| technology | networking - Erik Mikac
The 3 Components of a Network: Explained
Routers, switches, and firewalls are three core components of any network. Once you have an understanding of them, everything else is a little easier to understand. As the world becomes increasingly remote, the demand for network professionals is skyrocketing. When it comes to networking, there is no better way to level up your skills than to earn a CCNP Collaboration certification.
Like most Cisco certifications, CCNP Collaboration can be a challenging certificate to obtain. However, the best way to learn the material is to start with a thousand-foot understanding of the subject. Starting with the three building blocks of networking is about as high up as you can go. So, let's start with the simplest of the three first: switches.
What is a Network Switch?
A switch is a device that allows us to connect multiple computers together. While computers are the main device hooked into switches, it can also connect printers, security cameras, Cisco Voice IP phones, and more.
Once a switch is connected to a device, the MAC (Media Access Card) address of the device is discovered and used for routing. The switch attaches the MAC to outgoing packets so the device can be identified by other devices on the network.
This is considered Layer 2 (L2) communication in accordance with the OSI Model. (I.E, the data link layer.) However some switches use L3 (I.E, the network layer) — but we'll get to that later.
A network switch provides full-duplex communications. This means that network packets are sent back and forth without having to wait for a response. In fact, all three components mentioned today are full-duplex. Some switches are considered managed, while others are unmanaged.
Unmanaged vs. Managed Switches
An unmanaged switch is considered plug-and-play. In other words, the switch arrives pre-configured out-of-the-box, and there isn't a whole lot you can do with it. Unmanaged switches are the sort of devices that are seen in private homes or small offices. The good news here is that it is simple and easy to use. However if your network situation is complex, then something with a little more horsepower is required.
Managed switches come with significantly more functionality. Managed switches allow for advanced configuration and allow traffic monitoring via Simple Network Management Protocol (SNMP). For instance, determining whether a port is up or down, or how much CPU the switch is consuming can be determined using SNMP. Also, these more advanced routers provide redundancy. This means you can have "fall back" switches in case the primary one fails.
Redundancy, configuration, and monitoring is just the tip of the iceberg in terms of functionality. Watch this video for more information.
L2 vs. L3 Switches
An L2 works with MAC addresses only for routing and identification. For the purpose of visualization, here is an example of a MAC address: 00:00:5e:00:53:af. A MAC address is printed onto every single device's NIC (Network Interface Card) that has the capability of connecting to a network. This unique identifier is how switches determine the identity of the device.
L3, on the other hand, uses the more familiar IP address to determine identity. It is important to remember that L3 devices can do static and dynamic routing. L3 allows for fast switching using application specific integrated circuits (ASIC). The skinny of this is that ASIC allows for extremely fast switching using a special purpose silicone chip.
So it sounds like managed switches can do it all, right? Not so fast. There are plenty of network requirements that can be accomplished only with a router. So let's talk about that.
What is a Router?
A router is a device that connects a local area network to the internet. It performs this function by forwarding packets using an IP address, therefore it is an L3 device.
A router can perform a host of functions to facilitate inter- and intra-network communications. For example, a router utilizes dynamic host control protocol (DHCP) to assign IP addresses to each connected device. Then, that information can be used to send data in and out of the network. However, to communicate out to the internet, Network Address Translation (NAT) is required.
What is NAT?
NAT is a way of mapping an internal IP address to one recognizable over the internet. Let's take a look at a quick example of why this is useful. We'll do so through negation.
Say we did not have NAT. An employee is on a computer that has an IP address recognized throughout the LAN. Let's say that the IP address is 184.108.40.206. This employee then tries to access a web address on the internet—so the router promptly forwards the request using the local IP address. This will not work though, because the destination web address is not part of that network, therefore it does not recognize the IP address.
With NAT, on the other hand, the IP address is changed to something recognizable in transit. This address translation occurs in the router. That means that the destination server is not communicating with the source itself, but only has understanding up to the router.
NAT works great if there are a few devices on the LAN, but what if there are hundreds? This is where port address translation (PAT) comes into play. If there are hundreds of devices on a LAN, an IP naming collision is inevitable. So in this case, a port number is attached to the NAT address. A router can naturally route traffic, but it can also allow or deny traffic via an access control list (ACL). An ACL is a pivotal functionality of a router, so it is worth talking about.
What is an ACL?
An ACL is a list of IP addresses that are forbidden to leave the network or enter the network. It is considered stateless—that means it relies only on what is configured.
Think of an ACL as a bouncer at a nightclub. It has a list of who is NOT allowed to enter. If you're on that list, then you're out of luck. The bouncer (for whatever reason) has a list of who is NOT allowed to leave the nightclub.
For more information on ACL's, check out this great primer. This is all high level, but should give you a broad understanding of what a router does. The last component we'll discuss is the firewall.
What is a Firewall?
A firewall is a device that allows or denies traffic onto a network. It sits between the LAN and the router. "But wait," you may be thinking, "Doesn't an ACL already allow and deny traffic?" That's a good question, so let's break down the difference between a firewall and an ACL.
The biggest difference is that an ACL is stateless, while a firewall is stateful. An ACL simply checks if the IP address is authorized or not, that's it. A firewall is far more sophisticated. A firewall will analyze the packet for red flags.
For example, a firewall can be configured to allow IP addresses, but only ones from certain ports that have specific security certificates. Or maybe a firewall will notice that a packet with a source IP address is getting sent thousands of times a second. That's kinda weird, could be a Distributed Denial of Service attack (DDoS)
A firewall can also be configured to accept pre-defined protocols from specific IP addresses. So if an IP address is trying to use SSH instead of HTTPS, the firewall will know. Firewalls are great because they provide granularity to your security configurations. ACL's on the other hand are not nearly as smart.
In this post we discussed switches, routers, and firewalls. Each one of these are fundamental building blocks of networking. An intimate understanding of each is required to pass virtually any Cisco exam.
In summary, a router routes packets using a MAC address if it is L2, or IP address if it is L3. A router provides users with access to the internet. It uses a host of protocols to facilitate communication. It can also allow or deny certain IP addresses using its ACL. ACLs are stateless. Finally, a firewall provides granular control over what can and cannot access the network. It can analyze each packet and flag them based off predefined configurations.
Hopefully this post has given you a broad overview of the three key components of a network. For more in-depth information, check out this video.