As previous hours have mentioned, network access methods such as CSMA/CD (ethernet) and token passing (token ring) are designed to serve limited numbers of computers. A large network must provide some means of filtering and directing network traffic to prevent an overload of the transmission medium. Large networks, therefore, are divided into smaller segments. Each segment is isolated from the rest of the network by some filtering device.
If the source and the destination of a transmission are within the segment, the filtering device stops the transmission from passing to the greater network (see Figure 9.1). In a practical sense, this segmenting concept stops a considerable amount of traffic, because computers that are in close proximity (and thus on the same segment) are in many cases the most likely to be sharing information over the network. Two computers in the same office suite, for example, might regularly exchange files and share a printer and might only occasionally communicate with a third computer on the other end of the building.
A device that filters traffic (as shown in Figure 9.1) is sometimes called a connectivity device, although the term is sometimes used more generally to include a device such as a repeater, which doesn't provide filtering capabilities.
The primary uses for connectivity devices are as follows:
A bridge is a connectivity device that filters and forwards packets by physical address. Bridges operate at the OSI Data Link layer (which, as described in Hour 3, "The Network Access Layer," falls within the TCP/IP Network Access layer). In recent years, bridges have become much less common as networks move to more versatile devices, such as switches. However, the simplicity of the bridges makes it a good starting point for this discussion of connectivity devices.
Although a bridge is not a router, a bridge still uses a routing table as a source for delivery information. This physical address–based routing table is considerably different from and less sophisticated than the routing tables described later in this hour.
A bridge listens to each segment of the network it is connected to and builds a table showing which physical address is on which segment. When data is transmitted on one of the network segments, the bridge checks the destination address of the data and consults the routing table. If the destination address is on the segment from which the data was received, the bridge ignores the data. If the destination address is on a different segment, the bridge forwards the data to the appropriate segment. If the destination address isn't in the routing table, the bridge forwards the data to all segments except the segment from which it received the transmission.
By the Way
It is important to remember that the hardware-based physical addresses used by a bridge are different from the logical IP addresses. See Hours 1–4 for more on the difference between physical and logical addresses.
Bridges were once common on LANs as an inexpensive means of filtering traffic, and therefore increasing the number of computers that can participate in the network. Because bridges use only Network Access layer physical addresses and do not examine logical addressing information available in the IP datagram header, bridges are not very useful for connecting dissimilar networks. Bridges also cannot assist with the IP routing and delivery schemes used to forward data on large networks such as the Internet.
Up until a few years ago, most ethernet networks used a scheme that connected the computers with a single, continuous coaxial cable. In recent years, 10BASE-T–style hub-based ethernet has become the dominant form. Almost all ethernet networks today use a central hub or switch to which the computers on the network connect (see Figure 9.2).
As you'll recall from Hour 3, the classic ethernet concept calls for all computers to share the transmission medium. Each transmission is heard by all network adapters. An ethernet hub receives a transmission from one of its ports and echoes that transmission to all of its other ports (refer to Figure 9.2). In other words, the network behaves as if all computers were connected using a single continuous line. The hub does not filter or route any data. Instead, the hub just receives and retransmits signals.
One of the principal reasons for the rise of hub-based ethernet is that in most cases a hub simplifies the task of wiring the network. Each computer is connected to the hub through a single line. A computer can easily be detached and reconnected. In an office setting where computers are commonly grouped together in a small area, a single hub can serve a close group of computers and can be connected to other hubs in other parts of the network. With all cables connected to a single device, vendors soon began to realize the opportunities for innovation. More sophisticated hubs, called intelligent hubs, began to appear. Intelligent hubs provided additional features, such as the capability to detect a line problem and block off a port.
