NICs typically use a memory range in the high memory area, which in hexadecimal notation
equates to the A0000–FFFFF range. As you work with NICs, you will notice that some man-
ufacturers prefer certain ranges. For example, a 3Com PC Card adapter might, by default,
choose a range of C8000-C9FFF. An IBM Token Ring adapter might choose a range of
D8000-D9FFF.
Memory range settings are less likely to cause resource conflicts than IRQ settings, mainly
because there are more available memory ranges than IRQs. Nevertheless, you may run into
situations in which you need to change a NIC’s memory address. In such an instance, you may
or may not be able to change the memory range from the operating system. Refer to the man-
ufacturer’s guidelines for instructions.
Base I/O Port
The base I/O port setting specifies, in hexadecimal notation, which area of memory will act as
a channel for moving data between the NIC and the CPU. Like its IRQ, a device’s base I/O
port cannot be used by any other device. Most NICs use two memory ranges for this channel,
and the base I/O port settings identify the beginning of each range. Although a NIC’s base
I/O port varies depending on the manufacturer, some popular addresses (in hexadecimal nota-
tion) are 300 (which means that the range is 300–30F), 310, 280, or 2F8.
You will probably not need to change a NIC’s base I/O port. If you do, bear in mind that, as
with IRQ settings, base I/O port settings for PCI cards can be changed in the computer’s
CMOS setup utility or sometimes through the operating system.
Firmware Settings
After you have adjusted the NIC’s system resources, you may need to modify its transmission
characteristics—for example, whether it uses full duplexing, whether it can detect a network’s
speed, or even its MAC address. These settings are held in the adapter’s firmware. As men-
tioned earlier, firmware constitutes the combination of an EEPROM chip on the NIC and the
data it holds. When you change the firmware, you are actually writing to the EEPROM chip
on the NIC. You are not writing to the computer’s hard disk. Although most configurable set-
tings can be changed in the operating system or NIC setup software, you may encounter com-
plex networking problems that require a change to firmware settings.
To change a NIC’s firmware, you need a bootable CD-ROM or floppy disk (DOS version 6.0
or higher) containing the configuration or install utility that shipped with the NIC. If you don’t

have the utility, you can usually download it from the manufacturer’s Web site. To run the util-
ity, you must start the computer with this CD-ROM or floppy disk inserted. The NIC con-
figuration utility may not run if an operating system or memory management program is
already running.
Configuration utilities differ slightly, but all should allow you to view the IRQ, I/O port, base
memory, and node address. Some may allow you to change settings such as the NIC’s CPU
212 Chapter 5
NETWORKING HARDWARE
NET+
1.6
3.2
utilization, its ability to handle full duplexing, or its capability to be used with only 10BASE-
T or 100BASE-TX media, for example (although many of these can also be changed through
the NIC’s properties from the operating system interface). The changeable settings vary
depending on the manufacturer. Again, read the manufacturer’s documentation to find out the
details for your hardware.
NIC configuration utilities also allow you to perform diagnostics—tests of the NIC’s physi-
cal components and connectivity. Most of the tests can be performed without additional
hardware. However, to perform the entire group of the diagnostic tests on the NIC’s utility
disk, you must have a loopback plug. A loopback plug (also called a loopback adapter) is a
connector that plugs into a port, such as a serial or parallel or an RJ-45 port, and crosses over
the transmit line to the receive line so that outgoing signals can be redirected into the com-
puter for testing. One connectivity test, called a loopback test, requires you to install a loop-
back plug into the NIC’s media connector. Note that none of the connectivity tests should be
performed on a computer connected to a live network. If a NIC fails its connectivity tests, it
is probably configured incorrectly. If a NIC fails a physical component test, it may need to be
replaced.
Chapter 5 213
NICS (NETWORK INTERFACE CARDS)
The word “loopback” implies that signals are routed back toward their source, rather

than toward an external destination. When used in the context of NICs, the loopback
test refers to a check of the adapter’s ability to transmit and receive signals. Recall
that the term “loopback” is also used in the context of TCP/IP protocol testing. In
that context, pinging the loopback address provides you with information on TCP/IP
functionality.
NOTE
Choosing the Right NIC
You should consider several factors when choosing a NIC for your workstation or server. Of
course, the most critical factor is compatibility with your existing system. The adapter must
match the network’s bus type, access method, connector types, and transmission speed. You also
need to ensure that drivers available for that NIC will work with your operating system and
hardware.
Beyond these considerations, however, you should examine more subtle differences, such as
those that affect network performance. Table 5-2 lists some features available on NICs that
specifically influence performance and ease of use. As you review this table, keep in mind that
performance is especially important if the NIC will be installed in a server.
NET+
1.6
3.2
NET+
1.6
Table 5-2 NIC characteristics
NIC Feature Function Benefit
Automatic speed Enables NICs to sense and adapt to Aids configuration and
selection a network’s speed and mode (half- performance
or full-duplex) automatically
One or more Allows the card to perform some Improves performance
on-board CPUs data processing independently of
the PC’s CPU
Direct memory Enables the card to transfer data to Improves performance

access (DMA) the computer’s memory directly
Diagnostic LEDs Indicates traffic, connectivity, and, Aids in troubleshooting
(lights on the NIC) sometimes, speed
Dual channels Effectively creates two NICs in one slot Improves performance;
suited to servers
Load balancing Allows the NIC’s processor to determine Improves performance for
when to switch traffic between internal cards heavily-trafficked networks;
suited to servers
“Look Ahead” Allows the NIC’s processor to begin Improves performance
transmit and receive processing data before it has received the
entire packet
Management Allows the NIC to perform its own Aids in troubleshooting; can
capabilities (SNMP) monitoring and troubleshooting, usually find a problem before it
through installed application software becomes dire
Power management Allows a NIC to participate in the Increases the life of the
capabilities computer’s power-saving measures; found battery for laptop computers
on PCMCIA-based adapters
RAM buffering Provides additional memory on the NIC, Improves performance
which in turn provides more space for
data buffering
Upgradeable (flash) Allows on-board chip memory to be Improves ease of use and
ROM upgraded performance
214 Chapter 5
NETWORKING HARDWARE
NET+
1.6
Repeaters and Hubs
Now that you have learned about the many types of NICs and how to install and configure
them, you are ready to learn about connectivity devices. As you’ll recall, the telecommunica-
tions closet is the area containing the connectivity equipment (usually for a whole floor of a

