Local Area Networks - Internetworking

Connecting Devices
 Why Interconnect?

•To separate / connect one corporate division with another.

•To connect two LANs with different protocols.

•To connect a LAN to the Internet.

•To break a LAN into segments to relieve traffic congestion.

•To provide a security wall between two different types of users.

•To connect WLAN to LAN

 Introduction

Many times it is necessary to connect a LAN to another LAN or

to a WAN.
Computers within a LAN are often connected using a hub
LAN to LAN connections are often performed with a bridge.
Segments of a LAN are usually connected using a switch.
LAN to WAN connections are usually performed with a router.
Hubs
A hub interconnects two or more workstations into a
local area network.
When a workstation transmits to a hub, the hub
immediately resends the data frame to all connecting
links.
For example, a four-port hub connects up to four
machines
Hubs
 Bridge
A bridge connects networks and forwards frames
from one network to another.

PORTS
A B E F
BRIDGE

C D G H
 Selective Forwarding
A B E F
BRIDGE

C D G H

 If A sends a frame to E - the frame must be forwarded

by the bridge.
 If A sends a frame to B - there is no reason to forward
the frame.
 Bridge Database
 The bridge needs a database that contains
information about which hosts are on which
network.
 The realistic options are:
The system administrator can create and
maintain the database.
The bridge can acquire the database on the fly.
Bridge interconnecting two identical LANs
A bridge interconnecting two dissimilar LANs
Learning the host mapping
 The bridge forwards packets for which it does not
know network destination.
 Every time the bridge forwards a packet it records the
network on which the sender is located.
 Transparent Bridges
A transparent bridge does not need programming but observes
all traffic and builds routing tables from this observation.
This observation is called backward learning.
Each bridge has two connections (ports) and there is a routing
table associated with each port.
A bridge observes each frame that arrives at a port, extracts the
source address from the frame, and places that address in the
port’s routing table.
A transparent bridge is found with CSMA/CD LANs.
 Source-routing Bridges
A source-routing bridge is found with token ring networks.
Source-routing bridges do not learn from watching tables.
When a workstation wants to send a frame, it must know the
exact path of network / bridge
If a workstation does not know the exact path, it sends out a
discovery frame.
The discovery frame makes its way to the final destination, then
as it returns, it records the path.
 Remote Bridges
A remote bridge is capable of passing a data frame from one
local area network to another when the two LANs are separated
by a long distance and there is a wide area network connecting
the two LANs.
A remote bridge takes the frame before it leaves the first LAN
and encapsulates the WAN headers and trailers.
When the packet arrives at the destination remote bridge, that
bridge removes the WAN headers and trailers leaving the
original frame.
Cycle of bridges
Bridged network can span many segments
Broadcasts are sent to all segments
Bridges vs Routers
Bridge is a network device, which works in data link layer. Through
bridge, data or information is store and sent in the form of packet.
Whereas Router is also a network device which works in network layer.
Through router, data or information is store and sent in the form of
packet.
The main difference between bridge and router is that, bridge study or
scan the device’s MAC address. On the other hand, router study or scan
the device’s IP address.
Devices and the layers at which
they operate

Layer Name of Layer Device

3 Network Routers, layer 3
switches

2 Data Link Switches,

bridges, NIC’s

1 Physical Hubs
NIC’s
(Network Interface Cards)
Repeaters
Signal attenuation or signal loss
– signal degrades over distance
Repeaters clean, amplify, and
resend signals that are weakened
by long cable length.
Built-in to hubs or switches
Hubs
Hubs regenerate network signals
Hubs propagate signals through the
network
They cannot filter network traffic
They cannot determine best path
They are KNOWN AS SIGNAL
BOOSTER
They are really multi-port repeaters
 Switches
A switch is a combination of a hub and a
bridge.
It can interconnect two or more
workstations, but like a bridge, it
observes traffic flow and learns.
When a frame arrives at a switch, the
switch examines the destination address
and forwards the frame out the one
necessary connection.
 Switches
 Major role: isolating traffic patterns
and providing multiple access. This
design is usually done by the
network manager.
 Switches are easy to install
 Switches
 Switch is fast enough to support
multiple data transfers at one time.
 Multiple workstations connected to
a switch use dedicated segments.
This is a very efficient way to
isolate heavy users from the
network.
 Switches vs routers
 Switches are considered layer-two devices. Routers, layer-three
devices, are much more complex, route packets between networks
based on their IP address.

