If you are used to
working with home networking gear, you will beused to an integrated device that
“does it all”. On a home network, you may have one box that is a cable/DSL
modem, router, firewall, switch, and wireless access point all in one. It is
amazing all the functions they can fit into one box.
If you are
studying Cisco networking and learning about how businesses use these devices,
you may be wondering why there is so much importance on the differences between
a switch, router, firewall, and other network devices. If the home user can
have all these devices combined into one, why doesn’t the business user do this
as well? So, now, here we try to find out what the main differences between
these network devices.
Integrated devices
Just like home
devices, business devices have become more and more consolidated over time but
not to the extent that the home devices have. Network administrators in a
business network are more comfortable having separate devices and even like the
idea. This is because network administrators like to be able to isolate
problems down to a certain device and they like to be able to know the
performance capabilities of every device. If you use an integrated router,
switch, and firewall all into one device, troubleshooting, managing, and
understanding the performance capabilities of that device gets complicated. I’m
not saying that this isn’t done. You can buy a big & expensive,
chassis-based, Cisco 6500 series switch and have almost all these functions on
different blades of the switch. This may be fine for a larger business with a
group of administrators but to a medium size business and a single network
administrator, many times, this is a scary thought.
Keep in mind that
for a medium or large size business, these integrated home devices won’t work
because they don’t offer all the features required. The standalone routers,
switches, and firewalls have many more features than these integrated devices
do.
But what is the
difference between these devices anyway? Let’s cover the three most popular
devices.
Router
A router is a
hardware device and has the function of routing packets between networks. A
router works at Layer 3 of the OSI model – the Network Layer. This
is the layer that the IP protocol works at. Most routers today are IP routers
that examine the source and destination IP addresses of each packet, look up
the destination of the packet in the router’s IP routing table, and route that
packet on its way. In the event that the destination is not listed in the
routing table, the router will either send the packet to a default router (if
it has one) or drop the packet. Routers are usually used to connect a local
area network to a wide-area network (a LAN to a WAN) but can also be used to
segment large local area networks (LAN’s).
Routers prevent
broadcasts. Another way of saying this is that routers form a broadcast domain.
So, if your network is being deluged by IP broadcasts, you need to subnet your
network into two or more smaller networks. Those networks would be connected by
a router and that router wouldn’t allow broadcast traffic to flow between
subnets.
Routers use
routing dynamic protocols like OSPF,
RIP, or BGP to learn routes from other routers. Router can also use static
routes that are entered by the administrator.
Routers replace
the Ethernet MAC address of the source device with their own MAC address when
they send a packet out an interface. When the response to that packet comes
back, the new source of the packet is sending the response to the destination
of the router. The router receives this, replaces the source address, changes
the destination address to the original address, and sends the packet back to
the original sender. This is a complex topic that we could spend a whole
article covering so this is only meant to provide the most basic understanding
of how this works.
To show the
routing table on the router, use the show ip route command.
Here is an example of what a routing table looks like on a router:
Switch
A switch is a
hardware device that works at Layer 2 of the OSI model – data link.
The data link layer is where the Ethernet protocol works.
A switch switches
Ethernet frames by keeping a table of what MAC addresses have been seen on what
switch port. The switch uses this table to determine where to send all future
frames that it receives. In Cisco terminology, this table is called the CAM
table (content addressable memory). In general, the proper term for this table
is the bridge forwarding table. If a switch receives a frame with a destination
MAC address that it does not have in its table, it floods that frame to all
switch ports. When it receives a response, it puts that MAC address in the
table so that it won’t have to flood next time.
A switch is a
high-speed multiport bridge. This is why bridges are no longer needed or
manufactured. Switches do what bridges did faster and cheaper. Most routers can
also function as bridges.
You might be
asking how a hub fits into this mix of devices. A hub is a multiport repeater.
In other words, anything that comes in one port of a hub is duplicated and sent
out all other ports of the hub that have devices attached. There is no
intelligence to how a hub functions. A switch is a vast improvement over a hub
in terms of intelligence, for many reasons. The most important of those reasons
is how the bridge forwarding table works. Intelligent (smart) switches have
made hubs obsolete because they can do more at the same cost of a dumb hub. For
this reason, hubs are rarely used or sold any longer.
Here is an
example:
Firewall
A firewall is used
to protect more secure network from a less secure network. Generally, firewalls
are used to protect your internal/private LAN from the Internet.
A firewall
generally works at layer 3 and 4 of the OSI model. Layer 3 is the Network Layer
where IP works and Layer 4 is the Transport Layer, where TCP and UDP function.
Many firewalls today have advanced up the OSI layers and can even understand
Layer 7 – the Application Layer.
There are a
variety of different types of firewalls and we won’t go into that in this
article so let’s just talk about the most popular type of firewall – a stateful
packet inspection (SPI) hardware firewall. An example of a SPI hardware
firewall is a Cisco PIX firewall.
This is a dedicated appliance and it looks a lot like a Cisco router.
A SPI firewall is
stateful because it understands the different states of the TCP (transmission
control protocol) protocol. It knows what is coming and what it going and keeps
track of it all. Thus, if a packet tried to come in but it wasn’t requested,
the firewall knows that and drops it.
What we have learned about the Network Hardware’s
Difference: Integrated Devices, Router,
Network Switch & Firewall:
- Routers work at Layer 3 and route IP packets between networks.
- Routers are used to connect a LAN to a WAN (such as your small network to the Internet) but they can also be used to connect segments of a large LAN that has been subnetted into smaller segments.
- Routers route packets based on information in the IP routing table. You can see this table with the show ip route command on a Cisco router.
- Switches work at Layer 2 and switch Ethernet frames. Switches connect multiple devices on a local area network (LAN).
- Switches keep a table of Ethernet MAC addresses called a CAM Table or a Bridge forwarding table. You can see this table with the show mac-address-table command on a Cisco switch.
- Firewalls work at Layers 3 and 4 but some can also work at higher layers.
- Most firewalls can keep track of the states of TCP to prevent unwanted traffic from the Internet from entering your private LAN.
---Original tip
resources from petri.co.il
More Network Hardware Tips:
