Before you start
Objectives: learn which devices are used to connect devices whitin a single subnet and what are the differences between a Hub, Bridge, Switch and a Wireless AP.
Prerequisites: you should be familiar with OSI model layers.
Key terms: address, device, mac, hub, frame, bridge, wireless, switch, port, message, access, segment, forward
Hub
The first device that we’ll look at is a Hub or sometimes called a Repeater.The easiest way to remember what a Hub does is to remember the word Repeater. A Hub simply repeats everything that comes in on one port to all other ports. So a Hub is a multi-port device with multiple RJ45 connectors to which we can connect multiple computers or other devices. When one computer sends a message to the Hub, the Hub takes that same message and repeats it out on every port. The host to which the Frame is addressed accepts the Frame. Every other host ignores the Frame. If we use Hubs, we actually use a logical bus topology. The Hub is the physical star replacement of the bus topology, but the logical topology is the bus topology, since messages from one device go to all other devices. All a Hub does is take an electrical signal coming in on one port and regenerates or repeats that same signal on other ports. Because the Hub simply sends the electrical signal from one port to other ports, we say that it is operating at the OSI model layer 1, which is the Physical layer. Hub doesn’t examine content of the Frame or the Packet.
Image 221.1 – Mini Ethernet Hub
Bridge
Another device we need to look at is a Bridge. To understand a Bridge let’s assume that we have two Hubs with multiple workstations attached. We’ll connect those two Hubs through the uplink ports. If a device on one side sends a message, the first Hub will simply repeat that message out all ports, including the port that connects the two Hubs together. Second Hub receives that message and again regenerates that signal out all the ports. In a large network we may have several Hubs connected together, and any message sent from one device at one Hub would be propagated throughout all of the other Hubs to all of the other devices. A Bridge is a device that connects two (or more) media segments on the same subnet, and filters traffic between both segments based on the MAC address in the Frame. If we connect those two Hubs together with a bridge, it will make, what we call,forwarding decisions.
Image 221.2 – Bridge Connecting Hubs
A message from PC 1 on Hub 1 destined for the PC 2 (on the same Hub), would be regenerated out of all ports on Hub 1. When then the Bridge receives this message it will drop the Frame since the final destination is located on the first Hub. That way the Frame will not be sent to the second Hub on the other side. If, on the other hand, a message from the PC 1 on the first Hub is destined for PC 3 (which is connected to the second Hub), the Bridge would know that the location of the destination device is on the second hub and it would allow that Frame to keep on going through the Bridge, and to the second Hub. Again, the second Hub would continue to generate that Frame out to all devices connected on that Hub. Bridges are used to separate one part of the subnet from another. This keeps the network from wasting bandwidth by eliminating unnecessary traffic between segments. All segments connected to a Bridge are on the same subnet, and share a common subnet address.
The way that the Bridge makes these decisions is it builds what is called a Forwarding Database. The Forwarding Database is a record of all of the MAC addresses on the network and ports which are used to reach all devices. In our example, we have two network segments connected with a Bridge. The Bridge has exactly two ports which connect it to the two segments. When a Bridge first starts up its Forwarding Database is empty. Let’s say that PC 1 wants to send a message to PC 2, which is on the same segment. It sends out a Frame which is regenerated and sent to all devices on that same segment. The Bridge receives the signal and processes it as a layer 2 Frame. The Frame has the MAC address of the destination device, the MAC address of the source device, along with data that has come from the upper OSI model layers. When this Frame arrives at the Bridge, instead of automatically forwarding the signal out the other port, first it looks at the source MAC address of the incoming Frame. In this case it will look at that address and realize that it doesn’t have this MAC address in its Forwarding Database, so it creates a table. In the table it makes an entry for a MAC address of PC 1 and it labels it with the port trough which the device is accessible. The next thing the Bridge does is it looks at the destination MAC address in the Frame. In this case, it will check its table, find out that the destination address is not within its table, and because of that take that frame and it forward it out the other port. Now, let’s say that PC 2 has to send a message to PC 1. It creates the Frame, which is broadcasted through all ports. That incoming Frame hits the bridge, the Bridge looks at the source MAC address and realizes that it’s from PC 2. It checks its table, it does not have an entry for PC 2, and so it creates that entry for the device, along with the associated port that’s used to reach that device. In this case, it then checks the destination MAC address, and because that MAC address is already a known device (PC 1) and because it knows the port that’s used to reach that device, it does not forward this frame onto the other segment siince the two devices are on the same segment. Eventually it will learn all of the devices on all segments. If the destination device is a known device then it will decide to either drop the Frame or to forward it. So with a Bridge we can isolate traffic from one side to another. What this does is eliminates unnecessary traffic between one segment and another. Because bridges examine the MAC address in the frame they’re classified as layer 2 devices. They don’t alter the MAC address but they make decisions based on that MAC address contained in the OSI model layer 2.
Another definition of a Bridge is a device that connects two segments that use a different transmission medium, or a different architecture. Common example is that we have an Ethernet wired LAN network, and a wireless network. We want to connect the two networks together. We can actually do that with a Bridge where both segments have the same subnet address. The job of the Bridge is to translate wireless transmission into the transmission that is used on the wired segment. Let’s look at the picture.
Image 221.3 Wireless Bridge
In our case, wired Ethernet is using 802.3 specification, whereas wireless is using 802.11. We actually have two different architectures that are interacting. The Bridge is able to take the Frames from one architecture and translate those to Frames that are used on the other architecture. All devices connected to the wireless segment, as well as the wired segment, share the same subnet address. That means we’re only translating between the transmission medium. In cases like this, wireless device and the Bridge are typically contained in one device. In the early days of networking Bridges were simple two port devices that connected two network segments. Obviously, if we can have two ports in a device why not three, four or five? As Bridge technology developed those devices became known as Switches.
