Applied Networks & Security
LANs – with Critical Analysis
http://condor.depaul.edu/~jkristof/it263/
John Kristoff
jtk@depaul.edu
IT 263 Winter 2006/2007
John Kristoff - DePaul University
1
Critical analysis disclaimer
Following this disclaimer are slides used in other
versions of the course. We mark up some slides
using strikethroughs and underlined red in comic sans ms
20pt font. This is not meant to slight other teachers or
their material. Much of the material is good and
helpful so we use it.
We do this to explore complex issues, refresh dated
material, correct inaccuracies and stimulate critical
thinking. In some cases we are pedantic where it
seems useful, but we are not exhaustive and try to
avoid being overly tedious when it is unnecessary.
IT 263 Winter 2006/2007
John Kristoff - DePaul University
2
IT 263
Applied Networks and
Security
Cabling, Ethernet
This Week’s Class Topics

Network Cabling




Ethernet LAN Hardware




Coaxial Cable
Twisted Pair
Fiber optics
10 Mbps, 100 Mbps, 1 Gbps, 10 Gbps Wired
WiFi Wireless
Servers
Reading: Chapters 2 and 3
Network Cabling

Coaxial Cable



Twisted Copper Pair




Widely used in 1980s, but not today
Expensive, difficult to manage
Least expensive
Limited distance
Susceptible to electromagnetic noise and leakage
Fiber Optic Cable




Most expensive
Longest distance
Highest bandwidth
Most secure against eavesdropping
Network Cabling

Baseband and Broadband Transmission




In baseband transmission, digital signals are
sent through direct current (DC) pulses
applied to the wire (e.g. 10BASE-T)
In broadband transmission, signals are
modulated as radio frequency (RF) analog
pulses that use different frequency ranges
Digital signaling vs analog signaling – Example
and discussion: Aerial TV signal, CATV …
others?
Baseband = using the entire bandwidth for a single signal,
broadband = multiplexing the bandwidth into multiple
channels. Marketers say broadband to mean fast. I bet
my baseband Ethernet beats your broadband. :-)
Network Cabling

Coaxial Cable


Central copper core
surrounded by an
insulator
Braiding insulates
coaxial cable

Sheath is the outer

cover of a cable
Foundation for Ethernet
network in the 1980s
Coaxial cable
Network Cabling

Thicknet (10Base5)

Thicknet



Also called thickwire Ethernet
Rigid coaxial cable used for original Ethernet
networks
IEEE designates Thicknet as 10Base5
Ethernet
Network Cabling
Thicknet (10Base5)
 Thick coaxial cable
 Bus topology
Thicknet cable transceiver with detail of a vampire tap piercing the
core
Network Cabling
Thinnet (10Base2)

Also known as thin
Ethernet, was most
popular medium for
Ethernet LANs in the 1980s


Thin coaxial cable
Bus topology
FIGURE 4-8 Thinnet BNC
connectors
Network Cabling

Signal Bounce



Caused by improper
termination
Travels endlessly
between two ends of
network
Prevents new signals
from getting through
Typical coaxial network using a bus
topology
Network Cabling

Twisted-Pair (TP) Cable



Similar to telephone wiring
Consists of color-coded pairs of insulated copper
wires twisted around each other and encased in
plastic coating
Twists help reduce effects of crosstalk,
interference caused by signals traveling on nearby
wire pairs infringing on another pair’s signals


The twist rate of each pair has to be unique to avoid
crosstalk between pairs
Alien Crosstalk occurs when signals from
adjacent cables interfere with another cable’s
transmission
Network Cabling

Twist Ratio

Number of
twists per
meter or foot
in a twistedpair cable
Twisted-pair cable
Network Cabling

Shielded Twisted-Pair (STP)

Twisted wire pairs are individually insulated
and surrounded by shielding
STP cable
Network Cabling

Unshielded Twisted-Pair


Consists of one or more insulated wire pairs encased
in a plastic sheath
Does not contain additional shielding
FIGURE 4-12
UTP cable
Network Cabling

