networking fundamentals - cop security security networking... · 2 tel: +44 (0)1457 874 999 | fax:...

Official UK distribution partner

tel: +44 (0)1457 874 999 | fax: +44 (0)1457 829 201 | email: [email protected] | web: www.cop-eu.com

Networking FundamentalsAn Introduction to Networks

3Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: [email protected] | Online: www.cop-eu.com2 3Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: [email protected] | Online: www.cop-eu.com2

Network types

LANs & WANs

IP Addresses, Subnet Masks & Gateways

IP Address Assignment

DNS Servers

Ports

Router Programming (Port Forwarding)

DDNS

The following course covers the fundamentals of computer networking for both novices and as a refresher for experienced installers

Topics covered include:

Course Content

5Tel: +44 (0)1457 874 999 | Fax: +44 (0)1457 829 201 | Email: [email protected] | Online: www.cop-eu.com

Networks are a group of devices connected together, enabling communication between one another

What Is a Network?

• Networks can consist of Copper cables, Fibre cables, Wireless or a combination of multiple mediums

• A networks purpose is to allow communication and file sharing between devices

• One of the most popular network types is Ethernet

• Network communication consists of digital signals that pass data packets between devices

Ethernet is a connection method commonly used in computer networks and IP CCTV systems

What Is a Ethernet?

• Ethernet is the connection method often used by Home or Business networks

• Ethernet cables link devices together via Routers & Switches or direct

• With the use of Routers and Switches, devices can be connected in either a bus or star topology

Ethernet Cable Ethernet Switch

Ethernet cables consist of 8 cores of wire arranged into pairs. Each pair is twisted together to protect the signal from interference and cross talk.

Ethernet Cables

• Ethernet cables can be made from Cat5e or Cat6 cable

• Unshielded Cat5e/6 cable is called UTP (Unshielded Twisted Pair)

• Shielded Cat5e/6 cable is called FTP (Foiled Twisted Pair)

• RJ45 connectors are used to terminate the ends of the cable

Cat5e Cable RJ45 Connector

There are two types of Ethernet cables currently in use, Patch and Crossover

Wiring Standard

• Patch cables are used to link devices such as DVRs to switches and routers

• Crossover cables are used to link devices directly to each other such as PC to DVR

• When terminating the ends of a network cable, the T-568 wiring standard must be used

• Patch cables can be either T-568A or T-568B but both ends of the cable must be the same

• Crossover cables require that one end of the cable is wired as T-568A and the other end T-568B

• Many modern network ports support Auto MDIX, a feature ruling out the need for crossover cables

It is extremely important to follow the T-568 wiring standard when terminating Ethernet cables.Failing to do so may result in communication issues.

There are multiple types of Ethernet primarily based on speed. All types however use the same connections and are backwards compatible

Ethernet Types

Ethernet 10Mbps 2 Pairs (4 Conductors)

Fast Ethernet 100Mbps 2 Pairs (4 Conductors)

Gigabit Ethernet 1000Mbps 4 Pairs (8 Conductors)

• Ethernet standards are commonly known by their Base Number. 10Base-T, 100Base-T & 1000Base-T

• 10Base-T is no longer in widespread use

• Identifying the type of Ethernet available on a device is important when designing a network. Large amounts of network data such as on the backbone of a network, will usually require 1000Base-T network ports

What Is a Network?


The question of whether Cat5e or Cat6 cable should be used for any new network is the subject of many debates. In the IP CCTV industry, Cat5e is often used

Cat5e vs Cat6

• Cat5e supports speeds up to 1Gbps and up to 100m

• Cat6 supports speeds up to 10Gbps and up to 100m

• Cat6 costs roughly 30% more than Cat5e

• Cat5e is usually sufficient for an IP CCTV installation

• Cat6 is widely used for future proofing or network backbones

The terms LAN and WAN are used to describe a type of network

LANs and WANs

• LAN (Local Area Network) is a network connected together within the geographic location such as a Home or Office

• WAN (Wide Area Network) is a network of multiple LANs connected together from various locations. The internet itself is one large WAN network.