 Routers provide the following services: route discovery; selection

of the best route to a destination; adaptation to changes in the
network; translation from one technology to another, such as
Ethernet to token ring; packet filtering based on IP address, protocol,
or port number; and connection to a WAN. Because of the additional
processing required for each packet, a router has a higher potential
than a switch.

 In addition, a router requires an initial set-up sequence, in which

the ports are programmed and certain protocols and characteristics
are enabled or disabled. A switch may be simply plugged into the
network, automatically learns how to forward frames as the network
is used. Finally, switches are used within networks to forward local
traffic intelligently. Routers are used between networks to route
packets between networks in the most efficient manner.
Workstations connected to a shared segment of a LAN
Workstations connected to a dedicated segment of a LAN
A Switch with Two Servers Allowing Simultaneous Access to
Each Server
A server with two NICs and two connections to a switch
A pair of remote bridges and switch combination
designed to isolate network traffic
Switch providing multiple access to an e-mail server
 Full Duplex Switches
 A full duplex switch allows for
simultaneous transmission and reception
of data to and from a workstation.
 This full duplex connection helps to
eliminate collisions.
 To support a full duplex connection to a
switch, two sets of wires are necessary -
one for the receive operation and one for
the transmit operation.
Routers (really specialized computers)

 The device that connects a LAN to a WAN or a

WAN to a WAN (the INTERNET! – uses IP
addresses).
 A router accepts an outgoing packet, removes
any LAN headers and trailers, and encapsulates
the necessary WAN headers and trailers.
 Because a router has to make wide area network
routing decisions, the router has to dig down into
the network layer of the packet to retrieve the
network destination address.
 Routers

 Thus, routers are often called “layer 3

devices”. They operate at the third layer,
or OSI network layer, of the packet.
 Routers often incorporate firewall
functions.
Wireless connections: Access Point as a Bridge
Figure 21-14
Single-Protocol versus
Multiprotocol Router
Figure 21-15
Brouter
GATEWAY
A very simple answer would be, a gateway is a node on your network that acts like an interface to other
networks. Typically this is the machine that the desktops and workstations connect through to access
the internet.
A better answer would be that it allows disparate networks to communicate with each other. At its heart
a gateway is a machine that can translate the protocols used on one side of the network with those used
on the other side. Before the widespread adoption of TCP/IP in the early days, gateways were the
network "masters" that talked to each other, they were known as IMP's (Interface Message Processor)
and were designed so that instead of every computer having to know all the protocols in the entire
ARPANET the IMP would act as a gateway and know those used at a particular site and it's native
protocol used to communicate with other IMP's.
Today gateway computers serve much the same purpose but instead of translating communication
protocols they often function as DNS/DHCP servers and translate addresses taking the single IP that a
site may own and then figuring out which computer to route that packet to. This is done by routers as
well, many home routers have built in DHCP servers to allow you to connect multiple computers.
Consumer routers may also perform common firewall tasks such as port forwarding, port blocking, and
packet filtering.
FIREWALL
A firewall is a software or hardware appliance that blocks, filters, or in someway restricts and to a
degree directs network traffic. Typically the firewall would be used to selectively block connections to
various ports on local machines that the admin didn't need. They are much more advanced now, "next
gen" firewalls can do application filtering, NAT, and proxy services. These though are mainly software
firewall programs such as those created by Microsoft, Barracuda, and others. The hardware firewalls,
specifically the Cisco ASA series, are very advanced intelligent appliances that can defend against and
mitigate multiple threats. These are generally enterprise grade, many small and even some medium
sized businesses won't find the expense necessary and will stick with older appliances or software
based firewall applications.