Addresses within the Network
Stations on Shared Media
We have two stations connected on shared media, which can be an old version of Ethernet in a bus topology or a commonly used star topology when a hub is used as the central element. Both stations have an IP address set and a network defined (subnet mask entered), and the network cards have a MAC address. This method is referred to as shared Ethernet.
In this case, both stations are on the same network (same subnet), so direct delivery occurs.
If the blue station wants to send data to the red station, it first creates an Ethernet frame:
- the IP address of the target station is known
- the IP packet header includes our IP address (source) and the target IP address
- we now need the MAC address of the target station, either we have it in the ARP table, or we perform an ARP query
- the Ethernet frame includes our MAC address (source) and the target MAC address
Then this data is sent to the network (using CSMA/CD). On shared media, the frame passes through the entire network, and each station listens to see if it contains its MAC address. If so, it accepts the frame.
Connection via Switch
In the case where Ethernet is connected in a star topology using a switch, communication usually only reaches the stations it is intended for (using the CAM table, i.e., which MAC address communicates from which port, if there is no record, it sends to all ports except the incoming one). The principle of communication is the same as with shared media, and the switch is transparent to the communicating stations. This commonly used method is referred to as switched Ethernet.
Connection via Router
In this case, each station is in a different subnet, so indirect delivery must occur. The router is no longer a transparent network element, but other network devices must address it. The following description is a general method of communication:
- at the network layer, an IP packet header is created, containing the source and target station IP addresses
- the source station tests whether the target IP address is in the same subnet, i.e., whether it is local
- the network interface layer continues by creating an Ethernet frame header, including its source MAC address, the target MAC address is assigned to the IP address from the ARP cache (query) and determined by:
- for local communication, the target station address
- if not local, it looks into the routing table and uses the address of the appropriate router (next hop, often the gateway)
- the frame is sent to the network
- the data reaches the router, which recognizes it by the MAC address
- it checks the packet and decreases the TTL (time to live in the network - number of hops)
- it checks again whether the IP address is local on one of the interfaces and either sends it to another router or directly to the target station
- the target station accepts the frame by the MAC address
- it verifies it, checks the IP address, and passes it up through the layers
Active Network Elements
A computer network consists of active and passive network elements. Passive network elements include cables and connectors. Active network elements include network cards (NIC), switches, routers, firewalls, etc.
Repeater
- operates at the first layer of the OSI model (Layer 1)
- usually has only two ports
- extends the signal range, mainly in bus topology
- not used today
Principle of Operation
- data received on one port is immediately forwarded to the other port
Hub
- also known as a multipoint repeater
- operates at the first layer of the OSI model (Layer 1)
- usually has 4 - 24 ports
- basic element for star topology
- not used today
Principle of Operation
- data received on one port is immediately forwarded to all ports except the one it was received from
Bridge
- operates at the second layer of the OSI model (Layer 2) - decides based on MAC address
- usually has only two ports
- connects/separates segments
- reduces the size of the collision domain
- broadcasts and multicasts are sent everywhere
- not used today
Principle of Operation
- reads the source MAC address of incoming frames and creates a table of MAC addresses and ports in memory, where they come from
- if there is no record for the target MAC address, the frame is sent to all ports
- if a record exists and if the recipient is in the same segment as the sender, the data is not sent to other segments
Switch
- also known as a multipoint bridge
- operates at the second layer of the OSI model (Layer 2) - decides based on MAC address
- usually has 4 - 48 ports
- connects/separates segments
- reduces the size of the collision domain
- broadcasts are sent everywhere
- operates quickly
- basic element for star topology
- does not modify the frame
Principle of Operation
- reads the source MAC address of incoming frames and creates a table of MAC addresses and ports in memory, known as the CAM (Content Addressable Memory) table
- if there is no record for the target MAC address, the frame is sent to all ports except the incoming one
- if the target MAC address is in the table, the frame is sent only to the specified port
Switch Modes
To find a compromise between delay and reliability, there are several methods.
