I wrote this article for the magazine Connect and it was published in the issue Connect 04/10, here I publish it with the kind permission of the editorial office.
This is the first part of a series on computer networks. On this website, there is already a content-identical (and more extensive) series Computer networks, but I wrote this article with a certain time gap and from a slightly different perspective.
Network technologies overview and concise
At the beginning, we should define what such a computer network (hereinafter we will only use the term network) is. The commonly used definition says that a computer network is created by connecting two or more computers so that they can communicate and share resources (information, software, devices, etc.).
We can divide networks according to a large number of parameters. By size, area, and purpose, we have Local Area Network (LAN), Metropolitan Area Network (MAN), Wide Area Network (WAN), Virtual Private Network (VPN), Storage Area Network (SAN), and many others. According to network topology, we have connections like bus, star, ring, mesh, etc. According to connection technology, we have wired networks, which can use twisted pair, coaxial cable, optical fiber, and wireless networks.
Furthermore, we can divide networks according to communication technology into Ethernet, Token Ring, FDDI, Frame Relay, etc. And possibly also according to the communication protocol used, the most widespread group of protocols is TCP/IP (Transmission Control Protocol/Internet Protocol) and others like IPX/SPX (Internetwork Packet Exchange/Sequenced Packet Exchange), AppleTalk.
We will mainly focus on what is most widespread and common, i.e., local area networks (LAN) with Ethernet technology, using protocols from the TCP/IP family and in some areas also considering the use of twisted pair in a star connection.
Active elements and cabling
We build networks from certain physical elements. One part is, of course, computers (stations, servers, printers, and other network devices) that we want to enable communication. The other part is devices that ensure the connection, which is structured cabling (also known as passive elements) and active network elements.
The infrastructure of structured cabling includes horizontal and backbone cables, connectors, patch panels, data (communication) and server racks, telecommunication outlets, etc. Among the active elements are devices that send, receive, and forward information through the communication channel. These are network adapters (Network Interface Controller - NIC), switches, routers, wireless network access points (WiFi AP), possibly also older devices like repeaters, hubs, bridges, and others.
The used active elements and communication protocol determine how data physically travels through the network. Connection to a shared medium (except for wireless networks) is probably no longer used today, so for communication within the same subnet, switched Ethernet with the use of switches is used (it is transparent in communication, does not change the sent data). For delivering data to another subnet, routing using a router is used (it must be directly addressed in communication and modifies the sent data).
Communication model
For a more detailed view of network communication, we can use a standardized abstract description called the OSI model (Open Systems Interconnection Basic Reference Model). This model consists of seven layers, and each layer ensures a certain part of communication or services. However, the OSI model does not offer the necessary flexibility for practice, it precisely defines the layers and allows each layer to communicate only with the adjacent one above or below. This would bring unnecessary burden for practice.
The most commonly used protocol suite in practice is called the Internet Protocol Suite (usually referred to as TCP/IP). This set of protocols uses its own, modified model called the TCP/IP Reference Model (also known as the Internet Model). It consists of only four layers, named link, internet, transport, and application, although we often encounter other names. The upper layers are closer to the user and work with more abstract data, the lower layers modify the data into a form that can be physically transmitted.
When sending, the highest layer starts working, it has user data, adds a header to it, and passes it to the lower layer. Then encapsulation (encapsulate) is performed, the data and header of the higher layer become the data of the lower layer (they are wrapped). The header adds communication data and other information for data identification at the given layer. If the user data is large, segmentation is also performed (at the 3rd layer).
Data at the 2nd layer is called a packet and in the case of the IP protocol, it contains the IP address of the source and destination. The network sends data at the 1st layer, which adds MAC addresses in the header, and then the packet becomes a frame. We should therefore distinguish when we talk about packets (for example, in routing, which uses data from the 2nd layer) and when about frames (for example, in switching, data from the 1st layer is used). However, in practice, both terms are often confused. We can also use the general term PDU (Protocol Data Unit).
Network and Addressing
We said that we will mainly talk about local networks. Among the LAN networks, it is usually counted as a network that is located in a smaller (limited) geographical area (it can be a building or campus or just a floor or room). LAN is a closed network by itself, but we usually connect multiple LAN networks together. Either directly or over greater distances using WAN (internet or private lines).
The largest and most well-known (WAN) network built on TCP/IP is the internet. Simplified, we can say that it is a large number of interconnected LANs. However, the situation is a bit more complicated. In the internet, addressing is used with IPv4 (Internet Protocol Version 4) and IPv6 is slowly starting to be adopted. For a number of technical reasons, it is not possible for all participants in this network to communicate directly with each other.
