Understand Basic Networking for Theater
The purpose of this document is to provide a basic understanding of networking as it is used in the theater industry. While a fair amount of background is needed to really get up to speed, the goal is to get you to the relevant parts as quickly as possible. This topic is both broad and deep, and this document will omit some details that are not directly relevant in the interest of clarity. Please assume any such omissions are both deliberate and considered.
Every device connected to the internet is required to have a unique address called an IP address (IP stands for Internet Protocol). There are, confusingly, several different types of IP addresses and as of the writing of this document, the world is engaged in an excruciatingly slow-motion crossfade from IPv4 to IPv6. Internet experts have been declaring for several years that IPv4 is dangerously close to collapse and IPv6 is just about to become the dominant system of addressing. That doesn't seem to be true, though, so this document will focus on IPv4 addresses and how to use them.
IPv4 addresses consist of four numbers, each between 0 and 255, separated by periods. Each of these numbers is referred to as a "octet". As an example, consider the address
18.104.22.168, which is the address for google.com. If you type or paste that address into a web browser, you will find yourself looking at the familiar Google search page.
Just like physical addresses, IP addresses represent a hierarchy. Consider this address of a more familiar sort:
Sherlock Holmes 221B Baker Street London England
If you read that address from bottom to top, each segment of the address represents a progressively more specific area, with progressively fewer potential addressees. England contains about 53 million people, London contains about 8 million, Baker Street contains (probably) between a few dozen and a few hundred people, 221B contains maybe eight people, and exactly one of them is Sherlock Holmes.
IP addresses work much the same way: there are 16.7 million addresses which start with
172, then 65,534 addresses which start with
172.217, then 254 addresses that start with
172.217.11, and exactly one internet-connected device whose address is
22.214.171.124, and that internet-connected device is a computer which hosts google.com.
Internet-savvy readers will note that the websites of very large companies are usually hosted on multiple computers spread around the world, so that whenever a person browses to that website, some clever software directs them to a server that is physically close by. In those cases, the IP address points not to the web server, but to another computer which does the calculating and re-routing. There are a lot of layers here, and it gets confusing really quickly. Mostly, just don't worry about it.
Large organizations have the rights to certain blocks of addresses. Examples include Apple (17.x.x.x), the US Postal Service (56.x.x.x), and CERN (128.142.x.x). This isn't specifically important, per se, but it is useful to help understand that in many cases, the IP address of a device can tell you something about the network it belongs to or the organization that is administering that network.
Putting a full glossary of networking hardware here would be an act of cruelty. Here are the really essential bits:
Network switch. A device that lets you connect several devices together with ethernet cables. Switches have a small amount of "smarts" in that they can be configured to prioritize certain types of network traffic, restrict traffic speed in certain situations, etc. But in general, they are just there to pass data between other devices.
Network router. A router is the focal point of a network. All traffic which comes into the network from outside, or goes out of the network from inside, must go through the router. The router "knows" what's connected to it, and can direct traffic accordingly. Most routers have DHCP servers built in (discussed below.) Many routers have additional features. Many routers have switches built in. If your router has more than two ethernet ports on it, it has a switch built in.
Wifi access point. A radio transceiver which sends and receives network traffic wirelessly. Wifi can be thought of as simply ethernet-without-wires. Many wifi access points are built into routers, but not all of them, and it's important to know which you're using. A wifi access point with no built-in router has very little "smarts" and generally can be treated as a simple adapter that converts network traffic from electricity in an ethernet cable to radio waves in the air.
CAT-5, CAT-5e, CAT-6. These are types of cables that are used in ethernet networking. They differ only in the speed and quantity of data that they can handle. You will often hear them colloquially called ethernet cables, which is technically incorrect in the same way that calling XLR-3 "microphone cable" is technically incorrect: everyone does it and nobody cares, and it's only important to make the distinction occasionally.
At this point, you may be wondering why you're reading this arcane, mind-numbing nonsense when all you want to do is send OSC messages from QLab to your Ion so that your cues sync up really nicely. We absolutely promise you that all of this information is relevant to theater, but it's a very slow burn to get there.
