Posted on

How the Network Works: Routing

In a comment on a previous post, Steve Stroh suggested explaining the nuances of routable and non-routable addresses. This distinction is important for home network security, but without a little background in computer networking, the concept doesn’t mean much. This post explains a little about how the global computer network operates.

Traditional telephone service

I’ll begin with traditional telephone service works because, without realizing it, most people have it tucked away somewhere in their brain that computer networks work like an old telephone system.

Circuits

Traditional telephones are based on circuits. Imagine an old-fashioned switch board with a bunch of incoming wires and outgoing sockets. When an incoming wire from your phone is plugged into an outgoing socket a circuit is completed and you can speak to and hear a person on a telephone at the other end of the circuit.

In a simple time, when Fred and Ethel were struggling performers, they both roomed at The Algonquin. Its switch board could manage the handful of telephones in the hotel. Fred could pick up his phone, tell the switch board operator to connect him to Ethel, a circuit between Fred’s phone and Ethel’s phone was made and Fred and Ethel could plan, dream, and toss whoopie.

When Ethel’s fan dance made headlines, she moved to The Ritz. Fred, who was a baggy pants comic with a fake Yiddish accent, was stuck at the Algonquin. For Fred to call Ethel, the Algonquin operator had to connect to the Ritz operator, who then connected Fred’s line into Ethel’s phone. Unfortunately, Ethel no longer talked to lowlifes like Fred and she immediately hung up. The operators unplugged the lines, and the circuit was gone.

The pattern of connecting switch board to switch board was repeated until the phone network covered the entire U.S. and transoceanic cables extended the network to Europe. Getting a connection could take hours, but the system worked. Over time it was automated, first by mechanical relays, later by transistors and computer chips. Connections became faster. Nonetheless, for most purposes, the circuit system was eventually abandoned in all but metaphor.

Packet switching

Computer networks replaced circuits with an older approach: mail packets.

Mail works differently than the telephone. Writing an address on an envelope is only superficially similar to dialing or asking an operator for a phone number. When you drop an envelope in the mail, you have a promise that the post office will try to deliver it, but that promise is no guarantee and the office that first receives the letter is likely not to have any knowledge of the letter’s destination.

A mailbox will accept a letter addressed to T. H. E. Wiz, 1 Emerald Way, Oz, Kansas without a murmur, although neither T.H.E Wiz, Emerald Way, nor Oz exists in Kansas. You may or may not find out later your letter was undeliverable. It will rattle around the postal system until it is eventually returned or falls into a dead letter bin.

On the other hand, try dialing a stage number, like The Bionic Woman’s number, 311-555-2368. You are told that a connection is impossible as soon as you finish dialing.

The crucial difference is that before your message is transmitted by phone, i.e. you begin to speak, the path you will use to communicate is either is made or fails. The postal system, on the other hand, accepts your message, then passes it on until it lands in an office that recognizes the address and the intended recipient.

Circuits v. packets

Off-hand, the telephone seems like the smarter way. Why go to all the trouble of shipping an envelope around the country when you can decide before sending the message if delivery is possible? Isn’t the post office method a step backward?

Well, no. Circuits may seem more efficient, but they don’t fit well into the reality of the global internet, which is huge, ever changing, and implemented in a patchwork of wildly varying speed and reliability; a salmagundi of large and small, public and private entities that is closer to a frontier pony express than an orderly telephone system.

No single entity understands the complexity of the global network. However, piecing together a workable, let alone optimal, circuit requires just that.

A typical computer message is broken up into a series of independent small packets, each with its own address. These are dumped willy-nilly into the network and each is passed from router (the computer equivalent of a switchboard or a post office) to router until they arrive at their destination and are reassembled. Some will be duplicated to be sent on alternate routes or further broken down into smaller packets to optimize transmission on equipment that can’t handle large packets. The process is messy, but resilient and makes good use of available resources.

