Setting Up Your Own Home Network

You are here: Newcastle University
» ISS Home
» Networks Home
» Maintaining the network
» Home network

A home network is simply a way of creating your own private computer network at home and connecting to the Internet. With more people owning more than one computer these days, a home network provides a method for sharing files and resources between machines. Typically you will have a connection to the Internet via your ISP using a modem over a phone line, a cable modem or a DSL line. We assume you know how to configure network support on each machine in the following configurations and that you are only running an IP network.

Single Machine

The simplest configuration you can have is a single machine connected to the internet via a modem or cable/DSL box. A single machine approach leaves your machine connected directly to the internet and open to attack, so we recommend you run local firewall software such as zone alarm to protect yourself from hackers. With a home network you can setup a machine as a dedicated firewall to protect all machines on your network. Some cable/DSL modems have builtin firewall and NAT functionality, these modems should be treated the same as the simple network routers described later.

Network Address Translation (NAT)

Each machine on your home network should use a private IP address, these are addresses that are not routed across the internet, you can then use NAT to translate all IP addresses on your private network to a single real IP address supplied by your ISP. This means all machines on your home network can access the internet via a network router running NAT. There are dedicated network routers that provide NAT and other network functionality. You can use a computer with two ethernet cards and the appropriate software to do the same thing.

Printers

If you have a printer you will want to share it with all machines on your network, you can do this by using a print server. If you normally have your printer connected into the back of your computer then your computer is actually running a print server in software on your computer, you can enable printer sharing to allow other machines on your network to use the printer.

The problem with this setup is the machine your printer is connected to must be left running if you want to print from another machine on your network. A better solution is to use a dedicated print server which is a small box that you can use instead of a computer which you leave connected to the network. If your printer has a network socket then it already has a builtin print server.

Dynamic vs Static addresses

Instead of assigning IP addresses to each machine by hand you can setup a DHCP server to assign addresses dynamically, this means when you switch on your machine it asks the DHCP server for an IP address to use on the network. If you use a laptop at home and on campus you should be using dynamic addressing otherwise you would need change your network configuration everytime you switched networks.

Your network router or firewall device may run a DHCP server to provide this facility, if not you can run a DHCP server on a computer. If you use a computer you will need to leave the machine running all the time to serve other machines on your network, also the machine will need to be configured with a static IP address as it does not have a DHCP server to assign it an address.

Wireless

Wireless is taking off in a big way so, in addition to using normal Ethernet cards and cabling up your home, you can now use wireless cards with a wireless access point. Wireless is based on the 802.11 Ethernet standard, 802.11b operates at 11Mb/sec, and 802.11g operates at 54Mb/sec. Always use encryption, WEP or better still WPA, and firewall software to protect your network. It is possible for someone to connect to your network from the street outside your home so you should also restrict access by MAC address if possible. Wireless access points such as the Apple Airport can also incorporate other features such as NAT and a DHCP server.

Running A Server

If you want to run a web or other type of server and have it visible to the outside world you will need to either run the server on your machine with the real IP address, or enable port forwarding through your firewall to the machine where the server is running. NAT relies on a network connection being initiated from inside your home network so it can maintain a list of connections for each machine. If you run a server then a connection to the server will be initiated from out on the internet and the firewall does not know where to forward the packet. Port forwarding simply tells your firewall to forward packets for port 80 to the machine running the web server, the disadvantage is you can only run one web server on the default port. This becomes important when you start to use peer-to-peer software for file swapping as each client is also a server and you can't run multiple servers using the same ports. Some protocols have proxy servers that use extra information in the packet to determine where to send packets.

Virtual Private Network (VPN)

You can connect to restricted services on the campus network using VPN. You can connect to the VPN servers using TCP/IP port 1723, but data is sent over the VPN tunnel using a completely different protocol GRE/IP. This is protocol number 47 and your firewall must pass traffic using this protocol for VPN to work. The best solution is to get a home router that supports VPN (PPTP) pass through.

Newcastle University, NE1 7RU, United Kingdom, Telephone: (0191) 222 6000
From outside the UK dial +44 191 222 6000

Website information and feedback

Newcastle University

Information Systems & Services