So, from the principle of communication, but also due to the allocation of address ranges, we divide the entire network hierarchically into smaller parts, these parts are called subnets. Because it is a hierarchical division, individual subnets can be further divided into even smaller subnets. In the case of the internet, the main address space is managed by the IANA (Internet Assigned Numbers Authority). It is further divided into large blocks, which are assigned to regional registrars RIR (Regional Internet Registries), who manage addresses for different parts of the world. RIR assigns smaller blocks of addresses to service providers ISP (Internet Service Providers) and large organizations. From the ISP, an organization can then obtain a smaller block of addresses.
Within an organization, we usually do not only use public IP addresses assigned by the ISP, but also private ranges (which should not communicate within the internet). The entire company's network, which we can refer to as LAN, in practice consists of a number of subnets. Networks that we want to separate from each other (and we also logically or physically separate them), such as operational, testing, DMZ, belong to different subnets. But we also use the division into smaller subnets for performance reasons, because we divide broadcast domains (a logical part of the network where all devices communicate directly at the link layer and receive mutual broadcasts).
In the past, various active elements had to be used to create separate networks (and thus build the infrastructure multiple times). Nowadays, however, the use of VLAN (Virtual LAN) is absolutely common, which allows operating multiple separate networks (subnets) within one (of course also more) active element. Simply put, we can divide the switch into several logical switches by assigning certain ports to a certain VLAN. It is ensured that it is not possible to communicate directly between VLANs.
Communication within a subnet
Devices that are connected to the same subnet can communicate directly with each other. In the case of switched Ethernet, this means that one or more switches are used for the connection. For communication, data from the first layer according to the TCP/IP model is used, i.e., in the case of Ethernet, it is the MAC (Media Access Control) address, which is the physical address of the interface.
The switch creates a table (CAM - Content Addressable Memory) in memory, behind which port which MAC address is located. Then it sends the communication intended for a certain MAC address directly to the given port. If it does not have a record yet, it sends the data to all ports except the incoming one. The CAM table is created from incoming data.
Several different problems are solved on switches, the main one being loops in the physical connection. These can lead to the creation of broadcast storms (and other problems). To defend against loops, we can commonly use the Spanning Tree Protocol (STP), which blocks redundant paths.
Connecting subnets
By dividing the operational network into smaller subnets and assigning them to different VLANs, we have reduced the amount of broadcasts that each device processes. But we have also lost the ability to communicate between devices in different subnets. To enable them to communicate again, we need to connect a device that will perform routing and will be the default gateway for individual subnets. In practice, we most often use this function on an L3 switch or router. Communication between networks of different nature, such as the operational network and DMZ (Demilitarized zone), is usually ensured by a firewall. It also forms a security barrier between networks.
Just as we talked about dividing the network into subnets, this corresponds to the placement of routers, which are located at each point where individual subnets are to communicate with each other. Together they form a hierarchical structure, a simplified tree. When two stations in different networks are to communicate with each other, the communication must pass through one or more routers. The length is referred to as the number of hops, i.e., the number of devices through which the communication must pass (direct connection of two PCs is one hop).
Routers are responsible for determining the path of communication (to which next device), they use a certain routing protocol, which creates a routing table and according to it, decisions are made about routing to the next hop. There are a number of routing protocols, both standardized and proprietary. Examples include RIP (Routing Information Protocol), EIGRP (Enhanced Interior Gateway Routing Protocol), OSPF (Open Shortest Path First), or BGP (Border Gateway Protocol).
The use of a routing protocol is not always necessary. It is used for dynamic routing, which automatically detects changes in the network and adjusts the routing table. In LAN, we often only need to use static routing, where entries in the table are either entered manually or created automatically from directly connected interfaces (subnets connected to this router).
Transmission methods
To the previous description of communication, it is also necessary to add that we have three types of communication and according to them, the details in delivery change. It is about whether we want to deliver data to only one recipient. This method is the most common and is called unicast. Most of the previous description was devoted to this.
Then we have broadcasting to everyone, referred to as broadcast (omnidirectional broadcasting). This should be received by all devices within the broadcast domain (same subnet). The switch sends such communication to all ports except the incoming one. We use this broadcasting not only when we want to send information to everyone around, but also when we do not know the recipient's address. The recipient receives the broadcast, recognizes from the content that it is intended for them, and sends a response. Examples of this are the DHCP and ARP protocols. A large number of broadcasts, however, slows down the network and burdens the stations.
