In this article, we are going to talk about layer 2 concepts, including local area networks (LAN), network switches, Virtual-LAN (VLAN), and Power-over-Ethernet (PoE). I will also briefly cover key differences between routers, switches, and hubs.
A LAN, or Local Area Network, is a combination of network devices, such as desktops and printers, that are located within a geographic area. These network devices are physically connected to the same LAN via one or more network switches to send and receive packets. LANs are designed to enable resource sharing, communication, and the efficient exchange of information between devices within the same local area.
A network switch is a layer 2 device that forwards packets between devices, such as desktops, access points, printers, etc. Network switches perform this function at high speed, using an internal data structure called Content Addressable (CAM) table. A CAM table stores MAC address information about all the network devices discovered. Each CAM entry lists one MAC address and the corresponding local interface where the device can be found. They learn and assign MAC addresses to interfaces by looking at the source MAC address of incoming frames.
Before Network Switches: Hubs
Before network switches were popular, network administrators would use hubs to connect workstations within a LAN. A hub is a networking device that operates at the physical layer (Layer 1) of the OSI model. Differently from switches, hubs do not intelligently forward frames based on MAC addresses. Instead, they simply broadcast incoming data packets to all devices connected to them. Hubs are also called multiport bridges, as they just repeat signals to all of its ports.
Hubs have the major disadvantage that they introduce collisions. A collision happens when two or more devices connected to a hub send data at the same time, interfering with each other. As a result, both devices must wait a random amount of time before transmitting again. This helps to avoid generating more collisions. For this reason, collisions reduce network efficiency and overall throughput.
As we’ll see in the next section, the key improvement of network switches is that they remove collision domains, increasing data rate. In fact, each connected device resides in its own collision domain, which allows for sending and receiving data (duplex communication) without the concern of colliding packets.
Routers vs. Switches
Routers and switches are both networking devices that serve different purposes and operate at different layers of the OSI model. For instance, routers are devices that operate at the network layer (Layer 3), while switches operate at the data link layer (Layer 2). As a result, routers interconnect different networks together whereas switches connect various devices. Let’s see in more detail what are the main differences.
Routers have the following characteristics:
- Connect multiple networks together and are responsible for routing data packets between them.
- Determine the best path for data packets to travel from the source to the destination network using IP addresses, making decisions based on the destination IP address of the packets.
- Often include additional features like Network Address Translation (NAT), which allows multiple devices in a local network to share a single public IP address, or firewalls, which allow to allow/block specific network connections.
Switches have the following characteristics:
- Switches are used to create LANs by connecting multiple devices within a single network.
- Are responsible for forwarding data frames within the same network, using MAC addresses to forward data frames to the appropriate devices within the same local network.
- Improve network efficiency by only sending data to the specific device it is intended for, rather than broadcasting it to all devices on the network (like in the case of hubs).
In summary, routers different networks together and route data between them based on IP addresses.On the other end, switches connect devices within the same network and forward data within that network based on MAC addresses. Many modern networking devices, such as wireless routers, combine the functionalities of both routers and switches for home and small business use.
|Cost||More expensive||Less expensive|
|OSI Model||Layer 3||Layer 2|
|Connectivity||Network to network||Device to device|
|Forwarding decisions||IP Address||MAC Address|
PoE (Power over Ethernet)
PoE or Power over Ethernet is simply a way to power a network device via an Ethernet port. This requires both the device and the port on the switch to support PoE. This has many benefits over a traditional power supply because it consolidates cabling and infrastructure required. PoE is often used to deploy Wireless Access Points, VoIP phones, and other IoT devices, such as NetBeez network monitoring agents. Another advantage of PoE is that the user can bounce unresponsive devices without having to physically get to it.
In the table below we list the current types of PoE, standards, speeds and power outputs.
|PoE++ (Type 3)||IEEE 802.3bt||2.5G, 5G & 10G||51W-60W|
|PoE++ (Type 4)||IEEE 802.3bt||2.5G, 5G & 10G||71W-100W|
Switches often will have specific port(s) that are PoE enabled, highlighted in yellow by most networking vendors. In the picture below, you can see an 8-port network switch with 4 PoE ports.
A VLAN allows one physical switch to host more than one broadcast domain, or subnet, without necessarily needing more switches. The image below shows what happens when a switch is configured without VLANs (left) and with VLANs (right). On the left side, without any VLAN configured, all devices can connect with each other.
In the example above, there are two hosts in the blue VLAN, two in the red, and two in the green one. Only those hosts connected to the same VLAN can talk to each other. Should the red host need to communicate with a green or blue host, a router is needed to forward packets between the different subnets/VLANs.
Static vs Dynamic VLANs
Static VLANs are the most common way to create a VLAN as they are the most secure. This is because each host has to be assigned a VLAN through a specific port and must be changed manually. A dynamic VLAN uses intelligent management software to assign a host to a VLAN based on MAC, specific protocols or the applications used on the VLANs. So if you set up a device or host on the network without assigning a port, the VLAN management software can look up the hardware address and both assign and configure the switch port to the correct VLAN. The benefits of this is easier user management but the downside is, a bit more initial configuration of the database.
One of the key advantages of VLANs is they enhance a network’s security via segregation. One thing bad actors used to be able to do is plug into a switch on the network which would gain that basic access to the network. With the adoption of VLANs, you gain control of each switch port and limit what resources that port can access. These tools can also alert the network management team of any new unauthorized attempts at gaining access to the network. You can even implement restrictions on routers, hardware addresses, protocols and applications.
In this article, we delved into Local Area Networks (LANs) and discussed the evolution from hubs to network switches. We emphasized how switches use MAC addresses, enhance data forwarding, reducing collisions and boosting network efficiency. Lastly, we introduced Power over Ethernet (PoE), a technology that simplify deployment, and VLANs, highighting their significance in segregating networks and enhancing security. Understanding these concepts equips network administrators to build secure, agile networks in our digital era.