building). Within the telecommunications closet, horizontal cabling from the workstations
attaches to punch-down blocks, patch panels, hubs, switches, routers, and bridges. In addition,
telecommunications closets may house repeaters. Repeaters are the simplest type of connectiv-
ity devices that regenerate a digital signal.
Repeaters operate in the Physical layer of the OSI Model and, therefore, have no means to
interpret the data they retransmit. For example, they cannot improve or correct a bad or erro-
neous signal; they merely repeat it. In this sense, they are not “intelligent” devices. Since they
cannot read higher-layer information in the data frames, repeaters cannot direct data to their
destination. Instead, repeaters simply regenerate a signal over an entire segment. It is up to the
receiver to recognize and accept its data.
A repeater is limited not only in function, but also in scope. A repeater contains one input port
and one output port, so it is capable only of receiving and repeating a data stream. Further-
more, repeaters are suited only to bus topology networks. The advantage to using a repeater is
that it allows you to extend a network inexpensively. However, because of repeaters’ limitations
and the decreasing costs of other connectivity devices, repeaters are rarely used on modern net-
works. Instead, clients in a workgroup area are more likely to be connected by hubs.
At its most primitive, a hub is a repeater with more than one output port. A hub typically con-
tains multiple data ports into which the patch cables for network nodes are connected. Like
repeaters, hubs operate at the Physical layer of the OSI Model. A hub accepts signals from a
transmitting node and repeats those signals to all other connected nodes in a broadcast fash-
ion. Most hubs also contain one port, called an uplink port, that allows the hub to connect to
another hub or other connectivity device. On Ethernet networks, hubs can serve as the central
connection point for branches of a star or star-based hybrid topology. On Token Ring networks,
hubs are called Multistation Access Units (MAUs).
In addition to connecting Macintosh and PC workstations, hubs can connect print servers,
switches, file servers, or other devices to a network. All devices connected to a hub share the
same amount of bandwidth and the same collision domain. A collision domain is a logically
Chapter 5 215
REPEATERS AND HUBS
The quality of the printed documentation that you receive from a manufacturer about

its NICs may vary. What’s more, this documentation may not apply to the kinds of
computers or networking environments you are using. To find out more about the type
of NIC you are installing or troubleshooting, visit the manufacturer’s Web site.
TIP
NET+
1.6
NET+
1.6
NET+
1.6
NET+
1.6
2.3
NET+
1.6
2.3
or physically distinct Ethernet network segment on which all participating devices must detect
and accommodate data collisions. You will learn more about data collisions and Ethernet net-
works in Chapter 6. Suffice it to say that the more nodes participating in the same collision
domain, the higher the likelihood of transmission errors and slower performance.
Placement of hubs in a network design can vary. The simplest structure would employ a stand-
alone workgroup hub that is connected to another connectivity device, such as a switch or
router. Some networks assign a different hub to each small workgroup, thereby benefiting
from not having a single point of failure. No matter what the network design, when using hubs,
adhering to a network’s maximum segment and network length limitations is essential. Figure
5-14 suggests how hubs can fit into the overall design of a network.
216 Chapter 5
NETWORKING HARDWARE
FIGURE 5-14 Hubs in a network design
Dozens of types of hubs exist. They vary according to the type of media and data transmission

speeds they support. Some hubs allow for multiple media connector types or multiple data
transmission speeds. The simplest type of hubs—known as passive hubs—do nothing but
repeat signals. Like NICs, however, some hubs possess internal processing capabilities. For
example, they may permit remote management, filter data, or provide diagnostic information
about the network. Hubs that can perform any of these functions are known as intelligent
hubs. Intelligent hubs are also called managed hubs, because they can be managed from any-
where on the network.
Standalone hubs, as their name implies, are hubs that serve a group of computers that are iso-
lated from the rest of the network or that form their own small network. They are best suited
to small, organizations or home offices. They can be passive or intelligent, and they are simple
NET+
1.6
Standalone hubs do not follow one design, nor do they contain a standard number of ports
(though they usually contain 4, 8, 12, or 24 ports). A small, standalone hub that contains only
four ports (primarily used for a small or home office) may be called a “hubby,” “hublet,” or a
“minihub.” On the other hand, standalone hubs can provide as many as 200 connection ports.
The disadvantage to using a single hub for so many connections is that you introduce a single
point of failure on the network. A single point of failure is a device or connection on a net-
work that, were it to fail, could cause the entire network or portion of the network to stop
functioning. Any sizable network relies on multiple connectivity devices to avoid catastrophic
failure.
Stackable hubs resemble standalone hubs, but they are physically designed to be linked with
other hubs in a single telecommunications closet. Stackable hubs linked together logically rep-
resent one large hub to the network. One benefit to using stackable hubs is that your network
or workgroup does not depend on a single hub, which could present a single point of failure.
Models vary in the maximum number that can be stacked. For instance, some hub manufac-
turers restrict the number of their stacked hubs to five; others can be stacked eight units high.
Some stackable hubs use a proprietary high-speed cabling system to link the hubs together for
better interhub performance.
Like standalone hubs, stackable hubs may support a number of different media connectors and

transmission speeds and may come with or without special processing features. The number of
ports they provide also varies, although you will most often see 6, 12, or 24 ports on a stack-
able hub. Figure 5-16 shows three stackable hubs. In a telecommunications closet, these hubs
would be rack-mounted one above the other, and interconnected.
Hubs have been a mainstay of network connectivity since the first small networks of the
1980s. However, because of their limited features and the fact that they merely repeat signals
within a single collision domain, many network administrators have replaced their hubs with
switches. To understand how switches operate, it is helpful to learn about bridges first.
Chapter 5 217
REPEATERS AND HUBS
FIGURE 5-15 A standalone hub
NET+
1.6
to install and connect for a small group of users. Standalone hubs may also be called work-
group hubs. Figure 5-15 depicts a small standalone hub.
Bridges
Bridges are devices that connect two network segments by analyzing incoming frames and
making decisions about where to direct them based on each frame’s MAC address. They oper-
ate at the Data Link layer of the OSI Model. Bridges look like repeaters, in that they have a
single input and a single output port. They differ from repeaters in that they can interpret phys-
ical addressing information.
A significant advantage to using bridges over repeaters or hubs is that bridges are protocol-
independent. For instance, all bridges can connect an Ethernet segment carrying IP-based traf-
fic with an Ethernet segment carrying IPX-based traffic. Some bridges can also connect two
segments using different Data Link and Physical layer protocols—for example, an Ethernet
segment with a Token Ring segment, or a wire-bound Ethernet segment (802.3) with a wire-
less Ethernet segment (802.11).
Because they are protocol-ignorant, bridges can move data more rapidly than traditional
routers, for example, which do care about Network layer protocol information. On the other
hand, bridges take longer to transmit data than either repeaters or hubs, because bridges actu-

