Disregard cable modem documentation about being able to support multiple PCs via a hub: with most domestic broadband ISPs (including NTL, Blueyonder), you can have only one.
If you have more than one computer on a LAN at home, and you want to make the cable modem available to them all, you cannot just plug the cable modem into your LAN hub, because the cable modem will communicate with only one MAC address, and will issue only one IP address via DHCP.
[As an exception to the above statements, the NTL Xbox Live service allows two MAC addresses to be served from the cable modem, and thus two IP addresses to be issued via DHCP. A simple hub between the cable modem, the PC, and the Xbox will allow both PC and Xbox online. If you need to connect more than those two devices, read on].
If you need to connect more PCs than your cable modem allows, then there are several ways to get all your PCs online:
In all these cases, the router is the single device to which the cable modem issues the single IP address, and the other PCs communicate with the internet via a process of Network Address Translation (NAT) performed by the router. For connections initiated by the PCs (e.g. web browsing, e-mail, news), this process works almost infallibly. However, for connections initiated by remote computers trying to connect to you (some games, instant messengers, NetMeeting, P2P file-sharing, some real-time streaming protocols), there will be problems because the router receives the incoming call, but does not know to which local PC to pass it (this problem applies even for applications on the ICS machine itself). Hence the need for port forwarding or port mapping: a NAT router can be configured to recognise that incoming calls on a certain external port should be passed to a nominated local PC. The restriction is that only one local PC can respond to incoming calls on any given external port.
An advantageous side effect of using a NAT router is that it becomes a simple firewall by default, because all incoming calls are dropped unless an explicit port-forward is configured.
Alternatively, a NAT router can be configured to forward all incoming traffic (that is not already explicitly port-forwarded) to a single local PC, known as the DMZ machine. In this case the DMZ PC will not be firewalled by the NAT router. Using a DMZ is the only way of dealing with certain difficult special applications such as NetMeeting or other applications which use the H.323 protocol.
Simple beginners' instructions for home LANs on cable modems are available at http://www.practicallynetworked.com/sharing/.
At BroadbandReports.com, the following support resources are available:
NTL do not provide technical support for home LANs, but there is a self-help newsgroup at ntl.discussion.home-networking, and a user-written guide at http://www.networklab.co.uk/cmodem/.
Blueyonder do not provide technical support for home LANs, but there is a self-help newsgroup at blueyonder.users.self-help.networking. The by-Users help page for home LANS is at http://www.by-users.co.uk/faqs/networking/.
When you unplug a PC from the cable modem and plug a NAT router into it instead (or vice-versa), special procedures are required: see Swapping computers on the cable modem.
With ISPs that require the user to configure their PC with a special name (DHCP Client_ID), it is the NAT router that now must be configured with the name.
With ISPs that require registration of the MAC address of the device connected to the cable modem, then:
If you are going to clone a MAC address into the WAN port of the NAT router, you should do so before first connecting it to the cable modem; otherwise the change of MAC address will require the procedures of Swapping computers on the cable modem.
If you allow the NAT router to allocate private IP addresses to the local client PCs by DHCP, then the ISP's DNS settings will also be relayed to the local client PCs. However, if you allocate IP addresses manually to the local client PCs, then you must also manually configure the clients with DNS servers.
Some network applications do not work correctly when on a PC behind a NAT router: you might need to configure port-forwarding in the router.
If you have an FTP client on a PC behind certain simple NAT routers, the FTP client might need to be configured to use passive (PASV) mode.
It can be very difficult to get an FTP server working on a PC behind a NAT router: it might require special configuration of the FTP server as well as triggered port-forwarding in the router.
For NTL and Blueyonder, the default settings of most NAT routers (Obtain IP address automatically) will work out of the box. Blueyonder users might choose to clone an already-registered PC MAC address into the WAN port of the router before use.
For some non-UK ISPs, special router configurations are required, see:
To discover what port-forwarding you might need to configure in your NAT router for special applications and games, see:
These problems are resolved by UPnP-aware applications and routers: see UPnP NAT traversal.
If you run a software router such as ICS, you must ensure that the PC running the router does not drop into Standby because of lack of use: if it drops into Standby, all the rest of the LAN will lose their internet connection. You can allow the PC to blank its screen, and spin down its hard disk, but the processor and network interfaces must not go to sleep.
A new technology, Universal Plug-and-Play NAT traversal, is emerging to simplify the setup of consumer-oriented NAT routers. NAT traversal enables UPnP-aware applications to automatically configure a UPnP-aware NAT router so that inward calls to the application are routed to the correct PC on the LAN behind the router. For UPnP NAT traversal to work, all three of the following must be UPnP-aware:
Of operating systems, so far only Windows XP supports UPnP NAT traversal, but the Network Setup Wizard from the XP CD-ROM can install client UPnP NAT traversal support in Windows 98/ME.
Examples of applications which support UPnP NAT traversal are:
When run behind a UPnP-aware NAT router, these applications behave just as if the NAT router were not there: e.g. incoming messages and video calls are automatically received by Messenger. No special router configuration is required by the user.
The following NAT routers are known to support UPnP NAT traversal:
There is an official list of UPnP-certified devices at http://www.upnp-ic.org/certification/.
The list of routers under Use These Routers with Xbox Live on http://www.xbox.com/LIVE/connect/routers.htm appears to be a list of routers that support UPnP NAT traversal with latest firmware. The required firmware levels formerly shown on this page have been removed.
Network Address Translation works by simply re-writing the IP address in the IP header, and/or the port number in the TCP or UDP header, of a data packet. If a network application puts IP addresses or port numbers anywhere else, such as in the user-data section of the packet, then they will not usually be translated, and the application might fail to work correctly if its data passes through a NAT router. Common example of such NAT-unfriendly applications are:
The FTP protocol transmits both IP addresses and port numbers over the FTP control connection when clients and servers tell each other about the setup details for a data transfer connection.
NAT routers cannot know about the non-NAT-compliant peculiarities of all possible network application protocols. Nevertheless, where certain application protocols are recognised, their special requirements are dealt with by Application Level Gateway (ALG) support incorporated into the NAT router.
For instance, Linksys routers with firmware 1.39 or higher incorporate ALG support which permits FTP clients on the LAN to function in Active PORT-mode when connecting to a remote FTP server on port 21 (only: it is the destination port 21 which triggers the FTP ALG function).
If the NAT router does not have ALG support for Active PORT-mode FTP clients, then FTP client applications will only work if they can be configured to use Passive mode (the standard command-line ftp command in Windows cannot use Passive mode). The classic symptom of an Active PORT-mode FTP client failing to work through a NAT router is to be able to log on to the server, but not to be able to get a directory listing.
It is even more difficult to get an FTP server working behind a NAT router: see http://www.linksysftp.org/ for instructions on how to set up an FTP server behind a Linksys router.
If the NAT-unfriendly application writes TCP/UDP port numbers into the data stream, but does not write IP addresses into the data stream, and there is no ALG support in the NAT router for this application, then a fix is to configure the application's PC into the DMZ setting of the router. For instance, this will fix the H.323 video protocol used by NetMeeting.
Return to Index.