dropdown menu


Basics - Devices, Routing

Hub, Switch, Bridge

Hub and switch handle a data type known as frames. Frames carry your data. When a frame is received, it is amplified and then transmitted on to the port of the destination PC.

In a hub, a frame is passed along or "broadcast" to every one of its ports. It doesn't matter that the frame is only destined for one port. The hub has no way of distinguishing  which port a frame should be sent to. Passing it along to every port ensures that it will reach its intended destination. This places a lot of traffic on the network and can  lead to poor network response times.

A switch, however, keeps a record of the MAC addresses of all the devices connected to it. With this information, a switch can identify which system is sitting on which port. So  when a frame is received, it knows exactly which port to send it to, without significantly increasing network response times. And, unlike a hub, a 10/100Mbps switch will  allocate a full 10/100Mbps to each of its ports. So regardless of the number of PCs transmitting, users will always have access to the maximum amount of bandwidth. It's for  these reasons why a switch is considered to be a much better choice then a hub.

Before switches became available, devices called hubs were common. Hubs were less intelligent network devices that always copied all frames to all ports. By only copying frames  to the destination ports, switches utilize network bandwidth much more effectively than hubs did.

Another piece of network hardware related to the switch is the bridge. A Bridge is effectively a two-port switch. Because there is not much market for a two-port switch, bridges  are no longer manufactured. (A switch is not much more than a multi-port bridge. More ports is the difference.)

Router, Gateway

Routers are completely different devices. Where a hub or switch is concerned with transmitting frames, a router's job, as its name implies, is to route packets to other networks  until that packet ultimately reaches its destination. One of the key features of a packet is that it not only contains data, but the destination address of where it's going.

A router is typically connected to at least two networks, commonly two Local Area Networks (LANs) or Wide Area Networks (WAN) or a LAN and its ISP's network (for example, your  PC and EarthLink). Using headers and forwarding tables, routers determine the best path for forwarding the packets. Router use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.

Today, a wide variety of services are integrated into most broadband routers. A router will typically include a 4 - 8 port Ethernet switch (or hub) and a Network Address  Translator (NAT). In addition, they usually include a Dynamic Host Configuration Protocol (DHCP) server, Domain Name Service (DNS) proxy server and a hardware firewall to  protect the LAN from malicious intrusion from the Internet.
(Firewall devices can be seen as IP router devices that are exclusively developed for their IP filtering capability and intentionally used in the network to shut out undesirable network invasions.)

A gateway in the general meaning, is any device that "knows how to get from one network to another". So routers are usually gateways because they know how to get packets from one network to another, but gateway doesn't necessarily have to be a router.

(There is acual "router" device, but I couldn't find "gateway" device, gateways are usually computers, but in the general meaning a bridge, a switch also can fit into it. -bb)

The main difference is, whether it has to do ptotocol conversion. It shows the gate to the way to new territory, so we have to follow the rules of the new territory...that is protocol conversion (SMS gateway server, VPN gateway server, VOIP...)

It provides a compatibility between different protocols. It allows routing between different networks.

A router works by looking at the IP address in the packet and decides if it is for internal use or if the packet should move outside the network (to the WAN). In a VoIP conversation, you would have a gateway that works for any calls that can not be carried via IP and it moves them to a POTS (Plain Old Telephone Service) connection. Generally you need both.

Deafault gateway:
(Do not confuse with the gateway, as described above -bb) If you are configuring a desktop workstation to use a default gateway, this is generally the router on that workstation's network. That means any traffic that workstation needs to send that it doesn't know the MAC address of, it will send to the router or default gateway. n.

Another good point of view:

Bridge/Switch    -Layer-2 Ethernet frame forwarding
Routing           -Layer-3 IP packet forwarding


The term routing refers to the process of choosing a path over which to send packets, and router refers to any computer making such a choice. Routing is performed by the IP layer.

Routes are defined in the kernel routing table. The IP routing mechanism only considers the IP network address part of the destination address.

TCP/IP searches the route table for a best fit in the following order:
    -host route: defines a route to a specific host through a gateway
    -network route: defines a route to any of the host on a specific network through a gateway
    -default route: defines a gateway when the host or network route is not defined

Dynamic Routing

With dynamic routing, routers automatically update their routing tables with information received from other routers. A routing table contains information about the routers

Dynamic routing allows a network configuration to react automatically to changes in a network. Routing decisions are made based on information contained in packets. Reliable routes are selected between the source and the destination nodes on a network based on information from other routers

Dynamic routing uses the gated and routed daemons for the working of the routers. The routed and gated dynamic routing daemons can operate in the active mode or the passive mode

In the active mode, the daemon broadcasts routing information about its local network to routers and hosts, and it receives routing information from other routers and hosts. Routers are normally configured in the active mode

In the passive mode, the routing daemon receives routing information from routers and hosts only and updates its own routing table. It does not broadcast its routing information. Hosts are typically configured in the passive mode to reduce network traffic

Static Routing
With static routing, routing commands are used to update the routing tables. The contents of the table change only when you issue the routing command

Static routing requires that routes be configured manually for each router. Its disadvantage is that if a destination host is down, the static route’s information will remain in the routing table, and the data will be sent toward that destination host in vain

The route command, entered from the command line, places routing table entries into memory. Such entries are not available after a reboot, but they provide a good method for testing routes.

The network option ipforwarding allows you to configure a host as a router. This option allows you to enable or disable forwarding, using the no command.A host acts as a router if the packet is destined for a host on the same network (direct routing). Otherwise, the packet is sent to a router that in turn forwards the packet either to a host on another network connected to the router or to another router (indirect routing). This feature can be enabled by setting the network option ipforwarding.

The host consults its routing table to determine where the packets should go. If the packet is destined for the same subnet, the host consults its arp cache for the physical address; otherwise, it uses the physical address of the appropriate router

The traceroute Command

The traceroute command repeatedly sends data packets to a destination host. Each packet contains a successively larger time-to-live, or ttl, value.

The ttl is a value attached to each packet. It tells a gateway or host how many hops the packet was granted before it expired. When a node receives a packet with a ttl of 0, it discards the packet. Primarily, the ttl functions as a means of removing old data.

When a gateway receives a packet, it decrements the ttl value by 1 and sends the packet to the next gateway. When a gateway receives a packet with a ttl value of 0, the gateway discards the packet and sends an ICMP TIME_EXCEEDED error message back to the source host.



ra said...

awesome post .. thanks Balazs


Anonymous said...

Can you please post sections for DNS , NTP , NIS etc in AIX env please . Your notes are so clear to understand , Thanks

gantoki said...

awesome stuff , i love to read this

gantoki said...

hello Admin

why are you not adding GPFS on your blog site

aix said...

Hi, in our environment we do not use that, and I did not do tests with that.

Anonymous said...

I have added a route using chdev and command ran successfully but i am not seeing route when i do lattr -El , please advice