Lab 8 - Hubs, Bridges and Switches
From SOFTICE
(diff) ←Older revision | Current revision | Newer revision→ (diff)
|
Pedagogical Objectives
- Review the theoretical differences between hubs, bridges and switches
- Verify these differences through experimentation
Developed by:
Synopsis
Hubs, bridges and switches are devices that are used to interconnect hosts on the same broadcast domain. This lab will explore their common functionality and differences.
[Briefing]
Hubs are the most basic of the three interconnection devices discussed in this lab. They operate on Layer 1 of the OSI Model, and are little more than multi-port repeaters. When a signal comes in on one port, it is immediately sent out all other ports. Because they operate on Layer 1, hubs have no concept of what occurs at higher layers of the OSI Model. Hubs used to be ubiquitous in LANs, but have been largely replaced by switches. All devices that are plugged into a hub are located in the same broadcast and collision domains.
A collision domain is a section of a network in which if two or more PDUs are transmitted at the same time, they'll collide. This collision prevents all data being transmitted on the collision domain at the time of the collision from reaching its destination intact.
Bridges are OSI Model Layer 2 devices. Their Layer 2 functionality allows them to read Ethernet frames, and among other things, keep track of what MAC addresses are located on each port. They use this Layer 2 information to divide a single broadcast domain into multiple collision domains - one for each port.
Bridges use their ability to keep track of MAC addresses as a means to limit what ports frames go out on. If a bridge knows which port the destination host is located on, it will only allow the frame to go out that port. If the destination port is the same as the source port, the bridge simply discards the frame. When a frame is received with a destination MAC address that the switch is not aware of, it reverts back to acting like a hub for that particular frame. That frame is forwarded out all other ports. Bridges get their name from the fact that they're used to "bridge" two or more collision domains.
Switches are OSI Model Layer 2 devices that use the same logic as bridges to control traffic. What makes them different is that they implement this logic on the hardware level. Bridges implement their logic in software - a general purpose CPU controls the flow of of traffic. This is functional, but compared to modern day switches, inefficient. Switches utilize ASICs (Application Specific Integrated Circuits) to implement their logic. These special purpose circuits are generally able to control the flow of traffic with less latency than a general purpose CPU would introduce. Swithes often still have CPUs, but they are relegated to other tasks, such as running management or monitoring software.
[Exercises]
Complete the following exercises, recording your findings, and the procedures used to obtain them in your log.
Note: Before disconnecting from SOFTICE, be sure to shut your virtual hosts down. This procedure is described in Exercise 1-3: Shutdown the Network. This must be done in order to conserve system resources on the SOFTICE cluster.
Exercise 8-1: Upgrading the Tcpdump Network
1. Make a new copy of the Tcpdump Network's configuration file, then edit the new copy to replace the Tcpdump Network's hub with a switch. To make this replacement, you'll need to replace the word "hub" with "switch" in the hub's configuration section.
2. Build and start the edited Tcpdump Network.
Exercise 8-2: Using tcpdump on a Switched Network
Use tcpdump on the Tcpdump Network that was upgraded in Exercise 8-1 to intercept ICMP and ARP traffic.
1. Start up tcpdump on both the observer and server hosts. Send three ping packets from the client host to the observer host.
2. Describe how the traffic intercepted by the observer and server hosts differ. Why are each of these differences present?
Exercise 8-3: Further Analysis of tcpdump Output
1. Compare the results of Exercise 8-2 to the results that you obtained in Lab 2's Solved Exercises. How do the results differ? Why are each of these differences present?
Exercise 8-4: Hubs, Bridges and Security
1. In your own words, describe the network security implications of replacing a hub with a switch on an Ethernet network in which confidential information is exchanged.
