NET 121b: Essentials of Networking

Chapter 6: Internetworking Components


This chapter discusses devices that are used to connect one network to another. The topics of this chapter are:

  1. Defining internetworking
  2. Understanding which kind of device to use for specific needs

To help you understand this chapter consider the following definitions:

  • network - a single independent network, as defined earlier in the course
  • internetwork - multiple independent networks, that are connected

The chapter concerns the different connection devices used in both networking and internetworking. It is important to know which kind of job a given device does. A previous text stated that "network connectivity devices connect individual devices to a single network", and that "internetwork connectivity devices connect multiple independent networks together to provide access to remote resources". Those are valuable statements that you should use to sort out devices. Most devices fall into one category or the other, but we will discuss a couple of devices that can be used in both.

Modems, for example, can be used to dial in to networks, instead of using a standard connection. This is most common for mobile or remote users. (Remote users dial in to use one network, mobile users dial in to use parts of several networks. This distinction is made by several texts.) This makes a modem a network connection device, not an internetworking device.

Each kind of medium used in networking has a maximum segment length. Multiple segments can be joined together, creating a larger network than a single segment can support.  These connectivity devices can do this:

  • Repeaters - to regenerate a signal that may be attenuating (fading)
  • Hubs - central connection points; often, they do not filter traffic
  • Bridges - connectors between separate network segments; may act as filters on layer 2 of the OSI model
  • Switches - smarter hubs; usually act as traffic filters on layer 2 of the OSI model
  • Multiplexers - devices to allow more than one signal on a medium

To connect to specific devices, some kind of addressing must be used. Devices that work on the Data Link layer of the OSI model use the MAC address of a device, which is typically set permanently on the device's NIC. This kind on addressing is used inside networks.

A repeater is discussed on page 6-4. It can be an amplifier, which will amplify static as well as signal, or a signal regenerating repeater, which repeats only the signal. Note that rules exist that limit the number of repeaters allowed on a network.  A repeater is used to link segments of the same network. It is a networking device, not an internetworking device.

Repeaters are placed at the ends of LAN segments, joining two pieces that would be too long together to be one segment. There are differences between repeaters on Ethernets and token rings:

  • Ethernet Repeaters - coax based Ethernet is limited by the 5-4-3 rule, which says you can connect up to 5 segments with up to 4 repeaters, and any 3 of the segments can be populated.
  • Token Ring - in a token ring, every station is a repeater, since they all receive and retransmit packets. There are limits to the number of stations on a ring, the length of the cable between any two stations, and the total length of cable in the ring.

Bridges connect network segments together and act as filters, to minimize traffic. Without such filters, all traffic on the net would go to all stations on the net, on all segments. Bridges connect two LAN segments for convenience, and filter traffic so that not all signals have to appear on both segments. Since bridges use hardware addresses to make their decisions, bridges are considered Data-Link layer devices. (They depend on Physical layer processes, too, but their work happens at the Data-Link layer.)

In general, a bridge would prevent traffic on segment A from reaching segment B, unless it was meant for a station on segment B. (In that case, all stations on both segments would get the traffic.) Bridges work by learning the MAC addresses of devices on each side of them. Traffic that begins on one side, meant for another device on the same side, is prevented from crossing the bridge. This improves performance on baseband networks. Normally, only one signal can be sent at a time. The bridge allows for simultaneous signals on each side of it, provided that those signals do not need to cross over to the other segment.

You should be aware of the 80/20 Rule. Bridges are most useful if they follow this rule. You should place bridges and nodes so that 80% of the traffic on a bridged segment stays on that segment (is local to that segment), and only 20% of the traffic should have to cross the bridge. If this rule is violated, the bridge is in the wrong place, a node is on the wrong segment, or perhaps you need a repeater instead of a bridge.

Bridges can also serve as translating devices. A translating bridge links two segments that do not use the same protocols and translates between them.

A tunneling or encapsulating bridge wraps an electronic envelope around packets to make them acceptable to a dissimilar segment. To use the example in your text, a packet may start on a token ring segment (SegA), be wrapped by a bridge (B1) in an Ethernet wrapper to pass across an Ethernet segment (SegB), then be received by a second bridge (B2) that removes the wrapper and passes the packet to another token ring segment (SegC). The drawback to this approach is that the packets are not usable on the intermediate segments, so sending signals directly from a device on SegA to a device on SegB cannot be done this way.

The intelligent part of the bridge, the part that decides whether to forward a frame to a specific segment, is called the Relay Entity. In order for a frame to be forwarded, a list of requirements must be met:

  • the frame must be addressed to a device on a segment other than the one it started on
  • the frame must have data in it from a layer above the MAC sublayer
  • there must be a CRC in the frame (This is Cyclic Redundancy Check information, which is a method of error correction.)
  • the frame must not be addressed to the bridge

Transparent bridges store the incoming frames, check the above criteria, check the CRC to repair data errors, and forward frames that need forwarding. Because the frame is stored and processed this way, the bridges are operating in a store-and-forward mode. There is an inevitable delay while the checks are made, referred to as the latency of the bridge. The larger the frames, the longer the latency.

The list of devices and their MAC addresses that a bridge builds is called the filtering database. A filtering database starts out empty each time a bridge is restarted, and information is filled in as frames are received from various stations.

Now for the problem: a bridging loop. First, you need to know that redundant bridges can be put between segments, in case one breaks. A bridging loop can be created when packets pass endlessly from one segment to the next across the two bridges. It can also happen if the bridges generate a broadcast storm of new packets. An example: Assume two segments are connected by two bridges. A frame is generated on Segment A from workstation W1, and hits both bridges. Both bridges copy the frame, learn that W1 is on Segment A, and both forward the frame to Segment B. However, each bridge will receive the copy that the other bridge forwards to Segment B. This will cause the bridges to update their databases to show workstation W1 as being on Segment B, and they will forward each these frames back to Segment A. Then the process repeats, again and again and again. This is not good.

To avoid the bridging loop problem, IEEE (Institute of Electrical and Electronics Engineers) standard 802.1d gives us the spanning tree protocol. This says that in each redundant pair of bridges, one is the designated bridge, and the other is the backup bridge. Bridges communicate with bridge protocol data units (BPDUs) to determine which is the designated bridge, and when the backup bridge must take over. The network should be diagrammed like a tree. One bridge is chosen to be the root bridge, which sends configuration messages to designated bridges. The root bridge is chosen by its bridge ID, which is an eight byte (16 hex digits) number composed of two bytes assigned by the administrator and all six bytes from the MAC address of the port adapter (NIC). The bridge in the tree with the lowest bridge ID number is the root bridge. Bridges elect a root bridge by sending packets to all ports proclaiming themselves to be the root bridge. If packets are received from bridges with lower IDs, each bridge will acknowledge by changing its opinion, and sending packets that identify the new candidate as the root bridge. (Note that these packets contain the address for the bridge sending the packets in one field, and the address of the bridge it believes to be the root bridge in another field.) A root bridge will continue to send BPDUs every two seconds, by the IEEE standard.

The terms hub and concentrator are often used for a devices used to collect connections at one point. Hubs can be described by their performance:

  • passive - a passive hub connects devices, but does not regenerate signals
  • active - an active hub connects devices, and does regenerate signals
  • multiport repeater - regenerates the signal and then transmits it to all ports, regardless of which device the transmission is addressed to. Most active hubs are multiport repeaters.
  • switch - only forwards the signal through the port that will allow the transmission to be delivered to the device to which it is addressed. This is the type that is currently used most. It can be used to increase the traffic capacity of single network, but it also allows an administrator to create several virtual LANs (VLANs), making it an internetworking device as well.

Interconnectivity hardware involves connecting one or more networks together. Three classes of such devices are:

  • Router - this device is used to connect networks, or subnetworks to each other
  • Brouter - this is a bridging router, that can act as a filter between networks on ISO level 2 (like a bridge) or ISO level 3 (like a router)
  • CSU/DSU - A Channel Service Unit/Digital Service Unit can be thought of as a digital modem. These machines convert digital network signals for transmission across WAN connections, which are usually digital, instead of analog (like the phone system) so they are different from the usual digital/analog convertor. A CSU/DSU interface is typically found between a LAN and a leased T1 line.

Routers pass signals from one network to another. Routers use software addresses instead of hardware addresses. This makes them independent of protocols used at lower layers. Almost. Example: a transmission is sent from a station on network 1 to a station on network 50. It could pass along any number of routes. What happens is like this

  • The Network Layer header of the outgoing message has a place to write information about the sender and the intended receiver. Assume we are talking about IP addresses. The sender's IP address is saved in the Network Layer header, along with the IP address for the recipient. This data stays in the Network Layer header until the intended recipient breaks down the header.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer    
  • The Data Link layer header also has a place to write down the address of the sender and the receiver, the difference being that this layer uses MAC addresses. Since the intended recipient is not on the sender's network, the sending station sets the Data Link Layer address of the recipient to the MAC address of the router (default gateway) on his network, and sends the message as a frame to that router. If necessary, an ARP signal is sent to determine the MAC address of the default gateway router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Sender's MAC Default Gateway MAC
  • The router on the sender's network gets the frame, erases the sender and recipient addresses in the Data Link Layer, and decides on a route to the recipient's network (which is written on the header of the Network layer, remember?). The next router in a logical chain is selected. If necessary, ARP is used to find the MAC address of the next router. The next router's MAC address is written in the Data Link Layer header as the "recipient", and the current router's MAC address is written to the Data Link Layer header as the "sender". The frame is forwarded to the next router.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Default Gateway MAC Next router's MAC

  • The process in the step above is repeated until a router on the intended recipient's network gets the frame. Then, the final router's MAC information and the receiver's MAC information is written to the Data Link Layer header, and the frame is delivered, where it is unpacked and handed to the IP protocol on the Network layer.
    Layer Source info Destination info
    Network layer Sender's IP Receiver's IP
    Data Link layer Final router's MAC Receivers's MAC

Obviously, this system would fail if routers did not have the ability to learn what routers can reach what networks. Passing a packet from one router to another is called a hop. Routers keep tables of router names, networks those routers can connect to, and how many hops away a network is through a given router. Some routers also track a cost value, which can be based on line speed. Route tables are usually constructed by using a route discovery protocol.

Routing protocols can be static or dynamic. A static protocol would be one in which the administrator defines the routing table. A dynamic protocol could be one of two types:

  • Distance Vector - a verbose algorithm, in which tables are sent in their entirety to other routers, routers calculate route costs based on second hand information, and convergence (routers sharing information with each other) is slow. Tables are constantly in flux, and updates are sent at intervals ranging from 10 seconds to two minutes. RIP is the protocol used in IP and IPX networks. This protocol is susceptible to the count-to-infinity problem.
  • Link State - tables are sent in their entirety when a router is booted, but only first hand information is sent after that. This avoids the count-to-infinity problem. The routers send Link State Packets (LSPs) which contain only information about networks the routers connect to directly. IP networks use the OSPF protocol and IPX networks use the NLSP protocol. OSI has a protocol for Link State called IS-IS.

The count-to-infinity problem exists only in Distance Vector routing. It works like this:

  • All routers track the hops to other networks.
  • If a router is not connected to a given network, it must connect to it through another router.
  • Routers read the table information sent to them from other routers, and correct their own tables. They assume that the number of hops to a given network is the number of hops to another router, plus however many hops that router says it is to the other network.
  • When a router goes down, the other routers continue to update. If the router that is down is the only connection to a network, that network is unavailable.
  • The other routers will continue to send information to each other about how many hops away from the "down net" they are (not knowing it is down). Assume Router A was one hop away from the down router, and it will not get updates from the down router. It will now learn from its upstream neighbor, Router B, that Router B is two hops from the missing net. Router A will now assume it is three hops from the missing net, and tell other routers, who will update their tables.
  • Since there is no real connection to the missing net, the tables will continue to increment the assumed number of hops to it, approaching infinity. The maximum value allowed for Distance Vector hops is generally 16.

To combat the count-to-infinity problem, three methods are used:

  • Split horizon (also known as best information) - a router is not allowed to advertise information about a path on the path that it is received from
  • Split horizon with poison reverse (also known as poison reverse) - the routers do advertise paths to themselves, but they show them as infinity (16)
  • Use Link State routers instead

Load balancing is a desireable end. If only the best routes were ever used, then some routes would go unused, which is inefficient. In fact, the best route would become congested, and a lesser route might be preferable. Load balancing attempts to use all routes to better advantage.

Some protocols are described as nonroutable (unroutable). This means that the protocols either do not use dynamic routing, or they have no Network Layer.

  • SNA - uses only static routing
  • NetBIOS - designed for communications within a LAN, using the Session layer. It has no Network layer component
  • NetBEUI - an enhancement of NetBIOS, using frames. It has no Network layer component.
  • LAT - a DEC protocol, intended to stay within one network.

Nonroutable protocols can be bridged or encapsulated (tunneled). Brouters and switches can bridge nonrouting protocols.

A comparison of the features of bridges, switches and routers give you reasons for choosing each piece of equipment:

  • Bridges and switches are intended to connect LAN segments, increasing their effective bandwidth. The rely on physical addresses. They drop packets that are too large. They typically are self configuring. They are independent of upper layer protocols.
  • Routers are intended to interconnect networks. They can fragment and reassemble packets that are too large, limit broadcast traffic, and provide security and control. They require configuration. They are independent of lower layer protocols.
  • Brouters can route and bridge, enabling them to pass both Network Layer and Data Link Layer protocols.
  • Link state routing systems converge faster than spanning tree bridging systems. Routing systems also continue to function while reconfiguring.
  • Use switching to eliminate congestion within a workgroup.
  • Use bridging to provide local segment and workgroup connectivity, and fault tolerance.
  • Use routing for connectivity to the enterprise internetwork, security, and fault tolerance.