Networks: Access Management

Class Notes # 6 Internetworking September 29, 2003

It is impossible to connect all networks into one big single network. Each network has
there own features and protocols. However, there is a need to interconnect various
networks so that any station on any network can communicate.
Although a variety of ways have been taken to provide internetworking services, the
overall requirement can be stated in general. These include:
1. Provide a link between networks. At minimum, a physical and link control
connection is needed.
2. Provide for the routing and delivery of data between processes on different
networks.
3. Provide an accounting service that keeps track of the use to the various networks
and gateways and maintains status information.
4. The internetworking facilities must accommodate a number of differences among
networks. These include:
Different addressing schemes
Different maximum packet size
Different timeouts
Error recovery
Status reporting
Routing techniques
User access control
Connection, connectionless service.

Single segment networks provide good service. However, as the network grows, two
main factors force the network structure to change:
Too many devices competing for the same physical transmission medium.
Network performance start to degrade and become sluggish. For example, too
many users on the schools network.
A new facility is added; the new facilitys network (i.e. LAN) must be somehow
connected to the previous networks (i.e. LAN).

To solve these problems, network designers break a single broadcast network into
separate segments. Internetworking devices connect the individual network segments.
These internetworking devices are: repeaters, hubs, switches, bridges, routers, and
gateways. Each internetworking device operates at a particular layer of the OSI model.

Repeaters
Repeaters are physical layer devices. These devices act as a piece of wire and do not
evaluate the incoming data. Also, they regenerate the incoming signal and retransmit the
signal. Basically, repeaters are used to boost the signal and extend the physical length of
the network segment.
1
Repeaters are typically very fast and cause very little delay in the signal. Repeaters can
also connect different types of physical media. For example, repeaters can connect one
network that uses twisted pair wires to another that uses coaxial cable. Repeaters cannot
be used to connect two different LAN protocols, such as Ethernet bus and token ring.

Hubs
A hub, also known as wiring concentrator, function as a shared bus or multi-port repeater.
Hubs are also physical layer devices. Any computer that is connected to a particular hub
will receive all frames transmitted by any of the computers that are connected to that hub.

The token ring uses a special type of hub (known as the multi-station access unit or
MAU). Each MAU connects to adjacent MAUs through their designated ports. You can
also extend the distance between MAUs using a lobe repeater (token ring repeater).

As the network grows, more hubs can be added to the network to increase the number of
stations attached to the network. See figure one below. However, there is still the same
limitation in where only one station can talk at a time. Therefore, the increase traffic will
reduce the performance of the expanded network. To correct this problem, other types of
internetworking devices can be used.


Hub 1
Station1 Station 2 Station 3
Hub 2
Station 4 Station 5 Station 6

Figure 1: A network consisting of two hubs.

Bridge
Bridges operate at the data link layer of the OSI model. The bridge is used to increase
the performance of the network by isolating traffic within network segments. Bridges are
losing their popularity due to switching. Bridges are composed of hardware and
software.
A bridge listens to all traffic and examines the NIC addresses of each incoming frame.
The bridge routes the frames based on its internal table. The internal table contains port
numbers and the MAC address of the station connect to that port. A bridge provides
three important functions:
1. Forwarding If the frames destination address is on a different segment than its
source address, then the bridge sends the frame only to the port connected to that
segment.
2
2. Filtering If the frames destination address is on the same segment as its source
address, then the bridge does not forward the frame to any ports. All stations on
the originating segment have already received the frame.
3. Learning the bridge automatically builds and maintains its own bridge table, by
listening to incoming frames and noting their source address. If a frame is
addressed to a destination station not yet recorded in the bridge table, then the
bridge broadcasts the frame to all ports.

The bridge table is used to determine where the bridge is to forward the frame. Table one
is an example of a typical bridge table. For example, when an incoming frame arrives
with a destination address of F81.667.AB1.DDF, that frame is sent out on port 3of the
bridge.

Table one: Typically Bridge table
Frame address Port number
2F3.48E.223.3FF 1
445.EEF.231.667 2
981.667.AB1.DDF 3
FFA.BC2.C22.D88 4

The bridge looks at the frame header and has no regard for the contents of the frame. A
bridge can link LANs that use different upper layer protocols. The bridge is completely
transparent to the upper layers (i.e. 3 through 7) of the OSI model, see figure two.

Transport Layer
Network Layer
Data Link Layer
Physical Layer
Application Layer
Presentation Layer
Data Link Layer
Source
Data Link Layer
Physical Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
Application Layer
Presentation Layer
Data Link Layer
Destination
Bridge

Figure 2: Bridge and OSI model

Switches
Switches, also operates at the data link layer, is used to increase performance in LANs.
The switch consists of high-speed ports connecting either LAN segments or individual
stations on a port-by-port basis. Also, like a bridge, a switch isolates traffic to their
segment. The switch evaluates the destination MAC address in each frame, and switches
individual frames to the correct port.

When a switch is first powered on, it broadcasts individual frames. Over time, the switch
builds a table that associates frame address with port numbers by watching incoming
frames for new source addresses and adding those addresses to the switch memory table.

