Windows XP And Vista On The LAN Together

File and Printer Sharing in Windows Vista is not extremely different from File and Printer Sharing in Windows XP. There are new features, and wizard procedures, that work on top of Windows XP features and procedures. If you have a working network, with one or more computers that use Windows Networking, you probably know enough to get started.

There will be challenges though. One predictable challenge is the availability (or lack of availability) of drivers for devices that are operating system sensitive, like network adapters. This has inspired various attitudes, even rants, among the user community.

Computers running Windows Vista use the same layered network as previous versions of Windows, so start by reviewing the principles of layered network design and installation, and of layered network problem solving. And review various issues that affected Windows Networking on computers running Windows XP.

>> Top

System Updates Issues
With Windows Vista, as with Windows XP, Microsoft will issue periodic (and monthly) updates. Most updates are for security issues, and others for operability and / or stability. All updates are necessary, if recommended for your edition of Vista, and some may have a direct effect on your problem.

As an interim measure, possibly before an actual Service Pack, Microsoft has started issuing compatibility, performance, and reliability fixes, covering a variety of issues with Vista.

>> Top

Connectivity Issues
By default, computers running Vista will set the Broadcast flag, in the DHCP Discover packets, On. If your DHCP server (NAT router, or non-Microsoft dedicated server) doesn't support DHCP Broadcast, you'll have various problems - your computer may never get an IP address, or your IP connectivity may come and go unpredictably. To make your Vista computer compatible with Windows XP, (KB928233): turn the DHCP Broadcast flag Off. Besides the DHCP Broadcast difference, be aware of an interesting (KB931550): timing difference between the Windows Vista and XP DHCP clients.

One of the most interesting features in Vista (my opinion anyway) is the ability to dynamically determine Receive Window size for each individual Internet connection. Users of high speed broadband connections will be especially interested in this. Unfortunately, it appears that RWin AutoTuning may be a bit problematic. This setting has been observed to affect both LAN and WAN connectivity, and can cause instability, or lack of connectivity.

On laptop computers, and other computers with multiple network adapters, you'll see an inaccurate / inconsistent network status indicator, when the computer is first started.

Like every newer version of Windows, Windows Vista will use more resources on the host computer, and on any peripherally connected computers and routers. If your peripheral network equipment like routers are becoming aged, you'll be advised to upgrade or replace whatever you can.

The IPX/SPX Protocol is not provided in Windows Vista, though Novell does now provide a Netware client for Vista. NetBEUI, on the other hand, is now a part of history.

>> Top

Visibility Issues
One of the new features of Windows Vista is the Network Map, which runs at the Link Layer of the OSI Network Model, and offers functions similar to The Dude. The Network Map uses a discovery protocol called Link-Layer Topology Discovery (LLTD), which is not a normal part of Windows XP.

To be able to see a Windows XP server from a Vista client, using the Vista Network Map, you need to install (KB922120): the LLTD Responder on any Windows XP computers. The LLTD Responder isn't available for Windows 2000, so you won't be able to see a Windows 2000 server from a Vista client, using the Vista Network Map.

Even if you can't see a Windows XP or 2000 computer in the Network Map, though, you'll still be able to see it in Network Neighborhood / My Network Places, aka the Network window (Start - Network) in Windows Vista. And even if you can see a computer in the Network Map, you may still have to work on name resolution, or on sharing permissions, if you are going to actually access its resources.

The simplest visibility will be enjoyed with all computers in the same workgroup. By default, Windows Vista uses "Workgroup", while Windows XP uses "MSHome". If you leave workgroup names at default, the other computers will be visible in the Network (My Network Places aka Network Neighbourhood) wizard, but they won't be seen immediately, when you open the wizard. You may have to look under Entire Network - Microsoft Windows Network, for the different workgroups used by each set of computers. And with having multiple browse domains (workgroups), your browser infrastructure will be slightly more complex.

>> Top

Using A Windows Vista Client
Under Windows Vista, the personal storage (personal profile and other files and folders) container has been changed, from "C:\Documents and Settings", to "C:\Users". The folder "C:\Documents And Settings" will continue to exist, for backward compatibility, only as a junction point. On a mixed LAN, I would very carefully test sharing of either "C:\Documents and Settings" (with a Windows Vista client), or "C:\Users" (with a Windows XP client), before committing myself.

>> Top

Setting Up A Windows Vista Server
If you're adding a computer running Windows Vista to your network, you have to set it up as a server, so you can access it from your other computers. You do this using the Network and Sharing Center wizard, accessed by Start - right-click on Network, and select Properties. This is equivalent to running the Network Setup Wizard, in Windows XP.

  • Set the Network Location Type to "Private". This requires that your computers are secure, behind a perimeter firewall or a NAT router, and opens the standard Vista personal firewall to allow Server Message Blocks (SMBs) to pass between the computers. If your computer is directly connected to your Internet service, either get a NAT router, or leave the Network Location Type set to Public (which will prevent you from networking this computer).
  • Having set the NLT to "Private", you must now designate which services you wish for your server to provide or use. You should verify each setting before continuing, and change it if necessary.
    • File sharing.
    • Public folder sharing.
    • Printer sharing.
    • Password Protected Sharing (PPS) affects the above 3 services. Disabling PPS is the equivalent of enabling Simple File Sharing, in Windows XP.
  • Setup shared folders and printers. If you enabled PPS, you should setup access for individual users. If you disabled PPS, you setup access for "Guest" or "Everyone". Since Vista security is "deny by default (permit by demand)", "Everyone" doesn't automatically have access to newly created shares. Check the Security tab, for each share created, if you disable PPS.
  • Whether you setup the server with PPS Enabled (aka Advanced File Sharing, in Windows XP), or PPS Disabled, make sure that the account used for sharing is activated for network use.
    • If you Enable PPS, you can use either the Guest account, or a non-Guest account of your choice, but the chosen account has to be activated for network use.
    • If you Disable PPS, then the Guest account must be activated for network use. By default, Guest is disabled. If your server provides network access through the Guest account, be aware of its limitations.
    • Whether you use Guest, or a non-Guest account for access, the account used has to be added, explicitly, under Security, and under Sharing.
  • On a server running Windows Vista, the Administrative (Hidden) volume share of "C$ ("D$", etc) isn't defined, by default.

For an overview of the above, see Microsoft: File and Printer Sharing in Windows Vista

>> Top

Setting Up A Windows XP Server
If you have just one computer besides your computer running Vista, you may have to setup your first computer as a server too. On a computer running Windows XP, run the Network Setup Wizard. For a server connected behind a NAT router, select
This computer connects to the Internet through another computer on my network or through a residential gateway.
Running the NSW, and making that selection, is similar to setting the Vista NLT to "Private".

