Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
soule wrote:
> > You can easily subnet using switch (cisco, juniper etc) which is hardware based.
>
> just to help clear that statement up
>
> you can subnet with a layer3 switch (cisco 3550), but not with a regular switch.
>
>
> You can setup VLAN's with a L2 switch, but will need a router (or routing card) to
> intervlan or subnet
>
> soule
Could you please enlighten us on what a "layer3 switch" is?
An ethernet hub just transmits everything it receives, and knows nothing about IP datagrams, let alone ethernet frames, so that's not even a "layer 1" device, right?
Continuing, a switch forwards frames that it knows need to forwarded, since it's been paying attention to MAC addresses. That makes a switch a "layer 1" device, since layer 1 of the stack is the network access layer and deals with hardware frames only (here, ethernet frames addressed to MAC addresses), correct?
Further, if my GNU/Linux box has 2 ethernet ports on it, and is, say, acting as a router between my LAN at home and the Internet, then it only cares about IP host and network addresses -- layer 2, the internet layer -- so that makes my little router here a "layer 2" device, right?
What sort of packet switching device cares at all about TCP/UDP, thus acquiring the title of a "layer 3" switch?
A hub is a layer 1 device. It is a LAN segment in a box. Hubs are not used much in enterprise environments unless they function as portable test gear or portable lab equipment. Hubs represent a huge drain on network resources because they broadcast everything.
A switch is a layer 2 device (traditionally). It is a Spanning Tree bridge that forwards based on destination MAC addresses.
A layer 3 switch routes. We typically do not call them routers because routers typically have more routing functions and WAN interfaces. Layer 3 switches usually route IP with just some basic options. Nonetheless, layer 3 switches route between networks. Layer 3 switches also function as layer 2 switches.
To make matters more confusing, small routers are going high density. They often are installed with layer 2 or layer 3 switch cards.
Layer 3 switch = marketsp3@k for router, possibly without as many bells and whistles.
A VLAN is a software way of setting up a seperate network. It's the same as having a totally seperate switch for each new Local Area Network (aka LAN) or what we call a Virtual LAN...voila! VLAN. Try to think of it as each VLAN being a seperate switch, except the part where you have to actually seperate the switches and move cables to change the network that a host is in. Rather than moving network cables in the wiring closet in the back room, you can change VLAN settings remotly from your laptop in Tahiti.
A switch, or layer 2 (OSI layer 2) device can isolate VLANs, or networks, but can't get them to talk to each other. The exception is plugging VLANs into each other, which as baldy3105 mentioned, defeats the purpose of having two VLANs. You set up a VLAN to isolate a network segment at OSI layer 2.
A router, or a 'layer 3 switch', connects IP subnets (OK it connects other network protocols, but this is 2005 so it's either TCP/IP or 'some other protocol'.) You seperate a network at the IP level by changing IP addresses and you can divide the pre-defined class A, B and C networks into smaller ones by also changing the subnet mask.
An IP subnet is usually put on a network with no other IP subnets on it. This can be done by putting all the hosts on one switch and plugging a router into one of that switch's ports. It can also be done by configuring a VLAN and setting your layer 3 switch to route packets out of that VLAN. When you have a seperate IP network segment, it's called a broadcast domain. Each broadcast domain sees all the layer 3 and layer 2 broadcasts from any host in the same broadcast domain.
At OSI layer 1, the physical layer, all the voltage signals sent over the wire are defined. A hub doesn't have to know about MAC addresses (layer 2) or IP addresses (layer 3) it just has to re-transmit the right voltage signal to other ports. This is also called a collision domain because one host's output goes to all other host's input so the hosts have to share the bandwidth and their data can collide and then need to be sent again.
A lot of this stuff is referenced in network history, further confusing the matter. A switch could only have two ports, it would still work at layer 2 and isolate by MAC address, we would call that a bridge. Bridges don't sell very well these days, what with multiport switches so cheap now, so you probably won't see one. A hub is called a multiport repeater, it repeats the signals it gets out all it's ports. Again, hubs can come with only 2 ports and we would call these repeaters, but these days they don't sell so well either. Old school routers only had a few ports on them, until someone let the tech guys into the marketing groups and realized there might be a demand for one of these with a bunch of switchports in them too, so now we have layer 3 switches and routers with dozens of ports.
fun stuff...
A VLAN is a software way of setting up a seperate network. It's the same as having a totally seperate switch for each new Local Area Network (aka LAN) or what we call a Virtual LAN...voila! VLAN.
...
A switch, or layer 2 (OSI layer 2) device can isolate VLANs, or networks, but can't get them to talk to each other. The exception is plugging VLANs into each other. You set up a VLAN to isolate a network segment at OSI layer 2.
Uhhh, yeah ... ... I got it. Sure ... makes, umm, perfect ... sense. As you can see, Gentle Reader, when network-geeks start talking, they start talking an entirely different language.
And as you can also see, there's quite a difference between the very precise language that's used by a network expert, versus the "common tongue" of small networks and office-sized experience.
So, when you start talking about a network, be sure to clarify your actual usage.
Uhhh, yeah ... ... I got it. Sure ... makes, umm, perfect ... sense. As you can see, Gentle Reader, when network-geeks start talking, they start talking an entirely different language.
And as you can also see, there's quite a difference between the very precise language that's used by a network expert, versus the "common tongue" of small networks and office-sized experience.
So, when you start talking about a network, be sure to clarify your actual usage.
My company has a Control System running a major part of the manufacturing system. 2 computers (proprietary arch) and 5 operator terminals, all networked in the control room. Another 5 or 6 operator terminals scattered around the factory.
About 3 years ago the Main Computers would suddenly drop all the network connections. They would carry on operating the plant but would not communicate with each other or the operator terminals. We had to use TTYs to put the system into a safe mode and reboot. Very expensive.
After a lot of work and packet sniffing I found that 5 clients in a restaurant owned by the group were configured to look for a Novell Server although no such beast exists in the entire group. Moreover each time these appliances were reset they defaulted back to this behaviour.
For reasons unknown the Control System computers were interpreting the "Is there a Server?" broadcast as an instruction to drop all the network connections. The solution was to put the control room on a different network and put a router between it and the outside world.
We've ditched those silly clients but kept the router.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.