Cover V06, I10
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6


Communications Equipment by the Layer

Gilbert Held

Over the past decade, manufacturers of communications products have introduced literally tens of thousands of new devices. Without a mechanism for standardizing the manner in which they operate and interface other products from the same or from different vendors, it would be extremely difficult, if not impossible, to consider multiple vendor solutions to organizational networking requirements. In addition, interoperability of equipment from different vendors that makes the Internet feasible, as well as the ability to transmit email and perform other operations between inter-connected public and private networks, would at best be questionable.

Fortunately for the system administrator, as well as network managers and network users, a high degree of equipment interoperability results from the efforts of a number of formal standards-making organizations. These include the American National Standards Institute (ANSI), Institute of Electrical and Electronic Engineers (IEEE), and the Telecommunications Industry Association (TIA) at the U.S. level, and the International Telecommunications Union (ITU) and the International Standards Organization (ISO) at the international level. Although all standards are important, there is one in the form of an architectural model that deserves particular attention: the ISO's Open System Interconnection (OSI) Reference Model.

The OSI Reference Model

The OSI Reference Model represents an architecture that defines communications processes as a set of seven layers, with specific functions isolated to and associated with each layer. Each OSI layer was assigned specific overall functions, and the sequence of functions represents a set of international standards by which open systems can communicate with one another. Figure 1 illustrates the seven-layer ISO OSI Reference Model. Through the use of layer isolation, the characteristics of a given layer can change without impacting the remainder of the model, provided that the supporting services remain the same. This enables users to mix and match OSI conforming communications products to tailor their communications to satisfy a particular networking requirement. In addition, through the development of products designed to operate up through a particular layer, communications vendors can develop products to satisfy specific organizational networking requirements.

Layer Overview

The lowest layer of the OSI Reference Model is the Physical Layer. This layer specifies the electrical and physical connection between network media and network devices. The next layer, referred to as the Data Link Layer, denotes how a device gains access to the media specified in the physical layer. In addition, this layer is responsible for the framing of data within transmitted messages, error control procedures, and other activities that control the physical movement of data. The third layer in the ISO Reference Model is the Network Layer. This layer is responsible for arranging a logical connection between source and destination devices on a network to include the selection and management of a route for the flow of information. Services performed by this layer are associated with the movement of data through a network and can include addressing and routing of packets.

Layer 4, the Transport Layer, is responsible for guaranteeing that information transfer occurs correctly after a route is established via the Network Layer protocol. To accomplish its functions, the Transport Layer performs error control and data sequence checking.

The first four layers of the ISO Reference Model are fairly well defined and it is relatively easy to select examples for each layer. For example, the RS232 standard represents a layer 1 standard as it defines the physical and electrical properties required to connect Data Terminal Equipment (DTE) to Data Communications Equipment (DCE). Similarly, at layer 2 a number of protocols exist for the transmission of framed information, such as SDLC and HDLC.

Tasked with the development of standards for LANs, members of the IEEE's 802 committee quickly noted that the Data Link Layer could be subdivided into Media Access Control (MAC) and Logical Link Control (LLC) sublayers. The MAC sublayer became responsible for a device obtaining access to the media that forms the network, while the LLC sublayer became responsible for the framing of data and the control of its physical movement.

The separation of the Data Link Layer provides a mechanism for regulating access to the media independent of the method for establishing, maintaining, and terminating a logical link between workstations. Thus, although different types of networks can be developed based on different access methods, the logical link control method becomes applicable for providing a common link between network layer protocols and the media access control. Figure 2 illustrates the relationship between the IEEE subdivision of the Data Link Layer and the ISO Reference Model's two lower layers. In this diagram, 802.3 represents the CSMA/CD protocol standard, 802.4 represents the Token-Passing Bus standard, and 802.5 represents the Token-Passing Ring standard.

At the Network Layer, protocols such as the Internet Protocol (IP) and Novell's IPX represent two commonly used layer 3 protocols. At the Transport Layer, such protocols as the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Novell's Sequenced Packet Exchange (SPX) are common examples of protocols that provide a reliable packet-delivery mechanism as well as manage lower Network Layer connections.

Returning to the ISO model, the fifth layer, known as the Session Layer, is responsible for rules required for establishing and terminating node connections. The sixth layer, or the Presentation Layer, provides services associated with data transformation, formatting, and syntax, while the Application Layer at the top of the model acts as a window through which an application gains access to all of the services provided by the model.

Network equipment is often categorized based on where it operates within the OSI seven-layer network architecture. Keeping this in mind, for the remainder of this article, I will progress "up the layer" as I describe the operation and use of hubs, bridges, switches, and routers, four extremely important devices that provide the foundation for constructing networks that can span a building, metropolitan area, state, country, or the globe.

Hub Operation

A conventional Ethernet hub receives an electrical signal on one port and simply repeats or regenerates the signal onto all other ports. The actual signal regeneration process, illustrated in Figure 3, also results in a hub performing certain functions associated with the network access protocol, such as disabling a port if a predefined number of collisions should occur.

A conventional hub is a network device that primarily operates at the physical layer with respect to its communications functions. That is, it accepts data entering on one port and broadcasts such data onto all other ports transparent to the content of frames flowing into and out of the hub.

Most Ethernet hubs are manufactured with 8, 12, or 24 ports. When the number of network devices that must be serviced exceeds the capacity of a single hub, you can interconnect two or more hubs together. Those interconnected hubs can be individual units located in different parts of a building to minimize multiple cabling runs from individual workstations to each hub, or stacked hubs installed one on top of another in a centrally located wiring closet. As the number of networking devices to be supported increases, you will either run out of network bandwidth or reach the physical constraints associated with a group of hubs that operate as a single logical repeater. For either situation one of the most common solutions is to move up the OSI Reference Model and select a popular device known as a bridge.

Bridge Operation

Through the use of a bridge you can segment a network into two or more entities whose primary traffic remains on each segment. This action lowers the level of individual segment utilization below the level of a non-segmented network, enhancing LAN performance available to network users. Since stations on segmented LANs will normally require the ability to communicate with stations on other network segments, a bridge must provide a mechanism to transmit frames to their appropriate destination. To do so, a bridge incorporates a learning process based on the use of source MAC addresses contained in each frame transmitted on each segment connected to a bridge.

To illustrate the operation of a transparent bridge designed to connect similar LANs, consider the top portion of Figure 4, which shows the use of a three-port bridge used to connect three Ethernet LAN segments. For simplicity, the 48-bit MAC address of each station, normally expressed as six hexadecimal characters, is indicated by a circled letter. A bridge constructs its forwarding table through a reverse learning process. That is, as workstations become active and transmit frames, the bridge learns the source address in the frame and associates that address with the port number of the port on which the frame was received. This action allows the bridge to construct a table of MAC addresses and their associated ports. Then the bridge uses the destination address in each frame as a mechanism to search the address-port table to determine if one of three actions should be performed; i.e., should the frame be forwarded, filtered, or flooded?

To illustrate the general operation of a bridge, assume the workstation with source address A transmits a frame to the workstation whose source address is B. When this occurs, the hub that connects workstations A, B, and C (hub 1) onto one LAN segment is also connected to port 0 of the bridge. So, when the hub receives a frame from workstation A and broadcasts it onto all other hub ports, the frame will flow to port 0 of the bridge. Thus, the bridge will associate the address A with port 0 in its address-port table as shown in the lower portion of Figure 4. At this point the bridge notes that the destination of the frame is workstation B; however, upon searching its port-address table it finds no entry for that destination address.