Packets in the network hop from router to router approaching light speeds, i.e. almost instantaneously, but then they sit in a buffer while the router decides what to do with it. A packet can hop to another router faster than a router can respond to a query on traffic conditions, so why bother asking? Sending packets to find their own way only requires local knowledge of the condition of the communications infrastructure. With a network as extensive and varied as the global computer network, this is a critical advantage.

Today, most telephone service, including cellphones, travels in switched packets that simulate circuits. We still tend to think of a single wire connection that runs from one phone to the next through a myriad of automated switch boards, but in fact most of the time, our voice is carried in packets drifting through a global network.

Permanent (static) addresses

In the old days, computer addresses, IP addresses, were more or less permanent. Businesses requested and were assigned blocks of addresses. A system administrator had to keep track of those addresses and dole out new addresses from the list as computers were added to the network and return old addresses to the available list as computers were decommissioned.

It was an exacting job. If the list got scrambled and two devices used the same address, the network would behave erratically. Small businesses typically had only a few addresses, which limited the number of computers they could use.

Private non-routable addresses

Giving every computer a public IP address was also a security problem. Each of those publicly addressed computers were vulnerable to direct outside attacks. They had to be managed carefully to prevent intrusion. Individual users seldom had the training and temperament to do that job well.

A solution from the mid-1990s was to declare blocks of addresses private or non-routable. The largest private block (10.0.0.0 – 10.255.255.255) has over 17 million individual addresses. The second block (172.16.0.0 – 172.31.255.255) over a million addresses. The smallest block (192.168.0.0 – 192.168.255.255) has over 65 thousand addresses.

This had lots of advantages. System administrators could devise address assignment schemes for the private address blocks that were relatively easy to manage with subsets for buildings, floors, departments, etc. and not worry about clashing with other businesses. Since the addresses were non-routable, computers with private addresses were easier to isolate from intruders.

Dynamic Host Control Protocol (DHCP)

The process of assigning and re-assigning IP addresses was automated with Dynamic Host Control Protocol (DHCP). When a computer connects to a home network, the home router, following DHCP rules, assigns the computer an IP address from one of the private blocks. Which block depends on how DHCP is implemented on the router.

When an Internet service provider connects a home router to the global network, the service provider uses DHCP rules to assign a unique public and global IP address to the home router.

Network Address Translation (NAT)

From the outside, each home network looks like a single computer with one IP address. This presents a problem: how to connect those internal private addresses with the single outward-facing address. Non-routable private IP addresses combine with DHCP and Network Address Translation (NAT) to solve this problem. Network Address Translation (NAT) is a protocol implemented on routers that handles coordinating internal non-routable IP addresses with the single external public IP address that the router presents to the global network.

Without private addresses, DHCP, and NAT, connecting a new computer to a home network would be a tricky and exacting job. I won’t say that connecting a new device is easy today, but I assure you, when I think about managing networks thirty years ago, I am amazed. Our grandsons have our wireless network id and password stored on their phones and laptops. When they walk into our house, their laptop or phone connects with our wireless network, an IP address is assigned, and they connect with the global network without me doing anything. Astounding!

Posted on

Home Network Security: RedLINK™

In a previous post, I said that the Internet of Things (IoT) has increased the size and complexity of home networks. We had a new heating system installed recently that added a new dimension to our home IoT network: RedLINK ™, which, on the whole, was good for our home security.

Home network security sunrise
Home network security sunrise

IoT and network complexity

As networks increase in size and complexity, they become more difficult to manage and secure. Businesses hire technicians who are trained in security to manage their networks, which is usually a spendy proposition, but there is a lot at stake and security is one of many justifiable costs of doing business that accountants and managers prepare for.

Working from home network security

At home, we are in a different position. I’m not an accountant or a tax expert, so don’t take my word for it, but if your income is from a regular paycheck, the IRS probably will not allow you to deduct expenses derived from working at home. You might be able to convince your employer to reimburse you for these expenses, but be sure that the reimbursement will not be considered taxable income. In other words, in most cases, you secure your home network on your own nickel.

