network devices and vlan

Lecture-1

NETWORK DEVICES NETWORK DEVICES AND VLANAND VLAN

McGraw-Hill ©The McGraw-Hill Companies, Inc., 2004

Connecting Devices

RepeatersHubsBridgesSwitchesRoutersGateway


Figure 15 1 Fi t i f ti d iFigure 15.1 Five categories of connecting devices


RepeatersA physical layer device the acts on bits not on frames orA physical layer device the acts on bits not on frames orpackets.Can have two or more interfaces.Wh bit (0 1) i th t i it dWhen a bit (0,1) arrives, the repeater receives it andregenerates it, then transmits it onto all other interfaces.Used in LAN to connect cable segments and extend themaximum cable length extending the geographical LANmaximum cable length , extending the geographical LANrange

Ethernet 10base5 – Max. segment length 500m – 4repeaters (5 segments) are used to extend the cable torepeaters (5 segments) are used to extend the cable to2500m)Ethernet 10Base2- Max. segment length 185m - 4repeaters (5 segments) are used to extend the cable torepeaters (5 segments) are used to extend the cable to925m

Repeaters do not implement any access methodIf any two nodes on any two connected segments


If any two nodes on any two connected segmentstransmit at the same time collision will happen.

Figure 15 3 F ti f tFigure 15.3 Function of a repeater


Figure 15 2 A t ti t t f LANFigure 15.2 A repeater connecting two segments of a LAN


HubsActs on the physical layer, also called multiport repeaterO t bit th th fOperate on bits rather than frames.Used to connect stations adapters in a physical star topology butlogically bus.C ti t th h b i t f t i f t i t d i iConnection to the hub consists of two pairs of twisted pair wire onefor transmission and the other for receiving.Hub receives a bit from an adapter and sends it to all the otheradapters without implementing any access methodadapters without implementing any access method.does not do filtering (forward a frame into a specific destination ordrop it) just it copy the received frame onto all other linksThe entire hub forms a single collision domain and a singleThe entire hub forms a single collision domain, and a singleBroadcast domain

Collision domain: is that part of the network (set of NICs) whentwo or more nodes transmit at the same time collision will happen.ppBroadcast domain: is that part of the network (set of NIC) whereeach NIC can 'see' other NICs' traffic broadcast messages.

Multiple Hubs can be used to extend the network length.


For 10BaseT and 100BaseT the maximum length of the connectionbetween an adapter and the hub is 100 meters, the maximum lengthbetween any two nodes is 200 m = maximum network length.

Hubs


Interconnecting with HubsBackbone hub interconnects LAN segmentsBackbone hub interconnects LAN segmentsAdvantage:

Extends max distance between nodes

DisadvantagesIndividual segment collision domains become one largecollision domain (reduce the performance)collision domain (reduce the performance)Can’t interconnect different Ethernet technologies(like 10BaseT& 100BaseT) because no buffering at the hubDo not isolate and filter packetsDo not isolate and filter packets

Here we have asingle collisionsingle collisiondomain and asingle broadcastdomain


Hubs Vs. Repeaters

Hub are different than repeaters in the following:

The hub provide network management features byThe hub provide network management features bygathering information about the network and reportthem to a monitoring host connected to the hub so

i i b h k (b d id hsome statistics about the network (bandwidthusages, collision rates, average frame sizes) can begenerated.g

If an adapter is not working the hub can disconnect itinternally and the network will not be affected.


Bridges

• Has one input and one output.• Used to isolate network traffic

and computers.• Has the intelligent to examine

incoming packet source anddestination addresses

• But cannot interpret higher-But cannot interpret higherlevel information

• Hence cannot filter packetaccording to its protocolaccording to its protocol


How Bridges Work

• Bridges work at the Media Access Control Sub-layer of theOSI model

• Routing table is built torecord the segment no. ofaddress

• If destination address is inthe same segment as thesource address, stop, ptransmit

• Otherwise, forward to theother segmentother segment


Figure 15.5 A bridge connecting two LANs


Bridge Learning ProcessWhen the Bridge receives a frame, it compares the sourcedd f h f i h h i h f di bladdress of the frame with each entry in the forwarding table

If No match is found, the bridge will add to the table theframe source address and the interface on which the framewas received.If a match is found, the bridge updates the interface numberon which the frame was received, if it is different from the oneon which the frame was received, if it is different from the onein the table also it updates the record time.

