Question Home network shares and other devices on the network

Page 3 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

tinpanalley

Golden Member
Jul 13, 2011
1,474
22
81
I've got my desktop sharing specific folders. This is mostly to access video and audio from tablets and cell phones on the home network. But I'd like my laptop, on Wifi, to see the document network shares just to avoid using onedrive all the time. The shares are there and active on the desktop with no password, I don't see why I can't use them.
What have I not got set up right, do you think?
 

lakedude

Platinum Member
Mar 14, 2009
2,686
485
126
It took me a good long while to understand subnets, partly because of the unfortunate use of special terminology and partly because those that tought me didn't really understand networks themselves. I didn't really understand until it was my turn to teach the new guy and we figured it out together with hands on experimenting.

If you would like to hear more just ask.
 
  • Like
Reactions: tinpanalley

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
@lakedude

Subnetting can be a real PITA but, once you figure it out it's cake. The only time I or most people need to use it off the top of their head is in an exam setting. Outside of that situation it's something easily looked up or put into an online calculator for quick reference.
 

tinpanalley

Golden Member
Jul 13, 2011
1,474
22
81
Because it is like multiple Routers it is actually good for installations that deliberately want to isolate the users.

Popular in student dorms, and public places.
The problem is that for a less savvy user like me, it permits fluid, uninterrupted WiFi in our home and gives us signal all the way to the end of our long railroad-like apartment. And the option was right there in the settings to extend from the main connection. So, this was a fixable issue, but I'll admit exacerbated by my lack of knowledge because until now, I've quite frankly had other things to do in life like live in three countries, go through about 5 different careers and enjoy good food and good wine. So it isn't out of a lack of desire that some of us very tech savvy people don't fully comprehend networking. Not all common users are teeny-bopping, social media junky, like-button-dopamine addicts. Some genuinely want to know more and CAN be taught as long as they're not ignored because of superficial qualities or their disposable consumerism by people who have info. As I believe this thread to be demonstrative of.
 

lakedude

Platinum Member
Mar 14, 2009
2,686
485
126
So starting off I only have the basics memorized. There are special reserved network addresses that I don't have memorized because they can just be looked up. That said, understanding some really simple basic concepts can help a lot.

Any network has some behind the scenes self monitoring going on. The different parts are constantly talking with each other to see if they are okay or if any changes have been made or to see if one path is better than another. This behind the scenes traffic would be overwhelming if every part of the entire internet had to talk to every other part. So instead of talking to billions of other parts, networks are divided into smaller more manageable parts. This is where subnets come in. A subnet is basically your local personal slice of the internet called your intrAnet.

Your intrAnet normally consists of all the things on your network in your house on your side of your router. Every device on your network would normally be in the same group of 256 or fewer devices. By dividing things up this way your $100 router only needs to keep track of 256 or fewer devices instead of billions.

Now what happens when a computer is outside you local intrAnet subnet? Well if it isn't inside than your router assumes it is outside in the broader internet somewhere. This is where you ran into trouble. You had 2 separate logical networks on the same side of the router. Lets assume the router is on 192.68.2.x. When the computer on 192.168.2.x tried to get with the computer on 192.168.68.x the router assumed the 192.168.68.x computer was somewhere else in the world, anywhere else actually since all the router cares about are computers on the 2.x network. The router assumes 2.x is your stuff and anything not on 2.x is somewhere else.
 
  • Like
Reactions: mxnerd

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
@lakedude

It's a bit more complex than that being that RFC1918 addresses aren't routable across the internet. If the devices don't hit a mechanism such as a static route or dynamic routing protocols it won't see a path to the other segment. Normal consumer devices don't have this capability built into them and half baked ROM's sometimes can enable a little more control to get this working. Mostly this sort of thing is better handled on an external switch that can handle L3 or VL setups and also allows for routes to be static between two segments.

Another more common issue presenting itself now is CG-NAT where you're not in RFC1918 space but, also not fully routable but proxied through the carrier and then to the publicly routable internet. Similar to pushing your 1918 IP's through the NAT process on your home device. It's just done on a higher scale.

