December 15, 2022
CISSP Study Guide: Primary Networking Devices
December 15, 2022
Hubs and repeaters operate at the physical layer of the OSI model and transfer incoming data to all other ports on the device. These devices don’t read frames or packets; they boost the signal and broadcast to all ports. Repeaters do not interrupt broadcast or collision domains and are considered as protocol transparent because they don’t interact with upper-layer protocols, such as IP, IPX, DECnet, etc.
Bridges and Layer 2 switches operate at the data-link layer of the OSI model. Bridges obtain the MAC layer addresses of each node of the segments and construct a list of MAC addresses and ports, pinpointing which interface a particular MAC is connected to. If an incoming frame does not carry a destination MAC address found on the list, bridges forward the frame to all ports except the originating port from which the frame came. If the destination MAC address is in the registry, bridges send the frame through the port to which the destination MAC address is attached. If the destination MAC address is not on the same port from which the frame came, the bridge filters (drops) the frame. Bridges are hold-and-forward devices. They store the complete incoming frame and ensure the checksum before forwarding the frame. If a checksum error is found, the frame is discarded.
Switches use fast integrated circuits that minimize latency. “Cut-through mode” is when a switch doesn’t wait for the entire frame to enter its buffer but immediately forwards the frame once it reads the destination MAC address. This raises the occurrence rate for error frames as the entire frame is forwarded without completed error inspection. Ports on a bridge or switch are separate collision domains but all ports in a switch are in the same broadcast domain as bridges and switches do not control broadcasts. Rather they transmit broadcasts to all ports.
A collision domain is a set of network interface cards (NICs) for which a frame sent by one NIC could result in a collision with a frame sent by any other NIC in the same collision domain. In a collision domain all devices on the network compete for the same bandwidth.
A broadcast domain is a set of NICs for which a broadcast frame sent by one NIC is received by all other NICs in the same broadcast domain.
The major difference between Layer-2 switching and routing is that switching occurs at Layer 2 of the OSI reference model and routing occurs at Layer 3. Switches forward frames based on MAC address information while Routers forward packets based on logical addresses (IP address).
Routers and Layer-3 switches operate in the network layer of the OSI model and determine forwarding actions based on network layer addresses, such as IP addresses. Routers identify both collision and broadcast domains as each router interface is a separate broadcast domain that is identified by a separate subnetwork. Routers are protocol-based, and are capable of forwarding packets of routable protocols. Routers are programmed to run routing protocols, such as Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP), Open shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), Enhanced Interior Gateway Routing Protocol (EIGRP), and Border Gateway Protocol (BGP), to find the most optimal paths to a destination. Routers send information about destination networks and their interface status by using these protocols. Routers can also be set-up with static routes via manual configuration.
LAN switches that run routing protocols and can interact with routers as peers are called Layer-3 switches. Layer-3 switches unpack local traffic from wide-area network (WAN) routers through network-layer forwarding within the local-area networks (LANs). Routers and Layer-3 switches make forwarding determinations based on IP addresses and not MAC addresses. Both share route information based on the dynamic routing protocol they participate in.
Let's build your cybersecurity career together
Accelerate in your role, prepare for certifications, and develop cutting edge skills with the most in-demand training in the industry.
2,000+learning activities led by highly experienced cybersecurity professionals