To manage network cabling, it’s necessary to be
familiar with standards used on modern networks,
particularly Category 3 (CAT3) and Category 5
(CAT5)
CAT5 UTP
cable
RJ-45 Connector – 8-pin modular connector
RJ-45 connector, used by both STP and UTP
(similar to RJ-11 phone connector) –
technically RJ-45 refers to a wiring
standard involving telephone service on
pins 4 and 5, but the term RJ-45 is in
widespread (mis)use
Network Cabling

Fiber-Optic Cable






High Throughput
High Cost
Connector
Good Noise immunity
Size and scalability
Wavelength-Division
Multiplexing (WDM)

Allows multiple light
data signals to be
sent over single fiber
SMA fiber connector
Fiber Optic Cable

Fiber-Optic
Cable


Contains one or
several glass
fibers at its
core
Cladding is
the glass shield
around the core
Fiber-optic cable
Fiber Optic Cable


Single-Mode Fiber
 Carries single path of
light to transmit data
 More expensive, higher
data rates (to 10 Gbps
and beyond)
Multimode Fiber
 Carries many paths of
light over a single or
many fibers
 Less expensive, but
lower data rates due to
timing differences
between different paths
(up to 1 Gbps)
FIGURE 4-16 Single-mode and
multimode fiber-optic cables
Cable System Design

Horizontal Cabling




Connects data jacks (RJ-45 8-pin modular jack, typically) in
walls of building back to a telecom wiring closet
May be one or more wiring closets per floor of building
Typically twisted pair cable is used
Vertical Cabling



Interconnects the wiring closets (between multiple floors of the
building)
Forms the network backbone
Typically optical fiber cable is used, but may also be twisted
pair cable.
Cable Design and
Management

Structured Cabling


Method for uniform,
enterprise-wide,
multivendor cabling
systems
Specified by TIA/EIA
569 Commercial
Building Wiring
Standard
TIA/EIA structured cabling subsystems
Cable Design and
Management

Horizontal wiring


No more than 90 meters of twisted pair between data
jack and patch panel in wiring closet, plus 10 meters of
patch cords (picture isn't quite right)
Solid core (horizontal link) vs. stranded (patch cords)
Horizontal
wiring
Client
Hub/Switch
Client
Hub/Switch
Switch
Router
Client
Client
Client
Client
Client
File
Server
Client
Client
Client
Client
Client
File
Server
Server
Server
Server
Internet
Cable Design and
Management


Equipment room
Telecommunications closet

Punch-down block is a
panel of data connectors to
allow interconnections on a
wire-by-wire basis

Patch panel is a panel of
data receptors (RJ-45) that
allow interconnections on a
cable-by-cable basis
Patch panel (left) and Punch-down
block (right)
Wiring Closet Rack – Front Side
Patch Panels
Hubs/Switches
Fiber
Going
Up
To
Next
Floor
Wiring Closet Rack – Back Side
Hubs/Switches
Patch Panels
Cat 5
Cable
From
Offices
On This
Floor
Cable Design and
Management

Work area

Patch cable is a
relatively short
section of twistedpair cabling with
connectors on both
ends that connect
network devices to
data outlets
Standard TIA/EIA wall jack
Installing Cable
Typical UTP
cabling
installation
Installing Cable



Do not untwist twisted-pair cables more than
one-half inch before inserting them
Do not strip off more than 1 inch of insulation
from copper wire in twisted-pair cables
Watch bend radius limitations for cable being
installed

Bend radius is maximum arc into which a cable can
be looped before its data transmission is impaired


Test each segment of cabling with cable tester
Use only cable ties to cinch groups of cable
together – snug is OK, but not too tight!
Installing Cable





Avoid laying cable across floor where it may
sustain damage
Install cable at least 3 feet away from fluorescent
lights or other sources of EMI
Always leave slack in cable runs
If running cable in the plenum, the area above
ceiling tile or below subflooring, make sure cable
sheath is plenum-rated
Pay attention to grounding requirements
SOHO LAN Components






NICs
Hubs
Switches
Cable/DSL Modem Routers
Servers
RAID Servers
Network Interface Cards (NIC)





