Main Network Hardware’s Difference--- Integrated Devices, Router, Network Switch & FirewallIf you are used to working with home networking gear, you will beused to anintegrated device that “does it all”. On a home network, you may have one box that isa cable/DSL modem, router, firewall, switch, and wireless access point all in one. It isamazing all the functions they can fit into one box.If you are studying Cisco networking and learning about how businesses use thesedevices, you may be wondering why there is so much importance on the differencesbetween a switch, router, firewall, and other network devices. If the home user canhave all these devices combined into one, why doesn’t the business user do this aswell? So, now, here we try to find out what the main differences between thesenetwork devices.Integrated devicesJust like home devices, business devices have become more and more consolidatedover time but not to the extent that the home devices have. Network administratorsin a business network are more comfortable having separate devices and even likethe idea. This is because network administrators like to be able to isolate problemsdown to a certain device and they like to be able to know the performancecapabilities of every device. If you use an integrated router, switch, and firewall allinto one device, troubleshooting, managing, and understanding the performancecapabilities of that device gets complicated. I’m not saying that this isn’t done. Youcan buy a big & expensive, chassis-based, Cisco 6500 series switch and have almostall these functions on different blades of the switch. This may be fine for a largerbusiness with a group of administrators but to a medium size business and a singlenetwork administrator, many times, this is a scary thought.Keep in mind that for a medium or large size business, these integrated home deviceswon’t work because they don’t offer all the features required. The standalonerouters, switches, and firewalls have many more features than these integrateddevices do.But what is the difference between these devices anyway? Let’s cover the three mostpopular devices.RouterA router is a hardware device and has the function of routing packets betweennetworks. A router works at Layer 3 of the OSI model – the Network Layer. This is thelayer that the IP protocol works at. Most routers today are IP routers that examinethe source and destination IP addresses of each packet, look up the destination of
the packet in the router’s IP routing table, and route that packet on its way. In theevent that the destination is not listed in the routing table, the router will either sendthe packet to a default router (if it has one) or drop the packet. Routers are usuallyused to connect a local area network to a wide-area network (a LAN to a WAN) butcan also be used to segment large local area networks (LAN’s).Routers prevent broadcasts. Another way of saying this is that routers form abroadcast domain. So, if your network is being deluged by IP broadcasts, you need tosubnet your network into two or more smaller networks. Those networks would beconnected by a router and that router wouldn’t allow broadcast traffic to flowbetween subnets.Routers use routing dynamic protocols like OSPF, RIP, or BGP to learn routes fromother routers. Router can also use static routes that are entered by the administrator.Routers replace the Ethernet MAC address of the source device with their own MACaddress when they send a packet out an interface. When the response to that packetcomes back, the new source of the packet is sending the response to the destinationof the router. The router receives this, replaces the source address, changes thedestination address to the original address, and sends the packet back to the originalsender. This is a complex topic that we could spend a whole article covering so this isonly meant to provide the most basic understanding of how this works.To show the routing table on the router, use the show ip route command. Here is anexample of what a routing table looks like on a router:
SwitchA switch is a hardware device that works at Layer 2 of the OSI model – data link. Thedata link layer is where the Ethernet protocol works.A switch switches Ethernet frames by keeping a table of what MAC addresses havebeen seen on what switch port. The switch uses this table to determine where tosend all future frames that it receives. In Cisco terminology, this table is called theCAM table (content addressable memory). In general, the proper term for this tableis the bridge forwarding table. If a switch receives a frame with a destination MACaddress that it does not have in its table, it floods that frame to all switch ports.When it receives a response, it puts that MAC address in the table so that it won’thave to flood next time.A switch is a high-speed multiport bridge. This is why bridges are no longer neededor manufactured. Switches do what bridges did faster and cheaper. Most routers canalso function as bridges.You might be asking how a hub fits into this mix of devices. A hub is a multiportrepeater. In other words, anything that comes in one port of a hub is duplicated andsent out all other ports of the hub that have devices attached. There is nointelligence to how a hub functions. A switch is a vast improvement over a hub interms of intelligence, for many reasons. The most important of those reasons is howthe bridge forwarding table works. Intelligent (smart) switches have made hubsobsolete because they can do more at the same cost of a dumb hub. For this reason,hubs are rarely used or sold any longer.To see this bridge forwarding table (CAM table) on a Cisco switch just type: showmac-address-tableHere is an example:
FirewallA firewall is used to protect more secure network from a less secure network.Generally, firewalls are used to protect your internal/private LAN from the Internet.A firewall generally works at layer 3 and 4 of the OSI model. Layer 3 is the NetworkLayer where IP works and Layer 4 is the Transport Layer, where TCP and UDP function.Many firewalls today have advanced up the OSI layers and can even understand Layer7 – the Application Layer.There are a variety of different types of firewalls and we won’t go into that in thisarticle so let’s just talk about the most popular type of firewall – a stateful packetinspection (SPI) hardware firewall. An example of a SPI hardware firewall is a CiscoPIX firewall. This is a dedicated appliance and it looks a lot like a Cisco router.A SPI firewall is stateful because it understands the different states of the TCP(transmission control protocol) protocol. It knows what is coming and what it goingand keeps track of it all. Thus, if a packet tried to come in but it wasn’t requested, thefirewall knows that and drops it.What we have learned about the Network Hardware’s Difference: IntegratedDevices, Router, Network Switch & Firewall: Routers work at Layer 3 and route IP packets between networks.
Routers are used to connect a LAN to a WAN (such as your small network to the Internet) but they can also be used to connect segments of a large LAN that has been subnetted into smaller segments. Routers route packets based on information in the IP routing table. You can see this table with the show ip route command on a Cisco router. Switches work at Layer 2 and switch Ethernet frames. Switches connect multiple devices on a local area network (LAN). Switches keep a table of Ethernet MAC addresses called a CAM Table or a Bridge forwarding table. You can see this table with the show mac-address-tablecommand on a Cisco switch. Firewalls work at Layers 3 and 4 but some can also work at higher layers. Most firewalls can keep track of the states of TCP to prevent unwanted traffic from the Internet from entering your private LAN.---Original tip resources from petri.co.ilMore Network Hardware Tips:Router? Switch? Be Clear the Difference Between Router and Switch.Layer 2 Switches & Layer 3 switchesRouter vs. Layer 3 SwitchesNetwork Router & Ethernet SwitchesStatic Routing vs. Dynamic Routing