Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: Ethernet switching in a nut shell

  1. #1
    Senior Member
    Join Date
    Jan 2003
    Posts
    274

    Ethernet switching in a nut shell

    Ok, I'll qualify this right away by saying that this has nothing to do with security. Having read some of the posts lately, however, I believe it may be of help to some members here. There is no way I can possibly cover everything here, but I will try to hit some of the highlights.

    First, we have to understand how Ethernet works. For a nicely summarized history as well as an explanation of the type of media it can run on, you can click here.

    Assuming everything is on the same network....... When a computer wants to talk to another computer on your network it 'listens' to see if there is any other traffic on the wire it is attached to. If it detects that it is all clear, it will send its traffic. Sometimes (and the likelihood increases the more computers you have on your network and the more heavily it is used) two hosts will send their data at the same time. When this happens, a collision occurs. When a collision is detected, a timer starts on each of the hosts which must expire before it will attempt to send traffic again. Meanwhile, while this is happening, the user staring at the monitor is busy complaining about how slow the network is.

    Now, when host 'A' tries to access a resource from host 'B' for the first time it will send a broadcast to every host on the network asking for host 'B' to tell it where it is at. All the rest of the hosts on the network will recieve this broadcast, look at the request, and decide "He's not talking to me" and purge the request from its NIC memory buffer. Host 'B', however, will say "Oh, that's me!" and respond with it's MAC address. Host 'A' will then write that address into its address resolution protocol (ARP) cache, and from that point on when 'A' wants to talk to 'B', it will attempt to talk directly to 'B' by using its MAC address. If all your hosts are attached to hubs, you begin to run into a problem. Why? Because a hub broadcasts all information that it recieves in a port (that's a physical port on the device, not the layer 4 tcp/udp port) out of *all* of it's ports. That means that every time a computer tries to send or request information, all the computers attached to the hub get it. Every host that the traffic is *not* destined for, has to examine the traffic, say "Nope, not for me" and discard it. Not only does this consume processor cycles, but the wire stays full on even moderately utilized networks. Remember, the wire has to be 'empty' before a host can send traffic. Because of this, 30 is about the practical limit of hosts that you can stick together on hubs without segmenting your network. More than that, and your network will crawl along so slowly, you might as well pack a lunch before trying to access a network resource.

    A switch (or switches) eliminates much of this problem because it is a little bit smarter than a hub. Rather than burp out traffic that comes in on a port out all the ports, when 'A' tries to talk to 'B' using it's MAC address, the switch knows which port that 'B' is plugged into, and only sends the traffic out that port. This greatly reduces the likelihood of collisions and speeds up your network considerably. Why, you might ask, does this only reduce collisions and not eliminate them entirely? It's because of how ethernet works. Ethernet still depends on broadcasts for a lot of things. That first time 'A' tries to find 'B', it's still going to send a request to all nodes on the network asking "Where is host 'B'?". Now, on a small network this broadcast traffic isn't enough to cause significant slow downs. Simply replacing your hubs with a simple layer 2 switch(es) will increase your network preformance dramatically.

    What happens, however, when you have a large network? At some of the sites I'm responsible for, I have over six hundred workstations trying to talk to a dozen servers. That's a lot of broadcast traffic! Even though the sites are switched, enough broadcast traffic is generated by those machines to impact network performance. This problem is solved by using a slightly smarter swtich. One that can create virtual local area networks or VLAN's. Essentially, by creating two VLANs on a switch, you split the switch in half and create two virtual switches. All the hosts on VLAN 1 will only talk (and broadcast) to the hosts on VLAN 1. The same goes for the hosts on VLAN 2. So, if I have at a site a dozen users who access the AS 400, I can put them on their own VLAN with the AS 400 so that when they broadcast for AS 400 services, the other 588 users don't get that broadcast. Cisco switches using the proprietary ISL protocol can support 1000 VLANs. Many standards based switches can support even more! This is a great way to keep your broadcast traffic under control. VLAN's are a wonderful thing!