Plug and Play Windows XP
Drivers preloaded with Windows.
Half Duplex or Full Duplex
10/100 Mbps
Unshielded Twisted Pair Wiring (UTP)
Typical NICs
NIC placement in PC
Half Duplex, Full Duplex, and
Simplex Connections



A half duplex connection transmits data
in both directions but in only one
direction at a time.
A full duplex connection transmits data
in both directions and at the same time.
A simplex connection can transmit data
in only one direction.
Ethernet

All Ethernet standards are controlled by the
802.3 committee of the Institute for of
Electrical and Electronics Engineers (IEEE)

IEEE pronounced “I-triple-E”

A few IEEE 802.3 standards
supplements…

802.3z – fiber optic Gigabit Ethernet

802.3ae – 10G Ethernet

http://www.ieee802.org/3/
Ethernet

Original IEEE Naming System:


<data rate><signal type><length of
longest cable in 100s of meters>
IEEE Naming System after 1990:

<data rate><signal type><transmission
cable type>

Where <cable type> = T for UTP, F for fiber
10 Mbps Ethernets

10 Mbps Physical Standards:

10Base5 (1985)


10Base2 (1988)


10 Mbps Thick Coaxial Cable (Bus)
10 Mbps Thin Coaxial Cable (Bus)
10BaseT (1990)

10 Mbps Twisted Pair (Star)
Fast Ethernets

100 Mbps Physical Standards:

100BaseTX (1995)


100BaseT4 (1995)


100 Mbps Twisted Pair (Cat 5)
100 Mbps Twisted Pair (Cat 3)
100BaseFX (1995)

100 Mbps Fiber
Gigabit and 10G Ethernets

Faster Physical Standards:

1000BaseX (1998)


1000BaseT (2000)


1 Gbps Twisted Pair (Cat 5e) (cat5 works too)
10GBase-X (2002)


1 Gbps Fiber
10 Gbps Fiber
Note: “slower” UTP (10/100) Ethernet used 2 pairs: one
send-pair and one receive-pair. GB and higher uses all 4
pairs. No more cross over: it adapts automatically for
send/receive
Two Types of Ethernets

Shared or Broadcast Ethernets



Built using coaxial cable (bus topologies) or Ethernet
hubs.
Data is broadcast from single sender to all stations
within broadcast domain.
Switched Ethernets


Built using Ethernet switches.
Data is forwarded by intelligent switches based on
Destination MAC address.
Types of Ethernets

Shared Ethernets / Broadcast Ethernets



CSMA/CD is used to ensure that there is only a single sender at a time.
Collisions and retransmissions occur when multiple stations try to send
simultaneously.
Switched Ethernets




Collision detection and CSMA/CD can be eliminated.
Data may be buffered in switches when multiple stations try to send
simultaneously.
Also point-to-point Ethernet have no collisions
Troubleshooting note: if you see collisions in full-duplex connections:
you have a problem!
Network Distance Limits


Maximum cable lengths

Due to signal attenuation – limits ALWAYS apply

Twisted pair limit is usually 100 meters (330 feet).
Maximum network span for collision domain



Due to timing restrictions on collision detection
Network span = max. distance between any two user
devices (PCs, server, router, switch) on LAN
Limits ONLY apply to Shared (hub-based) Ethernets.
There are NO span limits for Switched Ethernets.
Ethernet Span Limits

What if the maximum span is exceeded in
a Shared Ethernet?

The following scenario may occur:




Station transmits a 64 byte frame
Collision signal comes back too late - after frame
transmission is completed (network span is too
large, therefore too much propagation delay)
Sending Station assumes it’s somebody else’s
collision and ignores it.
Result: the station believes its frame was
sent correctly, but actually it was not.
10Base5 Ethernet (ThickNet)
A tta c h m e n t
U n it In te r fa c e
(A U I C a b le )
T e r m in a tin g
R e s is te r
M e d iu m
A tta c h m e n t
U n it ( M A U )
T h ic k
C o a x ia l
C a b le
Attachment
Unit Interface
(AUI Cable)
Terminating
Resister
Thick
Coaxial
Cable
Medium
Attachment
Unit (MAU)
Inter-Repeater
Link (IRL)
Repeater
Repeater
Fan
Out
10Base5 Ethernet (ThickNet)

