Home Network

27 Aug 2023

If you have more than one computer, you will want to set up a little network. Buy a router, a box that connects downstream of your cable or DSL modem, and that lets you connect several computers to it. For example a wireless/wired router (Some cable suppliers like Xfinity will rent you a combination modem and router, or you can buy your own.) A router allows you to share the Internet Service Provider (ISP) network connection with multiple computers, and also allows computers on your home network to communicate and share files with each other.

example network

This diagram shows a network with several types of computer. The local computers are connected to the routher by Ethernet cables or wireless (Wi-Fi). Wired connections are faster, less subject to interference, and less vulnerable to security attack. I use both at home.

(Apple used to make the AirPort Extreme ($100-180) Wi-Fi router. Apple's Time Capsule did the same thing and also had a hard drive in it for file backup.... Apple doesn't sell these devices any more, as of Nov 2016.)

For advanced information on home networking, you can read Glenn Fleishman's "Take Control of Wi-Fi Networking and Security".

Configuring Your Router

Your router should be configured as a DHCP Server. That is, it makes up local Internet Protocol addresses for each device on your local network, and sends all devices' outgoing packets out over the your external Internet Protocol address. When a response packet comes back, the router matches up the packet sender with that of a previous request, and forwards the response to the IP address of the local machine that is expecting it. Unsolicited messages are dropped, protecting your local computers from a lot of attacks.

(By the way, do not configure your Wi-Fi router to hide the network name (SSID). This actually decreases security. Make up a random string for the name.)

A network route cannot transmit data faster than the speed provided by its slowest component. If you upgrade your cable susbscription to 800 GB/s, but your router can only handle 200MB/s, you won't get full speed. Similarly, if you try to do gigbit Ethernet communication through a hub or cable that can only handle 10MB Ethernet, you won't get full speed. (Hint: your cables should be marked "CAT 5e" or "CAT 6".)

You can purchase a Network Attached Storage box containing disk drives and attach it to your network, and store files there. This can be very handy for doing backup.

Security

There have been recent reports of security problems with home routers. Some routers have "back doors" built into them; others can be hijacked if you visit a malicious web page.

If you are really interested in securing your network, read https://lifehacker.com/how-to-tap-your-network-and-see-everything-that-happens-1649292940

Apple AirPort and Time Capsule Configuration

(Apple doesn't sell these devices any more.. but I still use mine every day.) Your AirPort or Time Capsule has an administrator name and a password that lets you configure it. Pick a long password.. you won't be giving it often. Uncheck "allow setup over WAN." I didn't enable "Back To My Mac," back when Apple supported it. The "Internet" tab specifies how your router connects to the rest of the world. This depends on your Internet connection. I set mine to "DHCP." The "wireless" tab specifies how your router supports Wi-Fi. Choose WPA2 or WPA3 Personal for encryption, and pick a random network name and a strong password. You can also create a "guest network" for visitors to your premises: they won't be able to see your computers or printers. The "Network" tab says what kind of network your router provides to Wi-Fi devices. Mine is set to "DHCP and NAT."

IPV6

Your router may have an option to enable IPV6. (This is a more advanced network address format, that will become widespread in the future.) My Time Capsule has three possible settings: Link-local, Node, and Tunnel. If you select Link-local, then your computers inside your home can talk to each other using IPV6, but nobody from outside can use IPV6 to access them. This is good: it is how mine is set up. You will be able to access sites on the Internet, no matter what kind of address they use. If you select Node or Tunnel, and don't block incoming IPV6 elsewhere, then your computers can be seen and attacked from distant machines.

Hubs and Cables

If you need to connect more computers or devices to your network than there are ports on your router, use an Ethernet hub. Modern Macintoshes can send data very fast, at Gigabit Ethernet speeds, if both ends of the channel can handle this speed. If you buy a router or hub, make sure it supports Gigabit, or 1000base-T, speed. When you are buying Ethernet cables, choose "cat 5e", "cat 6", or "cat 6A" cables to make sure you get full speed.

Printers

Printers can be connected

  1. To your home network, by an ethernet cable, if your printer is "network enabled."
  2. To your home wireless network, by Wi-Fi, if the printer is "Wi-Fi enabled."
  3. To a single computer, by a USB cable. (Your computer could then use Print Sharing to let other network computers use it. I haven't tried this.)
  4. To your Wi-Fi router, by a USB cable (I haven't tried this).

To use a printer on your home network and print to it from all your local computers (1 or 2 above), it needs a print server. I have a Brother HL-4150CDN printer, and the "N" means it has a built-in print server and can be connected to a network.

Wireless Networking

To connect your computer to the Internet using Wi-Fi,

If you check into a hotel, they give you the network name of their router and instructions on logging in. Some cities provide "municipal wifi" to residents. Some phone and cable companies have routers in their area shared among their customers. These shared routers are great for occasional use, but can slow down if a lot of people try to use them.

Many people buy or rent a Wi-Fi router for their own household, and connect their computers wirelessly to accounts on their router. Be aware of the security implications: configure your router to require a name and password, and use WPA2 or WPA3 encryption.

Understand that Wi-Fi speeds are routinely overstated. Wi-Fi is also subject to interference from other radio devices.