LAN Network

WAN Network

Creating a Network

• In the example below, a network is created by connecting two devices together

• Each devices network interface card (NIC) is connected to the Ethernet cable

• Depending on the devices themselves, a crossover cable may be required

Computer DVR

Ethernet


IP Address

• The most common type of IP address is an IPv4 address• IPv4 addresses are made up of 4 octets, separated by a decimal place• 192.168.1.108 is an example of an IPv4 address• Each devices IP address on a network must be unique, usually determined by the digits after the last decimal place

(last octet)• In the example below the PC address is 192.168.1.100 and the DVR address is 192.168.1.108

IP Address: 192.168.1.100 IP Address: 192.168.1.108

Ethernet

For any device on a computer network to communicate with another device, each device must have their own unique identifier, this is called an IP address

Subnet Mask

• An example of a typical Subnet Mask would be 255.255.255.0

• The first three octets determine the network address (255.255.255)

• The last octet determines the device ID (.0)

• By viewing the IP address and Subnet mask together, you can see how the address range is set

The purpose of the Subnet Mask is to dictate which IP addresses can be used within the network itself

Network Address192.168.1

255.255.255

Device Address.100.0

Network + Device Address (IPv4 Address)192.168.1.100255.255.255.0

• In the example below, the DVR is configured for 192.168.1.108 with a subnet mask of 255.255.255.0

• This requires that for the PC and DVR to be able to communicate the PC must also be configured to the 192.168.1 address range

• The last octet can be configured to any number between 1 & 254

• Once a device has been assigned an IP address, no other device can use that same address

• If both devices were set to 192.168.1.100, then communication would fail as the two devices would have an IP address conflict

IP Address: 192.168.1.100Subnet Mask: 255.255.255.0


Ethernet

Checking the Connection

• The first step is to check the computer IP address

• On a Windows PC, press and hold the Windows key and press R

• In the run box type cmd and press Enter

• You should now be presented with the command prompt, type ipconfig and press Enter

• The command prompt will now display the current network addresses for each network adapter on your computer (Wired & Wireless)

• Find the IPv4 address and verify it is correct

Now that the devices have been connected and appropriately addressed, the next step is to verify they can communicate with one another



• In Command Prompt type ping followed by a space and the IP address of the DVR, press Enter

• If the DVR is reachable on the address, the command prompt will show that the DVR has replied to the ping command

• If the DVR is not reachable then you will see the message “Destination Host Unreachable” or “Request Timed Out”

• Ping tests are one of the most basic and useful tools when troubleshooting network connections

• If the ping fails, double check the physical connection and the IP address of both devices

Now that the IP address of the computer has been verified, check communication between the computer and the DVR

Successful Ping

Failed Ping


• Most DVRs have built in web browsers for remote viewing

• To connect to a DVR using the web browser, open Internet Explorer and type the DVR IP address into the address bar

• If prompted, install any required plugins

• Login to the DVR using the default username and password (admin, admin on Dahua devices)

Now that communication has been verified, it should be possible to contact the DVR and view images

Dahua Web Browser Login Screen


Adding More Devices

• Switches are a powered device with multiple Ethernet ports

• The job of a network switch is to pass data packets between devices

• There are a large variety of switches available including 4, 8, 16, or 32 port options

• Networks can be expanded further by linking switches together

• Standard network switches are powered devices but passive on the network, they do not require an IP address to function

The assembled network so far will only support two devices, to add more devices to the network a switch can be used

Switch

Computer Computer DVR

• The computer is configured with a network address in the 192.168.1 range and given the available unique identifier of 101

• The computer is given the Subnet Mask of 255.255.255.0

• The ipconfig and ping commands can be used to verify the computers network connection

To allow the newly added computer to communicate with the DVR, the computer must also be configured with an IP address and Subnet Mask in range with the existing devices




Internet Access

• Routers usually have at least four Ethernet ports for connecting devices

• A routers purpose is to manage communication between the LAN network and the internet

• Routers can be connected to computers and DVRs directly or via a switch

The process so far has built a closed LAN (one that is not connected to the internet). To enable internet access the network needs to be connected to an Internet Connection, this is usually done using a Router