Design Limitations


Maximum length per coax segment: 500
meters
Maximum network span (between any 2
user devices)

No more than 4 repeaters

No more than 2500 meters cable
10Base2 Ethernet (ThinNet)
T h in
C o a x ia l
C a b le
Thin
Coaxial
Cable
Inter-Repeater
Link (IRL)
Repeater
MultiPort
Repeater
10Base2 Ethernet (ThinNet)

Design Limitations


Per coax segment:

Maximum length: 185 meters

Maximum number of nodes: 30
Maximum network span (between any 2 user
devices)

No more than 4 repeaters

No more than 925 meters

150 nodes total maximum
10BaseT Ethernet

Standardized in 1990

Allowed a revolution in LAN design
away from bus towards star topologies

Requires at least Category 3 UTP cable

Still used in many places today
10BaseT Ethernet
T w is te d
P a ir
1 0 B a s e -T H u b
Ethernet Hub/Switch
Purchase Parameters

Cost and Number of Ports

Port Speeds – 10, Fast (100), 1G, 10G

Shared or Switched Ethernet


Managed or Unmanaged


Switch options: Full duplex, priorities, VLANs
Managed = intelligent network monitoring
Standalone, Stackable or Modular
Hub Types

Stand-Alone Hubs



Fixed number of ports
Not Expandable
Typically single transmission medium
S tand-alone hubs
Network
Interface
Card
10 Base-T
all RJ-45 connections for UTP
Fixed number of ports
Single network architecture
Not expandable
Interface
Card
10 Base-T
Hub Types
all RJ-45 connections for UTP

Fixed number
of ports
Stackable
Hubs


Single network architecture
Each
has fixed number of ports
Not hub
expandable
Single
media type
Stack
connects
through proprietary cable
Full stack can be managed as one hub
 Less delay between hubs than nonStackable hubs
stackables ???

cascading ports
management
console port(s)
to next cascadable hub
management
console
cascading ports
Hub Types

Modular Hubs
management
console port(s)
management
console
to next cascadable hub



Start with Each
empty
chassis and add cards (or “blades”)
hub has a fixed number of ports
Hubs are cascadable
Highest flexibility/reliability/manageability
– may be
Single network architecture and media
Provideshave
management
software and
link
hot-swappable,
dual power
modules,
redundant
to network management console
cards, routing or switching modules, etc.
Model
also used
Enterprise
hubsfor switch systems
10Base-T
management
module
Token Ring
FDDI
multiple redundant
cooling fans
multiple redundant
power supplies
Modular chassis-based design
management
console
10BaseT Ethernet

Design Limitations



Maximum length per UTP cable: 100 meters
Maximum length per fiber cable: 2000 meters
(10BaseF)
Maximum network span (between any 2 user
devices)

No more than 2500 meters cable

No more than 5 hubs
Large 10BaseT Network
Enterprise-wide
Ethernet 10BaseT
network
100 Mbps Ethernets

Standardized around 1995

Much competition at the time, resulted in 3 standards




100BaseT (also called 100BaseTX)
100BaseT4 (you’ll not see them today – few
implementations)
100BaseVG (had almost no market share)
Note: these 3 are incompatible, so, for example,
100BaseT4 NIC can only connect to 100BaseT4 hub
port and no others.
100Mbps Ethernets

100BaseTX

Uses 2 pairs UTP cable, one for transmit, one for
receive



Supports full-duplex transmission
Requires Category 5 cable or better
100BaseT4

Uses all 4 pairs UTP cable to transmit alternately in
one direction and then the other direction


Does not allow full-duplex transmission
Can use Category 3 UTP cable
100 Mbps Ethernets

100BaseVG





Developed by HP, IBM and others to provide an
“improved Ethernet”
Transmits at 100 Mbps over Cat. 3 UTP
Does not allow full duplex
Uses a demand priority access method
 Stations send “transmission request” to hub
 Hub determines who transmits next
 Eliminates collisions
100BaseVG has not succeeded in market.
100BaseT Ethernet
(Fast Ethernet)
T w is te d
P a ir
1 0 0 B a s e -T H u b
100BaseT Limitations

