Introduction
iPhone 12? Huawei P40? One Plus 8? as your next phone? This is some tough choice because there are so many options out there. What if I tell you that, we need to made the same tough choices when it comes to choosing the right kind of networking devices? Like Cisco or Huawei routers? Do I go for two layer-3 switches or 1 layer-7 core switch? Which product series of Cisco load balancer to go with these setup?
Well, luckily for us; we will only discuss about choosing between hub, switch and router; and since these network devices served different use cases; the selection is somewhat made simpler.
Who is that network device?
The challenge of the day is to find out what’s the right type of network device in the place of ‘?’ in the network shown below to allows 3 PCs to communicate. To do so, first we need to understand how they are different technologically.
HUB
How Hubs Works?
Hub is a layer-1 device (physical) in the OSI model. Comparatively, hub is the cheapest among these 3 devices. In terms of ports, a hub can have up to 4/6/8/24/48/128 physical ports. The number of ports available is normally more than a router; and similar to a switch (of same specs). This means we can connects more devices to a hub comparatively to build a large network. So, is this a good thing?
The short answer is — NO!
Not that large networks are bad, it is simply because the implementation of packet transmission in a hub is not scalable. Why? — (1) hub is a layer-1 devices; which means it does not understand anything in layer2 → layer5. This means that hub is a broadcast devices. When a packet is received on a port on the hub; the hub simply send the packet out to all the other connected ports. This way of packet transmission eventually results in network congestions.
This video shows how the packet flow when PC1 sends a packet to PC2.
In our example; PC1's packet arrived at the hub; then it is forwarded out to PC2 and also PC3. So one packet is actually duplicated into two. Here, only PC2 process the packet; while PC3 will discard it.
Now imagine a network with 10 PCs. When PC1 sends to PC2; the same packet will be broadcasted to PC2-PC10 (except PC1 itself). So, the same packet is actually duplicated 10x times. If this sound bad enough; think about all the other hosts that are also sending packets at the same time. And that’s not it. Think about all the packets going to the irrelevant hosts; is this safe? For example, when PC1 sends to PC2; PC3 also received the same packet (which is not meant for PC3). Now, if PC3 want to do something fishy like looking at the payload data in the packet; it simply needs to unpack the packet header and decrypt the payload data. So, a network built on hub not only suffers for bad network performance due to inevitable congestions; it also poses some security and privacy issues since everyone on the LAN will received all the packets.
Half Duplex and Full Duplex
Consider two hosts; A and B who are connected with an Ethernet cable. When host A talks to host B; B can also talk to A at the same time in opposite direction. That’s because the Ethernet cable (CAT-5/6/7) supports full duplex communication channel. Meanwhile, half-duplex channel like means only one direction of data flow is supported; like when A is talking to B; B can only listen but B is not able to talk back to A at the same time (else, collision will happen). B has to wait for its turn, when A finish talking to B, before B can talks back to A. The figure below explains the differences between half and full duplex transmission.
Use case for HUB
So, is the cheap price tag the only reason for hub to stay relevant? Is hub still used these days? — Actually, yes; hub can still be useful (if you can find one on the market) as a ‘repeater’ to amplify network signals. Remember that hub simply broadcast any packets it received to all other ports. This means that if we build networks with many hubs in between; the signal of packet transmission from one network to another will be amplified everytime it goes through hub. This is useful for long distance networks that suffers for signal loss and propogation loss during data transmission.
For example, look at the network below. We have two networks at each end, LAN1 (in the cloud) and LAN2 (PC0’s network). There are too far apart. In the first case, only one network device connects these LANs. Say someone in LAN1 sends data to LAN2. Somewhere in the middle the signal attenuated; so by the time the received in LAN2 get the packet; the data is corrupted. The simple fix here is to add multiple hubs between these LANs. preferably 1 hub for every 100 meters; so that the signal is consistently amplified again to the original strength by the hub; when crossing each hop. In this case, we need 3 hubs to act as repeater to cover for 400 meters of distance between two networks.
Broadcast Domain & Collision Domain
In computer networks, a broadcast domain refers to a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer. Meanwhile, a collision domain is a network segment connected by a shared medium or through repeaters where simultaneous data transmissions collide with one another.
When we connects devices to a hub, the entire network is consider a broadcast domain and also a collision domain. Consider 3 hosts in a as shown in our example network. The collision domain boundary is drawn in blue while the broadcast domain is drawn in red.
When either hosts starts talking on the channel, the packet transmission will occupy the transmission media. If at this time, the second host starts talking; this means there are two hosts that are using the transmission channel at the same time. Assume that each host only sends ONE packet; this means that there are TWO packets that is currently traversing along the cable. Since they are in the same broadcast domain, this means that there is a chance that these two packets will encounter each other and collide. Collision is not a good thing, this means that two packet is trying to content for the same transmission channel; this results to one or both the packet being dropped or corrupted.