You can break down a /16 192.168.0.0 network to as little as a /32 single IP for a loopback or point to point /30. https://techlibrary.hpe.com/docs/otlink-wo/CIDR-Conversion-Table.html

There's plenty of room to splice things apart and together depending on how complicated you want to design things. Sure, there's other subnets for multicast https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml

MCAST runs autonomously outside the scope of your LAN and communicates with systems and mechanisms to make the changes based on the responses they get.

Then it gets bigger with the advent of IPv6 which expands from IPv4 32-bit addresses to 128-bit and mixes numbers & letters into the "IP".
 
  • Like
Reactions: lakedude and mxnerd

sdifox

No Lifer
Sep 30, 2005
96,950
16,210
126
Ok, worked automatically.
I have never, in 10 years of owning this laptop been able to do this. It would only ever work if I connected to the router via ethernet and I'm understanding now why. But there is so much I'm thinking one could do and customise if one took the time to learn proper home networking.
(Now... my laptop is having keyboard issues but that's another thing altogether. )



It might be time to replace the ten year old laptop :cool:
 

lakedude

Platinum Member
Mar 14, 2009
2,686
485
126
It's a bit more complex than that...
Of course it is. That is why network techs make way more than computer techs. I defer to your clearly superior knowledge on the subject, really.

I'm trying to keep things simple, like the explanation I just gave my kid about where babies come from. A doctor would have a field day with the technical inaccuracies and notable omissions in my explanation but the kid heard enough information to keep him happy for a while.

We used the 10 network for our private addresses at work and it did slip my mind that 192 is private and a that a NAT takes place but that really isn't the important thing when trying to explain subnets and why 2 devices won't talk to each other.

I'm purposely avoiding subjects like private networks, and words like domain and node and most especially I'm avoiding everything to do with the God forsaken 7 layer OSI model because none of that stuff is helpful at this level.

Throwing the book at someone just starting out is going to be too much IMHO...


20220403_223945.jpg
 

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
True. Just putting it out there though makes you scratch your head an and do some research. It's an addictive subject when you dig into it of you're interested. Yes network engineers tend to make more than IT admins due to complexities beyond an mcsa / mcse level as most of their issues daily pertain to the os side. Basic networking is covered though. But experience could units more than the cert though the cert gets doors open. It's something you can do without a degree and make six figures.

Yes different networks don't speak to each other unless you tell them to explicitly. A router only does what you tell it to do. Usually nothing more or nothing less unless there's something wrong. It's similar to 10 digit dialing where things have to match up to go through the phone networks. If the area code doesn't have the npa/nxx included you get the error recording in response.
 

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,101
126
Users can think of router as a standalone PBX system, all extensions (compuers/devices) in the same PBX can talk to each other and make phone calls to the outside world, but PBX system A can't talk to PBX system B even if they are inside the same company. If you hook up 2 PBX systems together, every extension should have its unique number, you can't have the same extension number, that will confuse everyone.
 
Last edited:

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
@mxnerd

Except for the fact that a Router or L3 switch can get beyond that by either adding a static route to advertise the path or using dynamic routing see each other. Consumer grade equipment doesn't really support this but even the basic Cisco gear does,

In a DIY scenario though the gloves come off and you can do whatever you want . Adding loopbacks / VL's / routes / etc. It depends on how complicated or streamlined you want to make things. I setup secondary loopbacks to pin services / servers to in my box instead of having to deal with docks / VM's running them individually within the OS.

GW 192.168.0.1
Pihole 192.168.0.2
Loopback 192.168.0.50
AP 192.168.0.65

Some other things like Webmin just use the LO and port differentiator 10000 or Plex LO 32400 or ntopng LO 3000

Seeing those "apps" as an extension y using a different port but the same main number being the LO.50

Seeing the PIHOLE / AP as different numbers completely outside of the main company instead of extensions.

The inverse is possible though reusing the same IP network and segregating it using VLAN's by invoking the tags to keep them seeing each other / communicating with each other. From a logical standpoint in engineering it's easier to pick an octet and match it to the VL ID i.e. VL 5 could be 192.168.5.x or 172.16.5.x or 10.x.5.x

In bigger networks we typically use 10..x.x.x and the 2nd octet might be used to indicate a different location.
10.214.x.x would be Dallas
10.212.x.x would be NYC
10.202.x.x would be DC

There's usually some logic behind the numbering where it's an area code or something else that's commonly known or you end up using a spreadsheet since you have locations that wouldn't be 1-254 for an IP.