>> Top

Common Issues
Other than the network setup wizards used, Vista will be pretty similar to XP. You'll have the same challenges with Windows Networking.

>> Top

Editions Of Windows Vista and XP
There are 5 editions of Windows XP, which are basically 2 variants - Home and Pro.
  • XP Home is the equivalent of Vista Basic Home, with PPS permanently disabled.
  • XP Pro can use Advanced File Sharing (similar to PPS Enabled), or Simple File Sharing (similar to PPS Disabled).
  • The other 3 editions - Media Center, Tablet, and Pro x64 - are all variants of XP Pro, in terms of file sharing functionality.
  • With XP Pro, and with all editions of Vista, you can have Guest or non-Guest authentication. Note the limitations of Guest authentication carefully, some limitations aren't as obvious as they should be.
  • Whether you use the Guest account, or a non-Guest account, for authentication, make sure that the account used is properly prepared for network access.

There are also 5 well known editions of Windows Vista, plus several obscure ones which we probably won't encounter. The different editions of Windows Vista are completely different from Windows XP, in feature set differentation.

>> Top

Windows Vista and Older / Other Operating Systems
If you also have one or more computers running Windows 9x (95, 98, ME), you'll need to be aware of a significant difference between Windows XP and Vista, in Microsoft Windows And Authentication Protocols. But focus your mind on the future - Windows 95 / 98 / ME have a limited life span.

This will be a problem, too, if you have a Network Attached Storage (NAS) device. Many NAS devices, with unknown authentication abilities, will be a similar challenge. Some NAS devices will also try to act as a master browser on your network, and will cause master browser conflicts, and unreliable displays in Network (aka My Network Places).

>> Top

Windows Vista and Printers
If you are setting up your mixed LAN specifically to share a printer, note the additional challenges involved in sharing printers. Get file sharing working, first, then concentrate on getting working printer drivers that support Windows Vista. On a mixed network, the printer will have to support both Windows Vista, and Windows XP. And drivers for the client will probably differ from drivers for the server.

If you're having problems with printing from a computer running Vista, and the printer is shared by another computer, read Network Printing From A Windows Vista Computer.

>> Top

Windows Vista and Security
Depending upon what personal firewall you are using on your Windows Vista computer, you may have to set the firewall manually. It appears that Windows OneCare does not setup seamlessly, as Windows Firewall does, when you set the Network Location Type. And a recent change (September 2007) in Internet Explorer appears to affect Windows Networking access between computers.

>> Top

More References
For the above issues, and more, see

>> Top

Controlling, And Watching, The Services Running On Your Computer

The Services are the various low-level system processes, that all programs and applications depend upon. Services run independently of who is logged in to a computer; most services start when the computer is started, not after login.

While there are many services provided with the Operating System, all services are not essential on any given computer, and may not be running at any given time.

The essential services must be running, yet other services may have to be NOT running, on your computer. You must make the decision, based upon how your computer is to be used. You set each service in question appropriately.

You can start, stop, change startup status, and / or query the status of a service interactively (using the Services wizard), or from a command window (using the Services Controller CLI). You can use Process Explorer, to find out many details about any service, since (as I wrote above) services are the low level processes running on your computer.

The Services Wizard
You start the Services wizard from Control Panel - Administrative Tools - Services.

You may use the Services wizard presented in Standard, or Extended, mode. The choice is yours.



Find the service that concerns you, and double click on it (or right click, and select "Properties").





The Service name and Display name are two descriptors which are used, alternately, in various places. You should be aware of both values.

You may find Path to executable useful when you are researching an instance of "svchost.exe", using Process Explorer.

Startup type determines when, or if, it will ever be started.

Service status determines whether it is, or should be, running now.


  • If the service in question is running, and you want it stopped, hit "Stop", and wait while it stops.
  • If the service is not running, and you want it running, hit "Start" and wait.
  • If you want the service in question to start the next time the system starts, set Startup type to "Automatic".
  • If you want the service to be started the next time it is needed, set Startup type to "Manual".
  • If you want the service to never start, set the Startup type to "Disabled".

Dependencies shows other services that this service requires to be running, and other services that require this service to be running, before they themselves will start.
If the service wouldn't start, or if its Startup Type wouldn't change, it may have a dependency. Look on the Dependencies tab, under "This service depends upon the following system components". Make sure that everything there is present on the computer, and all services listed are Started. Also check the Event Viewer logs for clues. The Services Controller CLI You can also use the Services Controller, aka "SC", from a command window. Observe the spaces in the examples below; they are essential.
  • To find ot the status of the browser service, enter
    sc query browser
  • To stop the browser service, enter
    sc stop browser
  • To start the browser service, enter
    sc start browser
  • To disable the browser service at startup, enter
    sc config browser start= disable
  • To enable the browser service at startup, enter
    sc config browser start= auto
For more information about the Services Controller, see (KB166819): Using Sc.exe and Netsvc.exe to Control Services. If no help yet, check Event Viewer for additional clues. For more information about the many services, the Internet expert is BlackViper, and you can (currently) refer to his websites, Windows Vista Service Configurations, and / or Windows XP Service Configurations. Note that each service has TWO identities. Some utilities and wizards might use one identity to refer to a service, others might use the other. The Browser Service has, for instance,
  1. Service Name: Browser.
  2. Display Name: Computer Browser.
The Workstation Service has,
  1. Service Name: lanmanworkstation.
  2. Display Name: Workstation.
Don't be confused if you can't find a particular service in a list, or if the SC command doesn't seem to work. Make sure that you know both identities for the service that you're interested in. >> Top

Connecting Two Dissimilar Networks, Intentionally

Microsoft Windows operating systems in general, and Windows NT (2000, XP, 2003) in particular, use Internet Protocol for connectivity. In most cases, when I'm providing advice about connecting two dissimilar networks, I'll advise using a router.

  • With two different networks, using a different medium, the differing nature of the network traffic justifies use of a router, for efficiencies sake.
  • With two dissimilar networks, with differing security levels, the security differences justifies use of a router.


But what about those cases where you own and control both networks, and you intentionally want to keep the traffic on both networks equal? If you have a LAN, you want all computers on the LAN to be able to access each other, seamlessly. But Windows Networking in general, and NetBIOS Over TCP in particular, doesn't pass thru a router transparently.

What you need is a simple switch, but for two different network mediums. And that is called a bridge.