Wi-Fi Standards and Speed

Wi-Fi works because it uses little radios in the base station and the endpoint device. These radios have to be on the same frequency and use the same communications and security protocols. So an older Mac might support "802.11 a/b/g/n" where 802.11 is the Wi-Fi protocol and the letters identify different frequency and communications protocol suites. (If an older device talks to a newer one, they will use the fastest suite they have in common. So replacing an old router with a new one may not make communication with an older computer any faster.) Here is my understanding of Wi-Fi protocols and maximum speeds:

NameProtocolMB/sbandsnotes
Wifi 4802.11 a545 GHz1999
Wifi 4802.11 b112.4/5 GHz2000
Wifi 4802.11 g542.4/5 GHz2003
Wifi 4802.11 n3002.4/5 GHz2007 AirPort Express
Wifi 5802.11 ac12005 GHz2013+ Macs, iPhones
Wifi 6802.11 ax96002.4/5 GHz2020+ Macs
Wifi 6E802.11 ax96002.4/5/6 GHzno Macs yet

Connecting Your Mac to a Wi-Fi Network

Once your router is set up, you can connect multiple computers, phones, and tablets to the network. To connect a Mac, do this:

  1. If Wi-Fi is off, click the Wi-Fi icon in the menubar and click the slider to ON.
    airport menu
  2. If a known network you have used before is available, the Wi-Fi software will connect to it. Otherwise, click on the name of the network you want to connect to.
    airport menu
  3. If you are reconecting to a previous netowork, you won't have to give a password. Otherwise select the security method (should be WPA2 or WPA3 Personal), enter the password, and click "Join."

Configuring Sharing on Your Mac

Other users on your network can use files on your Mac if you enable file sharing. To set the network name for your computer, update  ► System Settings... ► General ► About ► Name.

Select  ► System Settings... ► General ► Sharing to open the Sharing control panel. You can enable several aspects of sharing: File Sharing allows users from other other computers to access files on your machine. Screen Sharing allows users from other computers to see your screen and move your mouse. Click the icon to get a contol panel that says who can do what. You only have to enable sharing once, and it will remain enabled till you turn it off, even if you restart the Mac. Do not enable features unless you understand their security implications.

File Sharing Between Macs On Your Network

This section has not been updated to macOS Ventura yet.

In order to access files on another Mac, call it Al, on your network, enable sharing on Fred as described above. On Fred, open a Finder window. Navigate it to the folder containing your local files, or where you want to put files you copy. Open a second Finder window with ⌘N: you will use it to view a folder on the remote computer. In the left sidebar you will see a heading SHARED, and under that the name of the remote computer, e.g. Al. Click on it.
finder window
On the first visit, the Finder will ask you for a password. Give the name and password of the computer's owner and check remember this in my keychain.

If you don't see the remote computer you want to share files with, type ⌘K in the finder, and enter afp://machinename.local/.

Now you should have a list of folders you can open on the remote computer.
finder window
Double click on the folder you want and navigate around as usual. When you drag file or folder icons between the two finder windows, they will be copied from one computer to the other.

When you are done sharing files between computers you can click the little eject button () next to the remote computer's name in the Finder side bar, to disconnect. If you don't do this, you will get a warning dialogue when the remote computer reboots, and files could be damaged.

Screen Sharing Between Macs

If you click Share Screen when you open up a remote Mac in the Finder, and if you have allowed screen sharing in its  ► System Settings... ► General ► Sharing, then the Screen Sharing application will launch on your computer, showing the screen of the remote computer. You can drive the cursor and send mouse clicks to the remote computer, and type into its applications. This can be very valuable for configuring remote computers, recovering from bad video settings, and assisting other Mac users.

Screen sharing like this can be done across Messages to view and control a remote Mac anywhere, which can be very useful for remote support of friends and relatives.

I tried screen sharing with a Fedora Linux computer, and it popped up a dialog box asking permission, but then nothing happened.. need to debug this someday.

Networking with Windows Computers

You can do some file sharing from your Mac's finder to Windows computers on your home network. Haven't tried this in a long time. A simpler alternative is to install Dropbox on both Mac and Windows.

Accessing Linux and Unix with ssh, scp, and rsync

(For advanced users.)

I often use Terminal shell commands scp, rsync, and ssh to access files on Linux and Unix computers on my network (and elsewhere on the Internet). These are commands that come with every Mac (install the free Xcode developer tools). These commands will also work for Mac to Mac (since Mac OS X is based on FreeBSD Unix).

See Programming for a description of how I set up macOS as a developer's tool.

The version of rsync shipped with macOS is usually not the latest. If you do lots of work between your Mac and Unix/Linux machines, you should install tools from Homebrew.

Setting up SSH keys

These commands will keep asking for the password of an account on the remote system, which gets tedious. You can arrange things so that you only have to give a password once.

For example, I do this command to sync my home directory from my laptop to another computer (all on one line):

rsync -avzu --blocking-io -e "ssh" --exclude .Trash --exclude Cache/ /Users/thvv $user@$host:/Users

where $user and $host are shell variables set by the export command.

Home | FAQ © 2010-2023, Tom Van Vleck updated 2023-08-27 09:41