Routing, Switching, and Network Devices
Hubs, bridges, switches, and routers each operate at different OSI layers and serve distinct purposes. Routing tables determine how packets move between networks. VLANs segment traffic logically.
Network Devices by Layer
| Device | OSI Layer | Function |
|---|---|---|
| Hub | 1 (Physical) | Broadcasts all traffic to all ports |
| Bridge | 2 (Data Link) | Connects two network segments, learns MAC addresses |
| Switch | 2 (Data Link) | Multi-port bridge, forwards frames to specific ports |
| Router | 3 (Network) | Forwards packets between networks using IP addresses |
Hubs and Bridges
A hub is the simplest device: it repeats every incoming signal to all other ports. There is no filtering. All devices share the same collision domain.
A bridge connects two network segments. It learns which MAC addresses are on each side by observing traffic. Once learned, it forwards frames only to the segment containing the destination MAC. This reduces unnecessary traffic between segments.
A switch is essentially a multi-port bridge. It maintains a MAC address table and forwards each frame only to the port associated with the destination MAC. Multiple bridges (switches) connected together extend this to larger networks with their own subnets.
Routers and Routing Tables
A router operates at the network layer. Its job is to forward packets between different networks (subnets). It provides a logical control point for:
- Security policies and filtering.
- Traffic redirection.
- NAT (Network Address Translation).
A routing table contains all known network routes. Each entry maps a destination network (IP prefix) to a next-hop address or outgoing interface. Example entries:
192.168.70.0/24 → interface eth0 (local)
192.168.20.0/24 → next-hop 192.168.20.1
0.0.0.0/0 → default gateway (internet)When a packet arrives, the router looks up the destination IP in its routing table (longest prefix match) and forwards accordingly.
A router is typically assigned one IP address per connected network. For example, 192.168.20.1 is the router’s address on the 192.168.20.0/24 network and serves as the default gateway for hosts on that subnet.
IP Addressing and Subnets
IPv4 addresses are 32 bits, written as four octets (0-255 each): 192.168.1.1.
Private address ranges (RFC 1918):
10.0.0.0/8172.16.0.0/12192.168.0.0/16
Subnetting divides a network into smaller segments. The subnet mask defines which bits identify the network and which identify the host. A /24 mask means the first 24 bits are the network portion: 192.168.1.0/24 contains hosts 192.168.1.1 through 192.168.1.254.
IPv6 uses 128-bit addresses, written in hex: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
VLANs
A VLAN (Virtual LAN) segments traffic logically on a physical switch. Ports are assigned to VLANs. Traffic from one VLAN cannot reach another VLAN without passing through a router (or Layer 3 switch).
Uses:
- Isolate departments on the same physical infrastructure.
- Reduce broadcast domains.
- Improve security by separating sensitive systems.
VLAN tags (IEEE 802.1Q) are added to Ethernet frames so that switches know which VLAN a frame belongs to. Trunk ports carry traffic for multiple VLANs between switches.