Tải bản đầy đủ - 0 (trang)
Chapter 52. Upgrading from Bridges and Hubs to Routers and Switches

Chapter 52. Upgrading from Bridges and Hubs to Routers and Switches

Tải bản đầy đủ - 0trang

tosegmentafewsmallworkgroups.Bridgeswereusedto

isolatelocaltrafficamonggroupsofusersandthuscutdownon

theoveralltrafficontheLAN.However,dependingonthekind

ofnetwork(forexample,ARCnet,Ethernet,orToken-Ring),

therearelimitstohowmanybridges(repeaters)couldbeused

inaLAN.Inadditiontotheirusefulnessinsolvingnetwork

trafficcongestionproblems,youcanuseroutersorswitchesto

solveseveralotherproblems:expandingtheLANbeyondthe

sizethatbridgesallowandconnectingtheLANtootherLANsto

createalargerlocalnetwork,orforaconnectiontoaWAN,

suchastheInternet.Inshort,switchesandroutersofferthe

followingbenefits:

SwitchesenableyoutoexpandtheLANbecausethey

greatlylimitthecollisiondomainandswitchtrafficfromone

porttoanother,avoidingbroadcastingpackets

unnecessarilyonportsthatdon'thavearoutetothe

packet'sdestination.

Routersenableyoutoconnecttoamuchlargercollectionof

networks,suchastheInternet,andenableyoutoorganize

alargeLANintoahierarchicaladdressspaceandmany

subnets.



Youcanfindoutmoreabouthowroutersandswitchesfunctionby

readingChapter8,"NetworkSwitches,"andChapter10,"Routers."



Atraditionalbridgehasjustaboutoutliveditsusefulnessina

modernnetwork.Instead,switches(whicharereallyglorified

multiplebridgesallinonebox)androuterscanbeusedto

bettersegmentaLANandlimitunnecessarynetworktrafficon

localLANsegments.



Note

Thetermbridgeisusedinthischaptertorefertoa

legacydevicethatconnectsseveralnetwork

segmentsandisusedtolimitnetworktraffictolocal

segments.

Othertypesofbridgesexistthatareimportantin

networkingtoday.Forexample,thereare

translationalbridgesthatcanconvertframesfrom

oneformattoanother,enablingyoutoconnect

differenttypesofLANs.Anotherexampleisa

SCSItoFibreChannelbridgethatenablesyouto

connectlegacySCSIdevicestoaFibre-Channel

network,thuspreservingyourinvestmentinolder

disks,tapedrives,andsoon.



Inthischapter,thepossibilitiesofferedbyupgradingto

switchesandroutersarediscussed,alongwithinformationyou

mustconsiderwhenbringingsuchdevicesintoyourLAN.







GrowingBeyondaSmallLAN

Severalchaptersinthisbookcoverthebasicdevicesusedto

interconnectnetworksegments:repeaters,bridges,switches,

androuters.Eachofthesedevicesbuildsontheonepreviousto

itsothattogethertheyspanacontinuumoffunctionalitythat

youcanusetosolveproblemswithaLANorWAN.Standard

bridgesweredevelopedtoenableyoutoextendthereachofa

LANandtolimittraffictolocalsegments,thereforebuildingon

thefunctionofrepeaters.Switchestookthisconceptfurtherby

enablingeachworkstationorservertohaveitsownphysical

LANsegment,thuslimitingthebroadcastdomain(justthe

workstationandtheswitch).Routersenableyoutoextendthe

reachofaLANbyconnectingittoawideareanetwork.



Note

Aswitchthatoperatesinfull-duplexmodeeliminates

thecollisiondomainbetweentheswitchportandthe

deviceattachedtoit.Insteadofusingthesameset

ofwiresfortransmittingandreceivingdata(halfduplex),full-duplexswitchesuseseparatewiresfor

transmittingandreceiving,sobothendsofthepath

canbesendinginformationatthesametime.Thus,

aswitchportandnetworkcardoperatinginfullduplexmodecanessentiallydoublethenetwork

bandwidth.