Now if you do WiFi, you may have already read about making a WiFi bridge from a NAT router. That's a standard solution. But what if you only have a computer, but with 2 different network connectors? Pick 2 of any:

If you have 2 computers, and a network, and only one of the 2 computers has the proper equipment to connect to the network, but both computer can connect to each other, what do you do? If the one computer (with 2 connections) is connecting to a public network, and the second computer needs access to that public network, you can run Internet Connection Sharing on the first computer.

But ICS provides a routed connection. When the first computer is connecting to a public network, connecting the second computer thru a router makes sense - a router is the outer layer in a layered security strategy.

>> Top

NAS Has Its Own Limitations

I needed a larger hard drive to store my movie collection. My server was maxed out, and I didn't feel like buying a new computer, so I bought a computer in a box, aka Network Attached Storage.

But what makes NAS so attractive is also a limitation. Since NAS is, by design, accessible to all operating systems, you'll find that it's not predictable, like NTFS, and Windows Networking.



So NAS is a great solution, if you need a quick, inexpensive storage boost. But know the limitations, and choose your NAS solution carefully.

>> Top

NetCheck Source

Besides using network monitoring tools like The Dude, sometimes you need detailed information. Occasionally, having the same detailed information, for all computers on the network, is useful. If you need to extract that same bit of information, repeatedly, scripting the extract is the only thing to do.

This is where NetCheck comes into use.

NOTE: Using NetCheck successfully requires that you have a working administrative account setup, and in use, on your LAN. Make sure that you have the authority, before wasting your time.

Take the following code (everything INSIDE the "#####" lines). Please DO NOT include ANY portion of the "#####" lines. Follow instructions below, precisely.


  1. Create folder C:\Utility on your computer, and make that folder part of the Path.
  2. Download PSTools (free) From SysInternals. Copy all components of PSTools, unzipped, into C:\Utility.
  3. Open Notepad. Ensure that Format - Word Wrap is not checked. Highlight then Copy the code (Ctrl-C), precisely as it is presented below, and Paste (Ctrl-V) into Notepad.
  4. Add a list of your computers - substituted for "pc1 pc2 pc3" - into the third command. Note: This list is case insensitive - "PC1" is the same as "pc1".
  5. Save the Notepad file as "netcheck.cmd", as type "All Files", into C:\Utility.
  6. Run it by Start - Run - "netcheck".
  7. Wait patiently.
  8. When Notepad opens up displaying c:\netcheck.txt, first check Format and ensure that Word Wrap is NOT checked! Then, copy the entire contents (Ctrl-A Ctrl-C) and paste (Ctrl-V) into your next post. Or, examine the file yourself.


Do this from each computer, please, with all computers powered up and online. Running this code from each computer will give us a more complete picture of how each computer is setup, and what each computer can see from the others. On a completely working LAN, the multiple copies produced should be symmetrical. Running this, repeatedly, would be redundant. Since you're here, it probably won't be for you.

##### Start NetCheck Base Code

@echo off
@echo NetCheck V1.00 >c:\NetCheck.txt
for %%a in (pc1 pc2 pc3) do (call :Loop1 %%a)
notepad c:\netcheck.txt
goto :End

:Loop1
set NetCheckCmd=psexec \\%1
if /i %1!==%computername%! set NetCheckCmd=
@echo.
@echo NetCheck %1
@echo. >>c:\NetCheck.txt
@echo NetCheck %1 >>c:\NetCheck.txt
@echo. >>c:\NetCheck.txt
%NetCheckCmd% ipconfig /all >>c:\NetCheck.txt
@echo. >>c:\NetCheck.txt
%NetCheckCmd% net config server >>c:\NetCheck.txt
@echo. >>c:\NetCheck.txt
%NetCheckCmd% browstat status >>c:\NetCheck.txt

:End

##### End NetCheck Base Code

>> Top

Centralised (Structured) Wiring In Your Home

If you have two computers, you connect the two computers with a single cable, Computer A to Computer B. I'll bet (hope) that you don't have just that, though. You probably have at least one more computer - your router (which is connected to the broadband modem). So you have a cable from the router to each computer. This is assuming that you aren't using WiFi to connect either computer, and again I'll point out that WiFi is not a good substitute for Ethernet cable.

So you have your router, and a couple computers, in the same room, and you run Ethernet cables between them. But are all computers in the same room? Not if you have a well planned house. You'll probably have one or more of

  • An office computer, for financial and secure activities.
  • An entertainment computer, in the den / family room, for fun.
  • A second computer, in the den / family room, for music / videos, with a large screen (what used to be called a television / stereo / home entertainment center).
  • In your kitchen, you need a computer for recipe access, maybe for inventorying and ordering food.
  • How about one in the garage, for reference when you work on the car?
  • The bedroom, for late night web surfing (no, we won't discuss that any further).


Now, there are so many reasons why having separate computers, with different designs, will be relevant.
  • Locational convenience. Why walk into another room, to use a computer in there, if you have one in front of you?
  • Redundancy. One computer will not last forever. Maybe last year's office computer is now in the bedroom, and your first computer, old and grungy, is in the garage. If one computer dies, it will be inconvenient to walk into the other room to continue the current activity, but you can do that easier than having to fix the one computer on the spot.
  • Security. The web is full of dangers. Each different website may have its own dangers, and I'd bet that different types of websites will focus those dangers. Restricting different activities to different computers makes sense. Keep your office computer, with financial secrets, safe and secure, by keeping it very clean. Other computers, other activities.
  • Sharing house space. One person can be in the office, doing financial chores, another in the garage, doing auto or home maintenance, and a third in the kitchen, preparing a meal. And each using a separate computer.


So now that we've admitted to needing computers all over the house, how do you plan to wire them to each other? One long cable - Garage to kitchen to den to living room to office to bedroom? Please don't do that.

Any properly planned business has one or more centralised and secured rooms for wiring and for central equipment (servers). The home of the future will too. The hub room will be where the video communications ("cable TV") and voice communications ("telephone") services will enter from the outside. There you connect your internal cabling. And from there, you make home runs to each room.

This is where you start. More and more homes are being built, with network cabling designed and installed just as coax ("television"), electrical, and voice ("telephone") cabling is. A requirement, not a luxury.

And by the way, if your garage (or maybe a shed) happens to be separate from the house itself, be aware of one specific wiring safety issue.

>> Top

Using The Internet As A WAN Link? Use A VPN.