When I was working from home, most years, my employer, CA Technologies, permitted me a fixed amount on my expense account that I could request for working-from-home outlays. Not all employers do that, but take advantage if you can.

Since I retired and began writing books for extra income, I have deducted some for computing, network, and office overhead every year. I keep records of business expenses and have an accountant go over them to be sure they’ll pass an audit.

Home network security challenges

As a businessman, I don’t think I could justify investing much cash in our home network security. We are not juicy hacker bait. Although a successful attack could throw us in a world of hurt, it would not give a hacker much of a payday compared to even a moderately large business or agency.

Nevertheless, I worry about the security of our network. That means home network security is a DIY project for me. Fortunately, forty or so years in the computing industry has prepared me for this.

Securing HVAC

I’m working on methods to secure home networks that folks can do for themselves. In this post I will say something about securing home heating, ventilation, and air-conditioning systems (HVAC). This is an important topic for me because we just had a new heating system installed.

I was pleased to discover that our new system uses an alternative to standard Wi-Fi for communications. Sensors and controls connect wirelessly, but not the same way the rest of our computing gear connects.

IoT and Wi-Fi

Wi-Fi, the wireless network standard that almost every home network relies on, was designed with the capacity for data flows like streaming video, which is massive overbuilding for most IoT purposes. The data passing to and from IoT devices, with the exception of remote cameras and speakers, is typically miniscule compared to Wi-Fi loads.

There are several IoT platforms available that support low bandwidth communications. Our heating system uses the Honeywell RedLINK ™ platform specifically designed to support residential heating, ventilation, and air conditioning (HVAC) systems. It uses the 900 MHz band, which is a lower frequency than most Wi-Fi.

Lower frequencies have longer range and penetrate barriers like walls more easily than higher frequency signals. Thus, lower frequencies are more reliable and cover more area. The downside of lower frequency is lower data transfer rates, but for applications that don’t transmit a lot of data, like HVAC, lower data rates are fine.

A heating system that reports temperatures and humidity every 2 minutes from several sensors spread through a house is transmitting data at a trickle compared to streaming video, audio, and even sending a moderate size word-processing file. At 900 MHz, RedLINK ™ has better wall penetration and range than Bluetooth or typical Wi-Fi, which use 2.4 GHz and higher frequency bands. Even if Wi-Fi were unreliable in our house, I would expect RedLINK ™ to be solid.

Interference on the 900 MHz band

But the 900 MHz band is crowded. To begin, it’s designated for scientific, industrial, and medical device connectivity. Some cell phone and walkie-talkie type communications use it. Wireless telephone handsets often use the 900 MHz band. Amateur radio hobbyists also are permitted to use 900 MHz band signals. Consequently, in a residence, several devices might attempt to send a signal at the same frequency within the band at the same time. Colliding signals garble the message. This shows up as interference, which could be a big problem.

Frequency hopping

RedLINK ™, like Bluetooth, and the actress Hedy Lamar’s torpedo guidance system, has another trick: frequency hopping.

The military began to develop frequency hopping before WWI to protect battlefield radio messaging. By switching frequencies quickly in unison, the signal from transmitter to receiver never lingers long enough at a given frequency to degrade the overall message.

In addition, modern communication systems divide data into small chunks called packets that can be checked for consistency and resent if necessary. The combination of packet data and frequency hopping practically eliminates interference at low data volumes.

Canada geese
Canada geese sound a little like hopping frequencies

Changing frequencies also discourages interception and listening in on messages, but, unfortunately, the technology to follow most frequency hopping schemes is freely available now, so hopping is weak security, but it does effectively squelch interference on crowded bands.

Power consumption

The 900 MHz band consumes less power than higher frequency transmissions and batteries last longer. Since I don’t relish crawling into odd corners to change batteries on remote sensors, battery life is more important to me for IoT than other applications.

