Lecture-1
NETWORK DEVICES NETWORK DEVICES AND VLANAND VLAN
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Connecting Devices
RepeatersHubsBridgesSwitchesRoutersGateway
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Figure 15 1 Fi t i f ti d iFigure 15.1 Five categories of connecting devices
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
RepeatersA physical layer device the acts on bits not on frames orA physical layer device the acts on bits not on frames orpackets.Can have two or more interfaces.Wh bit (0 1) i th t i it dWhen a bit (0,1) arrives, the repeater receives it andregenerates it, then transmits it onto all other interfaces.Used in LAN to connect cable segments and extend themaximum cable length extending the geographical LANmaximum cable length , extending the geographical LANrange
Ethernet 10base5 – Max. segment length 500m – 4repeaters (5 segments) are used to extend the cable torepeaters (5 segments) are used to extend the cable to2500m)Ethernet 10Base2- Max. segment length 185m - 4repeaters (5 segments) are used to extend the cable torepeaters (5 segments) are used to extend the cable to925m
Repeaters do not implement any access methodIf any two nodes on any two connected segments
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
If any two nodes on any two connected segmentstransmit at the same time collision will happen.
Figure 15 3 F ti f tFigure 15.3 Function of a repeater
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Figure 15 2 A t ti t t f LANFigure 15.2 A repeater connecting two segments of a LAN
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
HubsActs on the physical layer, also called multiport repeaterO t bit th th fOperate on bits rather than frames.Used to connect stations adapters in a physical star topology butlogically bus.C ti t th h b i t f t i f t i t d i iConnection to the hub consists of two pairs of twisted pair wire onefor transmission and the other for receiving.Hub receives a bit from an adapter and sends it to all the otheradapters without implementing any access methodadapters without implementing any access method.does not do filtering (forward a frame into a specific destination ordrop it) just it copy the received frame onto all other linksThe entire hub forms a single collision domain and a singleThe entire hub forms a single collision domain, and a singleBroadcast domain
Collision domain: is that part of the network (set of NICs) whentwo or more nodes transmit at the same time collision will happen.ppBroadcast domain: is that part of the network (set of NIC) whereeach NIC can 'see' other NICs' traffic broadcast messages.
Multiple Hubs can be used to extend the network length.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
For 10BaseT and 100BaseT the maximum length of the connectionbetween an adapter and the hub is 100 meters, the maximum lengthbetween any two nodes is 200 m = maximum network length.
Hubs
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Interconnecting with HubsBackbone hub interconnects LAN segmentsBackbone hub interconnects LAN segmentsAdvantage:
Extends max distance between nodes
DisadvantagesIndividual segment collision domains become one largecollision domain (reduce the performance)collision domain (reduce the performance)Can’t interconnect different Ethernet technologies(like 10BaseT& 100BaseT) because no buffering at the hubDo not isolate and filter packetsDo not isolate and filter packets
Here we have asingle collisionsingle collisiondomain and asingle broadcastdomain
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Hubs Vs. Repeaters
Hub are different than repeaters in the following:
The hub provide network management features byThe hub provide network management features bygathering information about the network and reportthem to a monitoring host connected to the hub so
i i b h k (b d id hsome statistics about the network (bandwidthusages, collision rates, average frame sizes) can begenerated.g
If an adapter is not working the hub can disconnect itinternally and the network will not be affected.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Bridges
• Has one input and one output.• Used to isolate network traffic
and computers.• Has the intelligent to examine
incoming packet source anddestination addresses
• But cannot interpret higher-But cannot interpret higherlevel information
• Hence cannot filter packetaccording to its protocolaccording to its protocol
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200411
How Bridges Work
• Bridges work at the Media Access Control Sub-layer of theOSI model
• Routing table is built torecord the segment no. ofaddress
• If destination address is inthe same segment as thesource address, stop, ptransmit
• Otherwise, forward to theother segmentother segment
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200412
Figure 15.5 A bridge connecting two LANs
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Bridge Learning ProcessWhen the Bridge receives a frame, it compares the sourcedd f h f i h h i h f di bladdress of the frame with each entry in the forwarding table
If No match is found, the bridge will add to the table theframe source address and the interface on which the framewas received.If a match is found, the bridge updates the interface numberon which the frame was received, if it is different from the oneon which the frame was received, if it is different from the onein the table also it updates the record time.