Stable and secure Windows Networking depends upon properly designed, routed, subnets. IP routing was designed to make Local Area Networks connect, yet still observe geographical relationships. Using routers between LANs allows localisation of some domain services (browsing, name resolution), but wide spread availability of others.

When you route IP connectivity thru wiring that you own and control, that's behind a firewall, each connected LAN is as safe as any of the other LANs. Threats on the outside (Internet) stay on the outside. Two geographically separate LANs, connected by a dedicated, leased communication line, are as safe as each other is safe.

What if you have 2 LANs, distant from each other, and can't justify the expense (initial or ongoing) of a leased or owned communication line? If both LANs have Internet access, you can still connect them; just use the Internet as the WAN link.

But wait! I hope you know how dangerous the Internet can be. It's bad enough when accessing it as clients. Plain old web browsing is bad enough, how about running a server on the Internet? OK, how about running all of the computers on your LANs thru the Internet? Why not hold up a $100 bill, and stroll thru Times Square in New York City? See if you get anywhere alive.

But you can connect your LANs thru the Internet, if you design the connection properly. A controlled, encrypted tunnel between your LANs, using routers that support a Virtual Private Network (aka VPN) will do this fine.

A VPN will be a lot easier to setup, and more stable and secure, when properly planned.



>> Top

Each LAN Is Addressed By Its WAN Address.
The VPN routers setup static tunnels between each other. Setting up a VPN router requires identifying the other router(s), by its IP address as well as by a pre installed certificate (aka pre shared authentication key). If you can't provide a fixed IP address for each router, you'll have to use a domain name, registered with a dynamic DNS service like DynDNS, TZO, or the like.

>> Top

Hardware Compatibilty Is A Must.
There are various conventions and standards for establishing, and conducting, authentication and encryption in a VPN. Each router manufacturer will likely have some variation, however small. The easiest, and most stable, VPNs will use router hardware of the same make, model, and firmware level at each end of a VPN tunnel.

>> Top

LAN Subnets Must Be Unique.
A VPN provides a routed connection between LANs. In order for routing to work best, you have to have different subnets on each LAN. When you setup a VPN between LANs that were setup before being connected, you may have some LANs using the same subnet. You can't have stable LANs, each having the same subnet, connected by a router.

>> Top

Use DNS For Reliable Name Resolution.
On most small LANs, you'll use broadcasts for name resolution. Broadcasts aren't routable; each IP subnet is, by definition, a broadcast domain. If you want computers on one subnet to access computers on another (which is, presumably, why you're setting up a VPN), you'll find computer names more convenient than IP addresses. Some VPNs will, if configured, pass SMBs for name resolution and browsing, but this will likely slow down Windows Networking. DNS based name resolution is the best way to go, for anything more complex than a single local cluster of computers.

>> Top

Use Domains, Not Workgroups.
If you use Network Neighbourhood to identify and access other computers, you'll need browsing to work between the subnets connected thru the VPN. A properly designed domain structure will make browsing work much better.

>> Top

Connectivity Between Any LAN And The Internet Can Affect Its Connection With The Others.
A VPN connection between any two LANs requires regular interchange of control information, and irregular application data. Balanced connectivity makes both more predictable. If one LAN has a dual WAN business class DSL service, and the other has residential class dialup, how secure and stable will that VPN be?

>> Top

Security On Any LAN Can Affect The Others.
VPNs are used to connect geographically separate LANs, and imply some degree of trust between those LANs. The computers on any LAN, connected to a VPN, are only as secure as the computers on the LAN with the weakest security policies. Review, and synchronise security policies before setting up a VPN.

If you wish to setup a VPN between your home network and your work network, security at your work may be compromised. You should always get permission from LAN administration, before doing this. You may be legally at risk without such precautions.

>> Top

Increased Sophistication and Excess Bandwidth Mitigates These Issues.
As availability of VPNs has increased, with VPN capable hardware sold in WalMart and similar convenience stores, and as VPN firmware becomes more sophisticated, each endpoint in a VPN relationship will be better able to adjust to differences between its own environment and the environment present at the other end. Many of the above issues won't be quite as relevant in the future. But if you start out being aware of the issues, you will be prepared to deal with them when they do become relevant.

>> Top

Knowing What's On Your LAN

Whenever you are diagnosing a network problem, whether it involves simple Windows Networking connectivity, or file sharing, you can run native Windows commands like "net view". This tells you what servers can be seen on the LAN.

Unfortunately, "net view" is an application level diagnostic, and requires Server Message Blocks aka SMBs. Lack of SMBs, frequently caused by a misconfigured or overlooked personal firewall, is a common symptom. When you're diagnosing a network problem, you have to start at the lower levels, and work upwards. What about some diagnostics at a lower level, just to verify IP connectivity?

For an immediate scan of the subnet, I rely upon two free products - AngryZiber Angry IP Scanner, and Softperfect Research Network Scanner. Both tools will start with the subnet that your computer is attached to, and scan each possible IP address on that subnet. For each IP address responding, you can find out host name, MAC address, and response time. This is a good start, for finding, and tracking, computers on your network.

Remember, though, both of these products list hosts using Internet Protocol. If your LAN uses alternate transports like IPX/SPX or NetBEUI, neither will be very useful.

If you need to associate a MAC address with its vendor, the IEEE OUI / Company_id Assignments database can be searched for this information.

>> Top

The File And Settings Transfer Wizard

One of the many benefits of having a domain is the ease in managing user accounts and profiles. The user accounts, and profiles, start on the domain controller, and are replicated onto the client computers as necessary. The domain controller is updated, with any changes to the profile, from the client computer. When you move to a new computer, the updated profile is copied from the domain controller.

When you're in a workgroup, managing accounts and profiles is not so simple. Next time you have Windows Explorer open, look at "C:\Documents and Settings". Look at your personal profile folder structure in there. How do you find and copy all of the settings, and personal files, in there? Doing that, file by file, could take forever.

So we have the File and Settings Transfer Wizard, to export all personal settings, and profile files, for installation on another workgroup computer. To run the wizard, go to All Programs - Accessories - System Tools.

When you run the wizard, you have 2 main choices.

  • Export
    This is the computer I want to transfer files and settings from.
  • Import
    This is the computer I want to transfer files and settings to.


Should you choose to Export, you must then choose what media to use.
  • Direct (serial) cable.
  • Network.
  • Removable media ("Floppy" drive or similar).
  • Removable drive or network drive.


Should you choose to Import, you are asked about how you ran (or intend to run) the wizard on the old computer.
  • Create a wizard disk in removable media.
  • You already created a wizard disk.
  • You will use the XP CD wizard.
  • You already ran the wizard on the old computer, and have exported everything.


>> Top

WiFi Authentication

When you setup your computers on your network, and your network is used by more than one person, you'll likely have files and folders on your computer that you don't want other people to access. Windows file sharing, and access permissions, is a complex subject with many issues to challenge you.

When you setup your WiFi LAN, you probably have simpler goals.

  • Allow you (and your family, friends, co-workers, other folks you know) to connect to your LAN.
  • Prevent folks you don't know from connecting to your LAN.
With these simple goals, you setup very simple security. Give everybody (every computer) a simple, pre-shared key. WPA-PSK is the simplest effective solution for securing your WiFi LAN.

Given the possibility that you might not want everybody to have WiFi access permanently, WPA-PSK may not be versatile enough for you. You can setup individual access, using 802.1x authentication, which generally uses a RADIUS server. To use 802.1x authentication, you have to setup 3 components.
  • A RADIUS server.
  • Your router or WiFi access point.
  • Your WiFi clients.


If you select 802.1x authentication in the WiFi client setup, and you don't have a RADIUS server, your WiFi client will spend a lot of time needlessly trying to contact a RADIUS server. If your WiFi connection drops regularly and resumes with no action taken by you, or regularly hangs with high bandwidth peaks (say every 60 or 120 seconds), check your WiFi client, and make sure that 802.1x authentication is not enabled.

Interestingly enough, 802.1x authentication is a selectable feature on most client connections, Ethernet as well as WiFi. Selecting 802.1x authentication on an Ethernet LAN, without a RADIUS server, isn't usually a problem, as it is with WiFi.

You may also see odd behaviour like this, if you are running two or more WiFi clients.

>> Top

Using A DNS Relay On Your LAN

As I discuss in The DNS Server Settings On Your Computer, your ability to resolve server names into addresses is almost as important as the ability to contact the servers in the first place. The DNS client structure, which provides name resolution on your computer, allows for several possibilities.

If your Internet service goes thru a NAT router, you may be using the router as a DNS relay.


DNS Servers . . . . . . . . . . . : 192.168.0.1

Normally, as I discuss in the other article, you would not want a single DNS server. But if you have Internet service thru a single failure point (the NAT router), you might as well get DNS there too. If the NAT router goes out, you won't need DNS. Simplifying your setup makes sense here.

If you have a collection of computers, you can configure all of them to use the NAT router as an intermediary DNS server. The router maintains the actual DNS server relationships with its upstream feeds, checking the primary, secondary, even tertiary servers, as necessary. Each client has to worry about one relationship - the router.

But this can be a problem in one case. If your NAT router can be overloaded, it's possible that DNS relay functions may fail, while simple routing continues. The DNS relay function in ICS, if your Internet service depends upon an ICS server, appears to be subject to interruption when CPU load on the system is high.

This may be yet another reason why ICS is not a good solution for sharing Internet service.

>> Top

More WiFi Bandwidth? Not This Year

If you have a network of computers, you're probably connected by Ethernet in some portion of the network, so you're used to the Ethernet 100M (or newer 1G) bandwidth. You like the freedom of WiFi, but freedom comes at a cost - loss of bandwidth. The current WiFi standard 802.11g has a maximum bandwidth of 54M (and I should emphasise maximum, here).

So the WiFi manufacturers are trying to satisfy your need for high bandwidth, and they came up with a couple solutions, which will have a maximum bandwidth of 108M. The new standard includes 2 features (using names which vary by vendor):


  • MIMO.
  • Super-G.


MIMO, or Multiple-input Multiple-output, uses multiple radios and antennas. MIMO has two components.

  • Antenna diversity. If you're familiar with FM radio in your car, and multi-path interference, you'll know the value of antenna diversity. The idea behind antenna diversity is that, if the signal from a radio transmitter is weak on one antenna, because of MPI, it will, hopefully, be stronger on another antenna some distance away from the first. A special processor does nothing but compare the signal being received by two different antennas, and select the stronger.
  • Beamforming. Antenna diversity counter acts multi-path interference. Beamforming uses the principle of multi-path interference, at the transmitter, to focus the strength of the transmitted signal in one direction. Using the diversity antennas on a MIMO component, it's possible to identify the relative location of the other device in communication; using beamforming, the transmitted signal is focused in that direction.
  • By combining antenna diversity and beamforming, it's possible to extend the effective range of a WiFi conversation. You can locate the router / access point, and the client computer(s), at a greater distance from each other, and yet get acceptable performance.


With 108M, aka Super-G, there is one channel - "6".


Are you curious about how many WiFi channels actually exist?



Both MIMO and Super-G will give you more bandwidth, and more effective range, assuming that you have no neighbours with WiFi. If you have neighbours (and who doesn't), only one of you can use a channel at any given time. Your equipment will have to decide how to share the channel. But, there are additional issues here.

  • MIMO will increase the effective size (area) of your WiFi neighbourhood, by increasing the effective distance between WiFi components that can detect each others signals. This increases the number of devices that have to share the channel, at any time.
  • Super-G will increase the size (volume) of your WiFi neighbourhood, by using more of the frequency spectrum to create more bandwidth. More channels used by your WiFi router increases the number of devices that have to share the channel, at any time.
  • More devices that have to share the channel means less time each device can transmit, and less bandwidth available to each client device. More devices that have to share the channel means more possibility of collisions, at any time, and again, less bandwidth available to each client device.
  • Neither MIMO nor Super-G are part of any ratified standards. You can't predict, with any reliability, how well equipment from different vendors will interact with each other. This will affect performance on your LAN, and between your LAN and your neighbours LAN. Check out ExtremeTech: Real-World Interoperability Tests of Five 802.11n Routers for a good discussion of this issue, with actual hardware testing results.


The dynamic effect of MIMO beamforming may have another effect. When you setup a WiFi LAN, you're advised to try different channels (most objectively, using NetStumbler or a similar site survey tool). Over some period of time, you should be able to identify the majority of your WiFi neighbours, and pick a less congested channel.

With a WiFi router that uses beamforming, you'll have a dynamic signal pattern, which will change as a WiFi client is moved around the house. There will be a constantly changing visibility of WiFi neighbours, on any given channel (or group of channels). This will cause problems similar to the WiFi hidden node problem. Some victims of a neighbour using beamforming may see this as "channel hopping", as a neighbouring network will come and go, repeatedly, on the channel.

In short, neither MIMO nor Super-G are products which will be useful in neighborhoods of any density.