This is a great moment to take a break, grab a drink, and stretch.
You may have done a little recreational multiplication so far, and concluded that IPv4 only has about 4.3 billion addresses (256 x 256 x 256 x 256). You are quite right, and actually only about 3.7 billion of them are useable for boring technical reasons. Given that there are clearly more internet-connected devices in the world than that, what gives?
The answer lies in this trick: many devices which are connected to the internet are not, in fact, actually directly connected to the internet, thanks to something called Network Address Translation, or NAT.
When you go to a coffee shop and connect to their free wifi network, your laptop or phone does not connect directly to the internet. Instead, it uses a protocol called DHCP (discussed below) to receive an IP address from the wifi router. This address almost always starts with
192.168, and this is a clue that will be useful later on.
What's going on here is that the wifi router is connected (probably) straight to the coffee shop's cable modem or other source of internet, and has a normal public IP address. It's also running a bit of software called a DHCP server which assigns IP addresses to devices that connect to it. All those addresses are from a special pool,
192.168.x.x, and the devices which have those addresses are essentially invisible to the rest of the internet. In order to communicate with the internet, devices on the network use the wifi router as a sort of personal assistant. Your laptop asks the coffee shop router things like "hey, can I see google.com please?" and then the router goes and fetches google.com, and passes it back to your laptop, translating the request from the address of your laptop on the internal private network to the public internet and back again.
Think of it like a switchboard in a large office building. Calls within the building can go straight from office to office, but calls into and out of the building must go through the switchboard.
These private addresses are where we start to get really relevant to theatrical networking.
A local network is a collection of devices which use a common IP address scheme and which are generally physically close together. A private network is a local network that is isolated from the internet as a whole.
The coffee shop wifi network discussed above is isolated from the internet by virtue of NAT; the router can be "seen" by the internet, but the computers and phones on the local network cannot. You could also isolate a network from the internet by simply not connecting it to the internet at all, and that is typical of networks used in theater.
There are three sets of IP addresses which are reserved for private networks:
- 192.168.0.0 through 192.168.255.255 for a total of 65,536 addresses.
- 172.16.0.0 through 172.31.255.255 for a total of 1,048,576 addresses.
- 10.0.0.0 through 10.255.255.255 for a total of 16,777,216 addresses.
When you set up a private network, you're generally going to want to use one of these three address schemes. If your private network never, ever connects to the internet, there's nothing stopping you from using any addresses you like, but it's good form to use these three schemes only.
This begs the question: what does it mean to choose an IP address scheme, practically speaking? If you've read this far, then you know that the answer to that question can only come after another little lesson.
In the context of QLab and a private network in a theater, there are two ways to assign IP addresses to devices on the network.
DHCP, which stands for Dynamic Host Control Protocol, is a system whereby any device that connects to a network announces itself as a new member of the network, and then the DHCP server says, "oh hello, here is your IP address, please hang onto it for four hours, then ask for a new one." This is very convenient, since it means that a given network doesn't need to have enough available addresses for every device that will ever connect to it, only enough for the likely number of devices that are connected at once. If device X disconnects from the network and then device Y connects after a while, the DHCP server may "recycle" the address that device X had and give it to device Y.
When devices on a network are set to use DHCP and there is no DHCP server to be found, they assign themselves an address that starts with
169.254. For some applications (notably Dante), this works perfectly well. For others, seeing that a device has a
169.254 address is a useful troubleshooting tool.
Static, in the context of IP addresses, means that the device's address is preemptively assigned and manually entered in. The most common real-world example of a static IP is the example above with Google's website. The address
126.96.36.199 has been assigned by Google to its web server. Google has the authority to assign all addresses beginning with
172.217, and so they configure the computer hosting their web site to use
188.8.131.52. Whenever that computer is online (which should be all the time), that address corresponds directly to google.com. A static IP address can be assumed to "belong" to the device that it's been assigned to, and should never be used for another device without first removing it from the first device.
Again, this is glossing over a lot of irrelevant detail. Please don't consider this explanation to be authoritative on the topic of how IP addresses belonging to web services operate in general.