    Ok....now what happens if VLAN 1 needs to talk to VLAN 2? Hmmmmm.....now we have a problem. The simple solution is to plug in a "router on a stick" or a router that that has interfaces on both VLAN's. This isn't the best solution though, because switches switch must faster than routers can route. So there is even a more intelligent breed of switch. Layer 3 switches. L3 switches combine the functionality of a router built into the switch. This way, you can route traffic between VLAN's, without having all that broadcast traffic clogging up your network. Of course, with this kind of control, comes blood pressure raising price tags.

    So.....I've skipped volumes of info trying to keep this short. Hopefully, it helps clarify a little bit about the benifits of hubs/switches/intelligent switches. If anyone is interested, I'd be happy to do more on layer 4-7 switching and/or spanning tree.

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    111
    Thanks for the info there thread_killer....I've never heard of VLANs before, but it sounds like a much more effective way to run large networks....can you tell me anything more about how to set them up through these intelligent switches? I would be more than interested to learn about spanning tree.
    Carrie: Someone\'s definition of what constitutes cheating is in direct proportion to how much they themselves want to cheat.
    Miranda: That\'s moral relativism!
    Carrie: I prefer to think of it as quantum cheating.

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Well, the actual *HOW* of implementing a vlan depends on which vendors switch you are using. Basically though they all do the same thing. For a static vlan, first you create the vlan, then you assign which switchports you want in that vlan to it. Simple as that.

  4. #4
    Senior Member
    Join Date
    Jun 2003
    Posts
    111
    Haha, well that's easy enough....how effective are VLAN's in terms of stability and security over standard LAN networks when you are dealing with them of that size? I would think they would be pretty stable with the intelligent switches running with them, but of course I would like to know for sure from someone who uses them. Actually, when I'm on the thought...I have a question relating to routers that maybe you can help me with....I'm a student at PSU and in our dorms, we have a standard ethernet connection that only will respond to one IP....I would like to get two computers running on the same connection....is it possible to use a router to get both PC's through the same IP? Just wondering if that would work...thanks a lot for any help you can pass along...
    Carrie: Someone\'s definition of what constitutes cheating is in direct proportion to how much they themselves want to cheat.
    Miranda: That\'s moral relativism!
    Carrie: I prefer to think of it as quantum cheating.

  5. #5
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    Properly created VLAN's on good hardware are extremely stable and VLANs can actually used as a security technique. Like anything else though, though more you complicate things, the more administrative overhead there is.

    For your other question. You need NAT
    Not only can this be done, it's extremely common. I'm running it right now on a Linux machine, but even an XP box with two NICs in it is capable of doing it. Very simple to set up.

  6. #6
    Senior Member
    Join Date
    Jun 2003
    Posts
    111
    Hey, thanks for the information about that thread_killer....much appreciated. How long have you been working on networks with VLAN's? I have a pretty good interest in networking, so the more I can absorb about it, the better...What's this about layer 4-7 switching? Thanks again for any info you can pass along....
    Carrie: Someone\'s definition of what constitutes cheating is in direct proportion to how much they themselves want to cheat.
    Miranda: That\'s moral relativism!
    Carrie: I prefer to think of it as quantum cheating.

  7. #7
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Important subset to the (great) info from thread_killer.

    1. Switches are a treated as a single collision domain

    Remember the old 3-4-5 rule ?

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    274
    I presume you mean the 5-4-3 rule? At least, that's how I've always heard it described, though I suppose it works the other way too......

    Yeah, that's important on legacy networks. You can find a description here.

  9. #9
    Senior Member
    Join Date
    Nov 2002
    Posts
    339
    /me pokes TK
    well **** TK, i bet you think yer pretty smart now dont ya
    good read man, i would love to hear a tut from ya on RTT's if ya ever get to it, ive been readin about some diff protocols, and since you seem to write these tut's so well, thought maybe youd like an idea for yer next one
    anyways man, dont be a stranger, drop me a line sometime, dont see ya around too much anymore, lemmie know how yer doin, take it easy.
    Don\'t be a bitch! Use Slackware.

  10. #10
    Senior Member
    Join Date
    Jun 2003
    Posts
    111
    Thanks for the link on the 5-4-3 rule, I really appreciate all the help all of you have been on this topic....thanks again!
    Carrie: Someone\'s definition of what constitutes cheating is in direct proportion to how much they themselves want to cheat.
    Miranda: That\'s moral relativism!
    Carrie: I prefer to think of it as quantum cheating.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •