Tải bản đầy đủ
9 LAN switches—extending coverage and managing traffic in LAN networks
Local area networks (LANs)
so that the stations and their end-users can continue to intercommunicate with one another?
The subject of LAN interconnection we shall return to later in the chapter. In the meantime
we discuss how one of the above problems (that of meeting traffic demand) may nowadays
be most easily be solved by the use of a LAN switch or ethernet switch.
In the shared port or single collision domain configuration of an ethernet LAN, any two
of the end-user stations may communicate with one another at up to 10 Mbit/s half duplex
(i.e., they may only communicate in one direction at a time). At first glance, the 10 Mbit/s
bit rate may appear to offer fantastically fast data transfer — and it does, provided only a few
users share the LAN. But when the number of stations gets nearer the limit of 100 allowed
by 10baseT ethernet LANs, and all the users are active at once (as they typically are in an
office network), the situation looks quite different: if each user wants to send and receive data
in equal volumes, then the equivalent bit rate available for each is the equivalent of 50 kbit/s
‘full duplex’. This is only the equivalent of a dial-up ISDN line, and as any frequent Internet
‘surfer’ will tell you: it can take a frustatingly long time to download large datafiles at this
speed. Worse still, the theoretical maximum aggregate throughput capacity of an ethernet LAN
comes nowhere near the nominal 10 Mbit/s transmission rate of the bus itself. Particularly at
high traffic loadings, much of the bus capacity is lost due to collisions of the packets.
Full- and limited-availability (full-mesh and partial-mesh) switches
In contrast to a shared medium, which only allows one of the end stations to transmit at any
one time, a switch allows multiple paths between different end-stations to be established at
the same time. This multiplies accordingly the capacity of the LAN. Figure 4.11a illustrates
a full availability 6-port switch configuration. The full availability (i.e., full-mesh and nonblocking) switch matrix of Figure 4.11a allows all six of the stations to be simultaneously
communicating: A with C; B with E and D with F. In this configuration, the maximum
Full availability (full-mesh) and limited availability (partial mesh) switches.
LAN switches — extending coverage and managing traffic in LAN networks
throughput of the network has been multiplied to 3 × 10 Mbit/s = 30 Mbit/s, reflecting the
three simultaneous paths which may be established across the backplane of the switch. The
switch of Figure 4.11a is termed a full availability matrix, since all of the ports can be
configured to communicate at once (assuming that the desired destination port is free).
Figure 4.11b shows a limited availability switch matrix. In a limited availability (or partial
mesh) matrix, not all of the ports can communicate at once, since insufficient paths are
available. The number of available paths (in our example, two) is less than half the number of
ports (in our case 6 ports/2 = 3 paths are required for full availability). When all the available
paths of a limited availability switch are already in use, then any attempts to set up further
communications will be blocked, irrespective of whether the destination port is free or busy.
Thus, for example, it is not currently possible to establish communication between the free
ports A and C in Figure 4.11b, since all the available switch paths are already in use.
How an ethernet switch operates — the creation of the source address
Like most other modern data networking components, ethernet switches are designed to be
able to administer themselves. When you first plug-in the end-user equipment (i.e., the DTE
or station) to an ethernet switch (which mostly nowadays are based upon 10/100baseT), it
starts the initial period of auto-sensing or auto-negotiation (also called NWAY ) on each port.
By so doing, the switch is able to configure each of its ports to the correct bit rate, to
half-duplex (HDX) or full duplex (FDX) and (as appropriate) to the correct ethernet or fast
ethernet technology (10baseT, 100baseTX, 100baseT4 or 100baseT2). Now the switch is ready
to support communication between the different ports.
Since the switch initially knows none of the MAC addresses of the attached DTE devices,
it starts operating in the same manner in which a hub would operate. Any packets received
from any of the attached devices are simply flooded to all of the attached ports. In this way,
the switch can be sure that the packet will reach the correct MAC destination (provided of
course that the destination device is connected). But meanwhile, the switch learns from its
experience. It learns where the MAC address of the device which originated the packet is.
