Networking Technologies

Chapter 3: Bridging, Switching, and Routing

 

 

Objectives:

Chapter 3 teaches you which connectivity device is the right one for various circumstances. The objectives important to this chapter are on page 3-1:

  1. List the reasons connectivity devices are needed on LANs and WANs.
  2. Distinguish between Ethernet and token ring repeaters.
  3. List three benefits of bridging and three types of bridges.
  4. Explain transparent bridge operation.
  5. Configure a spanning tree network.
  6. Explain source-routing bridge operation.
  7. Explain the use of switching hubs.
  8. Identify the benefits of using token ring switches.
  9. Identify and describe distance vector and link state dynamic routing protocols.
  10. Identify the characteristics of nonroutable protocols, and name a method for dealing with a nonroutable protocol.
  11. Identify different kinds of combination devices.
  12. Decide when to use bridges, switches, and routers.

 

Concepts:

The graphic on page 3-2 is a quick summary of the information in this chapter. You may wish to refer to it while reading the chapter, checking to see if you understand each point in it.

The bullets on page 3-2 list problems that connectivity devices are designed to overcome:

  • Limitations of the LAN media - how many nodes can it handle? How far can it reach? How much bandwidth? Repeaters and bridges help overcome these limitations.
  • Transport of data packets across multiple networks with different media access methods - transport methods are needed that are not media dependent. Routers answer this need.
  • Communication between systems with incompatible protocols - finding a common protocol is desirable. If not possible, translation is needed. This is done by gateways.

Repeaters are placed at the ends of LAN segments, joining two pieces that would be too long together to be one segment. There are differences between repeaters on Ethernets and Token Rings:

  • Ethernet Repeaters - coax based Ethernet is limited by the 5-4-3 rule, which says you can connect up to 5 segments with up to 4 repeaters, and any 3 of the segments can be populated.
  • Token Ring - in a Token Ring, every station is a repeater, since they all receive and retransmit packets. Although numbers are not given in this chapter, your book specified in Chapter 2 that there are limits to the number of stations on a ring, the length of the cable between any two stations, and the total length of cable in the ring.

You will remember from earlier in the term that bridges connect two LAN segments for convenience, and filter traffic so that not all signals have to appear on both segments. Since bridges use hardware addresses to make their decisions, bridges are considered Data-Link layer devices. (They depend on Physical layer processes, too, but their work happens at the Data-Link layer.)

Since bridges are independent of upper layer protocols, packets that cannot be routed can be bridged. A bridge increases the bandwidth of the LAN, because traffic can flow on both segments at once, provided that it does not cross the bridge.

You should be aware of the 80/20 Rule, which is explained on page 3-7. Bridges are most useful if they follow this rule. You should place bridges and nodes so that 80% of the traffic on a bridged segment stays on that segment (is local to that segment), and only 20% of the traffic should have to cross the bridge. If this rule is violated, the bridge is in the wrong place, a node is on the wrong segment, or perhaps you need a repeater instead of a bridge.

Three common types of bridges are listed on page 3-8. Many pages are devoted to each:

  • Transparent - a bridge is transparent to a sending device if the sending device is unaware of the bridge or unaware that the receiving device may be across a bridge. This type of bridge requires little setup: it learns which segment devices are on when they send packets through it. Transparent bridges are also called learning bridges because they learn what segments devices are on by receiving traffic from them, and they store the knowledge in a filtering database. While a transparent bridge is learning, it forwards frames to all segments except the segment they come from. Once it learns which segment a device is on, traffic to that device is only forwarded to the proper segment (unless the traffic is already on the right segment, in which case it is not forwarded at all). Bridges may connect more than two segments. Connection is made through physical ports on the bridge. The ports can be in one of five states, described on page 3-11. (This description mentions the spanning tree protocol which is not defined until page 3-20.) The five states are:
    • Disabled - the port is off line
    • Blocking - a standby mode, used by backup bridges. Frames are ignored unless they are addressed to the multicast address of this bridge (which gives us a way to change the state)
    • Listening - a waiting state; the bridge is preparing to learn or forward, but assumes that traffic may have misinformation in it at this time. This should only be in effect for a specific amount of time.
    • Learning - the bridge is paying attention to traffic, modifying its filtering database, but not forwarding. This is a timed state.
    • Forwarding - normal operation, frames are forwarded, based on the filtering database. Learning (modifying the filtering database) also takes place in this state. Note that this is the ONLY port state in which frames are forwarded.

