Introduction to Network Devices
Hub
A hub is a multiport physical repeater that are typically used to connect end-user workstations. An incoming frame is rebroadcast out ALL other ports except the port it came in on - called the ingress port.
They are inexpensive and do not create separate broadcast and collision domains. They are not really used as of today however.
Hubs do not make any forwarding decisions based on MAC address or IP address.
A collision domain is a network segment where collisions can occur when frames are sent among the devices on that segment.
As an example, if 4 computers are connected to a hub, all 4 share the same bandwidth. Each device can only use a portion of the total bandwidth. Collisions can occur when frames are sent simultaneously by multiple computers attached to the hub.
Ethernet devices rely on something called "Carrier Sense Multiple Access with Collision Detection (CSMA/CD)" to mitigate collisions.
With CSMA/CD, a transmitting device listens on the network segment before it attempts to send data. If no transmissions are there, it sends data and listens to determine whether a collision occured.
If a collision did occur, each transmitting device waits a random period of time before attempting retransmission.
Collision detection can function only when the devices do not attempt to transmit and receive at the same time - this means hubs are restricted to a mode called half-duplex which means they can't receive and transmit at the same time.
Bridges
A bridge uses the MAC address of data recipients to deliver frames. Bridges maintain a forwarding database in which the MAC address of the attached hosts are stored.
When a bridge receives a packet, the sender's MAC address is recorded in the forwarding database. If the recipient's address is also stored in the forwarding database, the packet is sent directly out that single port. If not, the packet is broadcast out all ports excluding the ingress port.
In the case of a broadcast, each host receives the packet and uses the MAC address to determine if it is for them. When the intended recipient responds to the packet, the bridge sends the reply directly to the original sender.
Bridges can be used to increase the number of collision domains. Each port on a bridge creates a separate collision domain but they still remain as a SINGLE broadcast domain.
Switches
Switches can be used to provide network connectivity to endpoint devices. They can operate at Layer 2 or Layer 3. Layer 2 switches funciton similiarly to bridges. Layer 3 switches add routing functionality.
Switches use information in the data packet headers to forward packets to the correct ports, resulting in fewer collisions, improved traffic flow and faster performance.
Swtiches break a larger network into smaller networks - NOT subnetting though. They perform microsegmentation of collision domains which creates a separate dedicated network segment for each port.
Layer 2 switches use physical addresses (MAC). They are used to carry out their primary responsibility of switching frames. Switches store known MAC addresses in the CAM table.
The CAM table associates MAC addresses with the physical interface through which those addresses can be reached.
When a switch receives a frame, it adds the source MAC to the CAM table. The switch then checks the CAM table to see if the destination MAC address is listed. If it is, it directs the frame to the port. If not, it broadcasts the frame out all ports except the ingress.
If 4 computers are connected to a switch, each computer will reside in its own collision domain. All 4 computers can send data to the switch simultaneously.
Because switches forward broadcasts, all devices connected to a Layer 2 switch will reside within a single broadcast domain. Layer 3 switches can use VLANs to separate broadcast domains.
Routers
Routers are used to forward packets between computer networks. Routers create separate broadcast domains. Devices connected to a router reside in a separate broadcast domain. A broadcast sent on network segment does NOT get forwarded through a router.
Layer 3 switches share many features and capabilities with routers.
Routers make path decisions based on logical addresses such as IP addresses. Routers store IP address information in a routing table. The routing table is stored in a special section of memory known as the Ternary CAM Table (TCAM).
The TCAM table is used to provide wire speed access to data for queries. The TCAM table can provide a non-exact match for a particular query.
When a router receives a packet, it forwards the packet to the destination network based on information in a routing table.
If a router receives a packet that is destined for a remote network not listed in the table and neither a static default route nor a gateway of last resort is configured, the packet gets dropped and an ICMP Unreachable Error is sent to the interface it was received on.
Servers
Many different types of network servers and various functions associated with them. Servers can either be a specific piece of hardware or a software program - typically set up to provide specific services to a group of other computers on a network.
Servers provide a centralized way to control, manage and distribute a variety of technologies - simple data files, apps, security policies, network addresses.
Some examples of services include:
File Servers - can configure a file server to allow users to access shared files/folders, used as a central storage location
Domain Servers - manages resources that are available on the domain, used to configure access and security policies for users
Print Servers - provides access to a limited number of printers to many computer users rather than a local printer for each PC
DHCP Servers - automatically provide IP addresses to clients. Clients can connect to the server and automatically get an IP.
Web Servers - allows customers to access your company website, typically contain content viewable in a browser
Proxy Servers - Intermediary between browser and internet. When computers connect to the internet, the computer first connects to the proxy server. The proxy either forwards traffic, blocks traffic or returns cached webpage
Endpoints
Endpoints are also known as hosts. Individual computing devices that access the services available on the network - PC, PDA, laptop, thin client or terminal.
Endpoints act as the user interface at which the user can access the data or other devices available on a network.
Next-Generation Firewalls and IPS Devices
Firewalls are devices that filter packets inbound from untrusted networks. Typically, a firewall filters packets without analysis.
Cisco Adaptive Security Appliance (ASA) are next-generation, multifunction appliances that can provide firewall, VPN, intrusion prevention and content security services.
An IPS is a device that detects and can automatically mitigate network intrusion attempts - it can determine whether a given packet might be malicious and can take various actions.
WAPs
WAPs are devices that enable wireless clients to connect to a wireless LAN (WLAN) using radio frequency (RF) communication.
WAPs are available in single-band or dual-band form. WAPs designed for modern versions of the IEEE 802.11 standard are typically dual-band WAPs.
One band operates at 2.4GHz frequency while the other operates at 5GHz frequency.
