How to Configure your Network Tab

The Network tab controls what your ABS will do for your Network.

If your ABS is the gateway to the internet for your internal computer network (i.e. all machines connect to the internet through the ABS), you may need to have your ABS "Share a Single IP Address". The only exceptions are people who have routers installed between the ABS and the ISP (either in software via IPNetRouter or hardware such as MacSense, Linksys, Farallon, etc.) Most hardware routers only work for ISP connections based on ethernet connections (DSL, ADSL, xDSL, cable modem.)

If you have a such router installed between the ABS and the high-speed modem or want to add the ABS to an extant computer network (at work, for example), you can un-check "Distribute IP addresses" and skip to the "Port Mapping" section. If you do not have a router but want to share a single internet connection among several machines, the following instructions should allow you to set up your own home gateway.

The Airport software allows the ABS to act as a router and as a rudimentary firewall. It does this through a process called Network Address Translation (NAT, also known as IP spoofing). This software is activated when you check the "Distribute IP Addresses" box. NOTE: If you already have a router, disable this feature as it might make your ABS act erratically. I have enclosed an explanation of NAT and DHCP below.

Here are a number of choices that will configure your network.

• If you share the ABS among several machines and do NOT have a DHCP server running on your network, select the "Share a single IP address (DHCP and NAT)". The next bar allows you to specify the range of internal IP addresses the ABS will hand out. The range of IP addresses for home use is usually 10.0.1.1 to 10.0.1.255. However, you may also like to go with 192.168.0.0 to 192.168.255.255, or a arbitrary set of your choice. I'd leave this setting as is unless you have a compelling reason to change it.
• If you own a router that does NAT but not DHCP, the next checkbox "Share a Range of IP addresses" is of interest. The range of IP addresses for home use is usually 10.0.1.1 to 10.0.1.200. The lease time is the amount of time that a individual computer retains its network address. Think of it as a dinner reservation - its a time slot reserved for you. This is particularly relevant for networks where a lot of machines come in and out. The shorter the time slot, the more turnover can be accommodated. However, renewing DHCP leases causes some overhead and if you do not have a lot of people moving in and out of your network, you can safely set long DHCP leases. 4 hours is usually good enough.
• If your ABS connects to the internet via the telephone, enable the "Enable PPP Dial-in" box. Then decide whether your ABS should make the connection automatically (can be risky if the call isn't free) or whether users have to tell the ABS to make the connection before it does.
• Another new "Extreme" ABS option is to enable AOL parental controls. I have no idea if they are effective. Peace of mind? I doubt it.

Network Address Translation (NAT) Explained

NAT "hides" machines behind the ABS from prying eyes on the internet. However, it does slow the network connection down somewhat as the CPU in the Airport base station tries to keep up with the torrent of data moving through it. The faster the network connection, the more the added "overhead" of NAT becomes an issue. For dialup modem users, NAT on a ABS is transparent - the network connection is far too slow for NAT to have an impact on throughput. However, any slowdown due to NAT is usually insignificant compared to the many other things that slow down internet connections.

The current implementation of NAT on "Extreme" base stations is IPSec-compliant. However, I have not tested this myself. If true, it will allow Virtual-Private-Network (VPN) packages to work with NAT on (like Nortel Extranet for example)

The DHCP Server

Regardless of how many machines are on your network, it is useful to have something called a DHCP server. DHCP servers act as the clearinghouse for IP addresses in your home. Think of a DHCP server as the telephone company assigning telephone numbers to houses in your neighborhood. Each Ethernet transceiver has a unique identifier called the MAC address that can then be assigned to an IP address. Thus, every transmission destined for a specific IP address is then picked up by the transceiver that "knows" that this is its IP address.

With a DHCP server, each ethernet transceiver is assigned a IP address automatically using the MAC address of every device on the network. In turn, the devices on the network can be programmed to accept such designations automatically. Thus, the DHCP server is a great time saver because it ensures that every piece of your network knows how to reach each other and how to connect to the internet.

With the help of a DHCP server, all computers in your home are automatically assigned an IP address and download critical router, DNS server, subnet, etc. data. If anything changes upstream (like your ISP putting you on a new network node), a DHCP server will automatically reconfigure the TCP/IP settings of your networked machines. Hence, it is not surprising that nearly every network in existence today has a DHCP server - they save a lot of time. Most (if not all) routers sold into the home market today have built-in DHCP servers.

However, there is one thing about DHCP servers that you have to keep in mind: They cannot coexist on a network. DO NOT EVER run two or more DHCP servers on the same network - confusion will reign. It's like two policemen directing traffic in an intersection without coordinating with each other!