LAN Technology Basics: LAN Segmentation

The LAN segmentation method is to divide the network into smaller segment bridges, switches and routers by dividing the conflict domain into smaller parts, thus reducing the competition for bandwidth and reducing collisions. A router also has the advantage of controlling the broadcast traffic (traffic), which is the ability to divide the broadcast domain into smaller domains. For broadcast domains, the two words "subnet (subnet)" and "Virtual local area network (VLAN)" are more common than "segmented", and a subnet may contain several conflicting domains.

A router can split a broadcast domain because it does not forward any broadcast traffic. The router works at Layer 3rd (the network layer) of the OSI model, and because it does not forward the broadcast service, there is a simple way to reduce the broadcast domain. As shown in Figure 1-3.

Figure 1-3 Four broadcast domains separated by routers

Figure 1-3 is an example of the network configured in Figure 1-2, and the difference is that the main hub is changed to a router. The four networks connected to the router constitute separate broadcast domains respectively. Node 2 on the HUB3 broadcasts to all nodes on the HUB3, and Node 4 on the HUB1 broadcasts to all nodes on the hub1. The same is true for nodes on the other two hub. Because routers do not forward any broadcast traffic, broadcast messages sent from one hub cannot be uploaded to any other hub. By reducing the traffic on each network segment, you can reduce the number of conflicts. In this example, it is likely that both the broadcast traffic and the conflict are not the cause of slow network speed.

LAN segmentation using a network bridge to segment the LAN

The network bridge can be used to divide the conflict domain, so as to obtain better performance. However, if the network bridge is placed incorrectly, it can degrade the network performance rather than improve it. A network bridge differs from a router in that it works at the MAC layer of the second layer of the OSI model (data Link layer). The network bridge not only creates the physical network segment, but also creates a separate logical network segment.

The bridge also establishes a table that records all known MAC addresses through the Network Bridge and the network segment where these MAC addresses are. By checking the destination MAC address in the frame, the network bridge determines the correct network segment and forwards the frame. However, if the network Bridge does not know the location of the MAC address, it forwards the frame to all the network segments connected to it by flood-universal method. As shown in Figure 1-4, the network Bridge does not know the destination address of the data frame emitted by node 2, and it sends the frame to all three segments connected to it. Note that the network Bridge does not forward the data to the node that emits the data.

Figure 1-4 Three network segments separated by a network bridge

Back to the column page: http://www.bianceng.cnhttp://www.bianceng.cn/Network/zwjs/

Unlike routers, a network bridge can send a broadcast to a connected network segment. This feature is not conducive to LAN segmentation because a broadcast storm may occur. If you are not worried about the broadcast storm, using a network bridge as a LAN segment is an acceptable solution.

LAN segmentation using switches to segment LAN

Using a switch to segment the LAN can improve the performance of the end user device. The switch is actually just a multiport network bridge, it uses the hardware of the special integrated circuit to complete the operation of the software of the Network Bridge. As with the network Bridge, the switch uses the destination MAC address to ensure that the data is forwarded to the correct port. Figure 1-5 is an example of using a switch to segment a LAN.

This method increases the bandwidth compared to the network bridge. Because each network segment operates on the switch's own dedicated port, only traffic with the destination address of the other network segment passes through the switch's source port and destination port, while other ports unrelated to that destination address are unaffected. However, there is one point to be noted in the above scenario. Because the switch is essentially a multiport network bridge that uses a dedicated integrated circuit, it also delivers the broadcast service stream. However, most switches can be configured with a "broadcast limit". After the "broadcast limit" is reached, all broadcast messages exceeding the "broadcast limit" are discarded. A proper selection of "broadcast limits" will allow the broadcast message to be discarded only when the broadcast storm occurs.

Figure 1-5 LAN segmentation with a switch

LAN segmentation should be noted: when different hardware devices for LAN segmentation, remember that they produce different effects is very important.