How? Because each packet contains a MAC header, which contains both the destination and
the source MAC address. In this way, the switch is able to relate the source MAC address to
the port where the packet originated. When subsequently a packet is sent to the switch with
this address as its destination MAC-address, the switch knows already which port the packet
must be forwarded to.
Over time, the switch is able to build a complete source address table (SAT) of all the MAC
addresses of devices connected to it and their respective port numbers. In other words, the
source address table (SAT) is determined by observing source addresses, and all entries in the
table are the MAC addresses of DTEs connected to local switch ports. With the SAT to hand,
the switch no longer needs to flood all packets to each of the ports, but instead, can direct
them only to the relevant port. As a result, multiple simultaneous paths can be established
between different pairs of ports, as we saw in Figure 4.11.
Apart from the benefit of increasing network traffic capacity, an ethernet switch also offers
more data security than an ethernet hub, since the packets are switched directly between only
the relevant two communicating ports and not usually broadcast or flooded to all the devices
in the LAN.
The individual ports of an ethernet LAN switch may be used either to connect individual
DTEs (data terminal equipment), such as a single PC, to connect whole collision domains,
or to connect other switches. It does not matter, as far as the operation of the switch is concerned, whether one or more individual MAC-source addresses are assigned to each port.
Local area networks (LANs)
Note: *Risers are inter-floor channels designed into modern office buildings by architects
to provide a passageway or conduit for inter-floor telecommunications and electrical
cabling, as well as piping and other building services.
Figure 4.12 Typical office LAN based on ethernet switches.
Thus switches can be used either as the ‘star-point’ of individual LANs, or for interconnecting different switched subnetworks or collision domains (i.e., subnetworks using LAN hubs).
Figure 4.12 illustrates the huge flexibility of modern switched LANs., showing a typical office
LAN comprising a backbone network with an enterprise switch at the centre of it and fast
ethernet (100baseFX) fibre cabling trunking it to separate workgroup switches on each floor.
The workgroup switches are normally placed beside the patch panel in the wiring cabinet of
the office floor, from where the UTP (unshielded twisted pair) cabling (typically Cat 5) leads
out to the sockets installed in each office.
End-user PCs are typically connected directly to the switch, though it is also possible to
install small hubs or desktop switches to create small collision domains for interconnected
local printers, scanners and other peripheral equipment. The maximum number of DTEs (i.e.,
end-stations) a switch port can support is known as the end-station density (ESD) or port
address support (PAS). The value of the ESD or PAS is set by the switch designer, when
deciding how much capacity to build-into the SAT memory space. Differing values of ESD
or PAS are the main distinguishers between enterprise, workgroup and desktop switches.
Because a LAN switch is able to ‘learn’ about the devices connected to it and the network
around it, it is easy to add further devices at will to the switch later. In addition, it is possible to
unplug devices, or move them from one location to another (and thus from one switch port to
another). Thus ethernet switches are ‘plug-and-play’ devices — you connect them together to
configure the network topology you want, and they self-administer themselves to make it work.
The source address table (SAT) can be kept up-to-date even when devices are unplugged
from a switch by associating an ageing time (typically 300 seconds) with each of the entries
Other types of LAN (token ring and token bus)
in the table. If no traffic is received from a particular address in the SAT within the ageing
time window, then the entry for this address is deleted from the SAT. A 300 second ageing
time may seem a little short, and some devices allow the human LAN administrator to adjust
the value, but the ageing time should not be set too long. Long ageing times hamper the ease
with which devices can be moved around an office (i.e., from one switch port to another)
and lead to the potential of misdirected traffic. Users complain of problems, and the human
administrator cannot figure out what is going wrong — all the wire connections appear to be
alright, but the communication doesn’t work! Ageing is a useful way of ensuring that routing
tables automatically remain updated, no matter how the network topology changes! But ageing
times should not be set too short, for this reduces the efficiency of the network with the extra
volume of packet flooding and slows up the switch by keeping it permanently busy updating
Mirrored ports — for measuring traffic in switched ethernet lans
Before LAN switches emerged, human LAN administrators used to monitor the traffic volumes
and flows in LANs by the use of LAN probes or sniffers. These are devices which, in the case
of ethernet collision domains, monitor the source and destination addresses of all the packets
broadcast over the ethernet bus. Once switches appeared, most of the packets within the LAN
were no longer broadcast or flooded to all the ports. As a result, it became difficult to monitor
either the traffic in the LAN as a whole or the traffic flows to and from a given DTE (data
terminal equipment). For this reason, switches usually offer a mirrored port facility. When
a port has been mirrored a second port is set up in parallel with the first. It receives all the
traffic that the first port receives, and any packets originated by it are handled as if they had
been originated by the first. The mirror port is useful for the connection of a probe or sniffer
for analysing the traffic to the mirrored port.
