Tuesday 20 December 2011

// // Leave a Comment

Why the computer show "Limited Connectivity" ?

limited-access-network

"Limited connectivity" happens when your computer can connect to the network ... but it can't.
I know, that wasn't very helpful. But it's actually accurate. Your computer was able to connect the network in one way, but was unable to complete the next step.

"Limited connectivity" happens when:
  • Your computer detects that a network is present and operating. That means that it detects that the network cable is plugged in, or that it was able to connect to a wireless access point.
  • Your computer's request for an IP address went unanswered.
It's that last one that needs a little explanation.
An IP address is how your computer is located on its network. The vast majority of machines are configured to connect to the network using DHCP to get what's called a "dynamic" IP address. That means that rather than permanently assigning a specific IP to that machine, the machine "asks" for an IP address when it connects to the network.
Dynamic IP addresses are simpler to configure, and allow for IP addresses to be re-used when the machines that they were temporarily assigned to are taken offline.
"If you check your IP on your machine and it starts with '169.' that's a made-up IP address."
A DHCP request for a dynamic IP address is very simple: your computer broadcasts to all the devices listening on its network "Would the DHCP server listening please assign me an IP address!". On each such network there should be one device that hears that request and responds with something like "Here ya go: you will be 192.168.1.4 - and by the way, when you want to talk to others on your network, here's some more information, and when you want to send something to the internet, send it here."
In other words your computer gets both its IP address as well as instructions on how to talk to the rest of the world.
At that point your computer is ready to communicate with the world.
So, what happens if no one responds?
Your computer will repeat that request ("Would the DHCP server listening please assign me an IP address!") a few times, and then it'll give up.
And declare that you have limited connectivity.
Connectivity is "limited" because your computer will likely make up an IP address. If you check your IP on your machine and it starts with "169." that's a made-up IP address. Only your computer knows about it, which means that no other computer knows how to contact yours. In addition, your computer doesn't know how to find or send packets to anyone else.
Limited connectivity is extremely limited. In practice, it means no connectivity.
There are scenarios where, if you know what you're doing and you're willing to jump through some hoops, you can actually force communication while you're in this state by doing things like manually configuring TCP/IP settings on your network card. But it's not meant to be a long term solution at all.
So, what do you do?
DHCP is typically handled by your router, or in some cases your broadband modem. If you have a single PC connected to the internet, it may also be handled by your ISP.
Believe it or not, 90% of the time what you did is exactly right: reboot your router. Sometimes routers just "get into a state" and need to be rebooted. It's silly, and in an ideal world shouldn't be needed, but it is what it is. I probably reboot my router once a month, on average.
Wireless access points, those which are not routers but simply provide the wireless connectivity to a wired network, can sometimes also hiccup and fail in such a way as to cause this problem. I believe it happens when the wireless side of the device keeps working while the wired connection is, for some reason, inoperative. Again, a reboot of the device typically clears this up.
In either case, it's easiest to then reboot your computer(s) to force them to request new IP address assignments from the now functioning router.
If the reboot resolves the problem, but then it reoccurs quickly, I would check with the manufacturer of that device to see if there is new firmware available for it. Even though we think of routers and access points as hardware, they are in fact small computers running programs, and the programs sometimes have bugs. Sometimes those bugs don't manifest until something outside of the device changes. (I've heard anecdotal evidence that the new TCP/IP code in Windows Vista has exposed issues with some routers, for example.)
If your firmware is up to date, and the problem repeats frequently, I would investigate trying a new router or access point to see if that clears things up.
Read More
// // Leave a Comment

Give Priortize in you Network Traffice with DD-WRT



Having a media server is really awesome, unless the other people on your network don’t know how to share the bandwidth. Using some simple QoS rules, you can give your computer a priority and stop your streams from dropping out.

banner-01

If you have a media server or a HTPC that streams, you’ll obviously want to make sure you can watch your content without having it stutter or drop out. The problem is, with a ton of devices on your network, the bandwidth on your HTPC needs a priority. Alternatively, maybe you have a kid who streams a little too much and is sucking up more than his or her fair share of bandwidth. You can throttle the connection to one computer without messing with the rest.
Because this tip can be used to unbalance your bandwidth as well as balance it, we urge you to exercise caution and restraint. With the great power of QoS and DD-WRT comes great responsibility.

Prioritizing via MAC Address

Using a computer’s MAC address is a great way to prioritize its traffic because it will work even if its IP changes. However, this really only affects prioritization if the connection is initiated from this hardware address. That means if traffic was initiated elsewhere, our settings won’t make a difference even if the destination is this particular computer. As such, this works well when trying to add importance to traffic that a computer starts, like streams, and is less effective for things like throttling torrents.
Open up your browser and head over to your DD-WRT-enabled router’s login page. Click on NAT/QoS and then QoS. This will bring you to the Quality of Service page.