A hub-based ethernet network still faces the principal liability of ethernet: Performance degrades as traffic increases. No computer can transmit unless the line is free. Furthermore, each network adapter must receive and process every frame placed on the ethernet. A smarter version of a hub, called a switch, was developed to address these problems with ethernet. In its most fundamental form, a switch looks very similar to the hub shown in Figure 9.2. Each computer is attached to the switch through a single line. However, the switch is smarter about where it sends the data received through one of its ports. Most switches associate each port with the physical address of the adapter connected to that port (see Figure 9.3). When one of the computers attached to the port transmits a frame, the switch checks the destination address of the frame and sends the frame to the port associated with that destination address. In other words, the switch sends the frame only to the adapter that is supposed to receive it. Every adapter does not have to examine every frame transmitted on the network. The switch reduces superfluous transmissions and therefore improves the performance of the network.
Note that the type of switch I just described operates with physical addresses (see Hour 3) and not IP addresses. The switch is not a router. Actually, a switch is more like a bridge—or, more accurately, like several bridges in one. The switch isolates each of its network connections so that only data coming from or going to the computer on the end of the connection enters the line (see Figure 9.4).
Several types of switches are now available. Two of the most common switching methods are
Switches have become increasingly popular in recent years. Corporate LANs often use a collection of layered and interconnected switches for optimum performance.
Switching has seen a revolution in recent years, with huge investments from the industry in filtering and forwarding technologies. Vendors now view the fundamental switch concept described earlier in this section as a special case of a larger category of switching devices. Vendors now define a switch more generally as a device that makes forwarding decisions based on information in protocol headers. More sophisticated switches operate at higher protocol layers and can therefore base forwarding decisions on a greater variety of parameters.
In this more general approach to switching, devices are classified according to the highest OSI protocol layer at which they operate. Refer to Figure 2.2 for a look at the OSI protocol layers and how they relate to the TCP/IP layers. Layers are commonly numbered from the bottom up. Thus, the switch described earlier in this section, which operates at OSI's Data Link layer, is known as a Layer 2 switch. Switches that forward based on IP address information at the OSI Network layer are called Layer 3 switches. (As you might guess, a Layer 3 switch is essentially a type of router. You'll learn more about routers later in this hour.)
Layer 4 switches can forward data based on the contents of the Transport layer header. As you'll recall from Hour 6, the Transport layer contains information on the port number for the service associated with the transmission. A switch that can read the port number can determine the service or application that is sending or receiving the data. For instance, a Layer 4 switch can determine whether incoming data is destined for a Web server, a mail server, or a Telnet server. This capability lets Layer 4 switches assist with tasks such as load balancing, access control, and the prioritizing of traffic for Quality of Service criteria.
Still more sophisticated switches operate at still higher layers of the OSI stack. As you'll recall from Hour 2, the TCP/IP model does not subdivide the upper-layer duties that OSI associates with the Session, Presentation, and Application layers. Similar services, however, occur within TCP/IP's Application layer. Layer 7 switching, which is sometimes called Layer 4–7 or Layer 5–7 switching, has complete knowledge of all information encoded in headers of the protocol stack and can tailor the traffic pattern to details of specific sessions, applications, and interfaces.
Of course, as you will learn throughout this book, the more you ask a device to do, the greater the overhead. Upper-layer protocol switching would not be practical without the newer, faster hardware, and in ordinary network situations, these sophisticated devices are sometimes not worth the complexity or the expense. However, in other situations, the load balancing capabilities of upper-layer switches can actually save money and increase efficiency for the network.
Routers are an essential part of any large TCP/IP network. Without routers the Internet could not function. In fact, the Internet never would have grown to what it is today without the development of network routers and TCP/IP routing protocols.
A large network such as the Internet contains many routers that provide redundant pathways from the source to the destination nodes. The routers must work independently, but the effect of the system must be that data is routed accurately and efficiently through the internetwork.
Routers are far more sophisticated than bridges. Routers replace Network Access layer header information as they pass data from one network to the next, so a router can connect dissimilar network types. Many routers also maintain detailed information describing the best path based on considerations of distance, bandwidth, and time. (You'll learn more about route-discovery protocols later in this hour.)