This article aims to give the basic needs in education to Internet as described in this previous one.
It aims at allow private customers to an ISP to understand the basics of Internet and solve their connection troubles.
This article is about IPv4, which some wish to declare as historic, even though it is still the most used IP version.
For the new version, IPv6, read this other article.
Internet is build out of networks. Thousands of networks where everyone talk the same language : IP, Internet Protocol.
IP addresses allow all those computers to work and talk together.
IPv4 addresses are made of four numbers (bytes) from 0 to 255, so for example :
126.96.36.199 188.8.131.52 10.0.38.100
Most addresses are public. They are those available on the Internet. When you are browsing the web, going to ifconfig.co, it's this address the website returns and stores in its logs.
There are private networks. Parts of Internet that are not publicly browsable.
If you have an internet box, then it's surely your case. Those networks use these addresses:
10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255
These networks are called class A, B and C networks.
We also knows private networks in this form:
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
The /X actually stands for the network mask. This actually indicate which part of the address is already set by the network, and how much is available to address the equipment in the network.
For example, in 10.0.0.0/8, the first 8 bits are fixed by the network. This is the 10. Everything else is free. That's why the class A network 10.0.0.0/8 goes from 10.0.0.0 to 10.255.255.255. You can see, only the 10 at the beginning remains fixed.
These networks can often be broken down into sub-networks. Thus one can have 255 /16 in a 10.0.0.0/8 : 10.0.0.0/16, 10.1.0.0/16 … up to 10.255.0.0/16.
In 10.2.0.0/16, the first 16 bits are fixed for the network: 10.2, and everything else is free. This network thus goes from 10.2.0.0 to 10.2.255.255.
How I know about my (private) ip ?
You can ask your computer for its IP address by opening a control terminal and running the following commands:
Under Unix-like (Linux, BSD, Solaris …) ifconfig (ifconfig starts to be deprecated but is a standard command, present on all Unix on which I worked, so it's the one I present here) :
[stephane@Jabberwocky ~]$ ifconfig eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.61.197 netmask 255.255.0.0 broadcast 10.0.255.255 inet6 fe80::226:b9ff:fef6:d709 prefixlen 64 scopeid 0x20<link> inet6 2001:470:2099:e:226:b9ff:fef6:d709 prefixlen 64 scopeid 0x0<global> ether 00:26:b9:f6:d7:09 txqueuelen 1000 (Ethernet) RX packets 399774 bytes 499846428 (476.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 266624 bytes 32796132 (31.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 20 memory 0xe9600000-e9620000 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 2789 bytes 345744 (337.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2789 bytes 345744 (337.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno1 and lo indicates the network interfaces. It is common today that a computer has several network interfaces: a wired interface (or Ethernet) and a wireless interface. lo is the loopback interface used by the machine to talk to itself (yes, it happens, it is not a disease …).
127.0.0.1, the address assigned to lo is always local to the machine.
Let us be OK: this ip, it's one that your computer knows for itself (!!!). But as you are surely on a local (private) network, it is not the public address. Your computer probably has no public ip!
So summarize: your local address is the address of your computer on your network. The public address is the one under which you are seen on the internet.
Each local network can have several machines. And each local network has one public address.
This is the job of the box to ensure that everything runs smoothly: that multiple machines on a private network can all browse and surf the Internet using the same public address. This is the principle of [NAT] (https://en.wikipedia.org/wiki/Network_address_translation).
A little debug
Well, I'll tell you the various steps to debug your internet connection. Each step must be valid before moving to the next.
What's my address?
You can use the command line on Unix/Linux or Windows, or the tools provided by GUI. There is certainly a network connection icon in the bottom right of your computer screen. Click it and you will find the information.
For example, as above, with ifconfig followed by the interface name, and filtered on inet :
[stephane@Jabberwocky ~]$ ifconfig eno1|grep inet inet 10.0.61.197 netmask 255.255.0.0 broadcast 10.0.255.255 inet6 fe80::226:b9ff:fef6:d709 prefixlen 64 scopeid 0x20<link> inet6 2001:470:2099:e:226:b9ff:fef6:d709 prefixlen 64 scopeid 0x0<global>
eno1 has, here the inet address 10.0.61.197.
inet6 addresses are actually ipv6 addresses, which I talk about in this other article.
If you do not have an IP address, then your computer does not start its DHCP client, or the network does not have a dhcp server. Or another cause like this.
DHCP is a mechanism for automatic configuration of a computer's internet connection used by the vast majority of personal computers. You plug in the cable and a few seconds later, you can surf smoothly.
You can solve this by setting a static address to get a connection. But ultimately, you will have to find where is the problem.
What is the default route my address?
It looks complicated, but actually it is quite simple. The default route is (usually) the address of your box on your local network.
Your local network is like a house. If you want to communicate with the outside world, you must first find the door.
Similarly, to access the internet, your computer must first know what equipment to connect first. This equipment is the box or the router, to use the appropriate technical term.
