Archive for April, 2005

Making Your Own Ethernet Cables Is Not A Casual Project

April 29, 2005

I’m a great fan of do-it-yourself. Setting up a computer network is a lot of fun, even if you’re getting paid to do it. Making your own Ethernet cables is not fun, though.

An RJ-45 Ethernet cable contains 4 pairs of color coded wires, and each wire is not much more than the thickness of a really thick piece of hair. Ok, a really, really thick piece of hair – but one that won’t bend like hair – and you’ll wish it would too.

You have to identify each wire by color, untwist each pair of wires just enough so the individual wires will fit into the end of the plug (or jack if you’re doing interior cabling), get each wire in the correct sequence side by side, insert the 8 wire set into the plug / socket simultaneously and squarely, and crimp everything perfectly. I say simultaneously because you won’t be able to insert each one individually – those wires, as thin as they are, are not going to bend for you.

Oh yeah, I forgot, you have to strip the outer sheath enough – just enough – to separate the 4 pairs. Don’t nick any of those wires when you strip the sheath. And you do know that all 4 pairs of wires don’t go in perfect sequence – one sequence is “green / white-green / white-orange / white-blue / blue / orange / brown / white-brown”. So you have to untwist the orange pair (orange and white-orange) just a little more, because its halves have to fit on either side of the blue pair (white-blue and blue).

There are four color sequences – two for straight-thru cables (connecting jacks and plugs), and two more for cross-over cables (jacks and plugs again). Each sequence has one pair separated by another pair (as the orange pair is separated by the blue pair above).

Make one mistake, and your cable is toast. Untwist one pair just one turn too much (the twists are critical to functionality – they are NOT decorative), or switch one pair of wires (a white-orange stripe looks a lot like white-brown in dim light), and it won’t work. You have to cut the plug off, and start over from the beginning.

And just because it works today, don’t expect it to work tomorrow. Move your computer, flex the cable or put pressure on the plug, and just one micro-disconnection could make the cable not work. Or worse, the cable might work just 90% of the time. You do want a 100M network, right? Not 50M (if the cable doen’t work 100% of the time, you may get an effective rate of 50M). One day you’ll want Giga-Bit too.

Add up the cost of cable, plus the plugs, plus the crimping tool (if you want a quality cable, prepare to spend quality money), plus the time you spend trying to figure out why it doesn’t work, plus a second trip to the store, because you got stranded cable, but connectors (plugs or jacks) for solid cable (you can’t mix solid and stranded components!). Then a third trip to the store because you ran out of connectors – once you crimp one, it’s done. One mistake, cut the bad one off, and throw it away.

There is one, just one, situation where I would make my own cable ends. If I had an electrician pull cabling inside the walls, it may be cheaper to use bulk cable. When you have that done, by the way, have 2 or 3 times as many cables pulled as you need right now. Pulling 2 or 3 cables (tied together) is no more expensive than pulling 1.

If you decide to go the luxury route, and have the electrician attach the end connections (my preference), make sure he knows more about this than I do, make sure he’s licensed, and make sure he tests each cable, and gives a written report for each one. And make sure he labels each cable, so you know which one goes to the master bedroom, or to the office!

Always terminate a cable inside the wall, with a jack, then run a patch cable between the jack and the computer. Please don’t run end to end plugs, with cables running thru holes in the walls. If you’re going to attach the cable ends yourself, attach the ends to secured points inside the walls (the back side of each jack), where they don’t move, and make a strain relief to protect the connection from even the weight of the cable. Always, and I mean always, run pre made and tested patch cables, from the jacks, to the computers.

If you must terminate the cables yourselves, whether to save money or for convenience, or whatever reason, get the right equipment. LANShack sells Cat6 equipment including the Sentinel Cat6 Modular Plug Assembly, and the appropriate tools. If you’re going to have reliable Gigabit Ethernet, or a large quantity of custom length cables, that’s where I would start.

But for a single patch cable, go back to the store, and buy a tested, pre-made cable. You’ll be glad you did in the long run.

Advertisements

The NT Browser (or Why can’t I always see all of the computers on the LAN?)

April 28, 2005


How do your computers know which servers are out there, providing shared data for them? When you look in Network Neighborhood, and see a list of computers with shares (or don’t), where does the list come from (or why are some shares not there)? The list is provided by the browser subsystem, and any omissions from the list are the fault of the browsers (or problems related to the browsers).

In any large office (enterprise domain) environment, you have dozens, if not hundreds of computers. You don’t have to constantly turn the browser service on or off there. How does that work, and why doesn’t a Small Office / Home Office (SOHO) workgroup environment work the same way?

>>Top

Very Simple Network Terminology
A workgroup is similar to a very simple domain, at least in a limited context.