Router

Computer Computer DVR

• Routers require an IP address on the LAN to function

• The IP address of the router must also be within the same range as the other devices on the network

• In the example below, the router has an IP address of 192.168.1.1

Routers are usually the device that manages the network itself and dictate the IP address range of the network






Gateway

• The Gateway address provides the outbound route for a device to communicate outside of the network and across the internet

• As the router usually performs this task, the gateway address will often be the IP address of the router• Each device on the network will usually have the same Gateway address (Router LAN address)• Without a Gateway address, a computer or DVR would be able to communicate with devices across the LAN but

not across the internet

When devices need to send data outside of their LAN such as remote access via the internet, they do this by communicating with the router


IP Address: 192.168.1.100Subnet Mask: 255.255.255.0Gateway Address: 192.168.1.1



Static vs DHCP

• Static IP addresses are manually set and do not change (the configuration demonstrated so far)

• DHCP (Dynamic Host Control Protocol) are automatically assigned addresses that can change

• Regardless of the allocation method, the IP address set must be in range with the network

• DHCP addresses are managed by a DHCP server, usually a router

Static and DHCP describe the method used to allocate a device with an IP address, Subnet Mask & Gateway

• Most computers have DHCP enabled by default

• Most DVRs have DHCP disabled by default

DHCP

MAC Address

• MAC addresses are hexadecimal and are displayed with pairs of identifying characters such as 5C:F9:DD:75:45:49

• The first three sections of a MAC address identify the manufacturer

• The second three sections are a serial number assigned by the manufacturer

• A DHCP server such as a router, relies on MAC addresses when assigning IP addresses to devices

Your computer MAC address is also displayed when running the ipconfig command and is labelled as the “Physical Address”

MAC (Media Access Control) addresses are a unique identifier hard written to the NIC (Network Interface Card) at the point of manufacturer

WAN Address

• The WAN address allows the router to communicate across the internet

• WAN addresses can be statically or dynamically assigned depending on the ISP or the broadband package

• The WAN address can often be referred to as the Public IP or External IP

• When connecting to a DVR across the internet, the WAN IP address is used

For routers to communicate across the internet, they need to have a second IP address to connect to the ISPs (Internet Service Provider) network. This is called the WAN address




LAN IP Address: 192.168.1.1

WAN IP Address: 84.92.95.178


Practical Example

Check your current external IP address by visiting the following web site: www.ping.eu

Your current external IP address will be displayed at the top of the page

Ports

• Ports identify which program or service, data should be routed to within a device

• Each service within a DVR or computer use their own unique port numbers

• By default all Dahua devices use ports 80 (HTTP) and 37777 (TCP) for remote connections

• HTTP (Hypertext Transfer Protocol) is the protocol used for basic web browsing across the internet, the default port number for HTTP is 80

Ports are used by all programs and services when communicating across a network

Connection RequestPorts 80 & 37777

HTTP Service – Web Browser Access

Port 80

TCP Service – Video, Audio & Data

Port 37777

TCP & UDP

• TCP (Transmission Control Protocol) ports are used where devices establish a connection with one another and remain connected throughout communication

• UDP (User Datagram Protocol) ports are used where the sending device transmits data without establishing a connection to the destination device first

• TCP ports are used when it is vital that data packets reach their destination correctly

• UDP ports are used where speed is the priority such as media streaming and online gaming

There are two types of port you will come across when configuring networks, TCP & UDP

Port Forwarding

• Each router usually has the option for port forwarding within the router configuration page

• The router is programmed to direct traffic on specific port numbers to the DVR using those ports on the LAN

• On Dahua DVRs the default port numbers to forward are 80 & 37777

• Once port forwarding has been configured, the remote computer uses the WAN address of the router to connect to the DVR remotely

• Third party websites such as www.portforward.com provide full guides on port forwarding for many router models

Port forwarding allows remote computers to connect to specific devices on the LAN across the internet

