Common Network Devices
Back
Access routers- Also known as a multihomed-server firewall node, due to the
fact it functions as a gateway/firewall, with server support. IP packets arriving
in this access router are forwarded according to their destination IP. The routing
table can be created either manually (time consuming, depending on the size
of the network) or dynamically (much as in bridges) by using several protocols,
including Routing Information Protocol (RIP), the Open Shortest Path First (OSPF),
the Border Gateway Protocol (BGP) or the Interior Gateway Routing Protocol (IGRP).
There are several means of interfacing with the router, as it has two Ethernet
connections at 1000mbps, backwards compatible to 100 and 10mbps. This is a network
layer device.
Border Routers- The border routers function in a similar manner to the access
routers, however they do not include the gateway/firewall that is inherent in
the access router. Thus, they are packet forwarding devices only. They are commonly
used to route IP traffic between two Ethernet LAN segments.
Switches- these are “smart” Data-Link Layer devices which use a
buffer and memory tables to send packets to their destination ports only (as
specified by the destination tag in the IP datagram), as opposed to hubs which
send packets out to every port as a broadcast message. These switches can greatly
reduce congestion on a network and increase efficiency, as well as security
since each packet is not sent to every open port. However, it is important to
note that you can still set up sniffing with ARP poisoning or spoofing techniques,
which flood the switch with information causing it to go into failsafe mode
and act as a hub, generating packets for you to capture. (Note there is also
a variation on the switch, called a Layer Three Switch, which is used to route
traffic between different VLANs, as it can read the network protocol headers
in the packets it is processing, unlike the regular switches which can read
only the data link layer protocol headers).
NAT (Network Address Translation) and Proxy Servers- Act as go betweens between
hosts with unregistered IP address and the internet. NATs essentially take the
unregistered IP of a host, and substitutes the registered NAT address for the
host IP. The server will then send replies to the NAT IP, rendering the client
invisible. However, this is a bit more risky than a Proxy Server, because the
NAT will directly transmit whatever information the server is sending back.
With a proxy server, there is never a connection permitted between the client
host and the internet server with which it is communicating. Both systems are
essentially tricked into thinking they are communicating only with the proxy
server, which itself can monitor the actions of the users who communicate through
it.
Servers- servers are used to essentially, provide services to other computers
(clients) on a network. A server can have several purposes, including email
(exchange server being a good example of this), printer, data, file sharing,
and internet/intranet. In the baseline scenario, the servers have one Ethernet
connection each, at 1000mbps backward compatible to 10mbps. Their MAC’s
can be set to either full or half duplex (these should be set to half duplex
when working with hubs, to allow the hubs the time to properly forward the packets).
PC workstations- are your clients and nodes, the places where you users interface
with the network and perform their work. It connects to the network via a NIC,
generally Ethernet, at a selectable data rate (but generally 100mbps, although
1000mbps is also used).