Design Limitations



Maximum length per UTP cable: 100 meters
Maximum length per fiber cable: 400 meters
(100BaseF) in half-duplex mode
Maximum network span (between any 2 user
devices)

No more than 205 meters cable

No more than 2 hubs
Max Span 100BaseT Ethernet
Twisted
Pair
Twisted
Pair
Gigabit Ethernet

Can use fiber optic cabling (up to 500
meters) or enhanced Category 5 twisted
pair (up to 100 meters)

Requires Gigabit NIC cards in PC
workstations

Requires Gigabit Ethernet hub or Gigabit
Ethernet switch
Gigabit Ethernet
1000BaseT Hub
1000BaseT Ethernet

Design Limitations



Maximum length per UTP cable: 100
meters (category 5e)
Uses 4 pairs on UTP
Maximum network span (between any 2
user devices in same collision domain)

No more than 1 hub
Fiber Gigabit Port Types


1000BaseSX, 1000BaseLX, 1000BaseLH (IEEE)
 Short or Long haul Gigabit Ethernet
 Up to 550 meters (1804 feet) over multimode fiber.
 Up to 10 km (6.2 miles) over single mode fiber.
1000BaseZX (Cisco)
 Very Long haul Gigabit Ethernet
 Up to 100 km (62.1 miles) over single mode fiber.
10G Ethernet Limits

10GBase-X (IEEE) or 10GbE





ONLY operates as full-duplex switched
Ethernet network. NO span limits.
Multimode fiber up to 300 meters (990 feet)
Single mode fiber up to 40 km (24.8 miles)
No IEEE twisted pair standard yet – expected
in 2006. Predicted: up to 100 meters over
Cat 7 and up to ~70 meters over Cat 6
cable.
802.3an September 2006
Ethernet Frame Headers

Ethernet II



Original Ethernet frame type developed by DEC, Intel, and
Xerox, before the IEEE began to standardize the Ethernet
Type field identifies Network layer protocol used (IP, IPX,
AppleTalk, etc.)
Still commonly used – the most common in fact
Ethernet Frame Headers

Ethernet 802.3


IEEE changed “Type” field to a “Length” field
Can only be used on network with a single network
protocol – IP or IPX – because there is no field to identify
network protocol used in this packet.
MAC
(medium access control)
Protocol

Only 1 station on a shared LAN can
transmit at any one time

MAC protocol provides a fair way to
resolve contention if multiple stations
want to transmit at the same time

Ethernet MAC protocol is CSMA/CD
CSMA/CD

Carrier Sense Multiple Access with Collision
Detection (CSMA/CD)

Communication rules used by shared Ethernet networks
CSMA/CD
process
CSMA/CD In Depth
(not quite right –
see my slides)



Set N=0
Wait until line is idle:
Start transmission, listening for collision

IF no collision


Finish transmission
ELSE IF collision/Jam signal is heard






JAM signal is sent until end of current slot time
Set N=N+1
If N>15, give up
Chose random integer M in range [0,2N-1]
Sit idle for M slot times (“slot time” = time to send 64
bytes)
Go back to “Wait until line is idle” above
Wireless Media

Radio, satellite transmissions, and
infrared light are all different forms of
electromagnetic waves that are used to
transmit data.

Note in the following figure how each
source occupies a different set of
frequencies.
Frequency Spectrum
Wireless LAN (IEEE 802.11)


IEEE 802.11 standards provide connectivity
between wireless devices and wired LAN.
WiFi – “Wireless Fidelity” industry alliance


http://www.wifialliance.com
Configurations


Ad-hoc – A group of WiFi laptops can talk without an
AP by joining a common SSID (Service Set Identifier)
Infrastructure – Access Points act as hubs for all
WiFi devices within range.
Wireless LAN Configurations
Wireless LANs

IEEE 802.11b WiFi





Provides average of ~6 Mbps up to theoretical max
of 11 Mbps at 2.4 GHz.
Widely available as LAN access protocol in
corporate infrastructure
Some public WiFi networks available (city parks,
airports, other public places).
Limited mobility (handoffs between access points
require some disruption of data)
Limited distance range (typically 100 – 200 feet but
some to 900 feet)
Wireless Ranges Vary