Further segmentation within the parent IP scope comes down to the services needed and allocating the 3rd octet to that grouping for management purposes .

There's a lot of different approaches but, there's also ways to make things work improperly to get what you need to happen within the network while waiting on approval for new equipment. This is usually referred to as a "pinhole" to work around the constraints of current conditions.
 

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,101
126
@Tech Junky All you said were true. I'm just trying to use simplest way to tell people who have no idea about networking at all.

Also as @lakedude has pointed out, I'm certain that you are several levels above me, since I usually deal with stuff in the same network. Although I did take several CCNA classes before, but I have to admit that hard core routing stuff is still a bit difficult for me.

Port numbers/protocols on the same IP can be seen as SSA office at the same address but serving several windows/languages.

With port forwarding and routing, outsider probably will never know how far back the tasks are truely handled in the back office.
 
Last edited:

In2Photos

Golden Member
Mar 21, 2007
1,997
2,023
136
I don't think anyone that visits this forum doesn't realize there are a lot of people that have a vast knowledge of the PC world. That's why they come here looking for advice and help. But not every problem is a super complicated one that requires all the techo-jargain vomit that also comes with that knowledge. There's a reason why help centers start with this question: "is it turned on?" You can really spin your wheels chasing a diagnosis without having the basic information.
 
  • Like
Reactions: lakedude

lakedude

Platinum Member
Mar 14, 2009
2,686
485
126
Users can think of router as a standalone PBX system
The trouble with this is that it assumes knowledge of what a Private Branch eXchange is...

Last night I spent over 2 hours last night 🌙 typing up an overly complicated explanation of the different subnet notations (slash, binary, etc.). This morning I erased the whole stinking thing. It made sense to me because I knew what I was trying to say but it was a steaming pile of garbage.

This morning I think I've got something more relatable to an average person, zip codes and street address. More on this in a bit...
 
  • Like
Reactions: Tech Junky

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,101
126
Well, if people don't know what PBX is, then another analogy is a small isloated community with sorrounding wall and a gateway to the public road. Each built house (device/computer) got an assigned and unique number from 1 to 254 (if the subnet mask is 255.255.255.0 or /24 notion. Although #1 usually is reserved for the gateway (can be a house too, but with access to the public road on the other side), but it can be any number.
 
Last edited:

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
@mxnerd


Also, the gateway is an arbitrary selection it doesn't have to be .1 it can be .x

The gateway being .1 is the simplest / reasonable expectation that makes logical sense.

Addresses for houses on a block don't always end in 1 nor does a contiguous block start with the first number/s being the same. The block I'm on has addresses 13xx-14xx for example. Guidance / rules try to make things simple but, that's not always the case in the real world.

Back in the day I recall some DSL vendors using .254 as the GW for their devices, They also used .1 as their management IP instead of what most do today by using .1: port to get to the management interface.

Using KISS methodology makes things easier to understand but isn't always the case.
 

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,101
126
@mxnerd


Also, the gateway is an arbitrary selection it doesn't have to be .1 it can be .x

The gateway being .1 is the simplest / reasonable expectation that makes logical sense.

Addresses for houses on a block don't always end in 1 nor does a contiguous block start with the first number/s being the same. The block I'm on has addresses 13xx-14xx for example. Guidance / rules try to make things simple but, that's not always the case in the real world.

Back in the day I recall some DSL vendors using .254 as the GW for their devices, They also used .1 as their management IP instead of what most do today by using .1: port to get to the management interface.

Using KISS methodology makes things easier to understand but isn't always the case.

I think I did say the gateway or any house can be any number from 1 to 254. I also did not say the number has to be contiguous and start from 1.

My TP-Link travel router's default IP is .254

I used to work in IT dept. with just over 100 computers. I was a Windows guy handling Windows domain networking, inventory/EDI programming, user support, and even hardware troubleshooting, assembly and upgrades

I do know IP calcualtor/CIDR subnetting etc and private/public IP ranges. Just not dealing with Cisco switch/routing stuff every day. The environment was not complex enough to do those things.