When we build networks with hub, the entire network is considered a broadcast domain. This means that as we add more host to the hub networks, we are increasing the size of the collision domain; which translate to more chances of collision happening in the network; and more retransmission would be needed to compensate for the packet loss due to these collisions.
So how we draw the boundary of a collision domain for a hub? — It is as simple as finding and drawing a circle across all the devices that are connected to the hub.
Switch
Switch can be a layer-2, layer-3 or layer 5 devices (TCP/IP model). Layer-2 switch is the forwarding switch; it only forwards frames to the right destination based on MAC address. Layer-3 or Layer-5 switches are more intelligent, this means that they understand network protocol and also application layer protocols. This of course, made them comparably more expensive than a layer-2 switch and much more expensive than a hub (sometimes also more expensive than a router). Like a hub, switch also has many physical ports. A switch is sometimes called as the n-port switch, for example; a switch with 24 ports is called a 24-ports switch. This made switch the ideal network device to build large networks. Physically, switch can look alike to a hub. The figure below show different kind of switches.
How is switch different from a hub?
(1) Switch is layer-2 or higher, hub is a layer-1 device.
(2) Switch has dedicated path to interconnects each ports in the unit; hub has a shared path to all the ports; ; this made a switch network to perform better than a hub network because switch reduced the size of collision domain.
(3) Switch is more intelligent, it forwards the frames instead of broadcast based on MAC address table; meaning only the intended host received the packets; whereas a hub do not have any table in it and simply broadcast packets out to all ports.
This figure elaborates on point (2). On the top network, 16 devices are connected together on a shared medium (hub). On the bottom network, devices are connected in pod of 4; meaning that only 4 devices that are sharing the medium. Intuitively, congestion is more likely to happen in the hub network since there are more chances of devices talking together compared to the switched network.
How is switch different from router?
(1) Switch is layer2 or layer3–5; meanwhile, router is strictly layer 3.
(2) Switch forwards frames based on MAC address (MAC table); meanwhile, router forwards IP packets based on IP address (routing table)
(3) You can create real physical LAN with router; but you only create virtual LAN (VLAN) with managed switch
(4) Switch generally has more ports than a router; and is also comparatively cheaper with the specs being equal
(5) Switch can be used to forwards packets across different VLANs through VLAN spanning; but switch does not forward the packet over the Internet. Only a router who understand routing protocols; can talks to the other routers on the backbone network (the Internet). This means every network still needs a router to connect to the core network.
(6) Switches are more commonly used to inter-connect devices in campus and enterprise network for intra-net communication. Meanwhile, routers are used to connect multiple LANs that are geographically distanced.
How Switches work?
Switch forwards frames based on the destination MAC address found in the Ethernet header. Remember that switch forwards to a single destination; so switch forwarding is a unicast operation. In some cases, switch also broadcast when it does not know where the destination is or if the destination MAC is set to ff:ff:ff:ff:ff:ff. Let’s take a look at how the packet flow when PC1 sends a packet to PC2 in our example network.
When we replaced the hub with a switch; the size of the collision domain in the network is reduced. Notice that the packets only goes from PC1, to the switch, and from the switch, to PC2. The frame nows is only being forwarded to the rightful destination based on MAC address. The frame is no longer forwarded to PC0 as in the case of hub. How does this happen? How can a switch know to which physical port it needs to forward the frame out to? — Switch refers to the MAC address table.
MAC Address Table
MAC address table contains entries of MAC-port mapping. When we connect a host to a numbered physical port; the switch will bind the MAC address of this PC to the port number it is currently connected to; and store it in the MAC table. In fact, switch use the ARP operation to query for connnected host’s MAC addresses. We will talk about ARP in another story.
We will use the same example network; but this time we place the switch in the place of the hub.
The figure below shows an example of a MAC address table on a switch. We can show the MAC table by typing the ‘show mac-address-table’ command in the CLI.
In our example, we have 3 PCs that are connected to port #fa0/1, port #fa0/2, and port #fa0/3 in the switch. Intuitively, the MAC tables for each of these ports should be mapped to the MAC addresses of these PCs respectively. Let’s see if this is true. We can type ipconfig /all on PC1 to check its MAC address. From the results, we know that PC1’s MAC is 0001.C92D.9DB6.
Checking back on the MAC table on the switch, the port #fa0/1 that PC1 is connected to; is now mapped to 0001.C92D.9DB6; which is the MAC address of PC1.
Flooding in Switches
How about the MAC addresses that are not recorded in the MAC table? For example, lets assume we added PC4, PC5 and a Server to the network. Right now, the MAC tables only contains PC1, PC2 and PC3’s and the Server’s MAC. See figure below.
