[Techtalk] DHCPD Question

Raven, corporate courtesan raven at oneeyedcrow.net
Thu Oct 11 23:39:46 EST 2001

Heya --

Quoth Kai MacTane (Thu, Oct 11, 2001 at 03:15:33PM -0700):
> Wow, no wonder I can never quite seem to figure out the difference between 
> all those different kinds of networking devices.

	It has gotten complex, and marketing folks for most vendors have
done their best to muddy the waters as much as possible.  Maybe if
you're confused enough, you'll buy their product if they tell you it's
the best loudly.  [grin]
>     Hub: One of those things I have a pair of, sitting in my kitchen.
> Switch: Like a hub, but can go at two speeds. (May only have two ports.
>          (One of my hubs is also a switch.)
> Router: A thing I don't understand, don't own, and don't need.

	Actually, the speed is irrelevant.  It's the intelligence of the
device that matters.  You can buy both hubs and switches that run at 10
Mbs, 100 Mbs, or both.

	Okay.  A hub is a very simple device.  Any incoming frame, it
repeats out every interface except the one it came in on.  Ethernet is a
shared media, and NIC cards on computers will look at any frame recieved
to see if it's destined for them.  If so, it hands it off to some
networking software on the computer.  If not, it drops the frame.

	If your computers are connected by an Ethernet hub, then all of
them are actually recieving any frame passing through your network.  By
default they ignore any frame not destined for them specifically, but
you can make them capture all frames by putting your Ethernet interface
into a special mode called "promiscuous mode".  So if I jacked into your
home net with a laptop with a packet sniffer on it, I could put my own
NIC into promiscuous mode, intercept anything you sent from any other
computer on the network, and read it if it wasn't encrypted.  

	Switches are more selective, and so a little bit more secure.
Instead of just repeating everything to everyone, they will try to build
a forwarding table of what MAC addresses are connected to what jack on
the switch.  (I avoid saying "port" to make sure it's clear that this is
a physical interface sort of port, not an 80 = http sort of port.)  They
make the forwarding table from incoming frames -- if it's sourced from
MAC address [blah] and came in on jack 3, they now know that [blah] is
located off jack 3.  If they don't know where a given device is, they'll
send the frame to everywhere, just like a hub.  But if they do know,
they'll send the frame out that jack only.

	A router is just a device that (in the modern world) speaks IP,
has more than one interface, and has packets come in one interface and
be directed out the other.  So, it's like a traffic cop, essentially.
There are all sorts of protocols that control how the cop works.  But if
you have any sort of high speed connection, you have a router.  It takes
packets from your home network and directs them to your ISP, and takes
packets from the Internet and directs them to your home network.  Such
devices are sometimes also called "cable modems" or "DSL modems",
basically because everyone already knows what a modem is.  And of
course, there's the more familiar (and buffer) Linux routers, Cisco
routers, and Juniper routers.  But when you get right down to it, they
all do the same thing -- intelligently direct packets.

	As far as the layer stuff goes -- here's how people usually
define it.

Layer 1 -- Physical layer -- electrical and/or optical signaling
equipment.  If you can pick it up and drop-kick it, it does Layer 1.

Layer 2 -- Data Link layer -- switching.  Any device that creates a
forwarding table and can learn (or be programmed) what device is off
what jack is a switch.  Ethernet is a Layer 2 protocol.

Layer 3 -- Network layer -- routing.  Intelligent direction of (on the
Internet, IP) traffic.  IP and IPX are Layer 3 protocols.

Layer 4 -- Transport layer -- end to end connectivity.  Not just getting
traffic from point A to point B (that's Layer 3's job), but *how* it
gets there.  Does it get error checked?  Is it in a logical sequence, or
just as fast as you can send it?  TCP and UDP are Layer 4 protocols.
Anything with a port number is Layer 4.

	There are three more layers in the OSI model, but I think they'd
be more confusing than helpful here.

	So a hub functions on layer 1 only.  It just amplifies
electrical signals and sends them out again.  A switch functions on
layers 1 and 2 -- it deals with MAC addresses, and can tell what's off
which port.  A router functions on layers 1, 2, and 3.  It recieves
electrical signals (1) from some delivery media like Ethernet (2) and
sends the IP packets to the correct destination (3).  Sometimes it can
firewall off some packets and deliver others (still 3).  Sometimes it
does that by what port they're destined for (4), if you wanted to allow
Web traffic through but not Gnutella or something.

> Which is pretty basic, I realize. (Luckily, I don't make my living 
> understanding network equipment.)

	And so many of the ways to learn it only make people more
confused.  (If that's what I've done to you, please let me know and I'll
attempt to clarify.  Or just blither onwards, ever more confusingly.)
> But at least now, I don't feel so *bad* about not understanding it!
	Like quantum mechanics, I think anyone who isn't appalled by it
doesn't understand it.  [grin]

"Bless me with your word of savage honor,
 We love more by Fate than by design,
 So give me your hand, and I'll gladly give you my life,
 A flower that sways in the breeze."
  -- the Mission, "Love Me To Death"

More information about the Techtalk mailing list