ally analyze each packet, whereas repeaters and hubs do not.
Another advantage to using bridges is that they can extend an Ethernet network without fur-
ther extending a collision domain, or segment. In other words, by inserting a bridge into a net-
work, you can add length beyond the maximum limits that apply to segments. Finally, bridges
218 Chapter 5
NETWORKING HARDWARE
FIGURE 5-16 Stackable hubs
NET+
1.6
NET+
1.6
2.3
NET+
1.6
can help improve network performance because they can be programmed to filter out certain
types of frames (for example, unnecessary broadcast frames, whose transmissions squander
bandwidth).
To translate between two segment types, a bridge reads a frame’s destination MAC address
and decides to either forward or filter it. If the bridge determines that the destination node is
on another segment on the network, it forwards (retransmits) the packet to that segment. If
the destination address belongs to the same segment as the source address, the bridge filters
(discards) the frame. As nodes transmit data through the bridge, the bridge establishes a fil-
tering database (also known as a forwarding table) of known MAC addresses and their loca-
tions on the network. The bridge uses its filtering database to determine whether a packet
should be forwarded or filtered, as illustrated in Figure 5-17.
Chapter 5 219
BRIDGES
FIGURE 5-17 A bridge’s use of a filtering database
Using Figure 5-17 as an example, imagine that you sit at workstation 1 on segment A of the
LAN, and your colleague Abby sits at workstation 2 on segment A. When you attempt to send

data to Abby’s computer, your transmission goes through your segment’s hub and then to the
bridge. The bridge reads the MAC address of Abby’s computer. It then searches its filtering
database to determine whether that MAC address belongs to the same segment you’re on or
whether it belongs to a different segment. The bridge can determine only that the MAC
address of Abby’s workstation is associated with its port A. If the MAC address belongs to a
different segment, the bridge forwards the data to that segment, whose corresponding port
identity is also in the filtering database. In this case, however, your workstation and Abby’s
workstation reside on the same LAN segment, so the data would be filtered (that is, ignored)
and your message would be delivered to Abby’s workstation through segment A’s hub.
Conversely, if you wanted to send data to your supervisor’s computer, which is workstation 5
in Figure 5-17, your transmission would first pass through segment A’s hub and then on to the
bridge. The bridge would read the MAC address for your supervisor’s machine (the destina-
tion address in your data stream) and search for the port associated with that machine. In this
case, the bridge would recognize workstation 5 as being connected to port B, and it would
NET+
1.6
forward the data to that port. Subsequently, the segment B hub would ensure delivery of the
data to your supervisor’s computer.
After you install a new bridge, it uses one of several methods to learn about the network and
discover the destination address for each packet it handles. After it discovers this information,
it records the destination node’s MAC address and its associated port in its filtering database.
Over time, it discovers all nodes on the network and constructs database entries for each.
Standalone bridges became popular in the 1980s and early 1990s; since then, bridging tech-
nology has evolved to create more sophisticated bridge devices. But devices other than bridges
have also evolved. Equipment manufacturers have improved the speed and functionality of
routers and switches while lowering their cost, leaving bridges to become nearly extinct.
Now, with the advent of wireless LANs, a new kind of bridge has become popular as an inex-
pensive way to connect the wireless and wire-bound parts of a network, as shown in Figure 5-
18. In fact, you have already learned about these types of bridges, which are also called access
points. (An access point without bridging functions could only connect an ad-hoc group of

wireless clients with each other. Although such access points exist, they are rare and are gen-
erally used to extend wireless segments that at some point connect to a wire-bound portion of
the network via a bridge.)
220 Chapter 5
NETWORKING HARDWARE
FIGURE 5-18 A bridge connecting wire-bound and wireless LAN segments
NET+
1.6
Although bridges are less common than switches on modern wire-bound LANs, understand-
ing the concept of bridging is essential to understanding how switches work. For example, the
bridging process pictured in Figure 5-17 applies to every port on a switch. The next section
introduces switches and explains their functions.
Switches
Switches are connectivity devices that subdivide a network into smaller logical pieces, or seg-
ments. Traditional switches operate at the Data Link layer of the OSI Model, while more mod-
ern switches can operate at Layer 3 or even Layer 4. Like bridges, switches interpret MAC
address information. In fact, they can be described as multiport bridges. Figure 5-19 depicts
two switches. One is a 24-port switch, useful for connecting nodes in a workgroup, and the
other is a high-capacity switch that contains multiple redundant features (such as two NICs)
Chapter 5 221
SWITCHES
FIGURE 5-19 Examples of LAN switches
NET+
1.6
NET+
1.6
2.3
and even offers routing functions. Switches vary greatly in size and function, so there really is
no such thing as a “typical” switch. Most switches have an internal processor, an operating sys-
tem, memory, and several ports that enable other nodes to connect to it.