We also have directed broadcast (Subnet Directed Broadcast), which should travel through the network to the target subnet and only there be sent as a broadcast. In practice, however, this method is often blocked for security reasons.
The last option is broadcasting intended for a group of recipients, called multicast. This is supposed to ensure efficient delivery of data to several different recipients so that the data travels through the network only once.
Network Protocols
We will add a brief information about protocols. Here we are talking about the Internet Protocol Suite, a set of network protocols often referred to as TCP/IP. However, this can be misleading because this group includes many more protocols. IP is indeed the main communication protocol at the 2nd layer of the TCP/IP model, which ensures the delivery of packets. But there are also other important protocols, such as ICMP (Internet Control Message Protocol, which provides information about network unavailability or echo request/reply) and IGMP (Internet Group Management Protocol, which manages groups for multicast).
Similarly, at the 3rd layer of the TCP/IP model, TCP is important, a protocol that operates above IP and ensures the division of sent data into segments and their reliable delivery to the recipient in the correct order. At this layer, we also have other protocols, the main representative being UDP (User Datagram Protocol), which also works above IP. It uses a simple transmission model that does not ensure delivery reliability (data may not arrive, may arrive multiple times, or in a different order), but has low overhead.
At the 4th layer of the TCP/IP model are application protocols. For example, DNS, TFTP, and VoIP work above UDP. A large number of protocols work above TCP, such as HTTP, SMTP, FTP. The IP protocol family also includes several protocols from the 1st layer of the TCP/IP model, such as MAC (Media Access Control, used by Ethernet), ARP (Address Resolution Protocol), and PPP (Point-to-Point Protocol).
naprosto jednoduchy perfektni a dokonalý článek. díky!
respond to [1]schomi:
JJ souhlasim s Schomim. Tenhle clanek mi to hezky vsechno, celkem strucne objasnil taky dik
Vyborny clanek, ted me zrovna site prednasej,takze se mi to hodi. Muzu se zeptat, proc switch posle data vsem, kdyz v tabulce CAM nema zaznam?? Je to divny, on(switch) vi, co je na jednotlivych portech za zarizeni....prece se nemuze stat, ze by tam bylo neco jinyho s jinou ip adresou. A este me napada, kdyz rozdelim provozni sit na mensi subnety pomoci VLAN, tak ta kazda podsit nebude mit svuj broadcast? Diky za odpoved
respond to [3]The Ghost:
Pokud switch nemá naplněnou CAM tabulku, či pro konkrétní rámec nezná konkrétní port kam to má poslat zachová se jako hub, aby se zaručilo, že cíl data dostane. Switch je zařízení druhé vrstvy a CAM tabulka obsahuje mapování HW adresa (MAC) a portu, nikoliv IP adresy. Navíc po zapnutí switch neví, kde co je. To se naučí až sledováním provozu (konkrétně pole source address z ethernetových rámců).
VLAN představuje vždy vlastní síť či subnet a má svoji adresu sítě i broadcast adresu. Broadcast na switchi s VLANy se pak šiří jen v dané VLAN a přes trunky.
respond to [4]blekeke:
Jasne, MAC adresa....jsem to ale... Tak a este ta VLAN. Autor uvadi, cituji:".....zmenšili množství broadcastů, které každé zařízení....". Tak nevim, co si o tom myslet. Je mi jasny co tim myslis a jsem stejnyho nazoru. Je to odstavec PROPOJENI SUBNETU. Co tim teda mysli??
respond to [5]The Ghost: Většina síťových zařízení posílá některé zprávy jako broadcast (hlavně třeba stanice s Windows). Pokud je v jednom subnetu (jedné VLANě) více stanic, tak jich více posílá broadcast a každá z nich dostane více zpráv. Rozdělením se zmenší počet stanice a tím množství broadcastů.
respond to [6]Samuraj:
Ahaaaa, takze se zmensi celkovy pocet vsecho broadcastu posilany po urcite VLAN. Uz chapu. Diky
pekne a zrozumitelne napisany clanok
dakujem
Pozor , počet hopů = počet zařízení není uplně přesné, lepší he počet rourerů, přes kteté komunikace jde.
(Existují i záludnosti jako VRF nebo že někteté routery nesnižují TTL schválně , nebo že v případě komunikace přes tunel se hopy jsou smrsknuté do jednoho)