When a bridge does not know where to send a frame it does the next best thing to making an intelligent decision: it transmits the frame onto every port other than the port on which it was received, a term referred to as flooding. Flooding is based on the premise that an unknown destination address must reside on one of the ports other than the port on which a frame was received. Since hub A broadcast the frame to all ports on the hub, B receives it. Assuming station B responds to A, the previously described process is repeated, with the entry of B's address in the address port table and the flooding of its frame by the bridge onto ports 1 and 2 where they are received by the hubs connected to those ports. Those hubs broadcast the frames to all ports where they are ignored since destination address B resides on hub 1 and not hub 2 or 3.

To illustrate the second operation performed by bridges, called forwarding, assume that the workstation whose address is D transmits a frame to the workstation whose address is A. The frame transmitted by D is repeated by hub 2 onto all ports other than the port station D is connected to, resulting in the frame being received by the bridge on port 1. The bridge checks its address-port table and notes that address A is associated with port 0. Thus, the bridge forwards the frame from port 1 onto port 0 and updates its address-port table to note that address D is associated with port 1.

To illustrate the third operation performed by bridges, known as filtering, assume that the workstation whose address is A once again transmits a frame to the workstation whose address is B. Hub 1 repeats that frame to stations B and C on the hub as well as to port 0 on the bridge. Since the bridge has the entry associating address B with port 0, it knows it does not have to do anything to the frame. Thus, it filters it instead of forwarding or flooding that frame.

LAN Switch Operations

As bandwidth intensive applications such as graphics and multimedia grew in use, bridges became a bottleneck to network traffic, because a conventional bridge is limited to supporting one forwarding operation at a time. Understanding the bottleneck resulting from the use of bridges to interconnect segmented LANs called for a new product to alleviate this situation. Communications vendors recognized the advantages of the operation of telephone switches and incorporated their switching functionality into LAN switches.

A LAN switch is a bridge constructed on a switching matrix platform, with any switch port able to be cross-connected to any other port on the switch. This switching between ports can occur concurrently, removing perhaps the key bottleneck associated with the use of conventional bridges.

Figure 5 illustrates the use of an eight-port switch. This type of switch, called a segment switch, supports the attachment of individual workstations and servers as well as an entire network segment. A segment switch supports the association of multiple MAC addresses with an individual port. In comparison, a switch that supports only one network device per port is commonly classified as a port switch. Since an N-port switch supports up to a maximum of N/2 simultaneous cross-connections, the maximum throughput through a switch can represent a significant improvement over a bridge. For example, if each port operates at 10 Mb/s (megabits per second) in the switch configuration illustrated in Figure 5, the maximum throughput would be 8/2 * 10 Mb/s, or 40 Mb/s.

A popular use of switches is to enhance access to different types of servers within an organization. This is illustrated in Figure 5 by a two-tier server hierarchy with departmental servers located at the top of the tier connected to individual switch ports, while local servers are located on their local segment at the bottom of the switch. Through the use of a high-speed connection from departmental servers to each switch port, queuing delays when multiple workstations attempt to access the same server are minimized. One popular type of switch supports 10/100 Mb/s Ethernet connections, enabling several high-speed ports to be used to service devices conveying a disproportionate amount of network traffic, such as servers and routers. For example, assume each segment is connected at 10 Mb/s and each departmental server is connected at 100 Mb/s. Although Figure 5 shows two cross-connections in progress between stations on segments and each departmental server, which temporarily blocks further access to those servers, their 100 Mb/s connection to the switch enables queries to be serviced faster, freeing the port so it can be used for another connection far earlier than if it operated at 10 Mb/s.

Since their introduction a few years ago, switches primarily functioned as layer 2 devices, operating upon MAC addresses contained in frames. A recent exception resulted from the development of switch-based virtual LANs. A virtual LAN represents a broadcast domain which can be defined by the association of switch ports, MAC addresses, or network addresses. The use of network addresses requires the switch to read further into a frame to learn the network address. By grouping network stations into a broadcast domain, you obtain a degree of control over broadcasts generated by servers and other network devices that can adversely affect switch performance, since broadcast frames must be transmitted onto all switch ports other than the port on which they are received. For example, assume you used a port-based vLAN creation method for the switch shown in Figure 5, and associated ports 0 through 3 and 7 to one vLAN, and ports 4 through 6 and 8 to a second vLAN. Doing so would halve the broadcast traffic to each vLAN than if you had not established vLANs.

