This article aims to give the basic needs in education to Internet as described in this previous one.

It aims at allow private customers to an ISP to understand the basics of Internet and solve their connection troubles.

This article is about IPv4, which some wish to declare as historic, even though it is still the most used IP version.

For the new version, IPv6, read this other article.

Internet

Internet is build out of networks. Thousands of networks where everyone talk the same language : IP, Internet Protocol.

IP addresses allow all those computers to work and talk together.

IPv4 addresses are made of four numbers (bytes) from 0 to 255, so for example :

193.167.12.3
20.30.40.50
10.0.38.100

Public addresses

Most addresses are public. They are those available on the Internet. When you are browsing the web, going to ifconfig.co, it’s this address the website returns and stores in its logs.

Private addresses

There are private networks. Parts of Internet that are not publicly browsable.

If you have an internet box, then it’s surely your case. Those networks use these addresses:

10.0.0.0    - 10.255.255.255
172.16.0.0  - 172.31.255.255
192.168.0.0 - 192.168.255.255

These networks are called class A, B and C networks.

Network mask

We also knows private networks in this form:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16

The /X actually stands for the network mask. This actually indicate which part of the address is already set by the network, and how much is available to address the equipment in the network.

For example, in 10.0.0.0/8, the first 8 bits are fixed by the network. This is the 10. Everything else is free. That’s why the class A network 10.0.0.0/8 goes from 10.0.0.0 to 10.255.255.255. You can see, only the 10 at the beginning remains fixed.

These networks can often be broken down into sub-networks. Thus one can have 255 /16 in a 10.0.0.0/8 : 10.0.0.0/16, 10.1.0.0/16 … up to 10.255.0.0/16.

In 10.2.0.0/16, the first 16 bits are fixed for the network: 10.2, and everything else is free. This network thus goes from 10.2.0.0 to 10.2.255.255.

How I know about my (private) ip ?

You can ask your computer for its IP address by opening a control terminal and running the following commands:

Under Unix-like (Linux, BSD, Solaris …) ifconfig (ifconfig starts to be deprecated but is a standard command, present on all Unix on which I worked, so it’s the one I present here) :

[stephane@Jabberwocky ~]$ ifconfig
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet 10.0.61.197  netmask 255.255.0.0  broadcast 10.0.255.255
    inet6 fe80::226:b9ff:fef6:d709  prefixlen 64  scopeid 0x20<link>
    inet6 2001:470:2099:e:226:b9ff:fef6:d709  prefixlen 64  scopeid 0x0<global>
    ether 00:26:b9:f6:d7:09  txqueuelen 1000  (Ethernet)
    RX packets 399774  bytes 499846428 (476.6 MiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 266624  bytes 32796132 (31.2 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    device interrupt 20  memory 0xe9600000-e9620000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
    inet 127.0.0.1  netmask 255.0.0.0
    inet6 ::1  prefixlen 128  scopeid 0x10<host>
    loop  txqueuelen 1  (Local Loopback)
    RX packets 2789  bytes 345744 (337.6 KiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 2789  bytes 345744 (337.6 KiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0        

eno1 and lo indicates the network interfaces. It is common today that a computer has several network interfaces: a wired interface (or Ethernet) and a wireless interface. lo is the loopback interface used by the machine to talk to itself (yes, it happens, it is not a disease …).

127.0.0.1, the address assigned to lo is always local to the machine.

On Windows:

ipconfig/all

Let us be OK: this ip, it’s one that your computer knows for itself (!!!). But as you are surely on a local (private) network, it is not the public address. Your computer probably has no public ip!

So summarize: your local address is the address of your computer on your network. The public address is the one under which you are seen on the internet.

Each local network can have several machines. And each local network has one public address.

NAT

This is the job of the box to ensure that everything runs smoothly: that multiple machines on a private network can all browse and surf the Internet using the same public address. This is the principle of NAT.

A little debug

Well, I’ll tell you the various steps to debug your internet connection. Each step must be valid before moving to the next.

What’s my address?

You can use the command line on Unix/Linux or Windows, or the tools provided by GUI. There is certainly a network connection icon in the bottom right of your computer screen. Click it and you will find the information.

For example, as above, with ifconfig followed by the interface name, and filtered on inet :

[stephane@Jabberwocky ~]$ ifconfig eno1|grep inet
    inet 10.0.61.197  netmask 255.255.0.0  broadcast 10.0.255.255
    inet6 fe80::226:b9ff:fef6:d709  prefixlen 64  scopeid 0x20<link>
    inet6 2001:470:2099:e:226:b9ff:fef6:d709  prefixlen 64  scopeid 0x0<global>

eno1 has, here the inet address 10.0.61.197.

inet6 addresses are actually ipv6 addresses, which I talk about in this other article.

If you do not have an IP address, then your computer does not start its DHCP client, or the network does not have a dhcp server. Or another cause like this.

