fairly new remote access technology included in all Dahua DVRs
Initial Connection
Video Stream
DVR
P2P Server
Mobile
Dahua DDNS
• Dahua DDNS can be configured in the DVR network menu
• When connecting remotely, the DDNS domain address is used to access the DVR remotely
• For instructions on configuring Dahua DDNS, consult the Quick Install Guide which can be downloaded from the Cop Security website
Dahua DDNS is a free DDNS provider built into every Dahua DVR
Dahua DDNS settings page on a Dahua DVR
top related