Connection on Ports 80 & 37777 Forwarding on Ports 80 & 37777


PORT FORWARDING

BT Home Hub

Port forwarding configuration methods varies from router to router. Understanding how port forwarding works is more important than following a step by step guide. Port forwarding can be referred to as Port Forwarding, Virtual Servers, Game and Application Sharing, Open Ports, Service & Firewall Rules and more

• Ports are assigned to a LAN IP address (NVR address). On Dahua NVRs and IP cameras the default port numbers to forward are 80 & 37777

• Port 80 is often found in the routers preset list of applications named HTTP or Web Server

Settings > Advanced Settings > Port forwarding

Supported Applications > Add New Game or Application

Virgin Media Router

Advanced Settings > Security > Port forwarding

Configuration


Technicolor Router

Toolbox > Games & Applications Sharing

Create a new Game or application

SKY Router

Services > Add Custom Services

Firewall Rules > Inbound Services

Third party websites such as www.portforward.com provide full guides on port forwarding for many router models.


DNS Servers

• As IP addresses are hard to remember, we use domain names to connect to servers such as ones hosting websites

• DNS Servers hold a list of domain addresses and their corresponding IP addresses

• Computers and other devices contact DNS servers when connecting to a domain address, the DNS server then gives the corresponding IP address to the computer

• The computer then uses this IP address to connect to the serverhosting the website

DNS (Domain Name System) servers are an extremely important element for any device communicating over the internet

In the example, the Cop Security website www.cop-eu.com has an IP address of 89.234.4.219

Computer

DDNS Server

• There are usually two DNS servers used for any device, a Primary and a Secondary• When a DVR is configured for Email, DDNS or P2P, the DNS servers in the network settings of the DVR must be

configured

DNS Server settings on a Dahua DVR

Common DNS Servers: Google (Pre-set in Dahua DVRs) | Primary 8.8.8.8 Secondary: 8.8.4.4

Assign a game or application to a local network device


DDNS

• A domain address is created with the DDNS provider

• The domain is assigned to the current WAN IP address of the site

• The DVR periodically communicates with the DDNS server, the server checks the WAN IP address the DVR is using against the IP address currently assigned to the domain

• When the DDNS server detects that the WAN IP address has changed, it updates the domain to the new IP address

• When connecting remotely, the domain address can be used instead of the WAN address

DDNS (Dynamic Domain Name System) is used to periodically update a domain address when the WAN address of the site changes

The WAN IP address has changed. I will update the domain address!

Practical Excerises

• Open Command Prompt using the same method stated previously

• Type ipconfig /all and press enter

• The IP address settings displayed earlier will be displayed again, however this time the DNS servers will also be displayed

• Sometimes the DNS servers shown will be the same as the Gateway address, this occurs when the computer uses the router as the DNS server

• To find the currently assigned IP address of a domain, enter the ping command followed by the domain. When the ping command starts, the IP address for the domain will be displayed in brackets

To check the DNS servers currently being used by your computer, follow the steps below


P2P

• When P2P is enabled the DVR connects to a P2P server

• This connection is permanently maintained by the DVR and server

• When a computer or mobile device wants to view the DVR via P2P, they must also connect to the P2P server

• The server passes data traffic between the DVR and computer/mobile device

• As P2P is technically an outgoing connection by the DVR, port forwarding is not required

• For instructions on configuring P2P consult the Quick Install Guide which can be downloaded from the Cop Security website

P2P (Peer to Peer) is a fairly new remote access technology included in all Dahua DVRs

Initial Connection

Video Stream

DVR

P2P Server

Mobile

Dahua DDNS

• Dahua DDNS can be configured in the DVR network menu

• When connecting remotely, the DDNS domain address is used to access the DVR remotely

• For instructions on configuring Dahua DDNS, consult the Quick Install Guide which can be downloaded from the Cop Security website

Dahua DDNS is a free DDNS provider built into every Dahua DVR

Dahua DDNS settings page on a Dahua DVR

COP Secur i ty , De lph New Road, Dobcros s , OL3 5BG Eng land

networking fundamentals - cop security security networking... · 2 tel: +44 (0)1457 874 999 | fax:...

Documents