DHCP is a mechanism for automatic configuration of a computer’s internet connection used by the vast majority of personal computers. You plug in the cable and a few seconds later, you can surf smoothly.

You can solve this by setting a static address to get a connection. But ultimately, you will have to find where is the problem.

What is the default route my address?

It looks complicated, but actually it is quite simple. The default route is (usually) the address of your box on your local network.

Your local network is like a house. If you want to communicate with the outside world, you must first find the door.

Similarly, to access the internet, your computer must first know what equipment to connect first. This equipment is the box or the router, to use the appropriate technical term.

For the default route address (also called the Gateway), you must use the route command, present on all operating systems, but with various options.

[stephane@Jabberwocky ~]$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.0.1        0.0.0.0         UG    100    0        0 eno1
10.0.0.0        0.0.0.0         255.255.0.0     U     100    0        0 eno1

Here I use the -n option for numeric. And we see that the Internet represented by Destination 0.0.0.0 is accessible through the Gateway 10.0.0.1.

Note: The second line is just my local network.

If you can not find the address of your gateway, then your ISP or dhcp server did not provide the correct address. There is a bug here. The best way to remedy this is to restart both your computer and box.

Your IP address on your local network is actually assigned by the DHCP server, and the gateway address is also provided by DHCP.

Connectivity test on the gateway

Once the address of the gateway is known, try to ping it. The famous command ping is useful to verify connectivity to a machine (a host) on the net.

Surprising as it may seem, there are cases where the firewall of a machine (even the gateway itself, in which case you are deep in shit) is so poorly build that no one can connect to the gateway even if we know its address.

Something else : Make sure the address of your gateway is really on the same local network as your computer!

For example, if your IP is 192.168.1.3024, but the advertised gateway is 192.168.0.1 then you have a problem, as your computer can contact the members of 192.168.1.0/24: from 192.168.1.0 to 192.168.1.255.

If your gateway has address 10.0.0.1, then a little ping will look like this:

[stephane@Jabberwocky ~]$ ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=255 time=0.456 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=255 time=0.520 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=255 time=0.473 ms
^C
--- 10.0.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.456/0.483/0.520/0.027 ms

If it is wrong there, it is probably some trouble with your computer’s firewall. Or some Si ça ne passe pas à cette étape, c’est probablement un problème de pare-feu sur votre ordinateur. Or an addressing inconsistencies as mentioned above.

Let’s ping the outside

If you can ping your gateway, the following step is to test an outside machine.

You can ping one of the two Google’s public DNS : 8.8.8.8 or 8.8.4.4.

[stephane@Jabberwocky ~]$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=55 time=17.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=55 time=17.0 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=55 time=17.4 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 17.053/17.405/17.750/0.322 ms

If it’s wrong, then your gateway is out of order. You maybe need to reboot it, or set it back to default settings (after saving your own personal settings).

DNS ?

Can you resolv domain names ? I only talked about IP as it is about it. It is raw connection.

But not that usefull as is.

An IP, that’s not practical to surf the net. So one invented domain names, actually addresses in the form of short texts. And we use DNS resolvers to link both.

You need to be able to contact the resolver. Its address is once again provided by DHCP.

On Unix-like (Linux and BSD), you have to look in the /etc/resolv.conf file.

[stephane@Jabberwocky ~]$ cat /etc/resolv.conf
# Generated by resolvconf
search 22decembre.eu
nameserver 10.0.0.2
nameserver 10.0.0.1
nameserver 2001:470:2099:e::2
nameserver 2001:470:2099:e::
[stephane@Jabberwocky ~]$

On Windows, they are available through the ipconfig command or the graphical interface, in the dialog box «network connections» or at the bottom right of your computer screen.

If you don’t have any DNS, it might be a bug in the server or the dhcp client.

You can still set them up yourself.

On Unix, you just have to edit the /etc/resolv.conf file as Root. Take care, this file might be overwritten at the next reboot.

Google DNS

Google has two public open DNS resolvers : 8.8.8.8 et 8.8.4.4.

OpenDNS

OpenDNS allows to modify DNS answers. You can filter porno for example.

anti-censure DNS

You can use FDN - French not-for-profit ISP resolvers, 80.67.169.12 and 80.67.169.40.

Censurfridns : 89.233.43.71 and 91.239.100.100.

Test connection to DNS

Just ping your DNS. If your ping fails but you can still ping another server, then your ISP network is having trouble. It is easier to change the resolvers like said earlier.

Tester sa résolution de noms

Use the nslookup command (on Windows) followed by a website name, host, dig or drill on Unix:

[stephane@Jabberwocky ~]$ host www.fdn.fr
www.fdn.fr has address 80.67.169.52
www.fdn.fr has IPv6 address 2001:910:800::52

If you can ping your resolver (the one given you by your ISP or a one of your own choice) but it cannot give you answer you, then you better change the resolver again.

That’s it.

If you have trouble, need some help, want to comment or make a remark, you can contact me : stephane AROBASE 22decembre.eu.