For more information, and discussions pro and con, see

>> Top

The Network Language That Your Computer Speaks

If you have Windows XP, and you just ran the Network Setup Wizard, your computer most likely uses NetBIOS Over TCP/IP (NetBT). If all of your computers use this same language, and were all setup properly, the chances are good that you will be able to share files with them.

There are other languages that your computers might speak.


  • NetBT uses IPV4, the current Internet addressing scheme of nnn.nnn.nnn.nnn. IPV6 will expand this to xxxx.xxxx.xxxx.xxxx.xxxx.xxxx, giving IPV6 almost infinitely more address space than IPV4.
  • NetBT is more completely known as "Server Message Blocks hosted over NetBT". SMBs over NetBT is most useful in small LANs that use broadcasts for name resolution. If you have a LAN with a DNS server for local name resolution, you can Disable NetBT, and use SMBs directly hosted over IP.
  • There are odd circumstances where SMBs hosted over alternate protocols such as IPX/SPX or NetBEUI may be advisable.

Windows XP will support any of the above languages, if you already have a LAN, and want to keep your existing computers as they are right now. If you have a portable computer, and intend to use it on different networks, or if you have a small LAN and want to have the most choices in design and support available, using SMBs hosted over NetBT makes the most sense.

It's your computer, and your choice. Just know what the choices are, and how they may affect you. You may select IPV4, IPV6, IPX/SPX, and NetBEUI from the Network Connection Properties wizard. You Enable SMBs hosted over NetBT from the TCP/IP Properties - Advanced wizard.

>> Top

Don't Do It Yourself - If You Don't Think About What You're Doing

Whether you're setting up a new network, or diagnosing a problem with the existing one, think about what you're doing. Think ahead a bit - be aware of what could go wrong.


The Perfect Plumber

>> Top

Bots And You

For those of you who are maybe living in a cave (and if so, what ISP services you?), of the millions of computers in the world, a good portion of them are not controlled completely by the person who is paying for their Internet service. These computers, hijacked by a successful hacking campaign, and controlled by another person, we call bots, or zombies. One bot is less useful than a collection of bots, called a botnet. A botnet could range in size from 10,000 to 1.5 million hijacked computers.

I've been observing, and writing about, botnets for some time.


Most people don't realise that botnets are both the origination vehicle, the medium, and the payload of a successful attack. And the smarter botnet managers use botnets to manage the botnets used in an attack, using commercial and very shiny scripts.

>> Top

Attack Origination
Botnets are used to originate an attack. If any of you owns a server, and you review the server access logs (and if you do, and don't, you better remove your head from the place where the sun don't shine, and start), you'll notice anomalies.
  • Password attempts
    aaaaaaaa
    aaaaaaab
    ...
    aaaaaaaz
    aaaaaaba
    ...

    has to be observed - it's an obvious attack!
  • Any persistent, but seemingly random series
    Abracadabra
    MyDogHasFleas
    NowIsTheTime
    coming from the same computer, is pretty obvious too.
  • You probably won't notice
    Abracadabra coming from a computer in Russia
    MyDogHasFleas coming from a computer in Brazil
    NowIsTheTime coming from a computer in USA
    as an attack. That might be one, but how can you tell? Botnets are distributed widely, and are perfect for distributed, throttled attacks.


>> Top

Attack Medium
Botnets are used to transmit an attack. A lot of spam consists of links to websites, and the business of the spammer will be conducted from a website. This requires 3 highly specialised servers.
  • An email distribution server. This will typically be a server running Simple Mail Transfer Protocol (aka SMTP).
  • A website. This will typically be a server running HTTP (and if you use the web, you know about HTTP).
  • A DNS server, providing the IP address of the HTTP server.
If you know anything about reading email headers, you should know about those 3 servers, and the fact that in almost every case, professional email will use 3 separate servers, frequently on the same subnet (Internet address space). Most corporations will frequently locate all servers on the same subnet, for security.

You can generally consider email validity, and filter your email, based upon the servers involved. Any time you get commercial email that includes a link to a product website, and that email / web site uses the same server for DNS, HTTP, and SMTP, it's possibly bogus. If 3 different servers are used, but they are on different subnets, or even in different countries, it's probably bogus.

Modern spammers, though, can easily use 3 separate computers. All the spammer has to do is find 3 computers (legally owned and operated by one, two, or three different individuals) on the same subnet. So open are many ISP address spaces (customers) to being botted, this is not at all difficult.

>> Top

Attack Payload
Botnets are the payload of an attack. A lot of websites linked from the spam (using components described above), which you have gotten used to as simply containing advertisements for products of varying legitimacy, may instead carry trojans. If you fall victim, and infect your computer, it becomes part of the botnet.

>> Top

Attack Management
To understand botnet management, and how sophisticated it has become, let's look at the history of botnet use.
  • Originally, the trojans distributed would contain the IP address of the attacker. Each botted computer would load the bot, contact the computer owned by the botnet master, and await instructions. That was a major exposure to the botnet managers. So, they cloaked their identity.
  • Each botted computer would attach to the Internet, frequently into an IRC forum, and await instructions. The botnet manager would login to the same forum, and provide instructions. That was a slight amount of exposure to the botnet managers, so, they further cloaked their identity.
  • With botnets being so easy to use, the botnet managers will now proxy their access to the IRC forums thru another botnet. That botnet is never used in an attack, it's only used to hide the identity of the botnet master.
  • And now, we see commercial products designed and marketed explicitly to provide GUI controlled manipulation of botnets.


This is why I have described all of this - the attack attempt, the medium, the payload, and attack management, all involve hacking. That's all it is. And botnets are at the center of the hacking.

And that's what botnets have to do with you.

For more information about botnets, see the University Of Maryland Botnet Blog, with a very intense white paper.

>> Top

Automatic Metrics and The Ability To Roam Wirelessly

If you have a portable computer, and you've setup a WiFi LAN in your house or office, you'll enjoy the freedom of moving around the house, at will, while still connected to the LAN. Even so, sometimes there will be times when the WiFi connection isn't enough. You'll never get rid of Ethernet, completely.

Most portable computers come with an Ethernet adapter, and a WiFi adapter, installed and activated. The Automatic Metric feature in Windows XP let you leave both connections activated, and will use the fastest connection, that is working, at any time.

You can use automatic metrics (by default), or you can manually change the settings to prefer either connection, using the TCP/IP Properties - Advanced wizard.

NOTE: Using the Automatic Metric feature on a laptop having a role as a server on your LAN may cause problems with the browser infrastructure. Don't carry a server around without understanding the complications.