There are an almost infinite number of differences between the two, though.

>>Top

So What Does The Browser Do?
You can’t have every server on the network constantly advertising its presence to every client – that would create chaos. The browser subsystem tames the chaos. The servers are listed by the browser servers, and the browser servers (“browsers”) provide the server list to the clients.

Just as having every server advertise to every client is bad, so would be having one server distribute the server list to all of the clients. The official recommendation from Microsoft calls for 1 browser for every 32 computers in the domain (workgroup). If you have more than 32 computers, you have multiple backup browsers.

If you have more than one computer, you should have a browser. If you have more than two computers, you should have a backup browser, and a master browser. With just two computers, the backup and master browser might be the same computer.

The servers, and the backup browsers, have their activities coordinated by a master browser. The master browser maintains a count of client computers, and for every 32 clients, accepts the offer of one server, directing it to run as a backup browser.

The master browser receives all of the server advertisements, aggregates all of the advertisements into one master list, and distributes the list to each backup browser. The backup browsers distribute the list to the clients, which then have something to display in Network Neighborhood.

In a domain, the domain controller generally acts as the master browser. The domain controller is always online, and always accessible. There are major problems in a domain environment, if the domain controller isn’t available. The domain controller functionality, and the browser functionality, both include failover mechanisms, so there will always be a domain controller, and a master browser, available if the server providing that functionality becomes unavailable for any reason.

In a domain that occupies multiple subnets, the domain controller also becomes the domain master browser, and makes Browsing Across Subnets possible.

>>Top

Why Does The Browser Work Better in a Domain?
There are many differences between a domain environment, and a workgroup environment.

In a domain, for instance:

  • You have a Domain Controller, which does nothing but validate (authenticate and authorise) access to the other servers.
  • If there are multiple subnets in the domain, the domain controller acts as a domain master browser, and aggregates browsing from all subnet master browsers.
  • The role of any computer, as a client or server, is very formal.
  • Servers generally run a server operating system.
  • Servers are traditionally fixed in location, and stay connected and online, constantly.
  • Clients typically only need to know (see) the presence of servers.
  • Clients typically don’t become browsers, because there are usually at least 2 servers present on the domain, acting as browsers.
  • The configuration of a server is very carefully maintained, generally by a server administrator. The performance and stability of a server is carefully guarded.

The master browser role, and the browser role, are generally chosen for a computer running as the domain controller, and for a computer running a server operating system.

Contrast all that with your typical workgroup, where you have 2 or more computers, all sharing data with each other in a web of shares.

  • You have no Domain Controller. Access to any server is validated by local accounts installed, activated, and maintained on each client, and on each server.
  • With no domain master browser, if you have multiple subnets in the workgroup, you’ll have master browsers that won’t communicate.
  • The role of any computer, as a client or a server, is casual.
  • Most computers run a client operating system, though acting as servers.
  • Some computers, wirelessly or otherwise connected, may move around. Many computers are casually disconnected from the network, or turned off, at the whim of the owner.
  • All computers need to know (see) the presence of other computers in Network Neighborhood.
  • All computers become browsers, unless otherwise configured.
  • Many computers have software or settings changes made at the whim of the owner, which may hamper performance or stability, as a client or as a server.

The master browser will be one of the workgroup computers, and be subject to the treatment of a workgroup computer.

Regardless of all of the above considerations, there is expected to always be a master browser in any workgroup (domain). “Always” is a relative term, subject to the browsers checking for a master browser periodically, not every second.

Short of there being a domain controller in your workgroup (there won’t be), or a computer running a server operating system (there may not be), the server chosen to be the master browser will probably be the server that’s been up the longest (though not necessarily online, to the other computers, the longest).

>>Top

What’s The Problem Then?
Anytime that a backup browser realises that there is no master browser present on the domain, the browser is authorised to hold an election to determine a new master browser.

What happens if any server loses contact with another? If a browser server loses contact with the master browser, it may elect itself a master browser. This gives you a workgroup with 2 master browsers, neither able to see the other. This is where many browser problems start.

Differences between operating system, and configurations, of the various servers, combined with changing the identity of the master browser, will make for an ever changing workgroup, as seen in Network Neighborhood. And complaints that “I can’t always see all the computers in my workgroup” become natural (Here we get “always”, and “all”, again).

What happens if the master browser is rebooted? While it’s being rebooted, a master browser election may be held, and when the server that was the master browser comes back up and online, it may find that it’s no longer the master browser. Or it may not. The more servers online at any time, the more backup browsers to notice the absence of the master browser when it’s rebooted.

Timing is a major issue here. In any domain (workgroup), as I said, there has to always be a master browser visible to any backup browser. Any time any backup browser can’t contact the master browser, it assumes that there’s a problem with the master browser, and elects a new master browser. The greater number of backup browsers that there are on the network, the greater the chance that one backup browser will realise the absence of the master browser, and start an election.

