Bambang F. Indarto

The Journey… The Shares

Posts Tagged ‘firewalls’

Bridges, Switches, Routers, and Firewalls

Posted by bfindarto on February 22, 2008

Bridges

Well.. the term bridging was introduced before routers and hubs were implemented, so it’s pretty common to hear people referring to bridges as switches . That’s because bridges and switches basically do the same thing—they break up collision domains on a LAN. So what this means is that a switch is basically just a multiple port bridge with more brainpower, right? Well, pretty much, but there are differences. Switches do provide this function, but they do so with greatly enhanced management ability and features. Plus, most of the time, bridges only have two or four ports. Yes, you can get your hands on a bridge with up to 16 ports, but that’s nothing compared to the hundreds available on some switches!

Switches

Conversely, LAN switches aren’t used to create internetworks—they’re employed to add functionality to a LAN. The main purpose of a switch is to make a LAN work better—to optimize its performance—by providing more bandwidth for the LAN’s users. And switches don’t forward packets to other networks like routers do; instead, they only forward frames from one port to another within the switched network. Switches cannot forward frames between networks; they can only carry frames to routers to be forwarded to other networks by the router. By default, switches break up collision domains. Collision domain is an Ethernet term used to describe the following network scenario. One particular device sends a packet on a network segment, forcing every other device on that segment to pay attention to it. At the same time, a different device tries to transmit, which leads to a collision, after which both devices must retransmit, one at a time. Not good—very inefficient! You’ll typically find this situation in a hub environment where each host segment connects to a hub that represents only one collision domain and only one broadcast domain. By contrast, each and every port on a switch represents its own collision domain.

Router

A router is a hardware device and has the function of routing packets between networks. A router works at Layer 3 of the OSI model – the Network Layer. This is the layer that the IP protocol works at. Most routers today are IP routers that examine the source and destination IP addresses of each packet, look up the destination of the packet in the router’s IP routing table, and route that packet on its way. In the event that the destination is not listed in the routing table, the router will either send the packet to a default router (if it has one) or drop the packet. Routers are usually used to connect a local area network to a wide-area network (a LAN to a WAN) but can also be used to segment large local area networks (LAN’s).

Routers prevent broadcasts. Another way of saying this is that routers form a broadcast domain. So, if your network is being deluged by IP broadcasts, you need to subnet your network into two or more smaller networks. Those networks would be connected by a router and that router wouldn’t allow broadcast traffic to flow between subnets.

Routers use routing dynamic protocols like OSPF, RIP, or BGP to learn routes from other routers. Router can also use static routes that are entered by the administrator.

Routers replace the Ethernet MAC address of the source device with their own MAC address when they send a packet out an interface. When the response to that packet comes back, the new source of the packet is sending the response to the destination of the router. The router receives this, replaces the source address, changes the destination address to the original address, and sends the packet back to the original sender.

Firewall

A firewall is used to protect more secure network from a less secure network. Generally, firewalls are used to protect your internal/private LAN from the Internet. A firewall generally works at layer 3 and 4 of the OSI model. Layer 3 is the Network Layer where IP works and Layer 4 is the Transport Layer, where TCP and UDP function. Many firewalls today have advanced up the OSI layers and can even understand Layer 7 – the Application Layer. There are a variety of different types of firewalls and we won’t go into that in this article so let’s just talk about the most popular type of firewall – a stateful packet inspection (SPI) hardware firewall. An example of a SPI hardware firewall is a Cisco PIX firewall. This is a dedicated appliance and it looks a lot like a Cisco router.

A SPI firewall is stateful because it understands the different states of the TCP (transmission control protocol) protocol. It knows what is coming and what it going and keeps track of it all. Thus, if a packet tried to come in but it wasn’t requested, the firewall knows that and drops it.

Advertisements

Posted in Cisco Networking | Tagged: , , , | 1 Comment »