With directional antennae designed for
point-to-point transmission (rare),
802.11b can transmit for more than 10
miles.
With an omni-directional antenna on a
typical AP, range may drop to as little
as 100 feet.
Wireless LANs

IEEE 802.11a WiFi






Provides average of ~25 Mbps up to
theoretical max of 54 Mbps at 5 GHz.
Being deployed in corporate infrastructure
A few public 802.11a networks available
(e.g. Case Western University).
Very limited distance range (30-50 feet)
Incompatible with 802.11b
Has been replaced by 802.11g
Wireless LANs

IEEE 802.11g WiFi



Can provide up to 54 Mbps between 802.11g
clients at 2.4 GHz
Also backward compatible with 802.11b, so
802.11b clients can talk to 802.11g access points at
11 Mbps.
Note that all clients within range of a particular AP
communicate at a common speed - so many
802.11g PCs can be forced to 11 Mbps by 1
802.11b PC on the same AP.
Collisions in Wireless Networks


A wireless sender cannot determine
whether its frame transmission was
received by the sender without
collisions
Solution?
Collisions in Wireless Networks



A wireless sender cannot determine
whether its frame transmission was
received by the recipient without
collisions.
Solution?
Recipient sends an ackowledgement
back to the sender.
CSMA/CA

802.11 LANs use Carrier Sense Multiple
Access with Collision Avoidance (CSMA/CA).


Collision detection is too difficult on a wireless
network (WHY?), so collision avoidance is used.
When an 802.11 station wants to transmit:





Wait until frequency band is idle
Wait a random time (CA) (WHY?)
If still idle, transmit data frame, start ACK timer
Wait for ACK frame
Retransmit data frame if no ACK within timeout.
Other 802.11 groups
•
•
802.11e - quality of service
802.11i - security
Servers









FAX servers
Remote Access Servers (RAS)
Web Servers
Data Base Servers
Windows Active Directory Server
MS Exchange Server
Internet Router
VoIP Gateway Server
File servers and print servers (of course!)
Servers



Redundant CPUs
Error Correcting RAM
Hot-Swappable Components




Disks
Power supplies
Fans
Redundant Array of Independent Disks
(RAID)
Duplicate CPUs





Price
Clock Speed
RAM speed
Chip Architecture
Multi Processing Support
Redundant Array of Independent
Disks (RAID)




What about interfacing a computer to
multiple disk drives?
Redundant array of independent disks - a
collection of techniques for interfacing
multiple hard disk drives to a computer
RAID-0 - data is broken into pieces and each
piece is stored on a different disk drive
(striping)
RAID-1 - data is stored on at least two disk
drives in duplicate (disk mirroring)
RAID continued


RAID-3 – bit-level stripping across
multiple disks and error-checking
information is kept on a separate disk
RAID-5 - data is broken in pieces
(stripes) and stored across three or
more disks; error-checking information
is stored along with the striped data
Interconnection hardware



Repeaters (hubs)
Bridges (switches)
Routers
Repeaters





A repeater is a device that repeats the signal…
Different than an amplifier: repeater receives and
reconstruct the signal and sends it out.
Example of repeater: A Hub.
Very little intelligence: such repeat/broadcast the
signal everywhere.
All devices on a HUB are in same collision domain.
Only 1 station can “talk” at a time.
(Of course all devices in a given collision should be in
same IP subnet)
Bridges









A bridge connect 2 (or more) segments and makes it look like 1 large
segment.
Each segment is it own collision domain -> reduces risk of collisions
compared to repeater.
Forwarding decisions are made based on the physical (layer 2) MAC
address: Switch only send the frame to port that has that MAC @. (more
on that a little later)
Bridge/switch does not look at the layer 3 data (IP).
All (layer 2) broadcasts must be forwarded to all hosts on that subnet.
Bridge is “transparent” to all devices on the segment: they all think they
are on the same segments.
Usually bridges link same technology networks (Ethernet – Ethernet)
Example of bridge: an Ethernet switch.
Routers




A router connects 2 (or more) networks
Each network has a separate IP subnet
Layer 2 broadcasts are not forwarded
across routers.
Maybe same or different networking
technology (Ethernet – WAN T1)
Routing 101: how it works!