3
The switch performs most of its functions in hardware instead of software and therefore,
the performance is greater than the bridge. Also, the switch dedicates the entire LAN
media bandwidth to each port-to-port frame transmission. Where as, a bridge shares the
LAN bandwidth among all of its ports. Therefore, the switch effectively multiplies the
amount of network bandwidth.

Station1
Station 2
Station 3 Station 4
Station 5 Station 6
Switch
Segment 1
Segment 2
Segment 3
Station7
Segment 4

Figure 3: Switching network
When a frame is sent from station 1 to station 5, the switch connects segment 1 to
segment 4. Simultaneously, station 7 can send data to station 3; the switch will connect
segment 2 and segment 3. Effectively, this doubles the bandwidth.

When a switch receives a frame destined for station with a destination address that is not
in the switchs memory, then the switch will send the broadcast the frame on all ports.

Routers
A router operates at the network layer of the OSI model. The router forwards the packets
based on each of the packets network address. Routers are protocol dependent because
they can interconnect networks that have the same network communication architecture
and possible different lower level architectures.

Routers are typically more complex and software intensive than repeaters, bridges, and
switches. Routers segment a network into separate logical sub-networks, and provide
security, control, and redundancy between individual sub-networks. Each port on a
router connects to a different network or subnet.

Routers provide physical and logical separation of networks. The router evaluates the
destination address of the packet, which indicates where the destination node is on the
network. A network layer address (packet address) identifies both the destination
network and the destination station. If the packet address indicates the destination station
is in the same network as the source station, the router will isolate traffic within that
network or subnet. If the packet address indicates the destination station is not in the
4
same network, the router will send the packet out the physical port that is connected to
that network.

Transport Layer
Network Layer
Data Link Layer
Physical Layer
Application Layer
Presentation Layer
Data Link Layer
Source
Data Link Layer
Physical Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
Application Layer
Presentation Layer
Data Link Layer
Destination
Network Layer
Router

Figure 4: Router and OSI model
A router table is stored in the routers memory to associate each network address with a
physical port number on the router. Routers use specialized routing protocols to maintain
and exchange the inter-network path information stored in their internal routing tables
with other routers. These tables can allow routers to choose routing paths based on
distance, speed, quality of service, or other factors.

As an IP packet traverses a network, it stays intact. However, routers remove and add
frame headers and trailers as the data moves form one type of data link layer protocol to
another. For example, consider the network shown in figure five. If station 1 sends data
to station 8, the station 1 IP process recognizes that the data is addressed to a distant
network and must be forwarded by a router. Therefore, station 1 encapsulates the IP
packet (addressed to station 8) within an Ethernet frame addressed to its default router
(router A). Station 1 then transmits the frame; over the Ethernet network A, to router A.

Router A processes the frame because it is addressed to it. When it inspects the packet
header, it sees that the packet is addressed to network B. Therefore, Router A
encapsulates the packet in a FDDI frame addressed to router B, and then transmits that
frame over the FDDI ring.
Router B processes the frame because it is addressed to it. When it inspects the packet
header, it sees that the packet is addressed to station 8. Therefore, router B encapsulates
the packet in an Ethernet frame addressed to station 8, and then transmits the frame over
the Ethernet network B
5
Backbone
FDDI Ring
Station 1
Router A Router B
Station 3
Station 2
Station 9 Station 10
Station 8
Station 11
Network A
Network B

Figure 5: Routers and data links
Routers offer several advantages over bridges and switches:
Like a switch, a router provides users with seamless communication between
individual LAN segments. Unlike a switch, a router forms the logical boundary
between entire networks or groups or network segments.
Routers provide efficient WAN access, because they do not forward broadcast
traffic as bridges and switches.
A router can provide a firewall service, because it forwards only traffic
specifically addressed to go across the router. Routers keep potentially disastrous
events, such as broadcast storms, local to the area in which they occur, preventing
them from spreading across the corporate network.
The enhanced intelligence of a router allows it to support redundant network
paths, and select the best forwarding path based on several factors in addition to
the destination network address. This increased intelligence can also result in
enhanced data security, improved bandwidth utilization, and more control over
network operations.
Routers can flexibly integrate different data link layer technologies, such as
Ethernet, Fast Ethernet, Token Ring, and FDDI. They can also consolidate legacy
IBM mainframe networks with PC based networks.

However, routers also have several disadvantages:
The additional software processing performed by a router can increase packet
latency, reducing the routers performance when compared to simpler switch
architecture.
To be routable, an architecture must have a network layer. Not all architectures
do, and those protocols must be bridged. Un-routable protocol include the IBMs
SNA and NetBIOS/NetBEUI.

Gateways
Gateways provide connectivity between networks that use different architectures. There
are many types of possible gateways as there are combination of communication
architectures and application level protocols. One type of gateway, called a protocol
converter, changes a protocol from one communication architecture to another.

6
The term gateway is also used to describe a router, typically an Internet router that serves
as a remote gateway between a private network and the public network. These router
gateways provide access to remote networks; however, they do not convert stacks of
protocols as mentioned above.

7