NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550 Hub Ethernet Hub (shown) Link multiple hosts to single central point Can be used to share single network connection, for example, or multiple USB devices sharing a single USB port over a USB hub Broadcasts network traffic to all connected hosts Operates at OSI Layer 1 Serves as signal repeater, boosting strength of broadcast messages How it works - Hub Desktop with Ethernet NIC. Desktop with Ethernet NIC. Ethernet hub 8-port ethernet hub. Supports source device plus up to 7 additional devices Laptop with Ethernet interface. Single Ethernet port. This could be a network port in a cubicle on an Ethernet-wired corporate network, for example Switch Ethernet switch (shown) Connects multiple devices to central point Can be used to build small peer-to-peer network Communicates on OSI Layer 2 Usually contains software to build routing table Directs traffic on network to proper hosts – doesn’t broadcast traffic to all devices like a hub How it works - Switch Desktop with Ethernet NIC. Desktop with Ethernet NIC. Desktop with Ethernet NIC. Desktop with Ethernet NIC. Ethernet switch 8-port Ethernet switch. Connect up to 8 devices on a peer-to-peer network Laptop with Ethernet interface. Router Router (wireless router shown) Acts as a connector between two different networks Directs traffic from nodes on one network to the correct node on the second network Communicates on OSI Layer 3 Directs traffic on network to proper hosts – uses IP addresses to route packets How it works - Router Desktop with Ethernet NIC. From Internet (through ISP) Desktop with Ethernet NIC. Desktop with Ethernet NIC. XBOX 360 with WiFi network adapter. Wireless Router 5-port Ethernet router plus Wireless router. Connect up to 5 wired devices plus up more than 200 wireless devices Laptop with WiFi network adapter Bridge Networking Bridge Acts as a connector between two different network segments Builds forwarding database containing list of nodes on each segment Communicates on OSI Layer 2 Uses hardware-based MAC addresses to direct traffic Filters network traffic (frames) Forwards to different network segment when destination address is not on local segment Drops frames if destination address is on same segment as source How it works - Bridge Node A Node B Node C Network Segment 1 Node D Ethernet Bridge Connects Network Segment 1 to Network Segment 2. Let’s assume, on a newly implemented network, Node A sends a packet to Node E. First, the frame containing the packet would travel to the bridge. A record for Node A address would be added to the bridge’s address table. Then, the frame would be broadcast to Nodes D, E and F. Node D and F would ignore the frame, while E would respond back to the bridge. The address for Node E is recorded, and then Nodes A and E may communicate through the bridge, across their different network segments. Node E Node F Network Segment 2 Gateway Gateway – node at the edge of a network Serves as a point of entry from one network to another Capble of joining two networks built on different protocols Commonly combined with firewalls due to their position at the edge of a given network Can communicate on any OSI layer Can be implemented either by hardware or software Routers are a special type of gateway PCs can be configured to be a gateway How it works - Gateway Wireless Router From Internet (through ISP) Node A Gateway Node B -- OR -- Node C Home Network Desktop with two Ethernet NICs. One NIC is connected to internal network, and other is connected to external network. Serves as a point of entry from one network to another. In this case, the home network is connected to the Internet through either a wireless router or another PC which is configured as a router. A gateway can thus be implemented either by hardware (with the router) or software (with the specially configured PC) Firewall Firewall (hardware firewall shown) Device which permits or denies network connections based on rules (i.e. restricted ports or source addresses Can be either hardware or software based Provides security to nodes behind it Many routers contain basic firewall functionality Hardware Firewalls Work on first 4 layers of OSI model Software Firewalls Most operating systems contain basic firewall functionality Operates at Application Layer of OSI model How it works - Firewall From Internet (through ISP) Node A Hardware Firewall Node B Node C Home Network Firewall Filters network traffic coming in to the network from external source. Hardware firewalls operate on the first 4 layers OSI layers, blocking content based on MAC addresses or IP addresses, or based on type of content and destination port on protected computers. Can also be implemented on application layer of OSI by softwarebased firewall. Software firewalls block traffic based on IP address or MAC address or content. Wireless Access Point Wireless Access Point (wireless router shown) Device which broadcasts traffic from one network to another or between connected nodes on the same network Utilizes wireless signal to configure the network connections, making networks easy to set up and maintain Provides routing functionality May also contain firewall functionality to control flow of traffic and content throughout and between local networks and WANs. Works on Layer 3 of OSI model How it works – Wireless Access Point Belkin Router Wireless G+ MIMO • • • • • • • Easy setup through web interface Configure router to handle DHCP connections Set WPA encryption Can configure to restrict access to specific MAC addresses Built-in firewall Port forwarding and other virtual server functions Can manually configure DNS settings From Internet (through ISP) Wireless Access Point Connects multiple devices to a single connection to another network. Commonly used in homes to set up wireless networks servicing multiple consumer devices. Laptop PCs with WiFi NICs. Also used in public places providing temporary internet access to a variable number of customers. Range of Prices for Hardware Device Price Range Hub (gigabit Ethernet, 8 port) $80 - $160 Switch (gigabit Ethernet, 24 port) $440 - $500 Router $200 - $800 Bridge $80 - $200 Gateway $150 - 300 Firewall $129 - $300 Wireless AP $100 - $800 These prices represent products with mid-range capabilities. Since there is such a vast number of products on the market, with a wide range of capabilities, the products priced here would be suitable for medium size offices or small school environments. Networking components – a sample setup using all components we’ve discussed Gateway Network Attached Storage (NAS) Devices Motorola cable modem serves as a gateway between home sample network and the Internet Contains shared documents and media content. Hub Router/Wireless AP/Firewall NAS drives share connection to switch Firewall Switch Workstation B Workstation A From Internet (through ISP) Hardware firewall will be used to secure traffic to wired network Bridge Connecting wireless and wired networks Contains softwarebased firewall. We will configure this to protect the wireless network Server Configured to manage resources on wired network Network connected to Internet through gateway. Wireless network connects to Wireless AP/Router. Wired network connects to switch, then to firewall, then to gateway. NAS devices connect to hub and then to switch for access on wired network. Bridge connects wired and wireless networks.