Switch
Simply said, a Switch is a multi-port Bridge. Instead of having a single device that connects only two segments with each other, with a Switch each port is its own segment. So, the four-port Switch has four segments, 8-port has 8 segments and so on. The Switch, like the Bridge, creates a Forwarding Database based upon the MAC address of both the source and the destination devices. If one device has a message to send to another device, and if the Forwarding Database is empty, the Switch will forward that Frame to all devices while learning the MAC address of the source device. As it learns the MAC address of other devices, it gets to the point where it knows the MAC addresses of all connected devices, so that when a message is sent from one device it is switched directly to the other device directly, without being sent to all other devices which are connected to the Switch.
Image 221.4 – Devices Connected to the Switch
In the example above on every port we have a single device connected. We could also have a port that connects to a Hub, and multiple devices connected to that Hub. In that case, when a Frame comes into the Switch that’s destined for any of the devices on the Hub, that Frame is sent to the Hub, and the Hub then regenerates the Frame to all devices on that segment.
Image 221.5 – Switch and Hub
The optimal way of using a Switch is to only have a single device per port. This allows the devices to establish a virtual circuit that is used only between two devices. The circuit between PC 1 and the hub is actually shared by multiple devices, and that sharing actually slows down communication. So in an optimal situation we want to have one device per Switch port. We can also connect multiple Switches together. In addition, Switches offer many more advanced capabilities that Bridges do not. While most Bridges can only process a single Frame at a time, Switches can process multiple frames simultaneously and offer guaranteed bandwidth to each Switch port. Switches can make additional forwarding decisions based on the MAC address. For example, a Switch can be configured to only accept Frames from specific MAC addresses. Today it is difficult to find a device that is only a Bridge and not a Switch. Most Bridges today are the type of bridges that translate between network architectures or the media type. The final device we need to talk about is a Wireless Access Point.
Wireless Access Point
A Wireless Access Point, sometimes called a WAP or a Wireless AP is using radio waves instead of wires for communications. A device that has a message to send to the other device, sends the Frame to the Wireless Access Point. The Wireless AP then sends that same Frame out to the other destination device.
Image 221.6 – Wireless AP
A Wireless Access Point can act like a Hub or a Switch, depending on how you look at it. Sometimes Wireless Access Points are classified as Hubs because when the signal is being sent, the AP can’t actually control which devices will receive that message. So even though the message was sent between two devices, a third device in the area of the Wireless Access Point will still see those signals. In that way it’s much like a Hub since the messages sent to the AP are sent to all other devices within range of the Wireless Access Point. However, an AP is capable of examining the MAC address. So when the MAC address comes in it can make decisions based on both the source and the destination MAC address. On an AP we might, for instance, have MAC address filtering enabled where a device trying to send is not allowed because its source address is a device that has not been allowed on the network. Another reason why the MAC address might be important is because APs are often implemented as Bridges which have wired ports that connect to a wired Ethernet network.
Image 221.7 – Wireless AP as a Bridge
In this case, the message from the wireless client is sent to the Wireless AP. The Wireless Access Point examines the MAC address contained in the Frame to determine whether the destination is another wireless device or a device on the wired network. If it is a device on the wired network then it sends the frame through on the wired network and does not send the message out to the wireless network. For this reason, Wireless Access Points are typically classified as layer 2 devices, again, because they use the MAC address. Many WAPs are combination devices that include a wired Hub or Switch or even a Router.
Broadcast MAC Address
Remember, layer 1 devices do not examine any information within the Frame, they simply regenerate the signals. When talking about Bridges, Switches and Wireless Access Points there’s one more important thing we need to be aware of, and that’s the situation where these devices act much like a Hub. Let’s say that we have a Switch that’s connected to four other devices, but this applies both to the Bridge and a Wireless Access Point too. Normal communications through the Switch is what we call a Unicast. Unicast Frames have the destination MAC address followed by the source MAC address. Those addresses uniquely identify devices connected to the Switch. When a Switch receives a Unicast Frame that uniquely identifies a destination MAC address, and if that information is in its Forwarding Table, it simply forwards that information to the correct port. But, we also have a special address which is called a Broadcast MAC Address. A Broadcast Address, rather than being addressed to a specific device, simply means ‘all devices’. In that case, the destination MAC address, instead of using the MAC address of a specific device, is replaced with the special Broadcast Address of all Fs (FF:FF:FF:FF:FF:FF) in the MAC address. When a Switch receives a Frame with the broadcast address, it acts just like a Hub; it takes that Frame and sends it out on every port on the Switch.
Remember
The devices that interconnect devices within the same subnet are Hubs, Bridges, Switches and Wireless Access Points. Hubs are layer 1 devices and they simply repeat the Frame out all ports without examining the MAC address. Bridges build a filtering database based on the MAC address, and are therefore layer 2 devices. Bridges make decisions of whether to forward a Frame or not, based on the MAC address. Switches are multi-port Bridges that also have a MAC address database and operate at layer 2. Wireless Access Points are typically classified as layer 2 devices, since they examine the MAC address to make forwarding decisions, and also to make decisions about sending signals from one segment to another, as a Bridge from a wireless network to the wired network. Broadcast Address is all Fs (FF:FF:FF:FF:FF:FF).