When you set up a private network, you'll need to choose whether your network will use DHCP, static addresses, or a mixture of both. How do you decide?
If your network is being used for any or all of the following activity, you probably don't need to use static IPs. Using DHCP will just be simpler and easier:
- File sharing
- Screen sharing
- QLab Remote
- Dante audio
- AirBeam video
On the other hand, if you're using the network to send OSC messages, it will be preferable to use static IP addresses.
If you decide to use DHCP, you'll need to set one device on your network to act as a DHCP server. Nearly every wifi or ethernet router does this, but also you can run a DHCP server on a Mac or PC, or even on an ETC console. All that's important is that your network includes exactly one DHCP server, no more and no less.
There's no way for this document to be all-inclusive on the topic of setting up DHCP serving, so you'll need to consult the manual of whatever device or software you're using.
On a network which uses static IP address, you may not need a router. Or, if you do have one, its DHCP server is not involved in the process of assigning IP addresses. Therefore, you need to assign them. Make a list of all the devices that will be connected to your network, and then give each of them an IP address. Skip addresses ending in 0, 1, and 255 for reasons that will be explained below.
An example list might look like this:
|Sound Designer laptop||10.10.0.5|
|Meyer Galaxy primary||10.10.0.20|
|Meyer Galaxy secondary||10.10.0.21|
|LD tech RVI||10.10.0.101|
The choice of address for each device is not important, but each device must have a unique address. Here, devices that logically go together have sequential addresses, but that's for the benefit of the humans reading the list, not because the machines care about it. Do note, however, that for all these addresses, the first three octets are the same. More on that topic below.
Open System Preferences → Network to adjust network settings on your Mac.
Ethernet preferred over wifi for a number of reasons:
- It's much more stable
- It's dramatically faster
- It's harder for an interloper to connect to
- There are fewer bits to configure
- It's cheaper to do well
- Dante only works over ethernet
If you're using ethernet and DHCP, the Network preference pane will look like this:
There's a green dot on the left next to "Thunderbolt Ethernet" (it's truncated in this screen shot; it says "Thunderbolt Ethernet" because this Mac is using a Thunderbolt adapter to connect to ethernet.) On the right it says Connected, and beneath that you can see that IPv4 is using DHCP, and you see the IP address and some other details discussed below. All the details are listed in a non-editable form, because DHCP is designed to work automatically.
If your Mac is physically connected to your network but not working correctly, the window will look like this:
The green dot is instead yellow, and the IP address begins with
169.254. The most common explanation for this scenario is that the DHCP server isn't working or cannot be reached. The first thing to try is rebooting the device that's doing the DHCP serving.
If you're using the DHCP server built into an ETC console, it's important to hook up your physical network infrastructure before turning the console on. If an ETC console does not detect that it's connected to an ethernet network while it's booting up, it will deactivate its ethernet port.
If you're using a static IP address, the window will look like this:
In this case, the green dot only indicates that you've entered settings which are technically valid. It does not necessarily mean that you entered the correct settings for your network, or that the Mac is successfully communicating with other devices on the network.
A discussion on entering static IP details can be found below.
If you're using wifi to connect your Mac to the network, this is what you should see if everything is working:
The green dot next to "Wi-Fi" on the left side is the first clue, and the small explanatory text on the right includes the IP address that the DHCP server has assigned.
If you click the Advanced button at the bottom right, you can see and change the IP address settings:
The TCP/IP tab shows you how your IPv4 address is being selected, DHCP in this case, then below that you see the address that's been assigned, the subnet mask which we'll discuss in a bit, and the IP address of the router that's doing the DHCP serving.
As long as you're connected to the right wifi network and your router (or other DHCP server) is configured correctly, this is what you should see, and there's nothing to adjust or configure. Do not concern yourself with all the other tabs and buttons.
If you're using static IPs with a wifi network, this is where you choose "Manually" from the Configure IPv4 drop-down menu.
After making any changes to the Network preference pane, it's necessary to click on the Apply button in the lower right corner for those changes to take effect.
There are three settings that you need to enter when your network is using static IP addresses: the IP address itself, the subnet mask and the router address.