    The intelligent part of the bridge, the part that decides whether to forward a frame to a specific segment, is called the Relay Entity. In order for a frame to be forwarded, the list of requirements on page 3-12 must be met:

    • the frame must be addressed to a device on a segment other than the one it started on
    • the frame must have data in it from a layer above the MAC sublayer
    • there must be a CRC in the frame
    • the frame must not be addressed to the bridge

    Transparent bridges store the incoming frames, check the above criteria, check the CRC for errors, and forward frames that need forwarding. Because the frame is stored and processed this way, the bridges are operating in a store-and-forward mode. There is an inevitable delay while the checks are made, referred to as the latency of the bridge. The larger the frames, the longer the latency.

    The table that a bridge builds is called the filtering database. Page 3-14 illustrates that the filtering database starts out empty, and information is filled in as frames are received from various stations.

    Page 3-17 describes a bridging loop. First, you need to know that redundant bridges can be put between segments, in case one breaks. A bridging loop can be when packets pass endlessly from one segment to the next across the two bridges. It can also happen if the bridges generate a broadcast storm of new packets. The example that begins on page 3-17 explains. Assume two segments connected by two bridges. A frame is generated on Segment 1 from workstation A, and hits both bridges. Both bridges copy the frame, learn that A is on Segment 1, and both forward the frame to Segment 2. However, each bridge will receive the copy that the other bridge forwards to Segment 2. This will cause the bridges to update their databases to show workstation A as being on Segment 2, and they will forward each these frames back to Segment 1. Then the process repeats, again and again and again. This is not good.

    To avoid the bridging loop problem, IEEE 802.1d gives us the spanning tree protocol. This says that in each redundant pair of bridges, one is the designated bridge, and the other is the backup bridge. Bridges communicate with bridge protocol data units (BPDUs) to determine which is the designated bridge, and when the backup bridge must take over. The network should be diagrammed as on page 3-20, like a tree. One bridge is chosen to be the root bridge, which sends configuration messages to designated bridges. The root bridge is chosen by its bridge ID, which is an eight byte (16 hex digits) number composed of two bytes assigned by the administrator and all six bytes from the MAC address of the port adapter (NIC). The bridge in the tree with the lowest bridge ID number is the root bridge. Bridges elect a root bridge by sending packets, like those shown on page 3-22, to all ports proclaiming themselves to be the root bridge. If packets are received from bridges with lower IDs, each bridge will acknowledge by changing its opinion, and sending packets that identify the new candidate as the root bridge. (Note that these packets contain the address for the bridge sending the packets in one field, and the address of the bridge it believes to be the root bridge in another field.) A root bridge will continue to send BPDUs every two seconds, by the IEEE standard.

    When two bridges are determined to be on the same segment, the one with the lower port cost is the designated bridge, and the other is the backup. This is another value that the administrator can assign. A root bridge has an arbitrary port cost of 0 (zero), but all other port costs can be assigned. This assignment could be made based on newer, better equipment, or it could be based on line speed. A backup bridge will change its ports to the blocking state, receiving multicast frames only. A related term from this section is root port, which is simply the port on a bridge that "faces" the root bridge.

    BPDUs should be addressed to a multicast address that all bridges on the network recognize and respond to. Different manufacturers can assign different multicast addresses to their equipment, so it is best to check what address is used by a bridge before you buy it. Bridges also respond to frames addressed to their own addresses, but this is not how BPDUs work.

    A problem is illustrated on page 3-26. Assume that bridge 3 blew up, burned out, melted down, or just died. It was a designated bridge. If its backup bridge does not see/hear a BPDU from it in a specific time, the backup assumes the designated bridge is out, and the backup sends a TCN (Topology Change Notification) BPDU toward the root bridge. This TCN-BPDU is acknowledged by the next designated bridge in line, and passed on to the root bridge. The root bridge sends TCA-BPDUs (Topology Change Notification Acknowledgment) to all bridges. When a bridge receives this message, it puts its ports in blocking mode, and waits for a time specified by the message from the root bridge. When time is up, all the bridges still functioning contend for root bridge status, and once again elect designated and backup bridges.

  • Source-routing - each device in a source-routing network maintains its own dynamic table of routes to devices, so a source routing bridge does not have a filtering database, and does not make filtering choices. What it does is to add notations to frames that it passes on, showing that the frame passed through it. Each source routing bridge adds its own notation to the frame, so the frame contains the complete routing information when it arrives at the destination. (Note that these "routes" do NOT cross networks, so they are not Layer 3 routes. They use hardware addresses only, making this Layer 2 information.) Typically, routes are determined by individual devices. The route determination is made by sending hello frames to other devices. These frames build a route, that route is followed by a reply frame, and the route is then read from the reply frame and stored in the original device.

    This type of bridging is most often found in token ring environments. The routes are dynamic, and only stored in RAM, so they must be rediscovered when devices are rebooted.

  • Source-routing transparent (SRT) - these are bridges that can behave in both the above modes. They are useful when some devices on a network store their own routes to other devices, in which case the bridges can act like source-routing bridges. For devices that do not store their own routes, the filtering tables in the bridges are used.

Page 3-34 introduces switching hubs. Switching hubs address problems stated on this page:

  • heavy traffic on an Ethernet diminishes performance, so some change is needed
  • bridging can lead to loops, a lack of redundancy, and message flooding.
  • buying a better LAN is expensive: new NICs, hubs, software, etc.

A switching hub (also called a switch) can be substituted for existing hubs, without changing the rest of the LAN. It works like a bridge, filtering traffic by MAC addresses, and only sending output to the ports that need it, which means that it allows the other ports to be used independently. This has the effect of increasing the bandwidth of the LAN because more users can use it simultaneously. Another way of explaining this is the description of a collision domain on page 3-35. A collision domain is any media segment in which nodes contend for access. Using switches, each node is on its own collision domain.

Page 3-36 describes classifying factors for switches:

  • Speed - switches can be 10 Mbps, 100 Mbps, or both
  • Store-and-Forward - this kind of switch acts like a transparent bridge, checking the CRC of frames before forwarding them. Latency of about 1200 microseconds per frame is a factor.
  • Cut-Through - this kind of switch does not do a CRC check, so it has less latency (about 40 microseconds per frame), but it will pass bad frames.
  • Full Duplex Ports - a switch with this sort of port is using dedicated connections, so collisions are not a factor. Speed is nearly doubled under perfect conditions.
  • Multiple Server Connections to Switch - some servers use multiple NICs to connect redundantly to the switch. Special NLMs are needed on the server to balance the load.

Virtual LANs are discussed on pages 3-37 and 3-38. Essentially, since a switch can connect two stations effectively, it can also connect many stations as a broadcast LAN. The benefit is to be able to send information to many stations simultaneously, while still maintaining wide bandwidth. The switch can effectively define several LANs, simply by being programmed to consider some number of its ports as being a single LAN, and other ports as another LAN. Two variations are listed:

  • Data-Link Layer Virtual LANs - use only hardware addresses to distinguish devices, traffic between Virtual LANs is forwarded by routers
  • Network Layer Virtual LANs - can use IP addresses to establish subnets

Token Ring Switches are described on page 3-39. The picture tells the story as well as the text: Token Ring Switches are used to establish faster paths and provide more bandwidth between separate rings.

With all switches described in the text, the main disadvantage is the lack of good analysis tools.

Routing begins on page 3-44. Routers pass signals from one network to another. Routers use software addresses instead of hardware addresses. This makes them independent of protocols used at lower layers. Almost. Example: a transmission is sent from a station on network 1 to a station on network 50. It could pass along any number of routes. What happens is like this

  • The Network Layer header of the outgoing message has a place to write information about the sender and the intended receiver. Assume we are talking about IP addresses. The sender's IP address is saved in the Network Layer header, along with the IP address for the recipient. This data stays in the Network Layer header until the intended recipient breaks down the header.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer    
  • The Data Link layer header also has a place to write down the address of the sender and the receiver, the difference being that this layer uses MAC addresses. Since the intended recipient is not on the sender's network, the sending station sets the Data Link Layer address of the recipient to the MAC address of the router (default gateway) on his network, and sends the message as a frame to that router. If necessary, an ARP signal is sent to determine the MAC address of the default gateway router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Sender's MAC Default Gateway MAC
  • The router on the sender's network gets the frame, erases the sender and recipient addresses in the Data Link Layer, and decides on a route to the recipient's network (which is written on the header of the Network layer, remember?). The next router in a logical chain is selected. If necessary, ARP is used to find the MAC address of the next router. The next router's MAC address is written in the Data Link Layer header as the "recipient", and the current router's MAC address is written to the Data Link Layer header as the "sender". The frame is forwarded to the next router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Default Gateway MAC Next router's MAC