Here, you want to make sure that Quality of Service is enabled, it’s set to WAN, and you’re using HTB as the packet scheduler.
You also want to set the Uplink to somewhere between 80% and 95% of the max upload bandwidth you have. The Downlink should between 80% and 100%. In theory, you want to make sure that if there’s a bottleneck in speed going into or out of your network, it’s at the router so that it can be managed.
Next, head down to the MAC Priority section.

Enter your computer’s MAC address. If you’re not sure how to look it up, check out our article on Static DHCP and scroll down to see how to find your MAC address.

Then, you can just set the priority. You can set it to Premium or Express, both of which will vastly improve the speeds your computer will get.

Prioritizing via IP Address

When you change priorities via IP address, DD-WRT will manage all traffic, not just traffic that is initiated by that particular computer. This means that receiving IMs, torrenting, and other traffic that the computer is receiving that may start from an outside source is affected. As such, you can use this method to deprioritize a computer on your network much more efficiently, though the consequences can be made more severe by utilizing specific choices. This method works very well with a Static DHCP setup, so that IP addresses are tied to individual computers and they don’t change.
Follow the above instructions, but instead of going to the MAC priority section, go down to the Netmask Priority section.

Add the IP address of the target computer, followed by the mask. The mask will tell DD-WRT what length of the IP address to apply the rule to. For example, a mask of 24 will change the priority for 192.168.1.x addresses, and a mask of 32 will change the priority of a single IP address. You will likely want to use 32.

Next, you can change the priority. If you want to increase it, choose Premium, as that will work best. If you wish to lower it, choose Standard and use this in conjunction with a prioritized computer elsewhere on the network. If you really want to be mean, you can choose Bulk for severely deprioritized traffic. Choosing Bulk will only allocate significant bandwidth when all other classes are not receiving traffic. This is perfect for a BitTorrent or FTP server on your network, as well as forcing a misbehaving user to come talk to you about reduced bandwidth.


DD-WRT offers a few unique ways of shaping your internet traffic. We’ve had a few requests specifically for increasing and decreasing traffic priority for specific computers on your network. Once again, we suggest you use this responsibly.

Do you have any stories where this could have helped your situation? Share your experiences in the comments!
Read More
// // Leave a Comment

How to make VLAN on Cisco Switch


Have you ever wondered what a Virtual LAN (or VLAN) is or been unclear as to why you would want one? If so, I have been in your place at one time too. Since then, I have learned a lot about what a VLAN is and how it can help me. In this article, I will share that knowledge with you.

What is a LAN?

Okay, most of you already know what a LAN is but let’s give it a definition to make sure. We have to do this because, if you don’t know what a LAN is, you can’t understand what a VLAN is.
A LAN is a local area network and is defined as all devices in the same broadcast domain. If you remember, routers stop broadcasts, switches just forward them.

What is a VLAN?

As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.
This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.
Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

Are VLANs required?

It is important to point out that you don’t have to configure a VLAN until your network gets so large and has so much traffic that you need one. Many times, people are simply using VLAN’s because the network they are working on was already using them.
Another important fact is that, on a Cisco switch, VLAN’s are enabled by default and ALL devices are already in a VLAN. The VLAN that all devices are already in is VLAN 1. So, by default, you can just use all the ports on a switch and all devices will be able to talk to one another.

When do I need a VLAN?

You need to consider using VLAN’s in any of the following situations:
  • You have more than 200 devices on your LAN
  • You have a lot of broadcast traffic on your LAN
  • Groups of users need more security or are being slowed down by too many broadcasts?
  • Groups of users need to be on the same broadcast domain because they are running the same applications. An example would be a company that has VoIP phones. The users using the phone could be on a different VLAN, not with the regular users.
  • Or, just to make a single switch into multiple virtual switches.

Why not just subnet my network?

A common question is why not just subnet the network instead of using VLAN’s? Each VLAN should be in its own subnet. The benefit that a VLAN provides over a subnetted network is that devices in different physical locations, not going back to the same router, can be on the same network. The limitation of subnetting a network with a router is that all devices on that subnet must be connected to the same switch and that switch must be connected to a port on the router.
With a VLAN, one device can be connected to one switch, another device can be connected to another switch, and those devices can still be on the same VLAN (broadcast domain).

How can devices on different VLAN’s communicate?

Devices on different VLAN’s can communicate with a router or a Layer 3 switch. As each VLAN is its own subnet, a router or Layer 3 switch must be used to route between the subnets.

What is a trunk port?