Because they have multiple ports, switches can make better use of limited bandwidth and
prove more cost-efficient than bridges. Each port on the switch acts like a bridge, and each
device connected to a switch effectively receives its own dedicated channel. In other words, a
switch can turn a shared channel into several channels. From the Ethernet perspective, each
dedicated channel represents a collision domain. Because a switch limits the number of devices
in a collision domain, it limits the potential for collisions.
Switches have historically been used to replace hubs and ease traffic congestion in LAN work-
groups. Some network administrators have replaced backbone routers with switches, because
switches provide at least two advantages: better security and better performance. By their nature
switches provide better security than many other devices because they isolate one device’s traf-
fic from other devices’ traffic. And because switches provide separate channels for (potentially)
every device, performance stands to gain. Applications that transfer a large amount of traffic
and are sensitive to time delays, such as videoconferencing applications, benefit from the full
use of the channel’s capacity. In addition, hardware and software in a switch are optimized for
fast data forwarding.
Switches have their disadvantages, too. Although they contain buffers to hold incoming data
and accommodate bursts of traffic, they can become overwhelmed by continuous, heavy traf-
fic. In that event, the switch cannot prevent data loss. Also, although higher-layer protocols,
such as TCP, detect the loss and respond with a timeout, others, such as UDP, do not. For pack-
ets using such protocols, the number of collisions will mount, and eventually all network traf-
fic grinds to a halt. For this reason, you should plan placement of switches carefully to match
backbone capacity and traffic patterns.
Switches have also replaced workgroup hubs on many small and home office networks because
their cost has decreased dramatically, they have become easier to install and configure, and
they offer the benefit of separating traffic according to port. You might need to install such a
switch on a home or office network. The next section describes how to install a simple switch.
Installing a Switch
As with any networking equipment, the best way to ensure that you install a switch properly
is to follow the manufacturer’s guidelines. Small workgroup switches are normally simple to
install. Many operate properly upon being added to a network. The following steps describe,

in general, how to connect multiple nodes to a small switch, and then how to connect that
switch to another connectivity device.
1. Make sure the switch is situated where you’re going to keep it after all the cables are
connected.
2. Before connecting any cables to the switch’s ports, plug it in and turn it on. Also,
when connecting a node to a switch, the node should not be turned on. Otherwise,
data irregularities can occur, forcing you to reset the switch.
222 Chapter 5
NETWORKING HARDWARE
NET+
1.6
2.3
NET+
1.6
3. The switch’s power light should illuminate. Most switches perform self-tests when
turned on, and blinking lights indicate that these tests are in progress. Wait until the
tests are completed (as indicated by a steady, green power light).
4. If you are using a small, inexpensive switch, you might not have to configure it and
you can skip to Step 5. But if not, you must use a utility that came with the switch
(on CD-ROM, for example) to configure the switch. For example, you may need to
assign an IP address to the switch, change the administrator password, or set up man-
agement functions. Configuring a switch usually requires connecting it to a PC and
then running a configuration utility from a CD-ROM. Refer to the instructions that
came with your switch to find out how to configure it.
5. Using a straight-through patch cable, connect the node’s NIC to one of the switch’s
ports, as shown in Figure 5-20. If you intend to connect this switch to another con-
nectivity device, do not connect patch cables from nodes to the uplink port or to the
port adjacent to the uplink port. On most hubs and switches, the uplink port is
directly wired to its adjacent port inside the device.
Chapter 5 223

SWITCHES
FIGURE 5-20 Connecting a workstation to a switch
6. After all the nodes have been connected to the switch, if you do not plan to connect
the switch to another connectivity device, you can turn on the nodes. After the nodes
connect to the network through the newly installed switch, check to verify that the
switch’s link and traffic lights for each port act as they should, according to the
switch’s documentation. Then make sure the nodes can access the network as planned.
7. To connect the switch to a larger network, you can insert one end of a crossover patch
cable into the switch’s uplink port, then insert the other end of the cable into a data
port on the other connectivity device. Alternately, you can insert one end of a
straight-through cable into one of the switch’s data ports, then insert the other end of
the straight-through cable into another device’s data port. If you are connecting one
switch’s uplink port to another switch’s uplink port, you must use a crossover cable.
After connecting the switch to another device, the switch senses the activity on its
uplink port, evidenced by its blinking traffic light.
NET+
1.6
Figure 5-21 illustrates a typical way of using a small switch on a small office or home network.
In this example, the switch connects a group of nodes, including workstations, server, and
printer, with each other and with an Internet connection.
Switches differ in the method of switching they use—namely, cut-through mode or store and
forward mode. These methods of switching are discussed in the next two sections.
224 Chapter 5
NETWORKING HARDWARE
FIGURE 5-21 A switch on a small network
Cut-Through Mode
A switch running in cut-through mode reads a frame’s header and decides where to forward
the data before it receives the entire packet. Recall that the first 14 bytes of a frame constitute
its header, which contains the destination MAC address. This information is sufficient for the
switch to determine which port should get the frame and begin transmitting the frame (with-

out bothering to read the rest of the frame and check its accuracy).
What if the frame becomes corrupt? Because the cut-through mode does not allow the switch
to read the frame check sequence before it begins transmitting, it can’t verify data integrity in
that way. On the other hand, cut-through switches can detect runts, or erroneously shortened
packets. Upon detecting a runt, the switch waits to transmit that packet until it determines its
integrity. It’s important to remember, however, that runts are only one type of data flaw. Cut-
through switches cannot detect corrupt packets; indeed, they may increase the number of errors
found on the network by propagating flawed packets.
The most significant advantage of the cut-through mode is its speed. Because it does not stop
to read the entire data packet, a cut-through switch can forward information much more rapidly
than a store and forward switch can (as described in the next section). The time-saving advan-
tages to cut-through switching become insignificant, however, if the switch is flooded with traf-
fic. In this case, the cut-through switch must buffer (or temporarily hold) data, just like a store
NET+
1.6
and forward switch. Cut-through switches are best suited to small workgroups in which speed
is important and the relatively low number of devices minimizes the potential for errors.
Store and Forward Mode
In store and forward mode, a switch reads the entire data frame into its memory and checks
it for accuracy before transmitting the information. Although this method is more time-con-
suming than the cut-through method, it allows store and forward switches to transmit data
more accurately. Store and forward mode switches are more appropriate for larger LAN envi-
ronments, because they do not propagate data errors. In contrast, cut-through mode switches
do forward errors, so they may contribute to network congestion if a particular segment is expe-
riencing a number of collisions. In large environments, a failure to check for errors can result
in problematic traffic congestion.
Store and forward switches can also transfer data between segments running different trans-
mission speeds. For example, a high-speed network printer that serves 50 students could be
attached to a 100-Mbps port on the switch, thereby allowing all of the student workstations
to connect to 10-Mbps ports on the same switch. With this scheme, the printer can quickly