Then, the Bridge compares the destination address of the framewith each entry in the forwarding table (MAC table)with each entry in the forwarding table (MAC table)
If a match is found then, the bridge compares the interfacenumber on which the frame was received and the interfacenumber in the table if they are different the bridge forwardsnumber in the table, if they are different the bridge forwardsthe frame through the interface number stored in the table.Otherwise, if they are the same the Bridge discards (drops)the frame.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
t e a eIf no match is found, the Bridge floods the frame on allinterfaces except the one on which the frame was received.
Figure 15.6 A learning Bridge and the process of learning
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Some Bridge FeaturesImplements CSMA/CDpBridge isolates collision domains (each LAN segment is aseparate collision domain), result in higher total max throughput.Bridge forwards a frame with broadcast address to all devicesBridge forwards a frame with broadcast address to all devicesattached to the whole network (single broadcast domain)Can be used to combine Ethernet segments using differentEthernet technologies (10Base2 and 100BaseT and 10BaseT)g ( )because it has buffering capabilitiesIncreases reliability , performance , and security.Increases geographical coverageIncreases geographical coverageTransparent: installing or removing a Bridge does not require thestations networking software to be reconfigured.Plug-and-Play: no configuration necessary at installation ofPlug and Play: no configuration necessary at installation ofSwitch /Bridge or when a host is removed from one of the LANsegments.Disadvantage: Bridge does not allow multiple paths between
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Disadvantage: Bridge does not allow multiple paths betweenLAN segments or between any two devices.
Collision Domains in an Unbridged and Bridged Network
In heavy load, each station has an average effective theoretical bandwidth = 10/12
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Each station has an average effective bandwidth equal =10/3
SwitchesS it h t t th D t Li k l (l 2) f th• Switches operate at the Data Link layer (layer 2) of theOSI model.
• Can interpret address information• Can interpret address information
• Switches resemble bridges and can be considered asmultiport bridges.multiport bridges.
• By having multiport, canbetter use limitedb d idth dbandwidth and provemore cost-effective thanbridge.g
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200418
Cisco Catalyst 2900 switch
Switches
• Switches divide a network into several isolatedchannels.
• Packets sending from 1 channel will not go to another ifnot specify.
• Each channel has its own capacity and need not be• Each channel has its own capacity and need not beshared with other channels.
Switch H b
10Mbps
Switch Hub 3.3Mbps
3.3Mbps
10Mbps
3.3Mbps
McGraw-Hill ©The McGraw-Hill Companies, Inc., 20041910Mbps
10Mbps
Advantages of Switches
• Switches divide a network into several isolated channels(or collision domains)
• Reduce the possibility of collision• Collision only occurs when two devices try to get
access to one channelaccess to one channel• Can be solved by buffering one of them for later
access• Each channel has its own network capacity• Each channel has its own network capacity
• Suitable for real-time applications, e.g. videoconferencing
• Since isolated, hence secure• Data will only go to the destination, but not to others
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200420
Limitations of Switches
• Although contains buffers to accommodate bursts of traffic,b h l d b h t ffican become overwhelmed by heavy traffic
• Device cannot detect collision when buffer full
• CSMA/CD scheme will not work since the datachannels are isolated, not the case as in Ethernet
Some higher le el protocols do not detect error• Some higher level protocols do not detect error
• E.g. UDP
Th d k i l d h• Those data packets are continuously pumped to theswitch and introduce more problems.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200421
RoutersOperates at network layer, deals with packets not frames.Connect LANs and WANs with similar or different protocols togetherSwitches and bridges isolate collision domains but forward broadcastmessages to all LANs connected to them. Routers isolate bothcollision domains and broadcast domainscollision domains and broadcast domainsActs like normal stations on a network, but have more than onenetwork address (an address to each connected network)Deals with global address (IP address) not local address (MACDeals with global address (IP address) not local address (MACaddress)Routers Communicate with each other and exchange routinginformation.information.Determine best route using routing algorithm by special software.Forward traffic if information on destination is available otherwisediscard it (not like a Bridge or bridge).( g g )
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Layer-3 SwitchesL 3 it h t i b th l 2 (d t li k l ) d• Layer-3 switches operate in both layer 2 (data link layer) and3 (network layer).