For the default route address (also called the Gateway), you must use the route command, present on all operating systems, but with various options.
[stephane@Jabberwocky ~]$ route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.1 0.0.0.0 UG 100 0 0 eno1 10.0.0.0 0.0.0.0 255.255.0.0 U 100 0 0 eno1
Here I use the -n option for numeric. And we see that the Internet represented by Destination 0.0.0.0 is accessible through the Gateway 10.0.0.1.
Note: The second line is just my local network.
If you can not find the address of your gateway, then your ISP or dhcp server did not provide the correct address. There is a bug here. The best way to remedy this is to restart both your computer and box.
Your IP address on your local network is actually assigned by the DHCP server, and the gateway address is also provided by DHCP.
Connectivity test on the gateway
Once the address of the gateway is known, try to ping it. The famous command ping is useful to verify connectivity to a machine (a host) on the net.
Surprising as it may seem, there are cases where the firewall of a machine (even the gateway itself, in which case you are deep in shit) is so poorly build that no one can connect to the gateway even if we know its address.
Something else : Make sure the address of your gateway is really on the same local network as your computer!
For example, if your IP is 192.168.1.30/24, but the advertised gateway is 192.168.0.1 then you have a problem, as your computer can contact the members of 192.168.1.0/24: from 192.168.1.0 to 192.168.1.255.
If your gateway has address 10.0.0.1, then a little ping will look like this:
[stephane@Jabberwocky ~]$ ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=1 ttl=255 time=0.456 ms 64 bytes from 10.0.0.1: icmp_seq=2 ttl=255 time=0.520 ms 64 bytes from 10.0.0.1: icmp_seq=3 ttl=255 time=0.473 ms ^C --- 10.0.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.456/0.483/0.520/0.027 ms
If it is wrong there, it is probably some trouble with your computer's firewall. Or some Si ça ne passe pas à cette étape, c'est probablement un problème de pare-feu sur votre ordinateur. Or an addressing inconsistencies as mentioned above.
Let's ping the outside
If you can ping your gateway, the following step is to test an outside machine.
You can ping one of the two Google's public DNS : 184.108.40.206 or 220.127.116.11.
[stephane@Jabberwocky ~]$ ping 18.104.22.168 PING 22.214.171.124 (126.96.36.199) 56(84) bytes of data. 64 bytes from 188.8.131.52: icmp_seq=1 ttl=55 time=17.7 ms 64 bytes from 184.108.40.206: icmp_seq=2 ttl=55 time=17.0 ms 64 bytes from 220.127.116.11: icmp_seq=3 ttl=55 time=17.4 ms ^C --- 18.104.22.168 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 17.053/17.405/17.750/0.322 ms
If it's wrong, then your gateway is out of order. You maybe need to reboot it, or set it back to default settings (after saving your own personal settings).
Can you resolv domain names ? I only talked about IP as it is about it. It is raw connection.
But not that usefull as is.
An IP, that's not practical to surf the net. So one invented domain names, actually addresses in the form of short texts. And we use DNS resolvers to link both.
You need to be able to contact the resolver. Its address is once again provided by DHCP.
On Unix-like (Linux and BSD), you have to look in the /etc/resolv.conf file.
[stephane@Jabberwocky ~]$ cat /etc/resolv.conf # Generated by resolvconf search 22decembre.eu nameserver 10.0.0.2 nameserver 10.0.0.1 nameserver 2001:470:2099:e::2 nameserver 2001:470:2099:e:: [stephane@Jabberwocky ~]$
On Windows, they are available through the ipconfig command or the graphical interface, in the dialog box «network connections» or at the bottom right of your computer screen.
If you don't have any DNS, it might be a bug in the server or the dhcp client.
You can still set them up yourself.
On Unix, you just have to edit the /etc/resolv.conf file as Root. Take care, this file might be overwritten at the next reboot.
Google has two public open DNS resolvers : 22.214.171.124 et 126.96.36.199.
OpenDNS allows to modify DNS answers. You can filter porno for example.
You can use FDN - French not-for-profit ISP resolvers, 188.8.131.52 and 184.108.40.206.
Censurfridns : 220.127.116.11 and 18.104.22.168.
Test connection to DNS
Just ping your DNS. If your ping fails but you can still ping another server, then your ISP network is having trouble. It is easier to change the resolvers like said earlier.
Tester sa résolution de noms
Use the nslookup command (on Windows) followed by a website name, host, dig or drill on Unix:
[stephane@Jabberwocky ~]$ host www.fdn.fr www.fdn.fr has address 22.214.171.124 www.fdn.fr has IPv6 address 2001:910:800::52
If you can ping your resolver (the one given you by your ISP or a one of your own choice) but it cannot give you answer you, then you better change the resolver again.
If you have trouble, need some help, want to comment or make a remark, you can contact me : stephane AROBASE 22decembre.eu.