service multiple jobs. This characteristic makes store and forward mode switches preferable in
mixed-speed environments.
Using Switches to Create VLANs
In addition to improving bandwidth usage, switches can create virtual local area networks
(VLANs), logically separate networks within networks, by grouping a number of ports into a
broadcast domain. A broadcast domain is a combination of ports that make up a Layer 2 seg-
ment. Ports in a broadcast domain rely on a Layer 2 device, such as a switch, to forward broad-
cast frames among them. In contrast to a collision domain, ports in the same broadcast domain
do not share a single channel. (Recall that switches separate collision domains.) In the context
of TCP/IP networking, a broadcast domain is also known as a subnet. Figure 5-22 illustrates
a simple VLAN design.
VLANs can be designed with flexibility. They can include ports from more than one switch or
segment. Any type of end node can belong to one or more VLANs. VLANs can link geo-
graphically distant users over a WAN, and they can create small workgroups within LANs.
Reasons for using VLANs include separating groups of users who need special security or net-
work functions, isolating connections with heavy or unpredictable traffic patterns, identifying
groups of devices whose data should be given priority handling, or containing groups of
devices that rely on legacy protocols incompatible with the majority of the network’s traffic.
One case in which a company might want to implement a VLAN is to allow visitors access to
minimal network functions—for example, an Internet connection—without allowing the pos-
sibility of access to the company’s data stored on servers. In another example, companies that
use their packet-switched networks to carry telephone calls often group all of the voice traffic
on a separate VLAN to prevent this unique and potentially heavy traffic from adversely affect-
ing routine client/server tasks.
Chapter 5 225
SWITCHES
NET+
1.6
NET+
3.8

On a wireless network, VLANs allow mobile clients to move from one access point’s range to
another without losing network functionality or having to reauthenticate with the network.
That’s because every wireless client’s MAC address can be associated with an access point, and
each access point can be associated with a port on a switch. When these ports are grouped
together in a VLAN, it doesn’t matter with which access point a client associates. Because the
client stays in the same grouping, it can continue to communicate with the network as if it had
remained in one spot.
VLANs are created by properly configuring a switch’s software. This can be done manually
through the switch’s configuration utility or automatically using a VLAN software tool. The
critical step is to indicate to which VLAN each port belongs. In addition, network managers
can specify security parameters, filtering instructions (if the switch should not forward any
frames from a certain segment, for example), performance requirements for certain ports, and
network addressing and management options.
One potential problem in creating VLANs is that by grouping together certain nodes, you are
not merely including those nodes—you are also excluding another group. This means you can
potentially cut off a group from the rest of the network. For example, suppose your company’s
IT director demands that you assign all executive workstations to their own VLAN, and that
you configure the network’s switch to group these users’ computers into a VLAN. After this
change, users would be able to exchange data with each other, but they would not be able to
download data from the file server or download mail from the mail server, because these
servers are not included in their VLAN.
226 Chapter 5
NETWORKING HARDWARE
FIGURE 5-22 A simple VLAN design
NET+
3.8
VLAN configuration can be complex. It requires careful planning to ensure that all users and
devices that need to exchange data can do so after the VLAN is in operation. It also requires
contemplating how the VLAN switch will interact with other devices. For example, in a large
office building, you probably would still use hubs or small switches (not configured for a

VLAN) as a means of connecting groups of end users to the VLAN switch. If you want users
from different VLANs to be able to communicate, you need to connect those VLANs through
a Layer 3 device, such as a router or a higher-layer switch, like the ones discussed next.
Higher-Layer Switches
You have learned that switches operate in Layer 2 of the OSI Model, routers operate in Layer
3, and hubs operate in Layer 1. You also learned that the distinctions between bridges, switches,
and routers are blurring. Indeed, many networks already use switches that can operate at Layer
3 (Network layer), similar to a router. Manufacturers have also made switches that operate at
Layer 4 (Transport layer). A switch capable of interpreting Layer 3 data is called a Layer 3
switch (and sometimes called a routing switch). Similarly, a switch capable of interpreting
Layer 4 data is called a Layer 4 switch. These higher-layer switches may also be called rout-
ing switches or application switches.
Among other things, the ability to interpret higher-layer data enables switches to perform
advanced filtering, statistics keeping, and security functions. But the features of Layer 3 and
Layer 4 switches vary widely depending on the manufacturer and the price. (This variability is
exacerbated by the fact that key players in the networking trade have not agreed on standards
for these switches.) In fact, it’s often hard to distinguish between a Layer 3 switch and a router.
In some cases the difference comes down to what the manufacturer has decided to call the
device in order to sell more of it. But in general, Layer 3 and Layer 4 switches, like Layer 2
switches, are optimized for fast Layer 2 data handling.
Higher-layer switches can cost three times more than Layer 2 switches, and are typically used
as part of a network’s backbone. They would not be appropriate for use on a small, contained
LAN or to connect a group of end users to the network.
Routers
A router is a multiport connectivity device that directs data between nodes on a network.
Routers can integrate LANs and WANs running at different transmission speeds and using a
variety of protocols. Simply put, when a router receives an incoming packet, it reads the packet’s
logical addressing information. Based on this, it determines to which network the packet must
be delivered. Then it determines the shortest path to that network. Finally it forwards the
packet to the next hop in that path. Routers operate at the Network layer (Layer 3) of the OSI

Model. They can be devices dedicated to routing, or they can be off-the-shelf computers con-
figured to perform routing services.
Chapter 5 227
ROUTERS
NET+
3.8
NET+
1.6
2.3
NET+
1.6
2.3
Recall that the Network layer directs data from one segment or type of network to another. It’s
also the layer that manages logical addressing, using protocols such as IP and IPX. Conse-
quently, unlike bridges and Layer 2 switches, routers are protocol-dependent. They must be
designed or configured to recognize a certain Network layer protocol before they can forward
data transmitted using that protocol. In general, routers are slower than switches or bridges
because they take time to interpret information in Layers 3 and higher.
Traditional standalone LAN routers are being replaced by Layer 3 switches that support the
routing functions. However, despite competition from Layer 3 switches, routers are finding
niches in specialized applications such as linking large Internet nodes or completing digitized
telephone calls. The concept of routing, and everything described in the remainder of this sec-
tion, applies to both routers and Layer 3 switches.
Router Features and Functions
A router’s strength lies in its intelligence. Not only can routers keep track of the locations of
certain nodes on the network, as switches can, but they can also determine the shortest, fastest
path between two nodes. For this reason, and because they can connect dissimilar network
types, routers are powerful, indispensable devices on large LANs and WANs. The Internet, for
example, relies on a multitude of routers across the world.
A typical router has an internal processor, an operating system, memory, input and output