Proprietary protocol

A proprietary network protocol like RedLINK™ installs more easily and reliably than Wi-Fi for HVAC, but it tends to lock consumers into a single vendor. A version of the public Wi-Fi standard designed for low volume data transmission, called Wi-Fi HaLow, exists. But I haven’t found any HaLow equipment on the market.

Hacking RedLINK ™ could be devastating, essentially allowing a malicious invader to take over our heating system, making our lives uncomfortable, possibly wrecking our heating system, or setting our house on fire. I have no doubt that a diligent enough hacker could gain entrance to a RedLINK ™ network, but it would require detailed knowledge of a proprietary system, which would require a lot of effort for a low money skill.

A sigh of relief

In fact, I breathed a sigh of relief when I found that our thermostat doesn’t use Wi-Fi to communicate with our furnace. I am far more concerned with hacking our Wi-Fi system than RedLINK ™.

Issues remain

Our smart thermostat is attractive and easy to use because it’s a small but powerful  computer. This has drawbacks. For example, I found instructions on the internet for running the video game Doom on a model similar to the thermostat in our dining room. I worked on an application twenty-five years ago to rid corporate networks of that very game.

It’s not as bad as it may appear, but rogue Doom installations bear some scrutiny, which I will do in a future post.  More important, I have not enabled or begun to explore the app that connects a smartphone or other computer to the thermostat. This is a subject for a future post and an area for caution.

Posted on

Online Conferences and Covid-19

The sled and traveller stopped, the courier’s feet
Delayed, all friends shut out, the housemates sit
Around the radiant fireplace, enclosed
In a tumultuous privacy of storm.

Ralph Waldo Emerson, The Snow-Storm

Sounds cozy doesn’t it? Clustered around the fire, hot chocolate, spiced cider, hot buttered rum…

All friends shut out, the housemates sit…

Yeah. Right. We’ve been sitting around the fire with our housemates for what is it? Seven months now? That’s about long enough with our friends shut out, wouldn’t you say?

People bridle at the enforced privacy of pandemic lockdowns and social distancing. For me, the isolation is not so bad. I know the ropes of working from home and I’m an introvert.

I like and enjoy other people, but person to person encounters drain the life out of me. I know many of my friends are energized by getting together and breathing the same air with others, but it rarely works that way for me.

Pre-pandemic, I joined with a good friend or two for lunch regularly. Oh, I enjoyed those lunches, but when they were over, I exhaled a sigh of relief and took a nap to recover the energy I had lost. I used to think this personal quirk was a disadvantage, but now, I realize it is a boon not to be troubled by all this isolation. I’ve noticed that there are other folks like me, but in a group of ten, maybe only two of us.

The Washington Library Association online conference

This week, I’ve been participating in an online library conference. I’ve read that the online event business is booming. I can understand why. Online conferences are cheap and they work remarkably well; I prefer online conferences to the in-person species.

For attendees, traveling to and from these gatherings is expensive. Airfare, hotels, and meals cost, and time away from regular work costs more. On the event business side, conference hotels and centers are orders of magnitude more costly than electronic platforms. Speakers charge less to present electronically because presenting from a home or office takes less time and effort than crossing the country to check into a venue that is not much of a perk for a speaker who endures one-size-fits-all hotel décor several times a month.

As I understand it, the firms that stage these events have reduced their fees and made them back and more because the number of attendees has increased. This year, the Whatcom County Library System was able to purchase blanket admission to the Washington Library Association online conference that lets the entire library staff, and trustees attend rather than individual registrations.

I’ve gone to the Washington Library Association conference every year since I became a library trustee, but I almost decided not to go this year. I enjoy and benefit from attending, but the hectic move from our Ferndale house back to Waschke Road disrupted just about everything on top of the pandemic. Making it worse, I’ve started some time-consuming projects. I’ve always worked during conferences on a laptop or tablet, but this year, I’ve been able to work from my office in between conference events. It’s been great.