Toquicklysummarize:

Repeatersaresimpledevicesthatconnectnetwork



segments(usuallytwosegments).Theyrepeatalltrafficby

regeneratingandattenuatingasignal,allowingthe

standarddistancelimitationtobeextended.Theydonot,

however,doanythingtohelpsegmentnetworktraffic

patterns.RepeatersareusedtoexpandaLANwhenit

growsbeyondthelimitationsimposedbyasinglenetwork

segment.Multiportrepeatersfunctioninthesameway,but

resembleahubinthatmorethanonesegmentcanbe

connectedtoamultiportrepeater.However,multiport

repeatersaretypicallyusedinmucholderenvironments

thatusecoaxialcablesforthenetworkmediaanduseBNC

connectors.MosthubshaveRJ-45jacksandreceive

twisted-pairwiringwithRJ-45modularconnectors.Ifyour

networkstillusesrepeatersofthistype,you'relong

overdueforanupgrade.

Bridgesaresimilartorepeatersexceptthattheyapplya

littleintelligencetothepacket-forwardingprocess:Bridges

learnMACaddressesofdevicesoneachsegmentwhenthey

makeaninitialtransmission.Fromthenon,abridgewillnot

passtraffictoanothersegmentifitknowstherecipientis

onthesegmentlocaltothetransmission.Bridgesare

helpfulforexpandingaLANandcanbeusedtogroup

collectionsofcomputersandserversthatcommonlyinteract

toloweroverallbandwidthconsumption.

Routersworklikebridgesinthatthey'reselectiveabout

whichpacketsgetforwardedonwhichports.However,

whereasbridgesoperateatlayer2oftheOSIreference

model(theDataLinklayer)andlookonlyattheflat

namespaceprovidedbytheMACaddresses,routersoperate

atlayer3(theNetworklayer)andmakedecisionsbasedon

theaddressingschemeprovidedbyahigher-level

networkingprotocol.Bridgesaretypicallyusedtocreate

largerlocalareanetworks.ConnectingaLANtootherLANs

ortoalargerWANcanbedoneusingarouter.



Switchesarethecurrenttechnologyforconnectingnetwork

LANsegmentsaswellasforconnectingindividualnetwork

nodestothenetwork.Switchesoperatelikebridgesinthat

theykeeptrackofwhichnetworknodeislocatedoneach

portbyrememberingMACaddresseskeptinsystem

memory.Whenretransmittinganincomingpacket,the

switchwillsenditoutonlyonaportthatwillgetittoits

destination,providedthatithasalreadylearnedthe

destination'sMACaddress.Whereasbridgesusuallyhave

onlytwoports,switchesarelikehubsandcontainmany

ports.Mostswitcheswillallowforfull-duplexoperation,

thuseffectivelydoublingtheavailablenetworkbandwidth

forasinglenodeconnectedonasegment.Inasense,a

switchoperateslikeacollectionofbridges.Anddon'tforget

thatyoucanconnectoneswitchtoanothertofurther

localizenetworktraffic.ALANtodaycanconsistofmultiple

layersofswitchesthateventuallyconnecttoarouter.

Fromthissummary,youcanseethatit'seasytouserepeaters

orbridgestogrowthesmallLAN,butwhenitbecomes

necessarytoexpandbeyondcertainlimitsorwhenitbecomes

necessarytomakeaconnectiontoalargerLAN,youmust

incorporateroutersorswitches.Growthisnottheonlyreason

youmightwanttousearouterorswitch,however.These

devicesalsocanbeusedinasmallLAN.Forexample,asmall

LANthat'sexperiencingnetworktrafficcongestionmightfind

reliefbyreplacingthehubsintheLANwithswitchestocut

downontheoverallnetworktraffic.Indeed,ifyoulookatthe

priceofaswitchtoday,thebenefitsyouwillachieveinnetwork

bandwidtharewellworththeprice.Whenusersbeginto

complainaboutnetworkresponsetimeinanetworkthatuses

hubs,youshoulddefinitelyconsiderreplacinghubswith

switches.

InadditiontoconnectingLANstolargernetworkssuchasthe

Internet,routerscanbeusedinacampusLANtoallownetwork

administratorstologicallygroupnetworksegmentsusingthe



addressingschemeprovidedbyTCP/IP(subnetting),for

example.