- Cut-Through - fast but without error checking, forwards frames immediately when the target MAC address is known
- Store-and-Forward - first receives the entire frame, verifies FCS (CRC), and then forwards or discards it
- Fragment-Free (Modified Cut-Through) - a compromise, first reads the first 64 bytes (including the header) and then forwards
Router
- operates at the third layer of the OSI model (Layer 3) - decides based on IP address
- the border router is sometimes referred to as a gateway
- used for connecting networks
- offers services within the LAN (routing from source to destination, network segmentation, ARP) and connection to the WAN (via serial, ISDN, DSL, fiber)
- broadcasts are not forwarded by default - reduces the size of the broadcast domain
- slower than a switch, often replaced today by a Layer 3 switch (MultiLayer Switch)
- creates a new header and frame termination (CRC)
Principle of Operation
- builds a routing table in memory based on networks to which it has directly connected interfaces, static values, and information from other routers (depending on the protocol used)
- for incoming packets, it looks at the destination IP address and determines the path to the destination based on the routing table (sends data to the specified port)
- when sending data, it modifies the frame header, inserting its own MAC address as the source and either the next router or the station as the destination
- if the destination IP address belongs to a directly connected subnet, it sends directly to that station, checking the ARP table to see if it has the MAC address for the given IP address, if not, it sends an ARP query (who has this IP?), if no response is received, the frame is discarded, if a response is received, it updates the ARP table and sends the frame
Další skvělý článek.
Zde mě jen zaskočilo u routerů: "V tomto případě je každá stanice v jiném subnetu"
Mám doma router co mi spojuje ntb a stolní pc s IP 192.168.2.100 a 192.168.2.101. Ty ale jsou ve stejném subnetu?
(Zase ty subnety;-))
respond to [1]Vlastimil Ovčáčík: Díky.
Předpokládám, že doma máte kombinovaný router se switchem (to je to běžné, co se prodává pro připojení k netu) a jeden routerový port je připojen do internetu a do druhého (vnitřně) je switch, kde máte NTB a PC.
respond to [2]Samuraj: http://www.agen.cz/produkt/24114/SMC-Wireless-G-Barricade-Router-4xLAN-1xWAN.htm
Řekl bych, že jo. PC jede na ethernetu a ntb na wifi/g.
Ještě se vrátím k těm subnetům. Každý subnet má svůj router/switch - dejme tomu tři subnety, tedy tři routery - které jsou pak spojené do jednoho routeru/switche - a ten pak na WAN...
Vezmeme si PC v subnetu
-zdrojová IP 10.0.1.15/24
-cílová IP 10.0.2.9/24
Takže router v subnetu 10.0.1.0/24 zjistí, že to není lokální adresa a tak to pošle na další hop - tj. router (10.0.0.1/16) spojující všechny subnety - ten zjistí že to je v jeho síti a pošle to na router zodpovědný za subnet 10.0.2.0/24 a dále pak do 10.0.2.9/24 - tj. cílový počítač.
?? :)
respond to [3]Vlastimil Ovčáčík: Ještě doplním:
00001010.00000000.00000000.0000001
<-------Síť-----> <Subnet> <--PC-->
?
respond to [3]Vlastimil Ovčáčík: Tak to jsem moc nepochopil. Pokud chci mít 3 subnety, tak mám jeden router, do kterého jsou připojeny, ten router je gateway. Stanice ví, jestli se jedná o lokální adresu nebo ne (a pak to pošle na GW). Router provádí směrování mezi těmito třemi subnety a internetem (nadřazenou úrovní).
respond to [4]vo: Toto je také podivné, takto se to neoznačuje, možná jsem to špatně vysvětloval. Adresa se dělí na část síťovou (network - pro jeden subnet vždy stejná) a hostovskou (host - adresy v daném subnetu).
Myslím, že už jsem prozřel. Vygooglil jsem si obrázek http://www.networkdictionary.cn/images/subnet.gif a už je to jasný... Furt jsem v tom hledal nějakou vědu ;-)
Krásnej článek, jen tak dál. Jsem doma, připravujíc se na CCNA 640-802. ;-)
Chtel bych se zeptat, jakym zpusobem je reseno, aby se sdilelo pouze pripojeni k netu, tzn. aby se zarizeni navzajem nevidely v lokalni siti!?
respond to [8]Tomas: Na cisco switchi se to dá řešit pomocí Private VLAN, více v www.samuraj-cz.com/clanek/cisco-ios-19-private-vlan-a-protected-port/.