4.10 Other types of LAN (token ring and token bus)
There have been a number of different LAN technologies developed over the years, all of
which are tending to be replaced by ethernet, fast ethernet or Gigabit ethernet technology.
Three other technologies (token ring LAN, FDDI [fibre distributed data interface] and token
bus) were, like ethernet, made into official IEEE 802-series standards and are still to be found
deployed in corporate networks. For this reason, they deserve mention here. Given the large
number of IBM computers deployed with token ring LAN networks, token ring LANs may
live on for a while yet. Indeed, there is still a level of ongoing standardisation effort looking
to upgrade token ring to encompass 100 Mbit/s and Gigabit versions.
In recent years, wireless LANs (using radio transmission) have become popular. ETSI (European Telecommunications Standards Institute) developed a system called HIPERLAN (HIgh
PErformance Radio LAN), but the most popular version looks likely to be that based on the
IEEE 802.11 standard. IEEE 802.11 wireless LANs (WLANs) are, in effect, wireless versions
of ethernet LANs — as explained in Appendix 6.
Token ring LAN (IEEE 802.5)
The token ring LAN standard (defined by IEEE 802.5-series standards) employs a token (passed
between each of the terminals connected to the ring topology (Figure 4.1) in turn) to assign the
Local area networks (LANs)
‘right to transmit data’ on the LAN. The manner in which the token is passed is as follows: the
token itself is used to carry the packet of data. The transmitting terminal sets the token’s flag,
putting the destination address in the header to indicate that the token is full. The token is then
passed around the ring from one terminal to the next. Each terminal checks whether the data
is intended for it, and passes it on. Sooner or later the token reaches the destination terminal
where the data is read. Receipt of the data is confirmed to the transmitter by changing a bit
value in the token’s flag. When the token gets back to the transmitting terminal, the terminal
is obliged to empty the token and pass it to the next terminal in the ring.
One of the beneficial features of IEEE 802.5 MAC protocol is its ability to establish
priorities among the ring terminals. This it does through a set of priority indicators in the
token. As the token is passed around the ring, any terminal may request its use on the next
pass by putting a request of a given priority in the reservation field. Provided no other station
makes a higher priority request, then access to the token is given next time around. The
reservation field therefore gives a means of determining demand on the LAN at any moment
by counting the number of requests in the flag. In addition, the system of prioritisation ensures
that terminals with the highest pre-assigned authority have the first turn. High speed operation
of certain pre-determined, time-critical devices is likely to be crucial to the operation of the
network as a whole, but they are unlikely to need the token on every pass, so that lower
priority terminals get a chance to use the ring when the higher priority stations are not active.
Token ring was developed by IBM, and is most common in office installations where large
IBM mainframe and mid-range computers (particularly AS400) are in use. The original form
required specialised cabling (IBM type 1) and operated at 4 Mbit/s. The idea was that a single
cable loop could be laid through all the offices on a floor or in a building and devices added
on demand. To avoid the disturbances and complications which might arise when connecting
new devices to the ring (any break in the ring renders the LAN inoperative), IBM developed
a sophisticated cabling system, including the various IBM special cables. The cable loop was
pre-fitted with a number of sockets at all possible user device locations. The sockets ensured
that when no device was connected, the ring was through-connected. But on plugging in a
new device, the ring is diverted through that device (Figure 4.13). The baluns (special socket)
for early token ring networks thus catered not only for correct impedance matching, but also
for the ring continuity.
Token ring network interface cards (NICs) in the individual end user computer devices
connected to token ring LANs also have to be designed in such a way as to ensure ring
Figure 4.13 Socket design in Token Ring LANs to ensure ring continuity.