>> Top

Know Who's Accessing The Server

Most computers in a workgroup will run as a server, and some computers in a domain will too. Servers do not have unlimited capacity to serve you, and occasionally, they run out of available connections. You'll be trying to access another computer, and you'll see a message that you don't want to see

No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept.


And this can also be an issue, when you need to know, in general, what your computer is doing.

So what do you do now? Do you run around, turning off some computers, just so another computer can connect, or just to see if this computer will stop doing what you're wondering about? Sometimes, that's the only diagnostic left to us, but just maybe you can be a bit more methodical, this time.

You can start by identifying who's accessing the server right now. And you can use either one of two tools.

Computer Management
Computer Management is a tool in the Administrative Tools section of Control Panel.

Under Computer Management, you find System Tools, then Shared Folders.


Shares enumerates each share on the server, and the number of connections that are in use for each share. This is where you start, when the server has exceeded its connection limit.



Sessions enumerates the accounts being used for access, and the remote computers, by IP address.



Open Files enumerates the open files and folders, and what accounts are being used for access.



The command window based Net command, with 3 of its sub commands, will provide information similar to the Shared Folders wizard.

Net Shares enumerates the shares on the server.

C:\>net share

Share name Resource Remark

-------------------------------------------------------------------------------
E$ E:\ Default share
IPC$ Remote IPC
D$ D:\ Default share
ADMIN$ C:\WINDOWS Remote Admin
C$ C:\ Default share
CDrive C:\
DDrive D:\
EDrive E:\
Quarantine E:\Quarantine
System Resources
E:\System Resources
Utility C:\Utility
The command completed successfully.


Net Sessions enumerates the remote computers (by IP address) and the accounts being used for access.

C:\>net sessions

Computer User name Client Type Opens Idle time

-------------------------------------------------------------------------------
\\192.168.203.100 CCROLL_ADMIN Windows 2000 2195 1 00:42:48
The command completed successfully.


Net Files enumerates the shared files or folders being accessed, and the accounts being used for access.

C:\>net file

ID Path User name # Locks

-------------------------------------------------------------------------------
3 E:\Temp\20060925 CCROLL_ADMIN 0
The command completed successfully.


>> Top

The NT Browser and Windows Networking

To find the various computers on a LAN, from each other, you generally open Windows Explorer (don't confuse this with Internet Explorer, please), and look in My Network Places. On a fully working LAN, this will work just fine. It doesn't always work that way though.

The contents of My Network Places (Network Neighbourhood, in some cases) are provided by a subsystem known as the NT Browser. The browser depends upon Server Message Blocks, and anything that interferes with SMBs will cause browser problems, and consequent problems in Network Neighbourhood.

In most cases, browser problems are symptoms of more basic network issues. Computer A and B should be equally visible, and accessible, from each other.

In one common scenario, Computer A shows both Computers A and B, as it should, and files on Computer B are accessible. On Computer B, either you don't see Computer A, or when you try to access Computer A, you get an error. You may, or it may not, see Computer B from itself. This visibility problem may be observed constantly, or it may come and go.


  • Since Computer B is accessible from Computer A, a permanent physical connectivity issue is unlikely, but still possible.
  • Besides physical problems, browser problems can have several possible causes. Browser functionality depends upon several relationships:

    • The browser server (ie the browser), and this computer. If this computer can't access its designated browser server, it may lack browse information, and / or have outdated information.
    • The browser server, and the client server (ie any computer being enumerated by the browser). A server, remember, is any computer being displayed in Network Neighborhood. If the browser server can't contact a client server, or if the client server uses a different browser, that server may not appear in Network Neighborhood.
    • The browser server, and the master browser (if not the same computer). If a browser server can't contact the master browser, it won't get the browse list aggregated by the master browser. Any client computers that use that browser won't have the browse list aggregated by the master browser.
    • The master browser for this domain / workgroup, and master browsers for other domains / workgroups. Any master browsers that can't contact other master browsers won't be able to exchange browse lists with them, and their clients won't have the browse lists for the other domains / workgroups.

  • Problems with any of the above relationships - now, or in the past - can cause various problems with Network Neighborhood. All computers won't try to access the browser simultaneously; if a browser problem just started, all computers won't reflect the problem immediately. If there is a problem, asymmetrical browse lists should be expected.


You will probably best address your problem by continuing with my troubleshooting guide, Irregularities In Workgroup Visibility.

>> Top

Diagnosing Network Problems Using PingPlotter

Many network problems, given enough test cases, can be diagnosd by simple observation and comparison. If you can access Computer C from Computers A and B, but you can't from Computer D, better look at Computer D. If Computer A can access Websites 1 and 2, but can't access Website 3, what's different about Website 3?

What if the problem comes and goes - now you can access with no problem, and now you can't? Maybe Computer A doesn't work now, but it's working later when Computer B stops working? Or if Website 1 is accessible, but Website 2 isn't, how do you identify the problem? How do you even track the problem, without having assistants to help you watch all of the computer involved?

I start with PingPlotter. PingPlotter combines a traceroute (traditionally a single timed ping of all addressed hosts between one computer and another) with repetitious pinging, and an interactive GUI display. PingPlotter lets you look for geographical problems (showing that you have connectivity between your computer and the first router, but not the second), or for repetitous problems (showing when you lose connectivity, whether chronic, cyclical, or randomly).

Let's say that you are losing connection with the Internet, on all computers on your LAN, periodically. By running PingPlotter on your computers, you can note whether the problem is with your router (if all computers show loss of connectivity with that router), with your ISP (if all computers show loss of connectivity with your ISPs gateway, but no problem with your router), or with a given server on the Internet. If the problem is intermittent, the PingPlotter display will show when the problem happens - and if its a chronic problem which includes loss of connectivity with your ISP, having a PingPlotter display may be worth a thousand words.

Since PingPlotter shows ping times for every host between you and your target, when there is a break in connectivity somewhere, it will show the break. You will see a red ping display for any hosts that do not respond at all, and the host that is causing the problem will probably be the closest one showing as red.

A PingPlotter display is interactive too. If there are a dozen hosts between you and a given website, maybe you only want to examine connectivity details with 4 hosts - yours, your ISPs gateway, your ISPs border, and the target server. You can selectively configure PingPlotter to show only those hosts, saving valuable screen space for other tasks. At any time, you can add any of the other hosts to the display, and the past history for those hosts will be visible too.

You can also vary the time scope of the display. You can look at an entire 48 hours in a 6 inch horizontal display, or zoom in on any 5 minutes, and look at those 5 minutes in detail. Or you can select any of 8 other scales in the display.

