TCP/ IP model and OSI layers are the two network models used by the internet. In the OSI model, an Ethernet switch operates at the Data-Link layer to create a different collision domain for every single switch port. A multilayer switch though may work at more than one OSI layers, including physical, data link, network and even the transport layer. A router on the other hand is considered a layer 3- the Network layer of the TCP/IP model- device since it does most of its routing decisions according to information in the IP packet of layer 3.
Role of Intermediary Devices in the network
The switch, which is basically a modern and more efficient version of the outdated hub, is a network access device. The router is an internetworking device. They are both intermediary devices. The basic functionalities of the processes that run in them are to regenerate and re-transmit data, maintain information about the pathways that exist across the network and internet, inform other devices in case of errors and transmission failures, guide data along substitute pathways when there is a failure in the link, classify and direct messages according to Quality of Service (QoS) priorities and permit or deny data flow based on security settings.
LANs AND WANs
A Local Area Network (LAN) is a computer network which typically covers one geographical area, delivering services and applications to those within a mutual organizational structure. A switch is used to connect these computers. Switches lack the capability of connecting multiple networks or distributing an internet connection. A Wide Area Network (WAN) is a network of computers covering a broad area and is used in interconnecting two or multiple Local Area Networks. It is usually built using leased lines. A router connects two or more logical subnets and thus is usually connected to two or more LANs or WANs or also a LAN and its Internet Service Provider (ISP). Routers are also used to link segments of a LAN that has been sub-netted into smaller segments. Routers are located at gateways, the meeting point of two or more networks (Ilascu, 2007)
Packet-switched computer networks employ a forwarding technique called bridging. Bridging is dependent on flooding and source address examination in received packet headers to establish the address location of unknown devices. Switches maintain a table of Ethernet MAC addresses referred to as a CAM Table also known as Bridge forwarding table using a method called Transparent Bridging involving learning, flooding, filtering, forwarding and aging. The switch records the source addresses in entries in the table, while destination addresses are looked up in the table and matched to the proper segment to send the frame. The show mac-address-table command can be used to show this table on a Cisco switch. Source route bridging is another form of bridging that was developed for token ring networks. Routers direct packets according to information stored in the IP routing table. A router looks inside each TCP/IP packet it has received to identify the IP addresses of the source and target, searches its own routing table for the best match between the destination IP address of the network and addresses in the routing table packet then forwards the packets as desired to ensure that data reaches its destination. The show ip route command can be used to show the table on a Cisco router. (Cisco, 2009)
Switches and routers are often ignored as security devices because they were originally made to enhance network connectivity rather than network security. Consequently, they are conceptually less secure. An attack on the edge router can cut off the entire network from its users. Weak passwords, unneeded services, protocol and IOS vulnerabilities and IOS configuration errors can cause security breaches. Most routers nowadays have a hardware firewall integrated in their systems thus this has made routers an important component in fostering network security.
There are several technical terms about switches and routers that one would encounter:
Ports and interfaces
A port is a point of physical access or physical interface between a circuit and a device or system at which signals are injected or extracted. It can also be a logical connection, identified by a protocol address in a packet header, associated with TCP or UDP service. The IP address and the port number identify a socket. An interface physically and logically interconnects two other devices or systems
Broadcast, unicast and multicast
Multicast is a transmission mode in which a signal or packet is sent to multiple devices or computers, but not all on a network, unicast is where a single packet or signal is sent to a single device and broadcast is where it is sent to all stations on a network in order to update the routing table.
This is where one network meets another, for example where a LAN and a WAN are joined by a router.
These are rules and conventions used to exchange information between computers or across computer internetworks. Their two major functions are handshaking and line discipline.
Encapsulation and Decapsulation
Different types of information are added as data from the Application layer passes down the protocol stack. A new header in each level and a new name is given to the data enclosed. Decapsulation is the reverse. As data goes up the protocol stack, the Data link layer takes it from the physical medium, does a Cyclic Redundancy Check, strips off the respective headers and the rest of the data is passed to an upper layer till it reaches the application layer.
LAN switches depend on packet-switching. A connection between two segments is established long enough to direct out the current packet. Inbound packets are stored in a temporary memory area, buffer; MAC address in the header is read and compared to those in the switch’s lookup table. An Ethernet frame comprises a normal packet as the payload of the frame, which has a special header including the MAC address information.
Traffic-routing in a switch
Three methods are used by packet-based switches for traffic-routing. As soon as the packet is detected by the switch, Cut-through switches read the MAC address. The 6 bytes that contain the address information are stored and instantly forwarding the packet to the destination node starts as the rest of the packet comes into the switch. In store-and-forward, the entire packet is saved by the switch, checked for CRC inaccuracies or any other problems before sending. The packet is discarded if it contains errors. The least common method is fragment-free. Its working is like that of cut-through but the first 64 bytes of the packet are stored before sending. This is because most errors and all collisions take place during the first 64 bytes of a packet.