What if you, on your home workgroup, casually unplug the network cable on the master browser? Depending upon how long you leave it unplugged, the master browser may be replaced. If you simply plug the cable back in, you will have a workgroup with two master browsers. Some servers may still recognise the old master browser, others the new one.

What if you carry your laptop away from the router, and it loses network connectivity? If it’s a backup browser, and it realises that contact with the master browser has been lost, it may elect itself master browser. When it reconnects to the network, the above situation may apply.

There are also challenges when you have computers running Windows 9x (95, 98, or ME) on the same network with computers running NT (NT, 2000, XP, Server 2003). For more discussion about browser issues related to Windows 9x, see Windows 9x (95/98/ME) and the Browser.

System configurations, and personal firewalls, may affect the ability of a server to be seen by a browser, or to act as a master browser. The restrictanonymous registry setting may prevent any server from being enumerated (“seen”) by a browser. And a totally invisible server can also be caused by the Hidden parameter.

Any personal firewall, depending upon configuration, may prevent a server from being seen as a master browser, or may prevent a master browser from communicating with the backup browsers. Be sure that you haven’t overlooked a firewall bundled with your antivirus protection, or your VPN.

Here’s where the difference in browser functionality, between a domain and a workgroup, becomes important. If you have a domain with an extra master browser, that master browser will eventually communicate with the domain master browser, and its browse list will become integrated with the domain browse list. With the extra master browser on the same subnet as the domain master browser, or on a different subnet, a domain with multiple browser segments will not be a major problems.

On the other hand, a workgroup with multiple browser segments will leave you with two master browsers that wont be able to see each other. Master browsers communicate only with their known backup browsers, and with the domain master browser.

With no domain master browser, the two browser segments will remain separate. Some servers will report their presence to one master browser, and others to another. Some clients will get their browse list from one browser, and others from another. And you will have different browse lists (Network Neighborhood displays) all over the workgroup.

>>Top

How Can I Prevent Browser Problems?
Please start with a clean (unencumbered) protocol stack. The browser depends upon NetBIOS datagrams, and the more protocols there are for NetBIOS to bind with, the more chaotic the browser service will be.

In a workgroup, if you can’t control the chaotic environment, which is unlikely, the best thing to do is to restrict the number of browsers on the network. By doing that, you lessen the possibility of master browser changes and conflicts. So the advice given is generally to use one (or two, with the second being the backup) browsers, and turn the service off on all others.

To stop the Windows 9x Browse Master:

  • From Control Panel – Network, double click on “File and printer sharing for Microsoft Networks”.
  • In “File and printer sharing for Microsoft Networks Properties”, change the Value for Browse Master to Disabled.
  • Hit OK, and restart the system.

To stop the Browser on a Windows NT/2000/XP system, simply set the Computer Browser service to Stopped and Disabled.

Any time you change the browser setup on your LAN, you may have to wait for up 51 minutes, before all computers are synchronised. If this latency period is unacceptable, you may restart each computer. For maximum reliability, power all computers off; when all computers are off, power each one back on again, starting with the one which you want to serve as the master browser.

Of course, even with just two browsers on the LAN, you could (as noted above) end up with a browser conflict. And if both browsers should be offline, or separated from the rest of the LAN, you will have no browser service in the rest of the LAN. So reducing your browser population to two is not a cure all, nor is it guaranteed to produce success all of the time.

You can at least identify any browser related problems, using Microsoft’s Browstat utility, and my troubleshooting guide, Irregularities In Workgroup Visibility.

For more information about the browser subsystem, which is a very intricate component of Windows, you might want to read Microsoft’s articles

>>Top

Summary Rules for Dealing With the Browser

  1. Diagnose the problem before making changes to the browser infrastructure. As I said, the complaint “I can’t always see all of the computers from every computer” is a good symptom of a browser conflict. Lack of “always” or “all” in the complaint may indicate a different cause. Don’t go changing the browser setup without having some chance of producing results.
  2. Browstat, which only works on Windows NT systems, is a good diagnostic tool, when only Windows NT / 2000 / 2003 / XP systems are involved.
  3. It is best to run the browser service on any wired server on the LAN, and let the browser subsystem elect a master browser as necessary.
  4. If you have a small LAN with no computers running a server OS, all servers are potential master browsers. If you take any server offline, and it is powered up, you need to power it off before reconnecting it (or at least restart it while reconnecting it). Or be prepared to diagnose browser conflicts.
  5. If you have a small LAN with no computers running a server OS, and any of the servers are wirelessly connected, disable the browser service on all wirelessly connected servers. Or be prepared to diagnose browser conflicts.