SegmentingtheNetworkCanImprove

Performance

Youmightneedtosegmentdevicesonthenetworkformany

differentreasons.Theseincludethefollowing:

TopologylimitationsYouneedtoaddmorenodestothe

networkbuttheexpansionwillbreakdistancelimitationsor

maximumnodes-per-segmentrules.Thisisusuallythecase

onlyinolderEthernetLANswherethebroadcastdomain

wasconstrainedbytheround-triptime.

Formoreinformationabouttopologylimitations,refertoChapter

13,"Ethernet:TheUniversalStandard."



NetworkingprotocollimitationsAddressspaceis

fragmentedandyouneedtoconnectsegmentsthathave

differentnetworkaddresses.Thiscanhappenwhentwo

companiesmergeandbothalreadyhaveanaddressspace

inplacefortheirrespectivenetworks.It'smucheasierto

simplyplaceoneormoreroutersbetweenthetwonetworks

thanitistoreassignnetworkaddressestothemany

devicesonthenetwork.WhenusingDHCPtoconfigure

workstations,thismightnotbealimitation,providedthat

youhaveanaddressspacethatcanaccommodateallthe

devicesthatwillbeplacedonthelargernetwork.Youcan

alsousenetworkaddresstranslation(NAT),ascoveredin

Chapter45,"Firewalls."



NetworkbandwidthlimitationsWhenafewhighperformanceserversorworkstationsconsumetoomuchof

thesegment'savailablebandwidth,it'stimetosegmentthe

LAN(createadditionalsubnets)andthuslimitnetwork

traffictosmallersegmentsthatcontainfewerdevices.

SecurityreasonsAnEthernetadaptersettopromiscuous

modecaninterceptallpacketsthataresentoutona

particularsegment,forexample.Youneedtoplaceafew

highsecurityworkstationsontheirownsegment,yetallow

somekindofconnectiontotherestofthenetwork.Keepin

mindthatinanEthernetnetworkthatuseshubsasawiring

concentrator,everydeviceonthehub(orhubs)cansee

everynetworkframethat'sbroadcastontheLAN.Itisn't

difficulttodownloadaprogramfromanInternetsourceto

readeverypacketthatpassesthroughthenetwork.



Note

Securityisanimportanttopicincomputer

networkstoday.Formoreinformationaboutthe

issuesyoushouldconsider,refertoChapter42,

"BasicSecurityMeasuresEveryNetwork

AdministratorNeedstoKnow,"andChapter44,

"SecurityIssuesforWideAreaNetworks."Other

chaptersthatmighthelpyouunderstandhowto

protectyournetworkincludeChapter45,

"Firewalls,"andChapter46,"VirtualPrivate

Networks(VPNs)andTunneling."



GeographicallydistantconnectionsIt'sbesttosegment

eachgeographiclocationtoensurethatunnecessarytraffic



isn'tbeingsentacrosstheremoteconnectionandwasting

valuablebandwidth.Someroutersprovideadial-up

functionsothatadedicatedlinkisn'tnecessary,providing

aninexpensivewaytouserouterstoconnectbranch

offices.

Dependingonwhichcombinationofthesereasonsappliesto

yoursituation,arouterorswitchmightbethesolutionyou

needtosegmentthenetwork.



ConnectingRemoteLocations

Whenabusinessexpandsgeographically,you'llfindthatusing

bridgestoconnectremotelocationsisn'tafeasiblesolution.

Therearemanydifferenttechnologiesfromwhichyoucan

choosetodayfromsimplededicatedlinestoATMandFrame

Relaytoconnectgeographicallydistantlocations.Forthese

connections,you'llfinditnecessarytoincorporateroutersor

switches.You'llalsofindthesemethodsoftransportexpensive.

Today,itisn'tunreasonabletoconsiderconnectingthelocal

networktotheInternetwitharouterthatprovidesvirtual

privatenetwork(VPN)capabilities.Thus,byusingan

inexpensiveconnectiontotheInternet(farcheaperthanusing

leaseddedicatedlines),youcanstillprovideasecurechannel

toremotebranchlocations.