• Can perform both MAC switching and IP routing• Can perform both MAC switching and IP routing.
• A combination of switch and router but much faster andeasier to configure than router.g
Why Layer-3 switches?
• Traffic of LAN is noTraffic of LAN is nolonger local.
• Speed of LAN is muchfaster.
• Need a much fasterrouter however very
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200423
router, however, veryexpensive.
Gateways
A device that translates one data format to another iscalled a gateway.g y
Some examples of gateways include a router thattranslates data from one network protocol to another, abridge that converts between two networking systems,and a software application that converts between twodissimilar formats.d ss a o ats
The key point about a gateway is that only the dataformat is translated, not the data itself.
In many cases, the gateway functionality is incorporatedinto another device.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Network cards, also called Network Interface Cards,
Network Cards , ,
are devices that enable computers to connect to thenetwork.Early NIC were commonly implemented on expansiony y p pcards that plugged into a computer bus; most newercomputers have a network interface built into themotherboard.Can be cabled or wireless (radio)..The information is arranged into a frame.The NIC “listens” to the network for othertransmissions; if a transmission is heard, it will wait untilthe transmission is complete.The NIC begins to serially transmit the frame over the
This old ‘combo’ NIC accepts bothg y
network.The receiving NIC calculates the checksum for thereceived frame, then compares it to the checksum it
accepts both BNC (coaxial) and RJ45 (UTP)
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
received.If there are no errors, the receiving stationacknowledges the received data.
( )connectors.
• Allow computers to communicate over a telephone line
ModemsAllow computers to communicate over a telephone line.
• Enable communication between networks or connecting tothe world beyond the LAN.y
• Cannot send digital signal directly to telephone line• Sending end: MODulate the computer’s digital signal into
analog signal and transmitsanalog signal and transmits.• Receiving end: DEModulate the analog signal back into
digital form.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 200426
A firewall is a networking device, either hardware or softwareb d t l t i ti ’ t k
Firewalls
based, controls access to organization’s network.
This controlled access is designed to protect data and resourcesfrom an outside threat.
Typically placed at entry/exit points of a network.
Organizations implement software firewalls through networkg p goperating systems (NOS) such as Linux/UNIX, Windows servers,and Mac OS servers.
The firewall is configured on the server to allow or permit certainThe firewall is configured on the server to allow or permit certaintypes of network traffic.
In small offices and for regular home use, a firewall is commonlyll d h l l d f d l ffinstalled on the local system and configured to control traffic.
Hardware firewalls are used in networks of all sizes today.Hardware firewalls are often dedicated network devices that can
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Hardware firewalls are often dedicated network devices that canbe implemented with very little configuration and protect allsystems behind the firewall from outside sources.
Virtual LANs
VLAN(Virtual (logical) Local Area Network) : Local Area Network configured by software not by physical wiring.
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
A Bridge using VLAN software
VLAN1: Ports 1,2,5,7
VLAN2: Ports 3,4,61 2 3 4 5 6 7 8 9 10
VLAN3: Ports 8,9,10Separate broadcast domain separate network
Using the Virtual LAN technology will allow groupingcomputers logically instead of physically.
VLAN divides the physical LAN into several Logical LANscalled VLANs.
B id i t i l k t bl t k t hi h LAN
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Bridge maintains a look up table to know to which LAN amachine belongs to.
Figure 15.17 Two Bridgees in a backbone using VLAN software
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
Advantages of VLAN
Reduce cost and installation time:Instead of physically moving a station to another segment oranother Bridge it can be moved by softwareanother Bridge, it can be moved by software.
Increase security:A group of users needing a high security can be put into a VLAN
th t NO t id th VLAN i t ith thso that NO users outside the VLAN can communicate with them.Stations belong to the same group can send broadcastmessages that will NOT be received by users in others VLANgroups
Creating Virtual WorkgroupsStations located at physically different locations can be addedp y yeasily to the same broadcast domain so that they can sendbroadcast messages to one another.
EXAMPLE: people from different departments working on the same
McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004
p p p gproject
Top Related