Router receives a frame on an interface (The destination MAC @ of that interface was
the destination MAC @ of the frame)
Layer 2 strips the L2 header and pass to L3 (routing) for processing.
Routing process looks at the IP destination address and asks: Is the final destination
on a network that I am directly connected to?

Yes: then we can deliver the frame to the destination directly.

For that we need its MAC address. We get it by broadcasting a request: “if
you have IP @ <<DESTINATION>> tell me your MAC address”.

Or we can get it from remembering a previous request for that MAC @ (from
cache).

No: then we need to determine where to send the packet to.

Where does it goes next?

We look at our “routing table”. That table lists networks and the IP @ of who
will handle the packet next: the next “hop”. (more on routing in TDC 365!...
And a little in later lectures)

Now that we know the next Hop IP @, we need to send the frame to it. We
need… its MAC @!!

How do we get it?
Frame is then constructed and given to layer 2 for transmission.
Hubs vs. Switches

Hub


Retransmits each packet out every port

No security (sniffers can grab other user’s data)

All ports must run at same transmission speed

Only one station transmits at a time
Switch

Transmits each packet out single destination port


Security (no sniffing by other users) – Note: can fairly easily be hacked:
do not solely rely on that!
Different ports can run at different speeds


Thought question: how can that be possible?
Multiple data streams can go into and out of switch simultaneously
Hubs vs. Switches

Hub

Due to collisions, it is not recommended that average
network throughput utilization exceed 30% of capacity



On 10 Mbps LAN, keep total throughput average utilization
under 3 Mbps
On 100 Mbps LAN, keep total throughput average utilization
under 30 Mbps
Switch


Collisions can be eliminated
If multiple stations transmit to same destination at same
time, switch will buffer (store) the packets and send them
out one at a time
Hubs vs. Switches

Hub

Since only one station can send at a time, all stations
connected to same LAN share the network bandwidth


Example: 20 PCs on 10BaseT hub all want to transmit data.
They can theoretically each get throughput of 10Mbps/20 =
500Kbps (actually 3Mbps/20 = 150Kbps)


In practice this doesn't happen, why?
Switch

All stations can send at top speed simultaneously

In practice this doesn't happen, why?

Switch stores all data received before retransmitting
Hubs vs. Switches

Hubs



Collisions occur if 2 or more stations on same LAN
transmit at same time
Collisions limit network span and number of hubs in
network due to collision timing
Switch

Collisions can be eliminated by switch buffering
(switch stores packets before retransmitting
forwarding)


And because you remove link sharing
No network span limits or number of switch limits
in network design. (Individual cable lengths are still
limited (i.e. 100 meters from NIC to switch))
Hubs vs. Switches

Hubs



A workstation can send or receive data, but not
both simultaneously (half-duplex)
On hub-hub connections, only 1 cable can be used
(otherwise you get collisions).
Switch


A workstation can send and receive simultaneously
(full-duplex) if it has full-duplex NIC card
On switch-switch connections, 2 cables can be used
to provide backup capability in case of cable outage
(using Spanning Tree Protocol).
Hubs vs. Switches


Any disadvantages for switches?
Hubs



Data passes through immediately (almost no delay)
If there is too much incoming data, collisions will slow down the
senders.
Switch




More expensive than hub
Data may be stored in switch and delayed for a long time if there are
many frames waiting in line – this is a non-problem
If there is too much incoming data for switch to handle, the switch
buffers may eventually overflow and it will discard data frames.
In certain situations, you may want to be able to “hear” all traffic on
the segment.
Full-Duplex Ethernet

Full-Duplex Ethernet allows a workstation to send and
receive data simultaneously.