ATM(AsynchronousTransferMode)andFrameRelayarevery

commonprotocolsusedtosenddataacrosslongdistances.Youcan

learnmoreabouttheseinChapter15,"DedicatedConnections."



WhentoUseaRouter



Routersaresimilartobridgesonlyinthefactthattheycanboth

beusedtoconnectmultiplenetworksegments.Whereas

bridgesmakealltheirdecisionsbasedontheMACaddressofa

particularnetworkpacket,routersaccesstheaddressing

informationprovidedbyahigher-levelprotocoltodecidehowto

bestforwardapacket.UsingtheOSIreferencemodel(see

AppendixA,"OverviewoftheOSISeven-LayerNetworking

ReferenceModel"),youcanseethatthebridgeoperatesat

layer2,theDataLinklayer,whereasroutersoperateatlayer3,

theNetworklayer.Withbridges,theaddressspaceisflat:It's

simplytheMACaddressesassociatedwithnodesoneach

segment,eachoneunique.Forprotocolsoperatingatthe

Networklayer,theaddressspacebecomesmorecomplicated

becausetheremustbeamechanismforidentifyingthenetwork

aswellastheindividualnode.



Note

Tobemorespecific,routersoperateatlayer3ofthe

OSImodelbyusinghigher-leveladdresses(suchas

IP)tomakeroutingdecisions.However,whenthe

networkframereachesarouterthatcandeliveritto

itsfinaldestination,therouterusestheMACaddress

tocommunicatewiththedestinationnodeconnected

totherouter'sport.TheAddressResolutionProtocol

(ARP)isusedonlocalsegmentstotranslate

betweenIPaddressesandMACaddresses.Formore

informationaboutARP,refertoChapter24,

"OverviewoftheTCP/IPProtocolSuite."



WhentoUseaSwitch



Switchesareoneofthefastestgrowingcategoriesofnetwork

equipment.TheycanactasawiringconcentratorforaLANjust

asahubdoes,buttheyalsocanmakeavailableamuchlarger

bandwidthtoclientsbecausetheyselectivelyforwardtraffic

fromoneporttoanotherbasedonthedestinationaddressof

eachpacket.Whenyouuseaswitchwithonlyonenode

attachedtoeachport,youareineffectcreatingacollectionof

broadcastdomainsthatconsistofonlytwonetworknodes:the

switchandtheclientnodeconnectedtotheport.Fornetwork

adaptersandswitchesthatsupportfull-duplexoperation,the

effectivebandwidthisdoubledforeachclientandthereisno

broadcastdomainbetweenthetwo.







FromBridgestoRouters

Routersareinherentlyslowerthanbridgeswhenitcomesto

forwardingnetworkpackets.Thisisbecausearoutermustread

furtherintoeachnetworkframetogetNetworklayer

addressinginformation,whereasabridgemerelylooksata

fixedlocationfortheMACaddress.Hubs,bridges,andswitches

canbesetupinashortamountoftimeandusuallyrequire

littleornoconfiguration.

Routersrequirethatthenetworkadministratorconfigure

networkinginformationforeachportthat'sused.Thecommand

setavailabletoconfigurearouterisquitelargebecauseit'sa

veryflexibledeviceandcanbeconfusingforanovice.The

kindsofinformationyouneedtoconfigureanewrouterare

Alistofthenetworkprotocolsforwhichyou'llbeusingthe

router.Forexample,TCP/IPorIPX/SPX.

Theroutingprotocolthatyou'lluseforeachnetwork

protocol.Forexample,RIP.

Whetherornotyou'llneedtosetfilterstoblockcertain

addressesorIPorUDPportsatechniqueusedtocreatea

simplefirewall.

Informationabouttheaddressspaceusedoneachsegment

therouterwillconnect.

Foradditionalinformationaboutroutingprotocols,refertoChapter

33,"RoutingProtocols."



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Chapter 52. Upgrading from Bridges and Hubs to Routers and Switches

Tải bản đầy đủ ngay(0 tr)

×