Then, the Bridge compares the destination address of the framewith each entry in the forwarding table (MAC table)with each entry in the forwarding table (MAC table)

If a match is found then, the bridge compares the interfacenumber on which the frame was received and the interfacenumber in the table if they are different the bridge forwardsnumber in the table, if they are different the bridge forwardsthe frame through the interface number stored in the table.Otherwise, if they are the same the Bridge discards (drops)the frame.


t e a eIf no match is found, the Bridge floods the frame on allinterfaces except the one on which the frame was received.

Figure 15.6 A learning Bridge and the process of learning


Some Bridge FeaturesImplements CSMA/CDpBridge isolates collision domains (each LAN segment is aseparate collision domain), result in higher total max throughput.Bridge forwards a frame with broadcast address to all devicesBridge forwards a frame with broadcast address to all devicesattached to the whole network (single broadcast domain)Can be used to combine Ethernet segments using differentEthernet technologies (10Base2 and 100BaseT and 10BaseT)g ( )because it has buffering capabilitiesIncreases reliability , performance , and security.Increases geographical coverageIncreases geographical coverageTransparent: installing or removing a Bridge does not require thestations networking software to be reconfigured.Plug-and-Play: no configuration necessary at installation ofPlug and Play: no configuration necessary at installation ofSwitch /Bridge or when a host is removed from one of the LANsegments.Disadvantage: Bridge does not allow multiple paths between


Disadvantage: Bridge does not allow multiple paths betweenLAN segments or between any two devices.

Collision Domains in an Unbridged and Bridged Network

In heavy load, each station has an average effective theoretical bandwidth = 10/12


Each station has an average effective bandwidth equal =10/3

SwitchesS it h t t th D t Li k l (l 2) f th• Switches operate at the Data Link layer (layer 2) of theOSI model.

• Can interpret address information• Can interpret address information

• Switches resemble bridges and can be considered asmultiport bridges.multiport bridges.

• By having multiport, canbetter use limitedb d idth dbandwidth and provemore cost-effective thanbridge.g


Cisco Catalyst 2900 switch

Switches

• Switches divide a network into several isolatedchannels.

• Packets sending from 1 channel will not go to another ifnot specify.

• Each channel has its own capacity and need not be• Each channel has its own capacity and need not beshared with other channels.

Switch H b

10Mbps

Switch Hub 3.3Mbps

3.3Mbps

10Mbps

3.3Mbps

McGraw-Hill ©The McGraw-Hill Companies, Inc., 20041910Mbps

10Mbps

Advantages of Switches

• Switches divide a network into several isolated channels(or collision domains)

• Reduce the possibility of collision• Collision only occurs when two devices try to get

access to one channelaccess to one channel• Can be solved by buffering one of them for later

access• Each channel has its own network capacity• Each channel has its own network capacity

• Suitable for real-time applications, e.g. videoconferencing

• Since isolated, hence secure• Data will only go to the destination, but not to others


Limitations of Switches

• Although contains buffers to accommodate bursts of traffic,b h l d b h t ffican become overwhelmed by heavy traffic

• Device cannot detect collision when buffer full

• CSMA/CD scheme will not work since the datachannels are isolated, not the case as in Ethernet

Some higher le el protocols do not detect error• Some higher level protocols do not detect error

• E.g. UDP

Th d k i l d h• Those data packets are continuously pumped to theswitch and introduce more problems.


RoutersOperates at network layer, deals with packets not frames.Connect LANs and WANs with similar or different protocols togetherSwitches and bridges isolate collision domains but forward broadcastmessages to all LANs connected to them. Routers isolate bothcollision domains and broadcast domainscollision domains and broadcast domainsActs like normal stations on a network, but have more than onenetwork address (an address to each connected network)Deals with global address (IP address) not local address (MACDeals with global address (IP address) not local address (MACaddress)Routers Communicate with each other and exchange routinginformation.information.Determine best route using routing algorithm by special software.Forward traffic if information on destination is available otherwisediscard it (not like a Bridge or bridge).( g g )


Layer-3 SwitchesL 3 it h t i b th l 2 (d t li k l ) d• Layer-3 switches operate in both layer 2 (data link layer) and3 (network layer).