  • The process in the step above is repeated until a router on the intended recipient's network gets the frame. Then, the final router's MAC information and the receiver's MAC information is written to the Data Link Layer header, and the frame is delivered, where it is unpacked and handed to the IP protocol on the Network layer.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Final router's MAC Receivers's MAC

Obviously, this system would fail if routers did not have the ability to learn what routers can reach what networks. Passing a packet from one router to another is called a hop. Routers keep tables of router names, networks those routers can connect to, and how many hops away a network is through a given router. Some routers also track a cost value, which can be based on line speed. Route tables are usually constructed by using a route discovery protocol, as discussed in the previous book.

Routing protocols can be static or dynamic. A static protocol would be one in which the administrator defines the routing table. A dynamic protocol could be one of two types:

  • Distance Vector - a verbose algorithm, in which tables are sent in their entirety to other routers, routers calculate route costs based on second hand information, and convergence is slow. Tables are constantly in flux, and updates are sent at intervals ranging from 10 seconds to two minutes. RIP is the protocol used in IP and IPX networks. This protocol is susceptible to the count-to-infinity problem.
  • Link State - tables are sent in their entirety when a router is booted, but only first hand information is sent after that. This avoids the count-to-infinity problem. The routers send Link State Packets (LSPs) which contain only information about networks the routers connect to directly. IP networks use the OSPF protocol and IPX networks use the NLSP protocol. OSI has a protocol for Link State called IS-IS.

The count-to-infinity problem exists only in Distance Vector routing. It works like this:

  • All routers track the hops to other networks.
  • If a router is not connected to a given network, it must connect to it through another router.
  • Routers read the table information sent to them from other routers, and correct their own tables. They assume that the number of hops to a given network is the number of hops to another router, plus however many hops that router says it is to the other network.
  • When a router goes down, the other routers continue to update. If the router that is down is the only connection to a network, that network is unavailable.
  • The other routers will continue to send information to each other about how many hops away from the "down net" they are (not knowing it is down). Assume Router A was one hop away from the down router, and it will not get updates from the down router. It will now learn from its upstream neighbor, Router B, that Router B is two hops from the missing net. Router A will now assume it is three hops from the missing net, and tell other routers, who will update their tables.
  • Since there is no real connection to the missing net, the tables will continue to increment the assumed number of hops to it, approaching infinity. The maximum value allowed for hops is generally 16.

To combat the count-to-infinity problem, two methods are used:

  • Split horizon (also known as best information) - a router is not allowed to advertise information about a path on the path that it is received from
  • Split horizon with poison reverse (also known as poison reverse) - the routers do advertise paths to themselves, but they show them as infinity (16)

Load balancing is described on page 3-55. If only the best routes were ever used, then some routes would go unused, which is inefficient. In fact, the best route would become congested, and a lesser route might be preferable. Load balancing attempts to use routes to better advantage.

Some protocols are described on page 3-56 as nonroutable (unroutable). This means that the protocols either do not use dynamic routing, or they have no Network Layer.

  • SNA - uses only static routing
  • NetBIOS - designed for communications within a LAN, using the Session layer. It has no Network Layer component
  • NetBEUI - an enhancement of NetBIOS, using frames. It has no Network Layer component.
  • LAT - a DEC protocol, intended to stay within one network.

Nonroutable protocols can be bridged or encapsulated (tunneled). Brouters and switches can bridge nonrouting protocols.

A comparison of the features of bridges, switches and routers begins on page 3-59. You should know the main reasons for choosing each piece of equipment:

  • Bridges and switches are intended to connect LAN segments, increasing their effective bandwidth. The rely on physical addresses. They drop packets that are too large. They typically are self configuring. They are independent of upper layer protocols.
  • Routers are intended to interconnect networks. They can fragment and reassemble packets that are too large, limit broadcast traffic, and provide security and control. They require configuration. They are independent of lower layer protocols.
  • Brouters can route and bridge, enabling them to pass both Network Layer and Data Link Layer protocols.
  • Link state routing systems converge faster than spanning tree bridging systems. Routing systems also continue to function while reconfiguring.

Three rules of thumb are offered on page 3-62:

  • Use switching to eliminate congestion within the workgroup.
  • Use bridging to provide local segment and workgroup connectivity and fault tolerance.
  • Use routing for connectivity to the enterprise internetwork, security, and fault tolerance.