When there is a link between two switches or a router and a switch that carries the traffic of more than one VLAN, that port is a trunk port.
A trunk port must run a special trunking protocol. The protocol used would be Cisco’s proprietary Inter-switch link (ISL) or the IEEE standard 802.1q.

How to configure VLAN on a Cisco Switch?

VLAN stands for virtual LAN and technically we can say, a VLAN is a broadcast domain created by switch. When managing a switch, the management domain is always VLAN 1, the default VLAN. All ports of switch are assigned to VLAN 1 by default.  VLAN increase the performance of a network because it divide a network logically in different parts and limit the broadcasts.Any member of VLAN 2 can not talk with any member of VLAN 3 without router but all the members of VLAN 2 and VLAN 3 can talk with other members within their VLANs.This Lab will also help how VLANs can be used to separate traffic and reduce broadcast domains. To create a VLAN, first enter global configuration mode to run the following commands. Configuration to create VLAN 2 

SwitchA(config)#configure terminal  (enter in global configuration mode) 
SwitchA(config)#vlan 2 (defining the vlan 2) 
SwitchA(config)#vlan 2 name marketing (assigning the name marketing to vlan 2)
SwitchA(config)#vlan 2 name marketing  (assigning the name marketing to vlan 2)
SwitchA(config)#exit (exit from vlan 2) 
Configuration to create VLAN 3 
SwitchA(config)#configure terminal                  (enter in global configuration mode) 
SwitchA(config)#vlan 3                                (defining the vlan 3) 
SwitchA(config)#vlan 3 name management       (assigning the name management to vlan 3)
SwitchA(config)#exit (exit from vlan 3)
Now assigning the ports 2 and 3 to VLAN 2, it must be done from the interface mode. Enter the following commands to add port 2 and 3 to VLAN 2. 
SwitchA(config)#configure terminal             (enter in global configuration mode) 
SwitchA(config)#interface fastethernet 0/2         (select the Ethernet 0 of port 2) 
SwitchA(config-if)#switchport access vlan 2      (allot the membership of vlan 2)
SwitchA(config-if)#exit                                     (exit from interface 2)
Now adding port 3 to VLAN 2 
SwitchA(config)#interface fastethernet 0/3        (select the Ethernet 0 of port 3) 
SwitchA(config-if)#switchport access vlan 2 (allot the membership of vlan 2)
SwitchA(config-if)#exit (exit from interface 3) 
Now assigning the ports 4 and 5 to VLAN 3, enter the following commands to add port 4 and 5 to VLAN 3. 
SwitchA(config)#configure terminal (enter in global configuration mode) 
SwitchA(config)#interface fastethernet 0/4 (select the Ethernet 0 of port 4) 
SwitchA(config-if)#switchport access vlan 3 (allot the membership of vlan 3)
SwitchA(config-if)#exit (exit from interface 4)
Now adding port 5 to VLAN 3 
SwitchA(config)#interface fastethernet 0/5 (select the Ethernet 0 of port 5)
SwitchA(config-if)#switchport access vlan 3 (allot the membership of vlan 3)
SwitchA(config-if)#exit (exit from interface 5) 
         

To show the VLAN interface information, run the command show vlan.