Requirements



Must have a full-duplex NIC card
Must be connected to an Ethernet switch (or via a
crossover to another PC)
Important note: in full duplex you should see no
collisions. If you get collision counts: you have a
problem!
Bridges (switches) vs. Routers

Fundamentally:


If you need to connect 2 segments that
have same IP subnets: use a bridge/switch
If the IP addresses are on different subnet:
you must use a router.
Bridges (switches) vs. Routers

Routers



Can use complex metrics and methods to decide a
path.
Can have multiple paths and use load balancing.
Switches/bridges


Does not compute paths: only use Spanning Tree
to prevent loops (more on that later)
Can not have load balancing paths (unless you
integrate layer 3 Virtual LANS or trunking: complex
and outside the scope of this class – TDC 365, 375)
Switch Operations

How does a switch forward data?

A switch is a multi-port bridge and it
uses a technique called bridging to send
data to its destination.
Bridge / Switch




A Bridge or Switch interconnects two or more
collision domains at the Data Link Layer.
A bridge or switch does not implement or
understand any protocol layer above layer 2.
A bridge or switch usually does not modify
passing data frames in any way.
An Ethernet switch is a multiport bridge
Switch Operations
Data frame arrives on port x:
 If destination address = FF:FF:FF:FF:FF:FF
(broadcast) then the frame is re-transmitted
out all ports except port x.
 Else Switch looks up destination address in
Forwarding Table and finds associated port = y



If there is no entry for destination address in
Forwarding Table, then forward frame out all ports
except port x (that is, broadcast the frame).
Else If x = y, drop the frame.
Else re-transmit frame out port y.
Switch Forwarding Table
MAC #11
MAC #12
E
D
MAC #13
C
B
MAC #14
A
10Base-T Switch
FORWARDING TABLE
Address
# 11
# 12
# 13
# 14
# 21
# 22
# 23
# 24
MAC #21
Port
D
C
B
A
E
E
E
E
MAC #22
UpdateTime
6:05.1441 PM
6:04.1523 PM
6:04.8722 PM
6:05.1422 PM
6:04.6623 PM
6:04.2355 PM
6:05.0233 PM
6:04.9722 PM
MAC #23
10Base-T Hub
MAC #24
Building Forwarding Table
Bridge/Switch Learning:
 For each arriving data frame, switch
examines source address and adds/updates
entry in Forwarding Table containing



Source Address (6-byte format)
Port that this frame arrived on
Current Time
Switch Learning
MAC #11
Dest
MAC #12
MAC #13
MAC #14
10Base-T Hub
Src
13 11
FORWARDING TABLE
A
Transparent
Bridge
B
Dest
Address
# 11
# 23
Port
A
B
UpdateTime
6:05.1441 PM
6:04.4223 PM
Src
11 23
MAC #21
MAC #22
MAC #23
10Base-T Hub
MAC #24
Trimming Forwarding Table
Table Entry Aging:
 If the source address of an arriving frame is
already in the Forwarding Table, switch will
simply update the Update Time to the
current time.
 Any entry not updated within a specific
timeout period (typically about 5 minutes) is
erased from the Forwarding Table.
Allowing Multiple Paths



Only one active data path can exist
between any pair of LAN bridge/switches
(WHY?).
However, we want multiple paths for
backup in case of transmission line
failure.
Activating the Spanning Tree Protocol
allows loops to exist in the network.
Spanning Tree Protocol





Spanning Tree Protocol only allows one active path to destination
at any time.
Redundant ports are put into an inactive state and will not carry
any data frames.
Inactive ports will be re-activated if an active line goes down
(providing backup). Note: this may take some time (40 seconds).
Which ports stay active?
 Basic idea: Network manager assigns a port cost to each one.
Switches keep the least-cost path active at all times.
 Actually slightly more complex than that. Outside scope of this
course: TDC 363, TDC 365 will cover it.
Note: if students are interested and we have time, we can have a
full lecture on the Spanning Tree Protocol near quarter’s end. Or
that can be a good topic for technology report.
Spanning Tree Protocol
this depiction of STP is lacking, ignore
Ethernet Switch
t=
Cos
1
st
Co
=
1
Co
s
t=
10
Ethernet Switch
Ethernet Switch
These ports are placed in a
blocked state to avoid
looping