Referring to your list above, enter in the IP address that you've planned for this device. Remember these rules:
- Each octet can be in a range between 1 and 254, inclusive. 0 and 255 are reserved for special use.
- Dots (periods) separate the four octets.
- There are customary address ranges for private networks which you should stick to using unless you have a good reason not to.
- The last octet usually shouldn't be
1because that's usually the address of a router. See below.
A subnet is, unsurprisingly, a subsection of a network. Devices which are on the same subnet are able to communicate to each other directly, without sending traffic to the router "above" them. Putting devices on the same subnet is a combination of the physical setup (there must be a physical path for network traffic to move between them), IP address setup (the must have IP addresses in the same scheme), and subnet mask.
Subnet masks look a lot like IP addresses; four octets separated by periods. There are fancy ways to use the subnet mask, but they're not relevant to theatrical networking. The basic way to use a subnet mask involves using only two values for each octet:
Remember the hierarchical nature of the IP address? In the subnet mask, each octet is effectively telling the device whether that level of the hierarchy is part of its subnet. If the value is
255 then that means "this level of the hierarchy is not on your subnet", and if the value is
0, that that means "this level is on your subnet."
In the screen shot above, the Mac's IP address is set to
192.168.2.12 and the subnet mask is set to
255.255.255.0. This Mac is therefore able to send data straight to any device with an IP address beginning
It cannot send data straight to
192.168.50.12, because the third octet does not match and the subnet mask for that octet is
255 means "has to match." That communication must go through a router that is available to both subnets.
A network full of devices configured like this can therefore contain a maximum of 254 devices (since
255 are not permissible in regular IP addresses.)
If the subnet mask were instead set to
255.255.0.0, the Mac would be able to send date straight to any device whose address begins with
192.168, allowing for a network with 64,516 devices on it.
The Mac would not be able to send data straight to
184.108.40.206 because the second octet does not match.
As discussed above, a router behaves as the central traffic authority of a network, and behaves somewhat like a post office, dispatching incoming data to the appropriate neighborhoods and passing outgoing data to the outside world (assuming the network is connected to the outside world.)
All devices on a network must know the IP address of their router in order to properly communicate with the router. While a few network protocols can sidestep this, most cannot and so it's crucial to enter the IP address of the network's router identically on all devices on the network.
If your network is using only static IP addresses and is not connected to the internet, an actual router is often not required. In this situation, the correct thing to do is enter the IP address of an imaginary router as though it were really there. Odd as this may sound, it's a simple solution to a lot of vague networking problems.
Routers are traditionally given IP addresses that end in
.1 although this is not technically required. It is our advice to stick with tradition here.
So, if you do not have a real router, invent an IP address that is reachable by your other devices (according to their subnet masks) and ending in
1 and enter it on all your devices.
If you're networking together with the lighting department, chances are good that they're using ETC gear, which comes with some very specific default IP settings:
- Subnet mask:
Since adjusting these settings is more of a hassle on the ETC gear than on a Mac, it's often convenient and neighborly to follow their scheme.
Because ETC is so careful about their defaults, it's easy for you to work around their IP scheme and assign addresses to all your devices in a way which won't conflict. In short:
- Use an IP address scheme starting with
- For the third octet of your addresses, use a number lower than
50, but not
- For all devices that will communicate with the lighting network (i.e. the QLab mac), use a subnet of
- For all devices that will not communicate with the lighting network, you can optionally use a more restrictive subnet mask of
255.255.255.0, but you'll need to do some extra work to make sure that each device is either on the same subnet as the other devices it must communicate with, or is able to "see" a router that can see those other devices.
As you can see, this is a very, very complex topic. This document barely scratches the surface of the entire topic of networking; we did not discuss physical networking considerations, software considerations, and we glossed over a lot of detail which is irrelevant to putting up a theatrical production, but which is nevertheless part of the general topic.
You are encouraged to use this document as a jumping-off point. The internet does a terrific job of documenting itself, and it is not difficult to find articles and tutorials which you can use to expand your knowledge of any of the topics discussed here.
As always, writing to firstname.lastname@example.org is the best and fastest way to get help using QLab.