• Can perform both MAC switching and IP routing• Can perform both MAC switching and IP routing.

• A combination of switch and router but much faster andeasier to configure than router.g

Why Layer-3 switches?

• Traffic of LAN is noTraffic of LAN is nolonger local.

• Speed of LAN is muchfaster.

• Need a much fasterrouter however very


router, however, veryexpensive.

Gateways

A device that translates one data format to another iscalled a gateway.g y

Some examples of gateways include a router thattranslates data from one network protocol to another, abridge that converts between two networking systems,and a software application that converts between twodissimilar formats.d ss a o ats

The key point about a gateway is that only the dataformat is translated, not the data itself.

In many cases, the gateway functionality is incorporatedinto another device.


Network cards, also called Network Interface Cards,

Network Cards , ,

are devices that enable computers to connect to thenetwork.Early NIC were commonly implemented on expansiony y p pcards that plugged into a computer bus; most newercomputers have a network interface built into themotherboard.Can be cabled or wireless (radio)..The information is arranged into a frame.The NIC “listens” to the network for othertransmissions; if a transmission is heard, it will wait untilthe transmission is complete.The NIC begins to serially transmit the frame over the

This old ‘combo’ NIC accepts bothg y

network.The receiving NIC calculates the checksum for thereceived frame, then compares it to the checksum it

accepts both BNC (coaxial) and RJ45 (UTP)


received.If there are no errors, the receiving stationacknowledges the received data.

( )connectors.

• Allow computers to communicate over a telephone line

ModemsAllow computers to communicate over a telephone line.

• Enable communication between networks or connecting tothe world beyond the LAN.y

• Cannot send digital signal directly to telephone line• Sending end: MODulate the computer’s digital signal into

analog signal and transmitsanalog signal and transmits.• Receiving end: DEModulate the analog signal back into

digital form.


A firewall is a networking device, either hardware or softwareb d t l t i ti ’ t k

Firewalls

based, controls access to organization’s network.

This controlled access is designed to protect data and resourcesfrom an outside threat.

Typically placed at entry/exit points of a network.

Organizations implement software firewalls through networkg p goperating systems (NOS) such as Linux/UNIX, Windows servers,and Mac OS servers.

The firewall is configured on the server to allow or permit certainThe firewall is configured on the server to allow or permit certaintypes of network traffic.

In small offices and for regular home use, a firewall is commonlyll d h l l d f d l ffinstalled on the local system and configured to control traffic.

Hardware firewalls are used in networks of all sizes today.Hardware firewalls are often dedicated network devices that can


Hardware firewalls are often dedicated network devices that canbe implemented with very little configuration and protect allsystems behind the firewall from outside sources.

Virtual LANs

VLAN(Virtual (logical) Local Area Network) : Local Area Network configured by software not by physical wiring.


A Bridge using VLAN software

VLAN1: Ports 1,2,5,7

VLAN2: Ports 3,4,61 2 3 4 5 6 7 8 9 10

VLAN3: Ports 8,9,10Separate broadcast domain separate network

Using the Virtual LAN technology will allow groupingcomputers logically instead of physically.

VLAN divides the physical LAN into several Logical LANscalled VLANs.

B id i t i l k t bl t k t hi h LAN


Bridge maintains a look up table to know to which LAN amachine belongs to.

Figure 15.17 Two Bridgees in a backbone using VLAN software


Advantages of VLAN

Reduce cost and installation time:Instead of physically moving a station to another segment oranother Bridge it can be moved by softwareanother Bridge, it can be moved by software.

Increase security:A group of users needing a high security can be put into a VLAN

th t NO t id th VLAN i t ith thso that NO users outside the VLAN can communicate with them.Stations belong to the same group can send broadcastmessages that will NOT be received by users in others VLANgroups

Creating Virtual WorkgroupsStations located at physically different locations can be addedp y yeasily to the same broadcast domain so that they can sendbroadcast messages to one another.

EXAMPLE: people from different departments working on the same


p p p gproject

network devices and vlan

Documents