I have some suggestions for attending online conferences.

Schedule your time carefully

Attending a conference in person is a scheduling challenge. It’s easy to miss a session that you really wanted to attend because you skipped a page in the agenda, or you were distracted by a conversation with a colleague. When you’re attending from home, scheduling is more difficult because the events in your life are not built around the conference schedule— for example, your lunchtime may clash with sessions you want to attend. You can always listen to the recording, but that’s never the same. Review the agenda and plan ahead as carefully as you would in person.

Don’t multi-task

Efficiency experts liken multi-tasking to a speedway multi-car pileup. You get less done and what you do is seldom done well.

The temptation to multi-task is strong, especially attending a conference in your home office where you are likely to have several screens up and running. My usual home setup is a primary screen for the project I’m working on, another for online lookups, and a third for communications. I don’t have any trouble concentrating on my project at hand. For me, having one browser open to an online dictionary and another to email and Slack is the reverse of distracting: a quick side glance to a secondary screen and I’m back to the main subject. But when I have to fiddle opening and switching windows and desktops, I am distracted and likely to get stuck on whatever I have to bring up.

All those screens while listening to a conference presentation is different. Even the best presentations have dead spots that tempt me to look aside and process the current crop of sub-urgent communications or check on the latest minor question that’s been bugging me. Don’t do it! Boredom is lack of engagement. The instant I disengage, loss of interest in the presentation begins to snowball and before I know it, I am researching which village in Cornwall was most likely to have been the location of King Arthur’s round table, or some equally pressing subject, instead of taking a once in a lifetime chance to raise a question about tracking outcomes of library strategic initiatives. Yikes!

Take notes

I’m terrible at taking notes at conferences. While I am participating, new ideas and concepts pop into my head with crystal clarity that I couldn’t possibly forget. No need to write anything this exciting down.

Steller’s Jay eying the last thing that entered my head.

Sure. I’m seventy-one years old. If I’m distracted, the content of my head disappears with the cheerful readiness of a Steller’s Jay stealing peanuts. The arrival of the next idea clears my head of everything but lingering enthusiasm for whatever’s not there anymore. Come to think of it, the same thing happened 50 years ago when I was an undergraduate attending lectures.

Take notes, grasshopper.

Use chat

In the software development groups I used to lead, chat apps, like Slack, often were the key to productivity and communication. Most conferences have provisions for chatting among session attendees and community discussions. If you participate, chat takes the place of the conversations that go on in the hallways and over meals and drinks. Not perfect for establishing friendships, but chat discussions are often thoughtful, cogent, and well worth your time.

Remember, “On the Internet, no one knows you’re a dog.” In a chat session, you’re as smart as what you say. Take time to think, be courteous, but don’t be shy.

Setup

Have your professional appearance, background, camera, microphone, and lighting set up before the conference begins. Not all sessions allow you to interact with the speakers, but when they do, be prepared as a courtesy to your fellow participants.

Your setup is like a pandemic mask. You wear it for others, not yourself. You won’t get any personal benefit from clear sound and a flattering Zoom image. Your questions will still be answered if you look like a bear in a cave and sound like a mouth full of crushed granite. And the chances that your boss will notice your setup are slim. Sorry, but this is true. However, think about your fellow participants. They want to be part of a professional and dignified group, not a pack of ill-fed scavengers. Give them a break. And a good appearance will make you feel better too.

I’m impatient with the pandemic. Like most people, I wish it were just over, but I’m a historian as well as an engineer. Plagues don’t disappear in a blink of the eye. They fade away with effects lingering for decades, even centuries. The plague in 14th century Europe is sometimes said to have lead to the Renaissance. We don’t know what the long term effect of covid-19 will be, but our best hope is to adapt to the snow storm, not fail at ignoring it.