jacks for different types of network connectors (depending on the network type), and, usually,
a management console interface. Three examples of routers are shown in Figure 5-23, with
most complex on the left and the simplest on the right. High-powered, multiprotocol routers
may have several slot bays to accommodate multiple network interfaces (RJ-45, SC, MTRJ,
and so on). A router with multiple slots that can hold different interface cards or other devices
is called a modular router. At the other end of the scale are simple, inexpensive routers often
used in small offices and homes called SOHO (small office-home office) routers. As with
the simple switches described in the previous section, SOHO routers can be added to a net-
work and function properly without significant configuration.
A router is a very flexible device. Although any one can be specialized for a variety of tasks, all
routers can do the following:
◆ Connect dissimilar networks.
◆ Interpret Layer 3 addressing and other information (such as quality of service indi-
cators).
◆ Determine the best path for data to follow from point A to point B.
◆ Reroute traffic if a primary path is down but another path is available.
In addition to performing these basic functions, routers may perform any of the following
optional functions:
◆ Filter out broadcast transmissions to alleviate network congestion.
228 Chapter 5
NETWORKING HARDWARE
NET+
1.6
2.3
NET+
1.6
◆ Prevent certain types of traffic from getting to a network, enabling customized seg-
regation and security.
◆ Support simultaneous local and remote connectivity.
◆ Provide high network fault tolerance through redundant components such as power

supplies or network interfaces.
◆ Monitor network traffic and report statistics.
◆ Diagnose internal or other connectivity problems and trigger alarms.
Routers are often categorized according to the scope of the network they serve. A router that
directs data between nodes on an autonomous LAN (or one owned and operated by a single
organization) is known as an interior router. Such routers do not direct data between an
employee’s workstation and a Web server on the Internet. They can, however, direct data
between an employee’s workstation and his supervisor’s workstation in an office down the hall.
Another type of router is an exterior router. Exterior routers direct data between nodes exter-
nal to a given autonomous LAN. Routers that operate on the Internet backbone are exterior
routers. Between interior and exterior routers are border routers (or gateway routers). Such
Chapter 5 229
ROUTERS
FIGURE 5-23 Routers
NET+
1.6
routers connect an autonomous LAN with a WAN. For example, the router that connects a
business with its ISP is a border router.
Routers may use one of two methods for directing data on the network: static or dynamic
routing. Static routing is a technique in which a network administrator programs a router to
use specific paths between nodes. Because it does not account for occasional network conges-
tion, failed connections, or device moves, static routing is not optimal. If a router or a segment
connected to a router is moved, the network administrator must reprogram the static router’s
tables. Static routing requires human intervention, so it is less efficient and accurate than
dynamic routing. Dynamic routing, on the other hand, automatically calculates the best path
between two nodes and accumulates this information in a routing table. If congestion or fail-
ures affect the network, a router using dynamic routing can detect the problems and reroute
data through a different path. As a part of dynamic routing, by default, when a router is added
to a network, routing protocols update its routing tables. Most networks primarily use dynamic
routing, but may include some static routing to indicate, for example, a router of last resort, the

router that accepts all unroutable packets.
Because of their customizability, routers are not simple to install on sizable networks. Typi-
cally, an engineer must be very familiar with routing technology to figure out how to place and
configure a router to best advantage. Figure 5-24 gives you some idea of how routers fit into a
LAN environment. If you plan to specialize in network design or router configuration, you
should research router technology further. You might begin with Cisco System’s online docu-
mentation at www.cisco.com/univercd/home/home.htm. Cisco Systems currently provides the
majority of networking routers installed in the world.
230 Chapter 5
NETWORKING HARDWARE
FIGURE 5-24 The placement of routers on a LAN
NET+
1.6
In the setup depicted in Figure 5-24, if a workstation in workgroup A wants to print to the
printer in workgroup B, it creates a transmission containing the address of the workgroup B
printer. Then it sends its packets to hub A. Hub A simply retransmits the message to switch
A. When switch A receives the transmission, it checks the MAC address for the printer and
determines that the message needs to be forwarded. It forwards the message to router A,
which examines the destination network address in each packet and determines the most effi-
cient way of delivering the message. In this example, it sends the data to router B. Before it
forwards the data, however, router A increments (increases) the number of hops tallied in all
the packets. Each time a packet passes through a router, it makes a hop. Packets can only take
a certain number of hops before they are discarded.
After it increments the number of hops tallied in each packet, router A forwards the data to
router B. Router B increments each packet’s hop count, reads each packet’s destination net-
work address, and sends them to switch B. Based on the destination MAC address in the
packets, switch B decides to forward the message to hub B, which then broadcasts the trans-
mission to workgroup B. The printer picks up the message, and then begins printing.
Routing Protocols: RIP, OSPF, EIGRP, and BGP
Finding the best route for data to take across the network is one of the most valued and

sophisticated functions performed by a router. The term best path refers to the most efficient
route from one node on a network to another. The best path in a particular situation depends
on the number of hops between nodes, the current network activity, the unavailable links, the
network transmission speed, and the topology. To determine the best path, routers communi-
cate with each other through routing protocols. Keep in mind that routing protocols are not
the same as routable protocols, such as TCP/IP or IPX/SPX, although routing protocols may
piggyback on routable protocols. Routing protocols are used only to collect data about current
network status and contribute to the selection of the best paths. From these data, routers cre-
ate routing tables for use with future packet forwarding.
In addition to its ability to find the best path, a routing protocol can be characterized accord-
ing to its router convergence time, the time it takes for a router to recognize a best path in the
event of a change or network outage. Its overhead, or the burden placed on the underlying net-
work to support the routing protocol, is also a distinguishing feature.
Although you do not need to know precisely how routing protocols work to qualify for the Net-
work+ certification, you should be familiar with the most common routing protocols: RIP,
OSPF, EIGRP, and BGP. (Several more routing protocols exist, but a discussion of these
exceeds the scope of this book.) These four common routing protocols are described in the fol-
lowing list.
◆ RIP (Routing Information Protocol) for IP and IPX—The oldest routing protocol,
RIP, which is still widely used, factors in only the number of hops between nodes
when determining a path from one point to another. It does not consider network
congestion or link speed, for example. RIP is an interior routing protocol, meaning
Chapter 5 231
ROUTERS
NET+
1.6
that it is used on interior or border routers. Routers using RIP broadcast their rout-
ing tables every 30 seconds to other routers, regardless of whether the tables have
changed. This broadcasting creates excessive network traffic, especially if a large
number of routes exist. If the routing tables change, it may take several minutes

before the new information propagates to routers at the far reaches of the network;
thus, the convergence time for RIP is poor. However, one advantage to RIP is its
stability. For example, RIP prevents routing loops from continuing indefinitely by
limiting the number of hops a packet can take between its source and its destination
to 15. If the number of hops in a path exceeds 15, the network destination is consid-
ered unreachable. Thus, RIP does not work well in very large network environments
in which data may have to travel through more than 15 routers to reach their desti-
nation (for example, on the Internet). Also, compared with other routing protocols,
RIP is slower and less secure.
◆ OSPF (Open Shortest Path First) for IP—This routing protocol, also used on interior
or border routers, makes up for some of the limitations of RIP and can coexist with
RIP on a network. Unlike RIP, OSPF imposes no hop limits on a transmission path.
Also, OSPF uses a more complex algorithm for determining best paths than RIP
uses. Under optimal network conditions, the best path is the most direct path
between two points. If excessive traffic levels or an outage preclude data from fol-
lowing the most direct path, a router may determine that the most efficient path
actually goes through additional routers. In OSPF, each router maintains a database
of the other routers’ links, and if notice is received indicating the failure of a given
link, the router can rapidly compute an alternate path. This approach requires more
memory and CPU power on the routers, but it keeps network bandwidth to a mini-
mum and provides a very fast convergence time, often invisible to the users. OSPF is
supported by all modern routers. Therefore, it is commonly used on LANs that rely
on a mix of routers from different manufacturers.
◆ EIGRP (Enhanced Interior Gateway Routing Protocol) for IP, IPX, and AppleTalk—
This routing protocol, another protocol used on interior or border routers, was developed
in the mid-1980s by Cisco Systems. It has a fast convergence time and a low network
overhead, and is easier to configure and less CPU-intensive than OSPF. EIGRP also
offers the benefits of supporting multiple protocols and limiting unnecessary network traf-
fic between routers. It accommodates very large and heterogeneous networks, but is only
supported by Cisco routers. On LANs that use exclusively Cisco routers, EIGRP is gen-

erally preferred over OSPF.
◆ BGP (Border Gateway Protocol) for IP—BGP is the routing protocol of Internet
backbones and is not used to route between nodes on an autonomous LAN—that is,
it is used on border and exterior routers. The demands on routers created by Internet
growth have driven the development of BGP, the most complex of the routing pro-
tocols. The developers of BGP had to contend with not only the prospect of
100,000 potential routes, but also the question of how to route traffic efficiently and
fairly through the hundreds of Internet backbones.
232 Chapter 5
NETWORKING HARDWARE
NET+
1.6
Brouters
By now it should not surprise you that routers, too, can act like other devices. The networking
industry has adopted the term bridge router, or brouter, to describe routers that take on some
characteristics of bridges. The advantage of crossing a router with a bridge is that you can for-
ward nonroutable protocols, such as NetBEUI, plus connect multiple network types through
one device. A bridge router offers support at Layers 2 and 3 of the OSI Model. It intelligently
handles any packets that contain Layer 3 addressing information and simply forwards the rest.
Gateways
Gateways do not fall neatly into any networking hardware category. In broad terms, they are
combinations of networking hardware and software that connect two dissimilar kinds of net-
works. Specifically, they may connect two systems that use different formatting, communica-
tions protocols, or architecture. Unlike the connectivity hardware discussed earlier in this
chapter, gateways actually repackage information so that it can be read by another system. To
accomplish this task, gateways must operate at multiple layers of the OSI Model. They must
communicate with an application, establish and manage sessions, translate encoded data, and
interpret logical and physical addressing data.
Gateways can reside on servers, microcomputers, connectivity devices (such as routers), or
mainframes. They are almost always designed for one category of gateway functions. In addi-

tion, they transmit data more slowly than bridges or routers (which are not acting as gateways)
because of the complex translations they conduct. Because they are slow, gateways have the
potential to cause extreme network congestion. In certain situations, however, only a gateway
will suffice.
During your networking career, you will most likely hear gateways discussed in the context of
Internet connections and e-mail systems. Popular types of gateways, including e-mail gateways,
are described in the following list.
◆ E-mail gateway—A gateway that translates messages from one type of e-mail system
to another. For example, an e-mail gateway allows networks that use Sendmail mail
server software to exchange mail with networks that use Microsoft Exchange Server
software.
◆ IBM host gateway—A gateway that establishes and manages communication between
a PC and an IBM mainframe computer.
◆ Internet gateway—A gateway that allows and manages access between LANs and the
Internet. An Internet gateway can restrict the kind of access LAN users have to the
Internet, and vice versa.
◆ LAN gateway—A gateway that allows segments of a LAN running different protocols
or different network models to communicate with each other. A router, a single port
on a router, or even a server may act as a LAN gateway. The LAN gateway category
might also include remote access servers that allow dial-up connectivity to a LAN.
Chapter 5 233
GATEWAYS
NET+
1.6
NET+
1.6
◆ Voice/data gateway—A gateway that connects the part of a network that handles data
traffic with the part of a network that handles voice traffic. Voice applications have
drastically different requirements than data applications. For example, before a voice
signal can be transmitted over a data network, it needs to be digitized and com-

pressed. When it reaches a voice receiver, such as a telephone, it has to be uncom-
pressed and regenerated as recognizable speech, without delays. All these functions
require specialized protocols and processes. A voice/data gateway can translate
between these unique network segments and traditional data network segments.
◆ Firewall—A gateway that selectively blocks or filters traffic between networks. As
with any other type of gateway, firewalls may be devices optimized for performing
their tasks or computers installed with software necessary to accomplish those tasks.
Because firewalls are integral to network security, they are discussed in detail in
Chapter 14.
Chapter Summary
◆ Network adapters come in a variety of types depending on access method (Ethernet
versus Token Ring), network transmission speed (for example, 10 Mbps versus 100
Mbps), connector interfaces (for example, SC versus RJ-45), type of compatible
motherboard or device, and manufacturer.
◆ Desktops or tower PCs may use an expansion card NIC, which must match the sys-
tem’s bus. A bus is the type of circuit used by the motherboard to transmit data to
components. New desktop computers almost always use PCI buses.
◆ NICs may also be externally attached, through the PCMCIA-standard (PC Card,
CardBus, or ExpressCard), USB, FireWire, or CompactFlash peripheral bus types
◆ Some NICs are integrated into a computer’s motherboard. These are also known as
on-board NICs.
◆ NICs are designed to be used with either wire-bound or wireless connections. A
wireless NIC uses an antenna to exchange signals with the network. This type of
connectivity suits environments in which cabling cannot be installed or where roam-
ing clients must be supported.
◆ To install a NIC, you must physically attach it to the bus (or port), install the NIC
device drivers, and configure its settings.
◆ Firmware combines hardware and software. The hardware component of firmware is
an EEPROM (electrically erasable programmable read-only memory) chip that
stores data established at the factory. On a NIC, the EEPROM chip contains infor-

mation about the adapter’s transmission characteristics, plus its MAC address. You
can change this data via a configuration utility.
◆ An IRQ is the means by which a device can request attention from the CPU. IRQ
numbers range from 0 to 15. The BIOS attempts to assign free IRQ numbers to
234 Chapter 5
NETWORKING HARDWARE
NET+
1.6
new devices. Typically, it assigns IRQ numbers 9, 10, or 11 to NICs. If conflicts
occur, you must change a device’s IRQ number rather than accept the default sug-
gested by the BIOS or operating system.
◆ Repeaters are the connectivity devices that perform the regeneration of a digital sig-
nal. They belong to the Physical layer of the OSI Model; therefore, they do not have
any means to interpret the data they are retransmitting.
◆ At its most primitive, a hub is a multiport repeater. A hub contains multiple data
ports into which the patch cables for network nodes are connected. The hub accepts
signals from a transmitting node and repeats those signals to all other connected
nodes in a broadcast fashion, thereby creating a single collision domain. Most hubs
also contain one port, called an uplink port, that allows the hub to connect to
another hub or other connectivity device.
◆ Hubs that merely repeat signals are called passive hubs. Intelligent hubs, also called
managed hubs, can provide information about data traffic and can be managed from
anywhere on the network.
◆ Bridges resemble repeaters in that they have a single input and a single output port,
but they can interpret the data they retransmit. Bridging occurs at the Data Link
layer of the OSI Model. Bridges read the destination (MAC) address information
and decide whether to forward (retransmit) a packet to another segment on the net-
work or, if the destination address belongs to the same segment as the source
address, filter (discard) it.
◆ As nodes transmit data through the bridge, the bridge establishes a filtering database

of known MAC addresses and their locations on the network. The bridge uses its
filtering database to determine whether a packet should be forwarded or filtered.
◆ Switches subdivide a network into smaller logical pieces. They operate at the Data
Link layer (Layer 2) of the OSI Model and can interpret MAC address information.
In this respect, switches resemble bridges.
◆ Switches are generally secure because they isolate one device’s traffic from other
devices’ traffic. Because switches provide separate channels for (potentially) every
device, they allow applications that transfer a large amount of traffic and that are
sensitive to time delays, such as videoconferencing, to make full use of the network’s
capacity.
◆ A switch running in cut-through mode reads a frame’s header and decides where to for-
ward the data before it receives the entire packet. In store and forward mode, switches
read the entire data frame into their memory and check it for accuracy before transmitting
it. Although this method is more time-consuming than the cut-through method, it allows
store and forward switches to transmit data more accurately.
◆ Switches can create VLANs (virtual local area networks) by logically grouping sev-
eral ports into a broadcast domain. The ports do not have to reside on the same
switch or even on the same network segment. VLANs can isolate nodes and their
traffic for security, convenience, or better performance.
Chapter 5 235
CHAPTER SUMMARY
◆ Manufacturers are producing switches that can operate at Layer 3 (Network layer)
and Layer 4 (Transport layer) of the OSI Model, making them act more like routers.
The ability to interpret higher-layer data enables switches to perform advanced fil-
tering, statistics keeping, and security functions.
◆ A router is a multiport device that can connect dissimilar LANs and WANs running
at different transmission speeds, using a variety of protocols. Routers operate at the
Network layer (Layer 3) or higher of the OSI Model. They interpret logical
addresses and determine the best path between nodes. The best path depends on
the number of hops between nodes, the current network activity, the unavailable

links, the network transmission speed, and the topology. To determine the best path,
routers communicate with each other through routing protocols.
◆ Unlike bridges and traditional switches, routers are protocol-dependent. They must
be designed or configured to recognize a certain protocol before they can forward
data transmitted using that protocol.
◆ Static routing is a technique in which a network administrator programs a router to
use specific paths between nodes. Dynamic routing automatically calculates the best
path between two nodes and accumulates this information in a routing table. If con-
gestion or failures affect the network, a router using dynamic routing can detect the
problems and reroute data through a different path. Most modern networks use
dynamic routing.
◆ Routing protocols provide rules for communication between routers and help them
determine the best path between two nodes. Some popular routing protocols include
RIP, OSPF, EIGRP, and BGP.
◆ RIP (Routing Information Protocol) is the slowest and least secure and limits trans-
missions to 15 hops. OSPF (Open Shortest Path First) is faster than RIP and com-
mon on LANs that use routers from different manufacturers. EIGRP (Enhanced
Interior Gateway Protocol) is a Cisco standard commonly used on LANs that use
exclusively Cisco routers. BGP (Border Gateway Protocol) is used for routing over
Internet backbones.
◆ The networking industry has adopted the term “brouter” to describe routers that
take on some of the characteristics of bridges. Combining a router with a bridge
allows you to forward data using nonroutable protocols, such as NetBEUI, and to
connect multiple network types through one device. A brouter offers support at both
Layers 2 and 3 of the OSI Model.
◆ Gateways are combinations of networking hardware and software that connect two
dissimilar kinds of networks. Specifically, they may connect two systems that use dif-
ferent formatting, communications protocols, or architecture. To accomplish this
task, they must operate at multiple layers of the OSI Model.
◆ Several different gateways exist, including e-mail gateways, IBM host gateways,

Internet gateways, LAN gateways, firewalls, and voice/data gateways.
236 Chapter 5
NETWORKING HARDWARE