Router Operation

Although the use of vLANs has a number of additional advantages, such as a degree of additional security and the automatic tracking of station moves and additions, inter-vLAN communications cannot be directly accomplished by a switch operating at layer 2. To obtain an inter-vLAN communications capability you can either use multiple adapter cards for each workstation requiring this capability connecting the workstation to multiple switch ports, or employ a router. Some switches now incorporate a limited routing capability which provides inter-vLAN communications. If the switch does not provide this capability, you can add it by establishing a connection from a router to a port on the switch for each vLAN to be interconnected.

A router is a communications device that operates at the Network Layer of the OSI Reference Model, transmitting messages between networks. To do so the router must obtain knowledge of the topology of the network and store that topology in a database.

To obtain knowledge of the topology of a network a router uses a routing protocol. The simplest and most common type of routing protocol is a distance vector protocol under which a router periodically transmits update messages on each connection to its neighbors consisting of the contents of its routing tables. When the table is received at another router, that device examines the set of reported network destination addresses and the distance to each destination. If the receiving router finds a destination it does not have in its routing table, finds a route to a destination through the sending router where the distance to the destination changed, or determines it knows a shorter route to a network destination, it will update its routing tables. The term distance vector relates to the pairs of information maintained in routing tables and broadcast to other routers. The vector identifies the network destination while the distance is the distance in hops from the router to that destination. Common examples of distance vector protocols include the Internet Protocol Routing Information Protocol (IP RIP), Novell's IPX RIP, and Apple's AppleTalk Routing Table Management Protocol (RTMP).

Figure 6 illustrates the use of three routers to connect four networks. Initially, each router recognizes its directly connected networks. Thus, the initial routing table for R1 would be as follows:

Network Destination    Distance
L1                     0
L2                     0

Similarly, router R2's routing table would have the network destination L3 associated with a distance of zero and router R3's table would have the network destination L4 associated with a distance of zero. Here the distance represents the distance from the router to the network in hops. If you assume router R3 transmits its table first to routers R1 and R2, each of those routers increments the distance in hop of entries in the received table by one. Since router R1 had no entry for network L4, it updates its routing table. As it does so, it notes if the destination network is reachable via another router and if so, the route. Thus, the updated routing table for router R1 would be as follows:

Destination    Distance    Route
L1             0           direct
L2             0           direct
L4             1           R3

As additional routing tables are exchanged, the routing table in each router will converge upon the internet topology. The router will then obtain a routing table which informs it of the path to use to transmit packets from one network to another. If a circuit connecting two routers should fail, the periodic updating of routing tables would adjust the network topology so that an alternate route, if accessible, becomes available for use.

In addition to learning network topology and routing packets between networks, modern routers may include the capability to perform numerous sophisticated functions beyond those performed by lower-layer operating devices. Some of those functions include the ability to reserve network resources via the support of the Resource Reservation Protocol (RSVP) which makes it possible to transmit time-dependent packets, such as voice and video, over data networks, queuing packets based upon predefined priority, compressing data by enhanced transmission over wide area networks, and providing a degree of security through the programming of access lists to control the flow of packets based upon their content, destination, and other metrics. Thus, of the four communications devices discussed in this article, many persons consider a high-end router to represent the most sophisticated networking device.

About the Author

Gilbert Held is an internationally known author and lecturer. Some of Gil's recent books include Virtual LANs, LAN Performance: Issues and Answers 2ed., Protecting LAN Resources, Ethernet Networks 2ed., The Complete Modem Reference 3ed., and Data and Image Compression 4ed., all published by John Wiley & Sons of New York City and Chichester, England. Gil can be reached on the Internet at