The following table lists several common connection devices used within a LAN.
| Hub |
A hub is the central connecting point of a physical star, logical bus topology. Hubs manage communication among hosts using the following method:
- A host sends a frame to another host through the hub.
- The hub duplicates the frame and sends it to every host connected to the hub.
- The host to which the frame is addressed accepts the frame. Every other host ignores the frame.
Hubs are Layer 1 devices; they simply repeat incoming frames without examining the MAC address in the frame. |
| Bridge |
A bridgeis a device that connects two (or more) media segments on the same subnet, and filters traffic between both segments based on the MAC address in the frame. A bridge builds a database based on MAC addresses to make forwarding decisions.
- The process begins by examining the source MAC address of an incoming frame. If the source address is not in the forwarding database, an entry for the address is made in the database associating the MAC address with the media segment.
- The destination address is then examined.
- If the destination address is not in the database, the frame is sent out on all segments except for the one on which it was received.
- If the destination address is in the database, the frame is forwarded to the appropriate segment if the segment is different than the one on which it was received.
- Broadcast frames are forwarded to all segments except the one on which they were received.
You should be aware of the following regarding bridges:
- Bridges are used to separate one part of the subnet from another. This keeps the network from wasting bandwidth by eliminating unnecessary traffic between segments.
- All segments connected to a bridge are on the same subnet, and share a common subnet address.
- Bridges can also connect two segments that use a different network architecture. For example, a bridge can connect a segment using Ethernet with a segment using 802.11 wireless.
- Bridges operate at the OSI Layer 2; they read the MAC address contained in a frame to make forwarding decisions.
- Frame forwarding happens independently of the upper-layer protocols (such as TCP/IP).
|
| Switch |
A switchis a multiport bridge that performs filtering based on MAC addresses in addition to providing additional features not found in a bridge.
- While most bridges can only process a single frame at a time, switches can process multiple frames simultaneously.
- Switches offer guaranteed bandwidth to each switch port.
- Switches can make additional forwarding decisions based on the MAC address. For example, a switch can be configured to only accept frames from specific MAC addresses.
- Like bridges, switches operate at Layer 2.
|
| Wireless Access Point (AP) |
A wireless access point (AP) is a hub for a wireless network, with hosts using radio waves instead of wires for communications.
- A wireless access point is like a hub in that any message sent to any wireless host connected to the access point can be received by all other wireless hosts.
- A wireless access point is a Layer 2 device; it can read the Data Link layer address in a frame.
- A wireless access point is often configured as a bridge, connecting a wireless segment to a wired segment. Both wireless and wired hosts are on the same subnet.
- Many wireless access points are combination devices that include a wired hub or switch or even a router.
|
The following table lists characteristics of common network devices:
| Hub |
A hub is the central connecting point of a physical star, logical bus topology. Hubs simply repeat incoming frames without examining the MAC address in the frame and send it to every host connected to the hub.
- Because frames are repeated out all hub ports, sniffers can be used to collect sensitive information by capturing traffic that flows through the hubs.
- All devices connected to a hub share the available bandwidth.
- Collisions are a natural consequence of the shared medium. As the number of devices connected to the hub increases, so does the number of collisions. As the number of devices increases, the performance also drops.
- For security and performance, replace hubs with switches whenever possible.
|
| Switch |
A switchis a multiport device that performs filtering based on MAC addresses. Switches:
- Are more secure than hubs because switches only send communication to the destination device, not to all the devices on the switch like a hub.
- Pass broadcasts to all ports. This is a disadvantage from a security perspective because it allows sniffers to capture data in broadcasts.
- Offer guaranteed bandwidth to each switch port, eliminating collisions when a single device is connected to a switch port and improving data availability.
- Can make additional forwarding decisions based on the MAC address. For example, a switch can be configured to prevent unauthorized devices from sending frames through a port.
|
| Router |
A routeris a layer 3 device that routes and forwards information between different IP subnets. Routers receive packets, read their headers to find IP addressing information, and send them on to their correct destination on the network or Internet.
- Routers can be used to connect dissimilar networks.
- Routers forward packets through an internetwork by maintaining routing information in a database called a routing table.
- Static routingrequires that entries in the routing table be configured manually. When changes occur to the network, static entries must be added or removed.
- A dynamic routing protocol allows routers to automatically share their routing table entries. Dynamic routing protocols include RIP, OSPF, BGP, IGRP, EIGRP, and IS-IS.
- A router can have an access control list(ACL) that allows or blocks packets based on information contained in the packet (such as IP address or port).
- Routers do not pass broadcasts.
|
延伸閱讀:
OSI模型
Router, AP, Switch 到底有什麼不同勒 ???
留言列表