The paid version of PingPlotter can even be set to trigger alerts when certain definable network conditions occur, and to contact you by text messaging, or by email. So you need not be at your desk, watching the display, to be notified of a chronic problem.

All in all, PingPlotter is one network diagnostic that has a place in my toolbox. The paid version, PingPlotter Pro, is well worth the expense.

>> Top

The Network Adapter Settings Wizard

The drivers for every network adapter produced allow various settings to be changed, to suit your idea of how you would like your network to perform. Modern network adapters let you change your settings thru a wizard, generally accessed thru the (Local Area) Connection Properties Wizard.

From the Connection Properties Wizard, hit Configure.

This gives you a whole array of selections, which will vary according to to vendor, and how the configuration driver, for your network adapter, is constructed.

My adapter here is a 3Com Etherlink XL 10/100. Your adapter, and the settings, may differ.




On the advanced tab, you will find most of the settings which will help you.


  • Media Type
    • 10M Full duplex
    • 10M Half duplex
    • 100M Full duplex
    • 100M Half duplex
    Most networks will work fine with Auto Select enabled. If your network is slow, it may be because of errors, caused by either network adapter, or by the the cable / WiFi channel connecting the two. Changing it to 10M Half duplex may eliminate speed related errors, and stabilise things. Or, it may run better with 100M Full duplex explicitly enabled.
  • Network Address. Here you can change the MAC address.
  • If you change any of these settings, be prepared to restart the computer.











Consider carefully if the possible inconvenience is worth the minor power savings. Power consumption, by the typical desktop Ethernet NIC, is neglible. With a WiFi adapter on a portable computer, if the computer is running on battery power, this may not be the case. Consider both cases carefully.



>> Top

Process Explorer

Microsoft Windows gives us the ability to run multiple processes simultaneously - it's called multitasking. Some processes we start intentionally - we call them applications or programs. Other processes are started by the system - we call them services. Keeping track of all of the processes running, at any time, is a major activity.

Microsoft gives us Task Manager, to track the processes. Task Manager lets us choose a total of 25 items that we can learn about each process. This is the original tool that you might use, in watching what your computer is doing.

SysInternals (now another division of Microsoft, but that's another story) gives us Process Explorer, which lets us choose, in a tabbed menu

  • DLL - 15 items.
  • Handle - 6 items.
  • Process Image - 14 items.
  • Process Memory - 14 items.
  • Process Performance - 24 items.
  • Status Bar - 13 items.

There are 3 Process (Image, Memory, and Performance) tabs. The complement of 52 items selectable there is comparable to the complement of 25 items selectable for Task Manager.

Task Manager


This is how I use Task Manager.




You can choose any of 25 items here for display.



Process Explorer


This is how I use Process Explorer.




You can choose from 14 items in Process Image.




You can choose from 14 items in Process Memory.




You can choose from 24 items in Process Performance.




You can choose from 13 items in Status Bar.




You can choose from 15 items in DLL.




You can choose from 6 items in Handle.



>> Top

Dealing With Technical Support

Everybody who reads PChuck's Network will eventually experience a problem that, regrettably, can't be fixed by reading PChuck's Network. As will the majority of the world's population, those who don't read PChuck's Network.

So you will eventually have to deal with Technical Support, for the product or service that isn't performing properly.

Now support techs have heard everything, so yelling at them, in any way, will cut no ice. Just be very calm and objective, but don't take no for an answer. Be persistent.

Sometimes even persistence doesn't produce results.

I spent half an hour on the phone discussing the problem. I was very polite, and the tech on the other end was likewise. But it was obvious, to me anyway, that we were getting nowhere.

So I closed the conversation. I played a little dirty here.

May I please speak to a supervisor?

Please hold.

(A minute on hold)
I'm sorry, we don't have anyone available today.

(WTH? They work without supervision?)
OK, I guess we will have to work on this tomorrow?

(a few seconds for the tech to start closing the ticket)
May I have a ticket number?

Thank you. Are you filling out the ticket? Did you indicate how polite I was?
Good.

Please indicate in the ticket that the customer was very polite, but indicated at the end that he was extremely pissed off.

Please hold.

(5 minutes on hold, and I waited patiently)
And I got a senior supervisor, that had some ability to deal with the problem.

Be very objective and polite, don't take no for an answer, and hit them hard when they don't expect it.

There are other ways to deal with them too. If you have a connectivity problem, for instance, using a tool like PingPlotter, to identify a time pattern, and / or where the loss of connectivity is occurring, is a good start.

If this is your first call to a given Tech Support group, go prepared to ask and answer questions. Get a ticket number, and be prepared to contact them again with more information.

If this is your second (or more) call, you know (sort of) what to expect. Documentation, or an organised description of the problem, can go a long way towards making them listen to you. As will an objective demeanour.

Most tech support people really would like to solve your problem. Try and meet them half way, but make it clear to them that you expect results. Work with them, and both of you may be pleasantly rewarded.

>> Top

What Is A CrossOver Cable, and Why Do I Need One

In any conversation between two people or computers, you speak and the other listens. Or it speaks, and your computer listens. This means that your mouth has to connect to the ear on the other end. This is called cross-over.

If you look at any hub / switch / router 10 years ago, you would probably see the various ports labeled "X-1", "X-2", "X-3"... This meant those were cross-over ports. Your computer would speak (transmit) thru a pair of wires in the Ethernet cable. When the connection went into the router port at the other end, the cross-over function connected the transmit wire pair from your computer to the receive port at the other end, and the receive pair from your computer to the transmit pair at the other end.

If you had to connect a pair of routers directly to each other, you would have a cross-over port at one end connecting to a cross-over port at the other end. This would cause a cancellation of the cross-over function, so you would use a cross-over cable.

If you connected a pair of computers directly, you would similarly need a cross-over cable.

This meant that everybody with a computer network had to have cross-over cables handy.

To eliminate the need for using cross-over cables, router manufacturers developed Auto-MDIX. A router port with Auto-MDIX will listen to see if it is connected to another cross-over port, and switch itself to non-cross-over mode if necessary. Some computers, likewise, have Auto-MDIX. If you connect a pair of computers directly, and one (or both) have Auto-MDIX, you can use a straight-thru (aka patch) cable, and they will connect just fine.

Auto-MDIX is a significant development, in the networking world. Having said that, I don't believe that Auto-MDIX can be relied upon, as a complete solution. I will still advise you to have a cross-over cable, or connector, handy for diagnosing network problems.

>> Top