Read More

Monday 19 December 2011

// // Leave a Comment

How to Configure DD-WRT as Client Bridge Labels


Instructions
A very simple step-by-step description to connect a Router running selected DD-WRTV24 firmware in Repeater Bridge Mode. (This will work for almost everything, but do check notes on individual routers below clock
If you are using a G router, use 12548 builds to create a wireless bridge. DO NOT USE SP1 OR THE MAY 24 08 BUILD.
This mode is NOT for WIRED connections between two routers! It is a wireless connection only.
To enable bridge mode between two routers, the primary router must be in AP mode (default) with DHCP Server enabled. The secondary router running DD-WRT v24 will be configured as the Repeater Bridge.
  1. Restore Factory Defaults on Secondary (DD-WRT) Router
  2. Do a proper HARD 30-30-30 Reset on the router.
  3. Set your computer to a static IP of 192.168.1.9
  4. Connect to the secondary router via wired or wireless client keeping in mind the dd-wrt default settings for dhcp pool and ssid
  5. Open the Wireless -> Basic Settings tab
    • Physical Interface Section
      • Wireless Mode : Repeater Bridge
      • Wireless Network Mode : Must Match Primary Router
      • Wireless Network Name(SSID) : Must Match Primary Router - Make sure you spell this correctly
      • Wireless Channel : Must Match Primary Router (This will disappear once you put it in RB mode, and isn't needed)
      • Wireless SSID Broadcast : Enable
      • Network Configuration : Bridged
      • Save
    • Virtual Interfaces Section
      • Add
      • Wireless Network Name(SSID) : Different from Primary Router
        • [NOTE] - You CAN try using the same SSID but many have had random disconnects and/or no connection if the SSID's are the same. If using the same ssid doesn't work for you, use a different ssid from the primary router
      • Wireless SSID Broadcast : Enable
      • AP Isolation : Disable
      • Network Configuration : Bridged
      • Save
  6. Open the Wireless -> Wireless Security tab
    • Physical Interface Section
      • Security Mode : Must Match Primary Router and DD-wrt only works reliably with WEP or WPA2-AES
      • WPA Algorithms : Must Match Primary Router
      • WPA Shared Key : Must Match Primary Router
      • Key Renewal Interval (in seconds) : Leave default
    • Virtual Interfaces Section (note if you don't see this section your firmware should be atleast v24-sp2)
      • Security Mode : Must Match Physical Interface
      • WPA Algorithms : Must Match Physical Interface
      • WPA Shared Key : Must Match Physical Interface
      • Key Renewal Interval (in seconds) : Leave default
      • Save
  7. Open the Setup -> Basic Setup tab
    • Connection Type will be: Disabled
    • Set STP for Disabled (Enabled sometimes can cause connection problems) redhawk
    • IP Address : 192.168.1.2 (Assuming Primary Router IP is 192.168.1.1)
    • Mask : 255.255.255.0
    • Gateway: 192.168.1.1 (again assuming Primary Router IP is 192.168.1.1)
    • DHCP Server: Disable
    • Local DNS: 192.168.1.1 (if IP of Primary Router is 192.168.1.1)
    • Assign WAN Port to Switch : Optionally enable this to use the WAN port as another LAN port.
    • Save
  8. Open Setup -> Advanced Routing tab
    • Set Operating mode to "Router"
    • Save
  9. Open Services
    • Disable Dnsmasq
    • Save
  10. Open the Security -> Firewall tab
    • Uncheck all boxes...except Filter Multicast
    • Disable SPI firewall
    • APPLY Settings
  11. Reboot the router.
  12. Once you have it working, go to the wireless security tab, and set the same type of security AND key for both the primary and the repeater ssids and hit apply.
  13. SET YOUR COMPUTER BACK TO AUTO IP AND AUTO DNS.
You should now be able to connect wired clients and wireless clients to the newly configured Secondary router . They will receive IP Addresses from the Primary Router and will be able to use the Internet connection supplied by the Primary Router.
Read More
// // Leave a Comment

How to Share USB Modem to Access Internet For Other Computer

usb-modem-share-interent-other-device

Accessing wireless Internet using USB dongles has become popular over the past few years. The advantage of this type of Internet is that you can take it anywhere you want to, without having to get tied down by cables of wired internet. But one of the major woes that have been attributed to this type of Internet is that it cannot be shared with another computer in an easy way, or so it has been assumed. But the fact is that you can easily achieve it by using just a router, without any additional software. Here is how.

Before we start, there are certain requirements in the PC to be able to share USB dongle Internet. You will need a PC with one Ethernet port and a router (with Wi-Fi if you want to share the Internet over Wi-Fi). We are using Windows 7.

  • Open Control Panel by clicking on Start and Control Panel.

  • Under Network and Internet section, click on View network status and tasks to open Network and Sharing Center.

  • Click on Change adapter settings link located on the left of this window. You will notice the connection icon for your USB dongle in this window. In our case, this is ZTE-EVDO. Right-click on this icon and click on Properties.
 
  • Now click on Sharing tab. You will notice that there is an option to allow other network users to connect through this computer's internet connection, check that box.

  • You may now see a warning that the user name and password for this connection cannot be saved for use by all users. This is normal because the user name and password for USB dongle Internet is usually stored inside the dialer program that comes with it. Click OK to continue.

  • Now you can choose one of the available connections in the drop down list to share the internet. If you have more than one network adaptors or Wi-Fi, you must choose the Local Area Network connection which you would connect to the router.

  • After you choose Local Area Network, click OK to save the internet sharing setting.

  • You will now see that the USB dongle connection icon shows that it is shared.

Now plug in the RJ-45 jack at one end of a cross-crimped Ethernet cable into the LAN port of your computer (the same port which has been chosen for internet sharing), and plug in the RJ-45 jack at the other end of this cable into the socket market Internet on your router. It is a good idea to reset the router before connecting. It is also a good idea to make sure that the shared LAN connection does not have any IPv4 values pre-assigned to it, rather set it to get them assigned automatically.

Power on your router and connect another PC to its LAN port using another cross-crimped Ethernet cable to make sure that the Internet connection sharing is working. If you have any Wi-Fi devices such as a laptop or an iPod touch or a mobile phone with Wi-Fi, then you may want to rather use a Wi-Fi router. In that case, you can refer to this article to create a secure Wi-Fi connection. It's as simple as that.
Read More