KISS methodology absolutely does not work for professional job, but it does work for explaining stuff to end user or layman most of the time.
 
Last edited:

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
My bad I missed that in your reply. It gets funkier even when you start having a ton of /30's running around in the network for point to point setups. Then dealing with rip, bgp, isis, ospf, etc. to reflect routes, inject them, etc. Then using ACL's to control hose they bounce routes between each node in the path.

Hierarchy of difficulty:
Home networking
Office networking
Enterprise networking
Service Provider networking

I used to work for a company that was basically an IT mercenary for hire to big companies that needed technical / deployable hands on personnel. Getting into those systems and seeing behind the proverbial curtain sheds some light on how / why their networks operate the way they do. Put this way I've been hands on with 2 of the big 3 cell companies working on various projects upgrading their infrastructure prepping to deploy new technologies. Being in their "CO' and switch sites unveiled some interesting things you know are possible but wouldn't think are done.
 
  • Like
Reactions: lakedude and mxnerd

Fallen Kell

Diamond Member
Oct 9, 1999
6,097
460
126
There's a firewall on the router. The internal PCs only need it when you connect directly to the internet without a router or on an untrusted network.
Well, not entirely true. Yes, it is true that your home gateway router most likely has an integrated firewall. But it is not true that your internal PCs only need a firewall when they are connecting directly to the internet without the router or are on an untrusted network. The reason you still want a firewall on the PCs is to prevent various NAT/firewall attacks (such as NAT Slipsteaming) which allows for a hacker to bypass that firewall and directly communicate via TCP/UDP to devices behind it (and thus any protocols that are up and running on those devices).

There are also other attack vectors that a local firewall can help prevent, such as possibly preventing reverse shells without first having compromised administrative rights to be able to control the local firewall.

You need to remember that most things are by default designed and configured in a way as to limit the number of help calls or number of returns (of "this item sucks, because it doesn't work") to the company that made the device. Security rarely plays a part unless it can be done without being intrusive (which for networks and computers is almost impossible as no one knows how you customized your home network to provide for all your device needs and networking requirements). So, what that usually means is that things are usually not that safe out of the box. And in general, that also means that things are not safe in 99% of deployments because the people doing the installations/setup do not know what they need to do in order to make it safe and secure (they barely know the general concept of networking let alone how to design and configure a secure setup).
 
Last edited:

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,101
126
I wouldn't suggest turning off firewall either. The attack does not have to initiated from the internet, it could also come from files downloaded via website browsing activities, intentionally or unintentionally, or from email attachments. Once virus/malware gets in, PC without firewall on will be much easier to be attacked.
 

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
Firewall is for packets
AV / defender is for attachments

If you setup you your network correctly it shouldn't be much of an issue.

If the bad people want to get you they will regardless of your windows firewall or av settings.
 

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,485
391
126
Firewall is for packets
AV / defender is for attachments

If you setup you your network correctly it shouldn't be much of an issue.

If the bad people want to get you they will regardless of your windows firewall or av settings.

So... let see how it is applying to where I live -NYC.

I should not pay attention to traffic light and street crossing because if some one Really wants to bang me with his/her car, they will succeed anyway.


:cool:
 

Tech Junky

Diamond Member
Jan 27, 2022
3,721
1,282
106
@JackMDS

If your network is in a bubble with the FW configured correctly your devices don't need the overhead caused by lackluster coding.

As long as you're in your bubble and walking into the middle of the street and a car comes along you go bouncing down the street harm free. If the bubble gets nicked along the way you put a patch on and continue on.

Security is a multi-prong approach with layers of protection. The obvious is don't do stupid stuff to get infected. Keep the traffic out that isn't related to what you initiated. Don't leave holes open for services .
 

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,485
391
126
Unfortunately many of the current “Bubbles” are in Apt. building, dense cities, and dense suburb, and they whole have WIFI.

We are Not just dealing with Russian/Iranian/Chinese etc. hackers that their main interest the main big institutions, but there is also next door Kids etc. that might spend time trying to play around with neighbor Networks.

There is also the thousands that are sitting in Starbucks (as an example) and other public places with their laptops joining to "lovable" Wi-Fi.


:cool: