Differences between hubs, routers, switches, and gateways

Here we will first look at the network division: The network division types are generally the following common:

Internet: the Internet of independent computers. The Internet is not a single computer network. It is a collection of interconnected networks, that is to say, a global network composed of many networks is called the "Internet ".

Wide Area Network (WAN): a computer network that covers more than 10 thousand meters and spans a large region.

Lan: a dedicated computer network in the same building or several thousand meters away.

Ethernet: the most widely used computer LAN technology. It is a bus-based, broadcast-type local area network.

From the concept, we can see the difference. First, the Internet is the largest network. The Wan is included in the Internet, and the LAN is smaller than the WAN, which is also included in the Internet. Ethernet is a technology and a technology used for LAN. It is not a specific network, but a technical specification.

Ethernet is the most common communication protocol standard used by local area networks. The standard defines the cable type and signal processing method used in the LAN. Ethernet is 10 ~ Mbps transmission information.

<! -- [If! Supportlists] --> 1. Hub <! -- [Endif] -->

Hub: physical layer that works in the OSI model

A hub adopts the shared mode, which means that when a port sends data to another port, other ports are in the "Waiting" status. Why is it "Waiting? For example, when a sends a packet to B in a unit of time, a sends the packet to B, C, and D, but only B receives the packet, other ports will no longer receive data sent by a after determining that the data is not needed in the first unit of time. Until a sends an IP broadcast again, C and D are idle or data can be transmitted between CD units before a sends an IP broadcast again. We can understand that there is only one channel (public channel) inside the hub, and all ports are connected under the public channel.

The smart memory function of a hub without a vswitch can be used to find a specific computer in the MAC address ing table, send the received data to the computer connected to the hub through broadcasting. The computer on which the data packet is transmitted to is identified by each computer. For this reason, the hub has the following shortcomings: (1) user data packets are sent to all nodes, which may lead to insecure data communication, some people with ulterior motives can easily illegally intercept others' data packets. (2) because all data packets are sent to all nodes at the same time, in addition to the shared bandwidth method described above, network Congestion is more likely to occur and network execution efficiency is reduced. (3) Non-duplex transmission, low network communication efficiency. Each port of a hub can only communicate with each other in one direction at a time, instead of Bidirectional duplex transmission like a switch. The network execution efficiency is low and cannot meet the needs of large-scale network communication. Is connected by a hub,

2. vswitch: a network device that can encapsulate and forward data packets based on MAC (hardware address of the network card) recognition. The switch can "Learn" the MAC address and store it in the internal address table. A temporary exchange path can be created between the initiator of the data frame and the Target receiver so that the data frame can directly access the destination address through the same source address. Switches work at the data link layer of the OSI model, providing Intelligent Learning and Memory capabilities. LAN switches are defined as Ethernet, fast Ethernet, FDDI, and ring-based network. They are all shared LAN with shared media and shared bandwidth. To increase bandwidth, vrouters are often used for network division. A network is divided into multiple CIDR blocks. Each CIDR block has different subnet addresses and broadcast domains to reduce network conflicts, increase network bandwidth. The switch provides the bridging capability and the function of adding bandwidth to the existing network. The switches used on l a n are similar to the bridges because they all operate on the m a c sub-layer of the data link layer (Layer 1, the device addresses of all incoming network traffic are verified. Similar to the bridge, the switch maintains an information table about the address and uses this information to determine how to filter and forward the traffic of l a n. Unlike bridges, switches use exchange technology to increase the total input and output of data and the bandwidth of the installation media. Generally, the forwarding delay of a vswitch is very small, which can economically divide the network into small conflicting domains to provide higher bandwidth for each workstation. The vswitch has a high-bandwidth back bus and an internal switching matrix. All the ports of the vswitch are attached to the back bus. After the control circuit receives the data packet, the processing port searches for the address table in the memory to determine the target MAC address (the hardware address of the NIC) nic is connected to which port, and data packets are quickly transmitted to the destination port through the internal switching matrix. If the destination MAC does not exist, broadcast the packets to all ports, after receiving the port response, the switch "learns" the new address and adds it to the internal MAC address table.
You can also use a vswitch to segment the network. By comparing the MAC address table, the vswitch only allows necessary network traffic to pass through the vswitch. Through the filtering and forwarding of vswitches, You can effectively reduce the number of conflicting domains, but it cannot divide network-layer broadcast, that is, broadcast domains.
A vswitch can transmit data between multiple port pairs at the same time. Each port can be considered as an independent network segment, and the network devices connected to it enjoy all the bandwidth alone, so they do not need to compete with other devices. When node A sends data to node D, Node B can send data to node C at the same time, and both transmission enjoy all the bandwidth of the network and all have their own virtual connections. If a 10 Mbps Ethernet switch is used here, the total traffic of the switch is 2*10 Mbps = 20 Mbps. When a 10 Mbps shared hub is used, the total traffic of a hub does not exceed 10 Mbps. That is, a vswitch is more intelligent than a hub, and may identify MAC addresses or different subnets. However, after all, it does not have a high-level IP address function at the data link layer. 3. router: a network device that works on the OSI Layer 3 (Network Layer) and can connect to different types of networks and select data transfer paths. When talking about different network types, different types of network types here refer to technical standards such as Ethernet, card ring network, and so on. A vro has three features: working at the network layer, connecting different types of networks, and selecting data transmission paths.

1. the hub works on the first layer (that is, the physical layer) and has no smart processing capability. For it, data is only current. When the current of a port is transferred to the Hub, it simply transmits the current to other ports. The computer connected to other ports does not receive the data. A vswitch works on the second layer (that is, the data link layer). It is more intelligent than a hub. For it, the data on the network is a set of MAC addresses, it can identify the source MAC address and target MAC address in the frame, so it can establish a connection between any two ports, but the switch does not know the IP address, it only knows the MAC address.

<! -- [Endif] -->

A vro works on Layer 3 (Network Layer). It is smarter than a vswitch. It can understand the IP address in the Data. if it receives a packet, it checks the IP address, if the target address is in the local network, the packet is forwarded to the local network. 2. routers can connect to different types of networks. Common hubs and switches are used to connect Ethernet networks. However, if two network types are connected, such as Ethernet and ATM, hubs and switches are useless.
　　
A vro can connect different types of LAN and WAN, such as Ethernet, ATM, FDDI, and ring-based network. For different types of networks, the format and size of frames transmitted by them are different, just as road transportation uses vehicles to load goods, while railway transportation is the same as loading goods in the unit of car skin. When changing from car transportation to railway transportation, the goods must be placed on the train skin. The same is true for the data in the network, data is transmitted from one type of network to another type of network. The frame format must be converted. Vrouters have this capability, but vswitches and hubs do not.
In fact, what we call the "Internet" is connected by various routers. Because there are different types of networks on the Internet, the hubs and switches cannot perform this task at all, therefore, the router must assume this role.
2. A vro has the path selection capability on the Internet. There may be many paths from one node to another. A vro can select a smooth and fast path, which greatly improves the communication speed, reduces the communication load of the network system and saves the resources of the network system, which is not the performance of the hub and layer-2 switch.
Vro type:

1. Access to a vro refers to connecting a LAN user to a vro device in the WAN. The most common access to a LAN user is access to a vro. As long as there is an internet, there will be a router. If you use a LAN shared line to access the Internet, you must use a vro. I access the Internet through a proxy server. can I access the Internet without a router? In fact, the proxy server is also a vro. When a computer is connected to the NIC, ISDN (or modem or ADSL), and the agent server software is installed, the proxy server actually forms a vro, however, the proxy server uses software to implement the routing function, while the router uses hardware to implement the routing function. The structure is different, but the functions are the same. 2. enterprise-level Routers
Enterprise-level routers are used to connect tens of thousands of computers in large enterprises. Common LAN users cannot access them. Compared with access routers, enterprise-level routers support many network protocols and are fast. They must handle various LAN types and support multiple protocols, including IP, IPX, and Vine, it also supports firewall, packet filtering, a large number of management and security policies, and VLAN (Virtual LAN ).

2. backbone routers can be accessed only by technicians working in a few sectors such as China Telecom. Currently, the Internet consists of dozens of backbone networks, each of which serves thousands of small networks. backbone routers enable enterprise-level network interconnection. The requirements for it are speed and reliability, while the price is secondary. Hardware reliability can be achieved through technologies used in the telephone exchange network, such as hot backup, dual power supply, and dual data path. These technologies are required for all backbone routers. Vro terminal systems on the backbone network cannot be directly accessed. they connect to the ISP and enterprise networks on the long-distance backbone network.

What is the difference between a vswitch and a vro? (1) different working levels the original switches work at the data link layer (second layer) of the OSI/RM open architecture, and the Router Design starts at the network layer of the OSI model. Because the switch operates on the second layer (data link layer) of OSI, its working principle is relatively simple, while the router works on the third layer (Network Layer) of OSI ), more protocol information can be obtained, and routers can make more intelligent forwarding decisions. (2) Data Forwarding is based on different objects. Different vswitches use physical addresses or MAC addresses to determine the destination address for data forwarding. A vro uses the idnumber (IP address) of different networks to determine the data forwarding address. IP addresses are implemented in software and describe the network where the device is located. Sometimes these layer-3 addresses are also called protocol addresses or network addresses. The MAC address is usually provided by the hardware and allocated by the NIC manufacturer, and has been fixed to the NIC. Generally, it cannot be changed. The IP address is usually automatically assigned by the network administrator or the system.
(3) Traditional vswitches can only be divided into conflicting domains, but cannot be divided into broadcast domains. routers can be divided into broadcast domains. The CIDR Block connected by the vswitch still belongs to the same broadcast domain. broadcast packets are transmitted across all CIDR blocks connected to the vswitch. In some cases, communication support and security vulnerabilities may occur. The CIDR blocks connected to the vro are allocated to different broadcast domains, and the broadcast data does not pass through the vro. Although vswitches above Layer 3 Have VLAN functions and can also be divided into broadcast domains, communication between subbroadcast domains is not allowed, and communication between them still requires routers. (4) A Router provides firewall services. It only forwards data packets of a specific address. It does not transmit data packets that do not support the routing protocol and transmits data packets of the target network, this prevents broadcast storms. 4. Gateway: we have analyzed the three most basic network devices required for the access network. Here we also have a device gateway. In fact, the gateway is like a door. To communicate with the external network, you must go through this gate. First, let's take a look at the main categories of gateways. The gateway is divided into three categories by function:
1) Protocol Gateway: as the name suggests, the main function of such Gateway is protocol conversion between networks of different protocols. Since the development of the network, there have been several common types such as: 802.3 (Ethernet), IrDA (infrared data association, infrared data Alliance), Wan (Wide Area Networks, Wan) different networks have different data encapsulation formats, different data group sizes, and different transmission rates, such as 802.5, x2.5, 802.11a, 802.11b, 802.11g, and WPA. However, it is essential for these networks to share and communicate with each other. To eliminate the differences between different networks and facilitate smooth data communication, we need a dedicated interpreter, namely Protocol Gateway. A network made by him can understand other networks, and he also makes different network connections a huge Internet.
2) Application Gateway: it is a gateway set for some specialized applications. It is mainly used to convert one data format of a service into another data format of the service, to achieve data exchange. This gateway is often used as a server for a specific service, but also has the gateway function. The most common type of server is the mail server. We know that there are several email formats, such as POP3, SMTP, fax, x.400, and MHS. If the SMTP mail server provides Mail Gateway interfaces such as POP3, SMTP, fax, and x.400, then we can pass
The SMTP mail server has sent emails to other servers.

3) Security Gateway: The most common security gateway is the packet filter. In fact, it is to authorize the original address, Destination Address, port number, and network protocol of the data packet. Through the filtering of such information, data packets with permission are transmitted through the gateway, and packets without permission are intercepted or even discarded. This is similar to the software firewall, but compared with the software firewall, the security gateway processes a large amount of data and processes fast, it can effectively protect the entire local network without causing bottlenecks for the entire network.

What is the gateway?A gateway, also known as a protocol converter, is a complex network connection device that supports conversion between different protocols for interconnection between different protocol networks. The gateway can convert incompatible high-level protocols. To achieve communication between heterogeneous devices, the gateway must translate and convert different link layer, Dedicated Session Layer, presentation layer, and application layer protocols.

Therefore, the gateway is a router with superior intelligence, a bridge with superior intelligence, and a repeater with superior intelligence.

To connect two completely different networks (Heterogeneous Networks) together, the gateway is generally used. In the Internet, the two networks must also be interconnected through a computer called the gateway. This computer can decide whether to send user-sent information to the local network based on the IP address of the target computer for communication. At the same time, it also sends the information from the outside to the local computer for receiving, it is a channel connecting a network to another network. To enable the TCP/IP protocol to address, the channel is assigned an IP address, which is called the gateway address.

A gateway is essentially an IP address from a network to another network. For example, if Network A and Network B exist, the IP address range of Network A is "192.168.1.1 ~ 192. 168.1.254 ", The subnet mask is 255.255.255.0, And the IP address range of Network B is" 192.168.2.1 ~ 192.168.2.254 ", and the subnet mask is 255.255.255.0. Without a router, the two networks cannot communicate with each other through TCP/IP, even if the two networks are connected to the same vswitch (or hub, because the porcelain cylinder works on the data link layer, only the MAC address corresponds to the port, and does not involve IP addresses at the network layer or IP routing, no hosts in the two networks can communicate with each other. However, a layer-3 Switch provides the routing function for communication.
The TCP/IP protocol also determines that the hosts in the two networks are in different networks based on the subnet mask (255.255.255.0. To realize the communication between the two networks, you must use the gateway. If the host in Network A finds that the destination host of the data packet is not in the local network, it forwards the data packet to its own gateway, and then the gateway forwards the data packet to the gateway of Network B, the gateway of Network B is then forwarded to a host of Network B. The same is true for packet forwarding from Network B to Network.

Therefore, only the IP address of the gateway can communicate with each other through the TCP/IP protocol. Which machine is the IP address? The IP address of a gateway is the IP address of a device with the routing function. A device with the routing function has a router and a server with the routing protocol enabled (essentially equivalent to a router), proxy server (also equivalent to a vro ).
Most gateways run on the application layer, the top layer of the OSI Layer 7 protocol.

Reference blog: http://blog.csdn.net/clubsondy/archive/2005/12/03/542615.aspx