1. Main Network Hardware’s Difference---
Integrated Devices, Router, Network Switch & Firewall
If you are used to working with home networking gear, you will beused to an
integrated device that “does it all”. On a home network, you may have one box that is
a cable/DSL modem, router, firewall, switch, and wireless access point all in one. It is
amazing all the functions they can fit into one box.
If you are studying Cisco networking and learning about how businesses use these
devices, you may be wondering why there is so much importance on the differences
between a switch, router, firewall, and other network devices. If the home user can
have all these devices combined into one, why doesn’t the business user do this as
well? So, now, here we try to find out what the main differences between these
network devices.
Integrated devices
Just like home devices, business devices have become more and more consolidated
over time but not to the extent that the home devices have. Network administrators
in a business network are more comfortable having separate devices and even like
the idea. This is because network administrators like to be able to isolate problems
down to a certain device and they like to be able to know the performance
capabilities of every device. If you use an integrated router, switch, and firewall all
into one device, troubleshooting, managing, and understanding the performance
capabilities of that device gets complicated. I’m not saying that this isn’t done. You
can buy a big & expensive, chassis-based, Cisco 6500 series switch and have almost
all these functions on different blades of the switch. This may be fine for a larger
business with a group of administrators but to a medium size business and a single
network administrator, many times, this is a scary thought.
Keep in mind that for a medium or large size business, these integrated home devices
won’t work because they don’t offer all the features required. The standalone
routers, switches, and firewalls have many more features than these integrated
devices do.
But what is the difference between these devices anyway? Let’s cover the three most
popular devices.
Router
A router is a hardware device and has the function of routing packets between
networks. A router works at Layer 3 of the OSI model – the Network Layer. This is the
layer that the IP protocol works at. Most routers today are IP routers that examine
the source and destination IP addresses of each packet, look up the destination of
2. the packet in the router’s IP routing table, and route that packet on its way. In the
event that the destination is not listed in the routing table, the router will either send
the packet to a default router (if it has one) or drop the packet. Routers are usually
used to connect a local area network to a wide-area network (a LAN to a WAN) but
can also be used to segment large local area networks (LAN’s).
Routers prevent broadcasts. Another way of saying this is that routers form a
broadcast domain. So, if your network is being deluged by IP broadcasts, you need to
subnet your network into two or more smaller networks. Those networks would be
connected by a router and that router wouldn’t allow broadcast traffic to flow
between subnets.
Routers use routing dynamic protocols like OSPF, RIP, or BGP to learn routes from
other routers. Router can also use static routes that are entered by the administrator.
Routers replace the Ethernet MAC address of the source device with their own MAC
address when they send a packet out an interface. When the response to that packet
comes back, the new source of the packet is sending the response to the destination
of the router. The router receives this, replaces the source address, changes the
destination address to the original address, and sends the packet back to the original
sender. This is a complex topic that we could spend a whole article covering so this is
only meant to provide the most basic understanding of how this works.
To show the routing table on the router, use the show ip route command. Here is an
example of what a routing table looks like on a router:
3. Switch
A switch is a hardware device that works at Layer 2 of the OSI model – data link. The
data link layer is where the Ethernet protocol works.
A switch switches Ethernet frames by keeping a table of what MAC addresses have
been seen on what switch port. The switch uses this table to determine where to
send all future frames that it receives. In Cisco terminology, this table is called the
CAM table (content addressable memory). In general, the proper term for this table
is the bridge forwarding table. If a switch receives a frame with a destination MAC
address that it does not have in its table, it floods that frame to all switch ports.
When it receives a response, it puts that MAC address in the table so that it won’t
have to flood next time.
A switch is a high-speed multiport bridge. This is why bridges are no longer needed
or manufactured. Switches do what bridges did faster and cheaper. Most routers can
also function as bridges.
You might be asking how a hub fits into this mix of devices. A hub is a multiport
repeater. In other words, anything that comes in one port of a hub is duplicated and
sent out all other ports of the hub that have devices attached. There is no
intelligence to how a hub functions. A switch is a vast improvement over a hub in
terms of intelligence, for many reasons. The most important of those reasons is how
the bridge forwarding table works. Intelligent (smart) switches have made hubs
obsolete because they can do more at the same cost of a dumb hub. For this reason,
hubs are rarely used or sold any longer.
To see this bridge forwarding table (CAM table) on a Cisco switch just type: show
mac-address-table
Here is an example:
4. Firewall
A firewall is used to protect more secure network from a less secure network.
Generally, firewalls are used to protect your internal/private LAN from the Internet.
A firewall generally works at layer 3 and 4 of the OSI model. Layer 3 is the Network
Layer where IP works and Layer 4 is the Transport Layer, where TCP and UDP function.
Many firewalls today have advanced up the OSI layers and can even understand Layer
7 – the Application Layer.
There are a variety of different types of firewalls and we won’t go into that in this
article so let’s just talk about the most popular type of firewall – a stateful packet
inspection (SPI) hardware firewall. An example of a SPI hardware firewall is a Cisco
PIX firewall. This is a dedicated appliance and it looks a lot like a Cisco router.
A SPI firewall is stateful because it understands the different states of the TCP
(transmission control protocol) protocol. It knows what is coming and what it going
and keeps track of it all. Thus, if a packet tried to come in but it wasn’t requested, the
firewall knows that and drops it.
What we have learned about the Network Hardware’s Difference: Integrated
Devices, Router, Network Switch & Firewall:
Routers work at Layer 3 and route IP packets between networks.
5. Routers are used to connect a LAN to a WAN (such as your small network to
the Internet) but they can also be used to connect segments of a large LAN
that has been subnetted into smaller segments.
Routers route packets based on information in the IP routing table. You can
see this table with the show ip route command on a Cisco router.
Switches work at Layer 2 and switch Ethernet frames. Switches connect
multiple devices on a local area network (LAN).
Switches keep a table of Ethernet MAC addresses called a CAM Table or a
Bridge forwarding table. You can see this table with the show
mac-address-tablecommand on a Cisco switch.
Firewalls work at Layers 3 and 4 but some can also work at higher layers.
Most firewalls can keep track of the states of TCP to prevent unwanted traffic
from the Internet from entering your private LAN.
---Original tip resources from petri.co.il
More Network Hardware Tips:
Router? Switch? Be Clear the Difference Between Router and Switch.
Layer 2 Switches & Layer 3 switches
Router vs. Layer 3 Switches
Network Router & Ethernet Switches
Static Routing vs. Dynamic Routing