The physical design of LAN switches differ. Shared memory is one of the three common configurations in use. This brand of switch stores all entering packets in a common buffer memory shared by all switch ports (for input and output connections), subsequently sending them out through the correct port for the required destination node. In Matrix type of switch, there is an internal grid with input ports crossing output ports. Once a packet is identified on an input port, the MAC address is matched to the lookup table to get the suitable output port. A connection on the grid where these two ports intersect is then made by the switch. The third is Bus architecture, where instead of a grid; an internal transmission path (common bus) is shared by all ports using TDMA. There is a dedicated memory buffer for each port in a switch based on this configuration, with an ASIC to control the internal bus access.
A router typically has multiple interfaces, as its main purpose is to interconnect several networks and send packets from one network to another. Every interface is a member or host belonging to a different IP network. The routing table comprises of network addresses for a router’s own interfaces, which are directly connected networks, and remote networks. Though routers make their major forwarding decisions at the Network layer, router interfaces do this in Layers 1, 2, and 3. IP packets at layer 1 are encapsulated into data link frame at layer 2 and encoded into bits at physical Layer 1. Router interfaces participate in processes associated with their encapsulation at layer 2. A router Ethernet interface, for example, takes part in the ARP process like other same LAN hosts. Router interfaces may vary, but Serial and FastEthernet interfaces are common.
Static and Dynamic Routes
Static routes are easily and manually configured. However, in large networks the manual operation can be quite cumbersome. Static routes have a default administrative distance of “1”. If there’s not a more specific match in the routing table, the default route, 0.0.0.0 network address and 0.0.0.0 subnet mask, is used to forward the packet to another router. Dynamic routing protocols require less administrative overhead. They do discovery of remote networks, maintaining up-to-date routing information, choosing the best path to destination networks and have ability to find a new best path if the current is no longer available or if there is a topology change. Static routing is still used nowadays, more often than not, in combination with dynamic routing.
As introduction of more industrial devices which have built-in Ethernet capabilities continues, networks keep becoming more complex and get crowded with signal traffic. This increases the necessity for Ethernet switches and routers with advanced technology which limits collisions, control bandwidth and have ability to craft virtual local area networks. Companies like Cisco, HP and IBM are racing to produce devices based on the new Energy Efficient Ethernet Standard (IEEE 802.3az). The announcement of CGR 2010 and CGS 2520 router and switch products by Cisco Systems recently designed to aid utility companies in supplying power to homes and businesses under the Smart grid project, a conglomeration of existing and technologies under development, hoped to ameliorate aging US power grid in the near future. As internet speeds get faster, through copper and fiber, switches and routers must possess features of high capacity and expandability.
HOW THE INTERNET WORKS (incl. IPv4 and IPv6)
Internet protocol suite
It refers to a model architecture which divides methods into one layered system of protocols commonly known as TCP/IP, the two most important protocols in it. It is composed of the Link layer, Internet, Transport and Application layers. The link layer provides basic connectivity between computer networking hardware and associated interface-interface messaging management. The Internet layer facilitates interconnectivity between networks and has the Internet Protocol defining IPv4 and IPv6 used to locate hosts on the network. Transport layer provides a framework to convey data between hosts with the help of protocols like TCP and UDP. Application layer deals with application-based interaction between communicating Internet hosts on a process-to-process level.
The Domain Name System (DNS)
This is the whole network of programs and databases that cooperate to translate hostnames to IP addresses. Internet hostnames are composed of parts separated by dots. A domain is a collection of machines that share a common name suffix. Domains can also live inside other domains. Each domain is defined by an authoritative name server that knows the IP addresses of the other machines in the domain. The primary name server may have backups in case it goes down. The name-servers do not have to know the locations of all the machines in other domains including their own sub-domains, just the location of name-servers. Each top-level domain server knows where the name-servers for the domains directly beneath it are.
Classful and classless routing
IPv4 addresses were initially allocated based on classes A, B, C, D. Classful routing utilizes routing protocols which do not send subnet mask information if there is a sent out route update . All network devices must use a similar subnet mask e.g. RIPv1. In classless routing, the network portion of the address is determined by the network subnet mask, also known as the network prefix, or prefix length In Classless routing, subnet mask information is sent out in the routing updates. It allows VLSM (Variable Length Subnet Masking) e.g. RIP V2 EIGRP & OSPF. RIP V1 has no Support for VLSM and doesn’t support discontigious networks. RIP v2, however, supports VLSM networks and discontigious networks through routers compliant with Classless-Inter Domain Routing, which reduce size of routing tables.