For anyone to talk to PC4, the switch needs to ‘query’ PC4 to ask for its MAC address. This is done through the flooding process. A switch will floods the network with ARP request to find out what’s the MAC address of a specific host to fill up its MAC table. Here, the switch will send ARP requests to both PC4 and PC5 (ARP request is not sent to the host that is already in the MAC table). Both PC4 and PC5 will reply back to the switch with their MAC addresses so that switch can register them into its MAC table.
Frames Forwarding
Now, let’s say PC1 sends a packet to PC2. The packet will look something like this; where the source MAC is PC1’s hardware address and destination MAC is PC2’s hardware address. When the frame arrived at the switch; it check the destination MAC and knows that this is for PC2’s MAC; then it find which port PC2 is connected to and forwards the frame out to that port based on the MAC table entries.
Note that MAC address table also appears in other devices like PC and routers; sometimes with different names (called ARP table on the end devices). That’s because end devices also need to know the MAC address of the destination host that they are trying to talk to. We will talk more about source and destination MAC in another story.
Each port/link connectng to the switch is a collision domain. This is reduced to only 1 host per collision domain. Less chance of medium contention. Network performance is improved since there is less congestion; which also means less retransmission is needed.
Broadcast Domain (BD) and Collision Domain (CD)
Remember that switch is layer 2 and above; and switch forwards frame instead of broadcasting them. This forwarding action reduce the size of collision domain. In a hub network, the entire network (including all the devices connected to the hub) is considered ONE collision domain. Meanwhile, in a switch network; every link from the device to the switch port is considered ONE collision domain. This means that if a 4-ports switch is fully connected with devices; there is a total of 4 collisions domain in the network. Here’s a simple example to visualise ‘CD’ in a 4 ports switch.
Now, let’s take a look at a more complex example that combines hub and switch network. The rules of thumb to find CD and BD boundary is the same. Each switch port gives 1 CD; and all hub ports combined into 1 CD. The BD for hub and switch networks are exactly the same. In this case, the whole network is ONE broadcast domain.
In this example, we have 9 collision domains and 1 broadcast domain.
Router
‘If you do not know what to buy, you buy the most expensive ones’. Assuming that router is the most expensive network device (other things being equal); does that means if we use router as the network device in our network, it will always work?
Well, technically, yes! If we place the router in place of ‘?’ in the diagram; all 3 PCs will be able to communicate. The catch is that; instead of joining the same network (like PC0, PC1 and PC2 in LAN1); we are actually creating 3 different networks (like PC0 in LAN0, PC1 in LAN1 and PC2 in LAN2). That’s because router is used to create or connect multiple different networks. Meanwhile, hub and switch is used to connect multiple devices within a single network.
Router is a layer 3 (network layer) devices in the OSI model. Network layer deals with IP addressing. The network layer allows PCs from different LAN to talk to each other across multiple routers. Physically, router has less ports compared to hub or switch. The port on the router unit is called the WAN port; which connects the router (or the LAN) to the backbone networks. Remember that the Internet is a large collection of routers? — The router that connects each LAN to the Internet is called the edge router. The routers in the middle of the Internet (backbone/core network) is called the core routers.
Packet Forwarding in Router
Since router is L3; it deals with packet instead of frames (in L2). Router forwards packet to the destination host based on the destination network address the dest_host is currently residing in. To do so, the router checks its routing table to find which is the exit interface it should forward the packet out to reach the destination network. We will talk more about routing and routing table in another story.
Looking at our example earlier. If we place the router as the network devices that connect PC0, PC1 and PC2. Then we are creating 3 different networks. This means all three PC needs to have different network address. Since these 3 networks are directly connected to our router; there is no need to configure routing.
But, these are smarter ways to spend money than using router here. The recommended network device in our example is actually a switch; which hits the right balance of being good in network performance while being more affordable than a router.
In fact, routers are only needed when we want to connect two or more networks. In the example below; network on the left has the NET_addr of 192.168.1.0/24 and the network on the right has the NET_addr of 192.168.2.0/24. Assume that these address is fixed. If we place a switch as the network device, the devices in these LANs would not be able to communicate. This is where a router is needed to ‘route’ the packet across different LANs. Here’s a video showing the when to use a router in the place of switch.
Collision Domain & Broadcast Domain
Every link to a router port is consider a broadcast domain. In other words, a LAN equals to a broadcast domain. If the router has 4 interfaces; this means there are 4 networks connected to this router; which also means there are 4 broadcast domains. In short, everything that connects to hub, collectively form big collision domain. Everything that connects to a switch; each link to a switch port is a small collision domain. And everything that connects to a router port is considered a broadcast domain. See the example below to better grasp the idea of CD and BD in network topology.
