network segment, a collection of network devices connected to a single switch.
(If this network segment comprises your entire network, you can call it a
switched network.)
CHAPTER 1 Understanding Ethernet Networking
23
1
Computer
Computer
Switch
Computer
FIGURE 1.9
You can use a switch as the central connection point for your network.
The switch then forwards data from one network node to another. On basic
switches such as the type used in homes or small offices, the switch usually
reads the MAC address of the destination node in each ethernet frame and
sends the frame directly to that device. Most switches maintain a switching
table, a record of the MAC addresses and network port numbers used by each
device on the network. As you use your network, the switch makes note of
each new MAC address and adds it to the switching table, which improves
overall switch performance.
You can also use a switch to send data across multiple network segments. For
example, you might have a network segment in one room or office and a sec-
ond segment in the room or office next door. Similarly, if your network out-
grows your original switch, you might add a second switch to the network
instead of upgrading to a switch with more ports. To join the two segments,
you have three choices:
■ Many older switches come with a special uplink port that’s designed to
connect two switches by running a
network cable from the uplink port
of one switch to the uplink port of
the other switch. On some of these

switches, a button controls whether
the port is used as a regular RJ-45
port or an uplink port.
The network config-
uration shown in Fig-
ure 1.9—that is, multiple network
nodes joined to a central connec-
tion point—is called the star
topology.
note
■ Use an ethernet crossover cable to link two switches by running the
cable from any port in the first switch to any port in the second switch.
■ Get switches where the ports support Auto Crossover (also called Auto
MDI/MDI-X crossover detection; MDI stands for Medium-Dependent
Interface). This enables you to connect two switches without using an
uplink port or a crossover cable.
As with NICs and cables, all switches support one or more of the ethernet
standards. For example, a Fast Ethernet switch will almost always support
10/100 connections, whereas a Gigabit Ethernet switch will usually support
10/100/1000 connections. Make sure you match your switch to the ethernet
standard you’re using on your network.
Understanding Routers
You saw in the previous section that a switch forwards ethernet packets
according to the device MAC address in the frame header. This works
extremely well, and most modern switches are high-performance devices.
However, the inherent limitation of a switch becomes obvious when you want
to add an Internet connection to your network:
■ When you want to request data from a web server, it’s impossible to
know the MAC address of the remote server computer, so the switch
has no way to forward the data request.

■ When a web server wants to send data to your computer, it’s impossi-
ble for the remote machine to know your computer’s MAC address, so
the switch cannot get the data to your computer.
In other words, the MAC address-based forwarding performed by a switch is
limited to LAN traffic and cannot be used to handle WAN (wide area network)
data.
To solve this problem, you need to add a router to your network (see Figure
1.10). A router is a device that makes decisions about where to send the net-
work packets it receives. So far, this sounds
suspiciously similar to a switch. The major
difference is that while a switch uses a
MAC address-based switching table to for-
ward data, a router uses a routing table
that tracks IP addresses, unique addresses
assigned to every Internet host and to
24
Networking with Microsoft
®
Windows Vista
™
1
A wide area network
is network that cov-
ers a wide geographical area.
Some corporations use wide area
networks, but the Internet is the
wide area network.
note
every computer on your network. For example, this is useful when the com-
puters share a high-speed Internet connection, because the router ensures that

the Internet data goes to the computer that requested it. To make this work,
you plug your high-speed modem directly into the special WAN port in the
back of the router.
CHAPTER 1 Understanding Ethernet Networking
25
1
FIGURE 1.10
You add a router to your network when you want to add Internet access.
Understanding IP Addresses
An IP address is a 32-bit value assigned to a computer by a network adminis-
trator or, if you’ve signed up for an Internet account, by your Internet service
provider (ISP). As you’ll see in a minute, these addresses are designed so that
every host and router on the Internet or within a network has a unique
address. That way, when an application needs to send data to a particular
locale, it knows that the destination address it plops into the packet header
will make sure that everything ends up where it’s supposed to.
The problem with IP addresses is their “32-bitness.” Here’s an example:
1100110111010000111000100000010
Not very inviting, is it? To make these
numbers easier to work with, you use
dotted-decimal notation (also known in the
trade as dotted-quad notation). This notation
divides the 32 bits of an IP address into
four groups of 8 bits each (each of these
groups is called a quad), converts each
group into its decimal equivalent, and then
separates these numbers with dots.
Let’s look at an example. Here’s the previ-
ous IP address grouped into four 8-bit
quads:

11001101 11010000 01110001 00000010
Now you convert each quad into its decimal equivalent. When you do, you
end up with this:
11001101 11010000 01110001 00000010
205 208 113 2
Now you insert dots between each decimal number to get the dotted-decimal
form of the address:
205.208.113.2
The Router and Dynamic IP Addressing
The MAC addresses of network devices are assigned in advance by the device
manufacturer. How, then, are IP addresses assigned? For the servers and other
remote machines you deal with on the Internet, each network that wants on
the Internet must sign up with a domain registrar (such as VeriSign.com or
Register.com). In turn, the registrar assigns that network a block of IP
addresses that the administrator can then dole out to each computer (or, in
the case of an ISP, to each customer).
For your own network, however, the IP addresses are assigned as follows:
■ Your router is given its own IP address—called the public IP address—
from the pool of addresses controlled by your ISP. Internet data sent to
any computer on your network is first sent to the router’s external IP
address.
■ The computers on your network are assigned IP addresses. In other
words, when a computer logs on to the network, it is assigned an IP
26
Networking with Microsoft
®
Windows Vista
™
1
You can convert a value

from binary to decimal
using Windows Vista’s Calculator.
Select Start, All Programs, Acces-
sories, Calculator, and then, in the
Calculator window, select View,
Scientific. Click the Bin (binary)
option, use the text box to type
the 1s and 0s of the binary value
you want to convert, and click the
Dec (decimal) option.
tip
address from a pool of available
addresses. When the computer logs
off, the address it was using is
returned to the pool. The system
that manages this dynamic alloca-
tion of addresses is called the
Dynamic Host Configuration Protocol
(DHCP), and the computers or devices that implement DHCP are called
DHCP servers. In most home networks, the router acts as a DHCP server.
In most cases, the range of addresses is from 192.168.1.1 to 192.168.1.254.
(On some routers, the range is from 192.168.0.1 to 192.168.0.254.) The router
itself usually takes the 192.168.1.1 address (this is called its private IP address),
and the pool of possible addresses is usually some subset of the total range,
such as between 192.168.1.100 and 192.168.1.150.
The big advantage of this setup is that your network is never exposed to the
Internet. All communication goes through the router’s public IP address; so as
far as, say, a web or email server is concerned, it’s communicating with a
device at that address. The router is able to get the correct data to your com-
puter because when you initially request data, it adds your computer’s private

IP address and the number of the communications port your computer is
using and stores this data in a routing table. When data comes back from the
Internet, the router converts the public destination IP address of the data to
the private address of your computer, a process known as network address
translation (NAT).
The Router as Firewall
On a small network, the main function of a router is to be used as a gateway
between your network and the Internet. Through the magic of NAT, your net-
work cannot be seen from any device attached to the Internet; as far as the
Internet is concerned, your network is nothing but a router. (For this reason,
an Internet-connected router that performs NAT duties is sometimes called an
edge router.) NAT, therefore, acts as a kind of simple firewall, a technology that
prevents unwanted data from reaching a network.
However, most modern routers go one step further and come with separate
firewall software. This gives you an interface for controlling and managing
the firewall, which mostly means opening and closing specific software ports
used by applications. For example, you’ll see in Chapter 19, “Setting Up a
Website,” that to successfully use a web server on your network you need to
configure the router’s firewall to allow incoming connections on port 80.
CHAPTER 1 Understanding Ethernet Networking
27
1
When a device such
as a router is set up
as the sole connection point
between a network and the
Internet, that device is called a
gateway.
note