The internet is a globally distributed network made up of many voluntary interconnected autonomous networks. It runs without a central governing body. Nevertheless, to maintain interoperability, all technical and policy features of the underlying central infrastructure and the primary name spaces, that is, domain names, IP addresses, application port number and many other parameters are administered by a body called Internet Corporation for Assigned Names and Numbers (ICANN) in California.
World Wide Web and the internet
These two terms are often used daily without much distinction, yet have different meanings. The internet is made up of hardware and software infrastructure that ensure availability of connectivity between computers. The World Wide Web or just the web is one of the services transferred through the internet. It is a pool of interconnected documents and many other resources interconnected by hyperlinks and URLs.
Technical terms related to the internet include:
It stands for Uniform Resource Locator and is used to uniquely identify each of the billions of web pages across the world and help one guide others to them.
The first high speed Tier 1 backbone was created by the NFS in 1987. Backbones are typically fiber optic trunk lines with multiple fiber optic cables to increase the capacity.
This is the transmission capability of the lines that convey the Internet’s electronic traffic where a larger bandwidth transfers more data at a time. Lack of bandwidth can inflict severe restrictions on the quick information delivery by the internet.
This is where multiple ISPs are linked at peering points or Internet exchange points (IXs), permitting routing of data across each network, without transmission charges on one another for the data which would otherwise have gone through a third upstream ISP, attracting charges from the upstream ISP.
This is a form of internet hosting service that lets individuals and organizations make their own websites reachable through the World Wide Web. Web hosting companies offer space on a server they either own or have leased for use by their clients and furthermore provide internet connectivity usually in a data center.
The Internet Protocol enables internetworking and fundamentally creates the internet itself. IP Version 4 (IPv4) is the preliminary version on the initial generation of today’s internet and is still dominantly in use. It was aimed to address up to 4.3 billion (109) internet hosts. IPv4 addresses were initially allocated based on classes. In the original specification of IPv4 (RFC 791) released in 1981, the authors established the classes to provide three different sizes of networks for large, medium and small organizations. As a result, class A, B and C addresses were defined with a specific format for the high order bits, which are the left-most bits in a 32-bit address. The remaining addresses were reserved for multicasting and future uses. However, IPv4 addresses are being exhausted due to the explosive growth of the internet, and the exhaustion is estimated to enter its final stage around 2011. (Microsoft Corporation, 2009)
The exhaustion led to development of IPv6 around mid-1990s, which provides massively larger addressing abilities and much more efficient routing of traffic. Presently, IPv6 is in commercial deployment phase across the world and internet address registries (RIRs) have started to urge all resource managers to organize rapid implementation and conversion. IPv6 is not interoperable with IPv4 as it basically creates a “parallel” form of the internet that IPv4 software cannot directly access. Software upgrades or translator facilities are thus essential for each networking device that requires communication on the IPV6 internet. While most recent computer operating systems have by now converted to function with both versions, network infrastructures still lag behind in this development. (Teare Diane, 2006)
A computer operates software known as the client and it interacts with another known as the server found at a remote computer. The client is typically a browser such as Mozilla Firefox or Internet Explorer. The server interacts with the browser using a set of guidelines called protocols. These protocols aid in the correct transfer of data via requests from a browser as the server responds. The World Wide Web brings the many protocols available on the Internet together so one can use HTTP, Telnet, FTP, Email etc. on one platform, the web browser. Inside the HTML page the web designer embeds the server-side language code. This code is handed to the suitable interpreter which processes these guidelines and generates the ultimate HTML displayed by the browser.
Cryptographic methods and protocols that have been developed for securing communications on the Internet ensure cyber security. Protocols including SSL and TLS for web traffic, PGP for email, and IPsec for the network layer security have been developed to secure internet communications. Firewalls are used to control access between networks. They consist of gateways and filters which vary from one firewall to another and screen network traffic, blocking that which is dangerous or malicious. Antiviruses are used to protect networks and devices from computer viruses, malware, Trojan horses, spyware, worms and botnets.
Since its conception in 1969, internet has evolved more than anything else to react positively to new requirements. With faster speeds now, internet is used in banking, gaming, advertising, social networking like Facebook and almost everything else. Shaping the future of internet, CSS3, Fonts as a Service such as Typekit that cater to web browsers that support the font-face rule already, and HTML5 are providing web designers the creative liberty that they have been craving for a long time. Yet new ideas and technologies bring new challenges. Many feel a “clean slate” approach is the one sure way of correctly addressing security, mobility and further challenges that have arose since 1969. Researchers believe it’s time to reconsider the Internet’s underlying architecture, a change that might mean getting to replace networking equipment and modifying computer software to channel future traffic over the existing pipes better. Within a decade, the National Science Foundation (NSF) funded GENI and European Union backed Future Internet Research and Experimentation (FIRE) research programs would be making a considerable change of the internet. (JESDANUN, 2007)
Cite This Work
To export a reference to this article please select a referencing stye below: